Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  nodelist  faq  login

revolutionary, adj.: Repackaged.


rocksolid / Security / Re: 0-day in php-fpm in connection with nginx and certain setup

SubjectAuthor
* 0-day in php-fpm in connection with nginx and certain setupanonymous
`- Re: 0-day in php-fpm in connection with nginx and certain setupanonymous

1
Subject: 0-day in php-fpm in connection with nginx and certain setup
From: anonymous
Newsgroups: rocksolid.shared.security
Organization: def2org
Date: Sun, 27 Oct 2019 12:02 UTC
Path: i2pn2.org!rocksolid2!def2!.POSTED.localhost!not-for-mail
From: anonym...@def2.anon (anonymous)
Newsgroups: rocksolid.shared.security
Subject: 0-day in php-fpm in connection with nginx and certain setup
Date: Sun, 27 Oct 2019 12:02:33 -0000 (UTC)
Organization: def2org
Message-ID: <591a8e0814c361883cf46ff05ceca5e3$1@z5bqfv5v75kxy7pj.onion>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Sun, 27 Oct 2019 12:02:33 -0000 (UTC)
Injection-Info: def2.org; posting-host="localhost:127.0.0.1";
logging-data="4739"; mail-complaints-to="usenet@def2.org"
View all headers
https://lab.wallarm.com/php-remote-code-execution-0-day-discovered-in-real-world-ctf-exercise/

https://thehackernews.com/2019/10/nginx-php-fpm-hacking.html

This is pretty serious, as it allows to overwrite parts of the ram of the server from remote (which should lead to root access, if carefully exploited, otherwise at least can be used to take down the server).

I wonder if fpm is really needed for most sites...
Posted on def2




Subject: Re: 0-day in php-fpm in connection with nginx and certain setup
From: anonymous
Newsgroups: rocksolid.shared.security
Organization: def2org
Date: Mon, 28 Oct 2019 20:43 UTC
References: 1
Path: i2pn2.org!rocksolid2!def2!.POSTED.localhost!not-for-mail
From: anonym...@def2.anon (anonymous)
Newsgroups: rocksolid.shared.security
Subject: Re: 0-day in php-fpm in connection with nginx and certain setup
Date: Mon, 28 Oct 2019 20:43:09 -0000 (UTC)
Organization: def2org
Message-ID: <b5319a189b2fad96a02dcff157b35ebf$1@z5bqfv5v75kxy7pj.onion>
References: <591a8e0814c361883cf46ff05ceca5e3$1@z5bqfv5v75kxy7pj.onion>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 28 Oct 2019 20:43:09 -0000 (UTC)
Injection-Info: def2.org; posting-host="localhost:127.0.0.1";
logging-data="14610"; mail-complaints-to="usenet@def2.org"
View all headers
here are some more details:

https://bugs.php.net/bug.php?id=78599

the discussion is interesting as well ("why do want to disclose the bug again ?")... Posted on def2




1
rocksolid light 0.7.2
clearneti2ptor