View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0000148||Main CAcert Website||GPG/PGP||public||2006-03-04 13:01||2013-01-13 17:01|
|Fixed in Version||2006|
|Summary||0000148: site shouldn't rely on magic_quotes_gpc turned on|
|Description||If you submit the following as a gpg CSR|
/tmp\\"; touch /tmp/OWNED \\"
it is extended to
/tmp\\\\\"; touch /tmp/OWNED \\\\\"
by the magic_quotes_gpc function of php.
Although this saves us I still consider it as a minor risk to the security of the server. If magic_quotes would accidently been turned off an attacker could execute shell commands with the rights of the webserver.
Using addslashes() together with get_magic_quotes_gpc() should keep the CSR intact and the server secure.
|Tags||No tags attached.|
||Relationship added||related to 0000245|
|2006-08-14 02:56||duane||Status||new => closed|
|2006-08-14 02:56||duane||Note Added: 0000399|
|2006-08-14 02:56||duane||Resolution||open => fixed|
|2013-01-13 17:01||Werner Dworak||Fixed in Version||=> 2006|