ID: 25315 Updated by: [EMAIL PROTECTED] Reported By: info at flashman dot ru -Status: Feedback +Status: Bogus Bug Type: Directory function related Operating System: Linux pr5 2.4.18-3 PHP Version: 4.3.1 New Comment:
It's your fault if you pass user input as-is forward to any PHP/your own function/etc. Definately NOT PHP bug. Previous Comments: ------------------------------------------------------------------------ [2003-08-29 14:03:25] [EMAIL PROTECTED] Not enough information was provided for us to be able to handle this bug. Please re-read the instructions at http://bugs.php.net/how-to-report.php If you can provide more information, feel free to add it to this bug and change the status back to "Open". Thank you for your interest in PHP. ------------------------------------------------------------------------ [2003-08-29 13:38:58] info at flashman dot ru Description: ------------ php function mkdir allows hackers to execute various commands on the server. Some scripts need a directory name for user. They may enter '/www/somedir /usr/bin/wget ...' and command '/usr/bin/wget somethinghere' will be executed on the server without problems! It happens when php calls unix command mkdir. Regards, Flashman ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=25315&edit=1
