Rocksolid Light

Welcome to RetroBBS

mail  files  register  newsreader  groups  login

Message-ID:  

The truth about a man lies first and foremost in what he hides. -- Andre Malraux


rocksolid / Security / 0-day in php-fpm in connection with nginx and certain setup

SubjectAuthor
* 0-day in php-fpm in connection with nginx and certain setupanonymous
`- 0-day in php-fpm in connection with nginx and certain setupanonymous

1
0-day in php-fpm in connection with nginx and certain setup

<591a8e0814c361883cf46ff05ceca5e3$1@z5bqfv5v75kxy7pj.onion>

 copy mid

https://www.rocksolidbbs.com/rocksolid/article-flat.php?id=74&group=rocksolid.shared.security#74

 copy link   Newsgroups: rocksolid.shared.security
Path: i2pn2.org!rocksolid2!def2!.POSTED.localhost!not-for-mail
From: anonymous@def2.anon (anonymous)
Newsgroups: rocksolid.shared.security
Subject: 0-day in php-fpm in connection with nginx and certain setup
Date: Sun, 27 Oct 2019 12:02:33 -0000 (UTC)
Organization: def2org
Message-ID: <591a8e0814c361883cf46ff05ceca5e3$1@z5bqfv5v75kxy7pj.onion>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Sun, 27 Oct 2019 12:02:33 -0000 (UTC)
Injection-Info: def2.org; posting-host="localhost:127.0.0.1";
logging-data="4739"; mail-complaints-to="usenet@def2.org"
 by: anonymous - Sun, 27 Oct 2019 12:02 UTC

https://lab.wallarm.com/php-remote-code-execution-0-day-discovered-in-real-world-ctf-exercise/

https://thehackernews.com/2019/10/nginx-php-fpm-hacking.html

This is pretty serious, as it allows to overwrite parts of the ram of the
server from remote (which should lead to root access, if carefully
exploited, otherwise at least can be used to take down the server).

I wonder if fpm is really needed for most sites...
Posted on def2

Re: 0-day in php-fpm in connection with nginx and certain setup

<b5319a189b2fad96a02dcff157b35ebf$1@z5bqfv5v75kxy7pj.onion>

 copy mid

https://www.rocksolidbbs.com/rocksolid/article-flat.php?id=78&group=rocksolid.shared.security#78

 copy link   Newsgroups: rocksolid.shared.security
Path: i2pn2.org!rocksolid2!def2!.POSTED.localhost!not-for-mail
From: anonymous@def2.anon (anonymous)
Newsgroups: rocksolid.shared.security
Subject: Re: 0-day in php-fpm in connection with nginx and certain setup
Date: Mon, 28 Oct 2019 20:43:09 -0000 (UTC)
Organization: def2org
Message-ID: <b5319a189b2fad96a02dcff157b35ebf$1@z5bqfv5v75kxy7pj.onion>
References: <591a8e0814c361883cf46ff05ceca5e3$1@z5bqfv5v75kxy7pj.onion>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 28 Oct 2019 20:43:09 -0000 (UTC)
Injection-Info: def2.org; posting-host="localhost:127.0.0.1";
logging-data="14610"; mail-complaints-to="usenet@def2.org"
 by: anonymous - Mon, 28 Oct 2019 20:43 UTC

here are some more details:

https://bugs.php.net/bug.php?id=78599

the discussion is interesting as well ("why do want to disclose the bug
again ?")...
Posted on def2

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor