SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
Advisory: PHPIDS Unserialize() Vulnerability
Release Date: 2009/12/09
Last Modified: 2009/12/09
Author: Stefan Esser [stefan.esser[at]sektioneins.de]
Application: PHPIDS <= 0.6.2
>
> There are three different ways to access the web applications and
> vulnerable scripts:
> - Directly
> - Through mod_security
> - Through PHP-IDS (only if the web application is written in PHP)
>
> Both mod_security and PHP-IDS have their default configurations and
> they show a log of the offending request when one is found. This is
> very useful for testing web application scanners, and teaching
> students how web application firewalls work. The beauty is that a user
There are three different ways to access the web applications and
vulnerable scripts:
- Directly
- Through mod_security
- Through PHP-IDS (only if the web application is written in PHP)
Both mod_security and PHP-IDS have their default configurations and
they show a log of the offending request when one is found. This is
very useful for testing web application scanners, and teaching
students how web application firewalls work. The beauty is that a user
* Remo presentation (Input Validation) - Christian Folini
* Best Practices Guide: Web Application Firewalls (OWASP German chapter) -
Alexander Meisel
* Google-Hacking and Google-Shielding - Amichai Shulman
* NTLM Relay Attacks - Eric Rachner
* PHPIDS Monitoring attack surface activity - Mario Heiderich
* Security in Agile Development - Dave Wichers
* Security framework is not in the code - Sam Reghenzi
* Exploiting Online Games - Gary McGraw
* SHIELDS: metrics, tools and Internet services to improve security in
application developments - Domenico Rotondi
