참고
https://nvd.nist.gov/vuln/detail/CVE-2017-9841
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9841
https://vuldb.com/?id.102879
취약 버전
https://www.securityfocus.com/bid/101798
https://www.cvedetails.com/cve/CVE-2017-9841/
설명
http://www.wins21.co.kr/mobile/blog/blog_view.html?t=31&num=1451
POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
PHP 의 die 함수를 이용하여 에러 없이 메시지 출력 후 종료를 시도 하고 있습니다.
<?=die(@md5(Apri1));?>
Snort
https://snort.org/rule_docs/1-45749
?
https://github.com/sebastianbergmann/phpunit/commit/284a69fb88a2d0845d23f42974a583d8f59bf5a5
src/Util/PHP/eval-stdin.php
Snort
https://snort.org/rule_docs/1-45749
?
https://github.com/sebastianbergmann/phpunit/commit/284a69fb88a2d0845d23f42974a583d8f59bf5a5
src/Util/PHP/eval-stdin.php
댓글 없음:
댓글 쓰기