Difference between revisions of "Apache PHP Config"

From C4 Wiki
Jump to: navigation, search
 
Line 9: Line 9:
 
log_errors = On
 
log_errors = On
 
</pre>
 
</pre>
 +
 +
'''Why ?'''
 +
Well look at this list (found on full-disclosure):
 +
 +
* 2004-10-28:    PHP cURL Open_Basedir Restriction Bypass Vulnerability
 +
* 2004-10-25:    PHP Remote Arbitrary Location File Upload Vulnerability
 +
* 2004-10-25:    PHP PHP_Variables Remote Memory Disclosure Vulnerability
 +
* 2004-10-16:    PHP memory_limit Remote Code Execution Vulnerability
 +
* 2004-09-15:    PHP Strip_Tags() Function Bypass Vulnerability
 +
* 2004-06-07:    PHP Microsoft Windows Shell Escape Functions Command Execution Vulnerability
 +
* 2004-05-27:    PHP Input/Ouput Wrapper Remote Include Function Command Execution Weakness
 +
* 2004-03-24:    PHP openlog() Buffer Overflow Vulnerability
 +
* 2003-11-07:    PHP emalloc() Unspecified Integer Overflow Memory Corruption Vulnerability
 +
* 2003-11-07:    PHP wordwrap() Heap Corruption Vulnerability
 +
* 2003-09-24:    PHP4 Multiple Vulnerabilities
 +
* 2003-09-24:    PHP4 Base64_Encode() Integer Overflow Vulnerability
 +
* 2003-08-25:    PHP Transparent Session ID Cross Site Scripting Vulnerability
 +
* 2003-08-13:    PHP Mail Function ASCII Control Character Header Spoofing Vulnerability
 +
* 2003-08-13:    PHP Function CRLF Injection Vulnerability
 +
* 2003-08-13:    PHP DLOpen Memory Disclosure Vulnerability
 +
* 2003-07-17:    PHP Undefined Safe_Mode_Include_Dir Safemode Bypass Vulnerability
 +
* 2003-06-08:    PHP STR_Repeat Boundary Condition Error Vulnerability
 +
* 2003-06-08:    PHP array_pad() Integer Overflow Memory Corruption Vulnerability
 +
* 2003-06-04:    PHP PHPInfo Cross-Site Scripting Vulnerability
 +
* 2003-05-19:    PHP Post File Upload Buffer Overflow Vulnerabilities
 +
* 2003-05-07:    PHP SafeMode Arbitrary File Execution Vulnerability
 +
* 2003-04-14:    PHP MySQL Safe_Mode Filesystem Circumvention Vulnerability
 +
* 2003-03-26:    PHP socket_recvfrom() Signed Integer Memory Corruption Vulnerability
 +
* 2003-03-26:    PHP socket_recv() Signed Integer Memory Corruption Vulnerability
 +
* 2003-03-25:    PHP socket_iovec_alloc() Integer Overflow Vulnerability
 +
* 2003-02-19:    PHP CGI SAPI Code Execution Vulnerability
 +
* 2003-01-08:    PHP 4.0.3 IMAP Module Buffer Overflow Vulnerability
 +
* 2002-09-07:    PHP Header Function Script Injection Vulnerability
 +
* 2002-08-08:    PHP HTTP POST Incorrect MIME Header Parsing Vulnerability
 +
* 2002-07-22:    PHP Interpreter Direct Invocation Denial Of Service Vulnerability
 +
* 2002-04-25:    PHP posix_getpwnam / posix_getpwuid safe_mode Circumvention Vulnerability
 +
* 2002-03-21:    PHP Move_Uploaded_File Open_Basedir Circumvention Vulnerability
 +
* 2002-02-08:    PHP Include File Relative Directory Information Disclosure Vulnerability
 +
* 2002-01-15:    PHP4 Session Files Local Information Disclosure Vulnerability
 +
* 2001-01-16:    PHP .htaccess Attribute Transfer Vulnerability
 +
* 2001-01-12:    PHP Engine Disable Source Viewing Vulnerability
 +
* 2000-10-12:    PHP Error Logging Format String Vulnerability
 +
* 2000-09-03:    PHP Upload Arbitrary File Disclosure Vulnerability
 +
* 2000-01-04:    PHP3 'safe_mode' Failure Vulnerability
 +
* 1999-06-01:    PHP/FI Buffer Overflow Vulnerability
 +
* 1999-06-01:    PHP/FI mylog/mlog Vulnerability
 +
* 1999-06-01:    PHP/FI Directory Traversal Vulnerability
 +
 +
(careful, fud included)

Revision as of 03:09, 5 November 2004

This is a start, find out more here

safe_mode = On
register_globals = Off
allow_url_fopen = Off
expose_php = Off
display_errors = Off
log_errors = On

Why ? Well look at this list (found on full-disclosure):

  • 2004-10-28: PHP cURL Open_Basedir Restriction Bypass Vulnerability
  • 2004-10-25: PHP Remote Arbitrary Location File Upload Vulnerability
  • 2004-10-25: PHP PHP_Variables Remote Memory Disclosure Vulnerability
  • 2004-10-16: PHP memory_limit Remote Code Execution Vulnerability
  • 2004-09-15: PHP Strip_Tags() Function Bypass Vulnerability
  • 2004-06-07: PHP Microsoft Windows Shell Escape Functions Command Execution Vulnerability
  • 2004-05-27: PHP Input/Ouput Wrapper Remote Include Function Command Execution Weakness
  • 2004-03-24: PHP openlog() Buffer Overflow Vulnerability
  • 2003-11-07: PHP emalloc() Unspecified Integer Overflow Memory Corruption Vulnerability
  • 2003-11-07: PHP wordwrap() Heap Corruption Vulnerability
  • 2003-09-24: PHP4 Multiple Vulnerabilities
  • 2003-09-24: PHP4 Base64_Encode() Integer Overflow Vulnerability
  • 2003-08-25: PHP Transparent Session ID Cross Site Scripting Vulnerability
  • 2003-08-13: PHP Mail Function ASCII Control Character Header Spoofing Vulnerability
  • 2003-08-13: PHP Function CRLF Injection Vulnerability
  • 2003-08-13: PHP DLOpen Memory Disclosure Vulnerability
  • 2003-07-17: PHP Undefined Safe_Mode_Include_Dir Safemode Bypass Vulnerability
  • 2003-06-08: PHP STR_Repeat Boundary Condition Error Vulnerability
  • 2003-06-08: PHP array_pad() Integer Overflow Memory Corruption Vulnerability
  • 2003-06-04: PHP PHPInfo Cross-Site Scripting Vulnerability
  • 2003-05-19: PHP Post File Upload Buffer Overflow Vulnerabilities
  • 2003-05-07: PHP SafeMode Arbitrary File Execution Vulnerability
  • 2003-04-14: PHP MySQL Safe_Mode Filesystem Circumvention Vulnerability
  • 2003-03-26: PHP socket_recvfrom() Signed Integer Memory Corruption Vulnerability
  • 2003-03-26: PHP socket_recv() Signed Integer Memory Corruption Vulnerability
  • 2003-03-25: PHP socket_iovec_alloc() Integer Overflow Vulnerability
  • 2003-02-19: PHP CGI SAPI Code Execution Vulnerability
  • 2003-01-08: PHP 4.0.3 IMAP Module Buffer Overflow Vulnerability
  • 2002-09-07: PHP Header Function Script Injection Vulnerability
  • 2002-08-08: PHP HTTP POST Incorrect MIME Header Parsing Vulnerability
  • 2002-07-22: PHP Interpreter Direct Invocation Denial Of Service Vulnerability
  • 2002-04-25: PHP posix_getpwnam / posix_getpwuid safe_mode Circumvention Vulnerability
  • 2002-03-21: PHP Move_Uploaded_File Open_Basedir Circumvention Vulnerability
  • 2002-02-08: PHP Include File Relative Directory Information Disclosure Vulnerability
  • 2002-01-15: PHP4 Session Files Local Information Disclosure Vulnerability
  • 2001-01-16: PHP .htaccess Attribute Transfer Vulnerability
  • 2001-01-12: PHP Engine Disable Source Viewing Vulnerability
  • 2000-10-12: PHP Error Logging Format String Vulnerability
  • 2000-09-03: PHP Upload Arbitrary File Disclosure Vulnerability
  • 2000-01-04: PHP3 'safe_mode' Failure Vulnerability
  • 1999-06-01: PHP/FI Buffer Overflow Vulnerability
  • 1999-06-01: PHP/FI mylog/mlog Vulnerability
  • 1999-06-01: PHP/FI Directory Traversal Vulnerability

(careful, fud included)