Hello Everyone, it is 21th of May. The Month of PHP Security (http://www.php-security.org) is still running and we have reached a vulnerability count of 40 vulnerabilities, which is nearly as much as we disclosed during the whole Month of PHP Bugs in 2007. However there are 11 more days until the end of May and therefore there are still plenty of more vulnerabilities to come. Escpecially the amount of SQL injection vulnerabilites in PHP applications will increase, because it is called SQL injection marathon for a reason. And we also have several articles and submissions left. There have been some changes to the website that should make it easier to read and we also added the possiblity to comment on bugs/entries/news and articles. For those that don't already know you can follow the Month of PHP Security on Twitter, too. Just follow @mops_2010 Here is the summary of what happened during the last 10 days. Related Events -------------- Returning into the PHP Interpreter – Remote Exploitation of Memory Corruptions in PHP is not over, yet. http://php-security.org/2010/05/21/related-event-returning-into-the-php-interpreter-remote-exploitation-of-memory-corruptions-in-php-is-not-over-yet/ PHP Security Course – Advanced PHP Auditing at Source and Bytecode level http://php-security.org/2010/05/19/related-event-php-security-course-advanced-php-auditing-at-source-and-bytecode-level/ Articles -------- MOPS Submission 07: Our Dynamic PHP – Obvious and not so obvious PHP code injection and evaluation http://php-security.org/2010/05/20/mops-submission-07-our-dynamic-php/ MOPS Submission 06: Variable Initialization in PHP http://php-security.org/2010/05/17/mops-submission-06-variable-initialization-in-php/ Article: Decoding a User Space Encoded PHP Script http://php-security.org/2010/05/13/article-decoding-a-user-space-encoded-php-script/ MOPS Submission 05 – The Minerva PHP Fuzzer http://php-security.org/2010/05/11/mops-submission-05-the-minerva-php-fuzzer/ PHP Vulnerabilities ------------------- MOPS-2010-040: PHP strtr() Interruption Information Leak Vulnerability http://php-security.org/2010/05/21/mops-2010-040-php-strtr-interruption-information-leak-vulnerability/ MOPS-2010-039: PHP strpbrk() Interruption Information Leak Vulnerability http://php-security.org/2010/05/21/mops-2010-039-php-strpbrk-interruption-information-leak-vulnerability/ MOPS-2010-038: PHP http_build_query() Interruption Information Leak Vulnerability http://php-security.org/2010/05/21/mops-2010-038-php-http_build_query-interruption-information-leak-vulnerability/ MOPS-2010-037: PHP str_getcsv() Interruption Information Leak Vulnerability http://php-security.org/2010/05/21/mops-2010-037-php-str_getcsv-interruption-information-leak-vulnerability/ MOPS-2010-036: PHP htmlentities() and htmlspecialchars() Interruption Information Leak Vulnerability http://php-security.org/2010/05/21/mops-2010-036-php-htmlentities-and-htmlspecialchars-interruption-information-leak-vulnerability/ MOPS-2010-034: PHP iconv_mime_encode() Interruption Information Leak Vulnerability http://php-security.org/2010/05/18/mops-2010-034-php-iconv_mime_encode-interruption-information-leak-vulnerability/ MOPS-2010-033: PHP iconv_substr() Interruption Information Leak Vulnerability http://php-security.org/2010/05/18/mops-2010-033-php-iconv_substr-interruption-information-leak-vulnerability/ MOPS-2010-032: PHP iconv_mime_decode() Interruption Information Leak Vulnerability http://php-security.org/2010/05/18/mops-2010-032-php-iconv_mime_decode-interruption-information-leak-vulnerability/ MOPS-2010-028: PHP phar_wrapper_open_url Format String Vulnerabilities http://php-security.org/2010/05/14/mops-2010-028-php-phar_wrapper_open_url-format-string-vulnerabilities/ MOPS-2010-027: PHP phar_parse_url Format String Vulnerabilities http://php-security.org/2010/05/14/mops-2010-027-php-phar_parse_url-format-string-vulnerabilities/ MOPS-2010-026: PHP phar_wrapper_unlink Format String Vulnerability http://php-security.org/2010/05/14/mops-2010-026-php-phar_wrapper_unlink-format-string-vulnerability/ MOPS-2010-025: PHP phar_wrapper_open_dir Format String Vulnerability http://php-security.org/2010/05/14/mops-2010-025-php-phar_wrapper_open_dir-format-string-vulnerability/ MOPS-2010-024: PHP phar_stream_flush Format String Vulnerability http://php-security.org/2010/05/14/mops-2010-024-php-phar_stream_flush-format-string-vulnerability/ MOPS-2010-022: PHP Stream Context Use After Free on Request Shutdown Vulnerability http://php-security.org/2010/05/12/mops-2010-022-php-stream-context-use-after-free-on-request-shutdown-vulnerability/ MOPS-2010-021: PHP fnmatch() Stack Exhaustion Vulnerability http://php-security.org/2010/05/11/mops-2010-021-php-fnmatch-stack-exhaustion-vulnerability/ PHP Application Vulnerabilities ------------------------------- MOPS-2010-035: e107 BBCode Remote PHP Code Execution Vulnerability http://php-security.org/2010/05/19/mops-2010-035-e107-bbcode-remote-php-code-execution-vulnerability/ MOPS-2010-031: e107 Usersettings loginname SQL Injection Vulnerability (UPDATED) http://php-security.org/2010/05/16/mops-2010-031-e107-usersettings-loginname-sql-injection-vulnerability/ MOPS-2010-030: CMSQlite mod Parameter Local File Inclusion Vulnerability http://php-security.org/2010/05/15/mops-2010-030-cmsqlite-mod-parameter-local-file-inclusion-vulnerability/ MOPS-2010-029: CMSQlite c Parameter SQL Injection Vulnerability http://php-security.org/2010/05/15/mops-2010-029-cmsqlite-c-parameter-sql-injection-vulnerability/ MOPS-2010-023: Cacti Graph Viewer SQL Injection Vulnerability http://php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/ Thank you Stefan Esser Organiser Month of PHP Security / php-security.org SektionEins GmbH / www.sektioneins.com
