- --------------------------------------------
Three years ago, in March 2007, the Hardened-PHP project had organized
the Month of PHP Bugs. During one month more than 40 vulnerabilities in
the PHP interpreter were disclosed in order to improve the overall
security of PHP. Now, three years later, SektionEins GmbH will
continue in the same spirit and organize the Month of PHP Security.
The intention of the Month of PHP Security is to gather the best
research and articles about PHP security topics from the security
community and share them with the rest of the world. This time the goal
- --------------------------------------------
Three years ago, in March 2007, the Hardened-PHP project had organized
the Month of PHP Bugs. During one month more than 40 vulnerabilities in
the PHP interpreter were disclosed in order to improve the overall
security of PHP. Now, three years later, SektionEins GmbH will
continue in the same spirit and organize the Month of PHP Security.
The intention of the Month of PHP Security is to gather the best
research and articles about PHP security topics from the security
community and share them with the rest of the world. This time the goal
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
Advisory: Piwik Cookie Unserialize() Vulnerability
Release Date: 2009/12/09
Last Modified: 2009/12/09
Author: Stefan Esser [stefan.esser[at]sektioneins.de]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
Advisory: MyBB Password Reset Weak Random Numbers Vulnerability
Release Date: 2010/04/13
Last Modified: 2010/04/13
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
Advisory: MyBB Password Reset Email BCC: Injection Vulnerability
Release Date: 2010/04/13
Last Modified: 2010/04/13
Author: Stefan Esser [stefan.esser[at]sektioneins.de]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
Advisory: PHPIDS Unserialize() Vulnerability
Release Date: 2009/12/09
Last Modified: 2009/12/09
Author: Stefan Esser [stefan.esser[at]sektioneins.de]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
Advisory: Suhosin PHP Extension Transparent Cookie Encryption Stack
$ php -v
PHP 5.2.8-pl1-gentoo with Suhosin-Patch 0.9.6.3 (cli) (built: Jan 21
2009 15:19:02)
Copyright (c) 1997-2008 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies
with Suhosin v0.9.27, Copyright (c) 2007, by SektionEins GmbH
WORKS
$ strace php -r 'include("/etc/passwd/");'
lstat64("/etc", {st_mode=S_IFDIR|0755, st_size=7424, ...}) = 0
lstat64("/etc/passwd", {st_mode=S_IFREG|0644, st_size=3379, ...}) = 0
Thank you
Stefan Esser
Organiser
Month of PHP Security / php-security.org
SektionEins GmbH / www.sektioneins.com
‣ Claudio Criscione ; SecureNetwork Srl ; Italy
‣ VimalPatel ; Founder & Director, Blueinfy Solutions Pvt. Ltd. ; India
‣ Vincenzo Iozzo ; Secure Network ; Italy
‣ Yarochkin Fedor/Meder Kydyraliev ; guard-info ; Kyrgyzstan
‣ Yiannis Pavlosoglou ; Ounce Labs / PhD, OWASP Project Leader ; United Kingdom
‣ fukami ; SektionEins GmbH ; Germany
DeepSec Organisation Team.
https://deepsec.net/contact
Thank you
Stefan Esser
Organiser
Month of PHP Security / php-security.org
SektionEins GmbH / www.sektioneins.com
