Solved

Directory traversal vulnerability

Posted on 2011-09-23
4
386 Views
Last Modified: 2012-05-12
I have come across a security issue on a linux web server.  If someone enters the following in the address bar of a web browser:

http://web.page.com/index.php?page=../../../../../../etc/passwd

They can view this file.  I have since removed the web server from public access.  The php script was internally created to be a helpdesk support site.  What can be done to the server to make sure no one can call this command and view other directories on the server?
0
Comment
Question by:the-miz
  • 2
  • 2
4 Comments
 

Author Comment

by:the-miz
ID: 36587813
See attached image as there is a special character at the end of the address.
Image2.jpg
0
 
LVL 4

Accepted Solution

by:
sakman earned 500 total points
ID: 36588008
In your php.ini you could set the open_basedir to your www root.

The open_basedir directive "Limit the files that can be opened by PHP to the specified directory-tree".
0
 

Author Comment

by:the-miz
ID: 36588381
Thanks!
0
 
LVL 4

Expert Comment

by:sakman
ID: 36588453
You're welcome.

You could also check safe_mode (http://php.net/safe_mode)
and open_basedir (http://php.net/open-basedir).
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A Change in PHP Behavior with Session Write Short Circuit (http://php.net/manual/en/book.session.php#116217) (Winter 2014)** With the release of PHP 5.6 the session handler changed in a way that many think should be considered a bug.  See the note …
Introduction and Prerequisites This article describes methods for detecting whether a client browser accepts and returns HTTP cookies and whether the client browser runs JavaScript.  Most client browsers will, by default, be configured to use cooki…
A short film showing how OnPage and Connectwise integration works.
Need to grow your business through quality cloud solutions? With everything required to build a cloud platform and solution, you may feel like the distance between you and the cloud is quite long. Help is here. Spend some time learning about the Con…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now