[21661] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: php mail function bypass safe_mode restriction

daemon@ATHENA.MIT.EDU (Jon Ribbens)
Thu Jul 19 15:31:55 2001

Date: Thu, 19 Jul 2001 20:05:45 +0100
From: Jon Ribbens <jon+bugtraq@unequivocal.co.uk>
To: bugtraq@securityfocus.com
Message-ID: <20010719200545.D6312@snowy.squish.net>
Mail-Followup-To: bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <05256A8E.005DD0B2.00@mail.awiweb.com>; from sintes@nfrance.com on Wed, Jul 18, 2001 at 06:03:39PM +0000

Laurent Sintes <sintes@nfrance.com> wrote:
> extra_cmd = php_escape_shell_arg(Z_STRVAL_PP(argv[4]));
> 
> But it is not a suffisant check because php_escape_shell_arg
> does not escape all charaters.

False. escape_shell_arg will successfully escape all characters from
shells.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[21661] in bugtraq

Re: php mail function bypass safe_mode restriction

daemon@ATHENA.MIT.EDU (Jon Ribbens)Thu Jul 19 15:31:55 2001

daemon@ATHENA.MIT.EDU (Jon Ribbens)
Thu Jul 19 15:31:55 2001