?
Solved

Directory traversal vulnerability

Posted on 2011-09-23
4
Medium Priority
?
394 Views
Last Modified: 2012-05-12
I have come across a security issue on a linux web server.  If someone enters the following in the address bar of a web browser:

http://web.page.com/index.php?page=../../../../../../etc/passwd

They can view this file.  I have since removed the web server from public access.  The php script was internally created to be a helpdesk support site.  What can be done to the server to make sure no one can call this command and view other directories on the server?
0
Comment
Question by:the-miz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 

Author Comment

by:the-miz
ID: 36587813
See attached image as there is a special character at the end of the address.
Image2.jpg
0
 
LVL 4

Accepted Solution

by:
sakman earned 2000 total points
ID: 36588008
In your php.ini you could set the open_basedir to your www root.

The open_basedir directive "Limit the files that can be opened by PHP to the specified directory-tree".
0
 

Author Comment

by:the-miz
ID: 36588381
Thanks!
0
 
LVL 4

Expert Comment

by:sakman
ID: 36588453
You're welcome.

You could also check safe_mode (http://php.net/safe_mode)
and open_basedir (http://php.net/open-basedir).
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

1. Introduction As many people are interested in Linux but not as many are interested or knowledgeable (enough) to install Linux on their system, here is a safe way to try out Linux on your existing (Windows) system. The idea is that you insta…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question