[24773] in bugtraq
Re: PHP Net Toolpack: input validation error
daemon@ATHENA.MIT.EDU (Jon Ribbens)
Thu Mar 21 02:41:23 2002
Date: Tue, 19 Mar 2002 16:37:45 +0000
From: Jon Ribbens <jon+bugtraq@unequivocal.co.uk>
To: ppp-design <security@ppp-design.de>
Cc: bugtraq <bugtraq@securityfocus.com>
Message-ID: <20020319163745.J14060@snowy.squish.net>
Mail-Followup-To: ppp-design <security@ppp-design.de>,
bugtraq <bugtraq@securityfocus.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <3C95A87E.8090709@ppp-design.de>; from security@ppp-design.de on Mon, Mar 18, 2002 at 09:42:38AM +0100
ppp-design <security@ppp-design.de> wrote:
> You can use escapeshellcmd() to check the input for unwanted characters.
> So you can replace the bad line in the traceroute function with the
> following two lines:
>
> $sec_input=escapeshellcmd($a_query);
> exec("/sbin/traceroute $sec_input",$ret_strs);
Note that this does not do what you think it does. escapeshellcmd is
not the right function to use - at the very least, people can still
pass more than one parameter to traceroute when you only want them to
be able to pass one. The correct function to use is escapeshellarg.
