-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
phpLDAPadmin Cross-Site Scripting and Code Injection Vulnerabilities
- Loading branch information
Showing
3 changed files
with
43 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
$OpenBSD: patch-htdocs_cmd_php,v 1.2 2011/10/25 19:07:56 jasper Exp $ | ||
|
||
From 64668e882b8866fae0fa1b25375d1a2f3b4672e2 Mon Sep 17 00:00:00 2001 | ||
From: Deon George <[email protected]> | ||
Date: Wed, 27 Jul 2011 07:30:06 +1000 | ||
Subject: [PATCH] Remove XSS vulnerabilty in debug code | ||
|
||
--- htdocs/cmd.php.orig Tue Oct 25 21:06:17 2011 | ||
+++ htdocs/cmd.php Tue Oct 25 21:06:32 2011 | ||
@@ -19,10 +19,6 @@ $www['meth'] = get_request('meth','REQUEST'); | ||
ob_start(); | ||
|
||
switch ($www['cmd']) { | ||
- case '_debug': | ||
- debug_dump($_REQUEST,1); | ||
- break; | ||
- | ||
default: | ||
if (defined('HOOKSDIR') && file_exists(HOOKSDIR.$www['cmd'].'.php')) | ||
$app['script_cmd'] = HOOKSDIR.$www['cmd'].'.php'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
$OpenBSD: patch-lib_functions_php,v 1.1 2011/10/25 19:07:56 jasper Exp $ | ||
|
||
From 76e6dad13ef77c5448b8dfed1a61e4acc7241165 Mon Sep 17 00:00:00 2001 | ||
From: Deon George <[email protected]> | ||
Date: Thu, 6 Oct 2011 09:03:20 +1100 | ||
Subject: [PATCH] SF Bug #3417184 - PHP Code Injection Vulnerability | ||
|
||
--- lib/functions.php.orig Tue Oct 25 21:05:21 2011 | ||
+++ lib/functions.php Tue Oct 25 21:05:31 2011 | ||
@@ -1003,8 +1003,9 @@ function masort(&$data,$sortby,$rev=0) { | ||
if (defined('DEBUG_ENABLED') && DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS')) | ||
debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs); | ||
|
||
- # if the array to sort is null or empty | ||
- if (! $data) return; | ||
+ # if the array to sort is null or empty, or if we have some nasty chars | ||
+ if (! preg_match('/^[a-zA-Z0-9_]+(\([a-zA-Z0-9_,]*\))?$/',$sortby) || ! $data) | ||
+ return; | ||
|
||
static $CACHE = array(); | ||
|