r4322 - trunk/varnish-tools/security.vcl/vcl/modules
edward at projects.linpro.no
edward at projects.linpro.no
Mon Oct 12 12:13:49 CEST 2009
Author: edward
Date: 2009-10-12 12:13:49 +0200 (Mon, 12 Oct 2009)
New Revision: 4322
Modified:
trunk/varnish-tools/security.vcl/vcl/modules/php.vcl
Log:
added a check for "_PHPLIB[" which is activly exploitet
Modified: trunk/varnish-tools/security.vcl/vcl/modules/php.vcl
===================================================================
--- trunk/varnish-tools/security.vcl/vcl/modules/php.vcl 2009-10-09 09:03:39 UTC (rev 4321)
+++ trunk/varnish-tools/security.vcl/vcl/modules/php.vcl 2009-10-12 10:13:49 UTC (rev 4322)
@@ -89,6 +89,13 @@
call sec_php_sev1;
}
+ if (req.url ~ "_PHPLIB\[") {
+ set req.http.X-SEC-RuleName = "Manipulation of Predefined Variable _PHPLIB";
+ set req.http.X-SEC-RuleId = "13";
+ set req.http.X-SEC-RuleInfo = "Manipulation of Predefined Variable: _PHPLIB";
+ call sec_php_sev1;
+ }
+
# One could make one long regexp with common php statements. For now:
# Generic check for code execution
More information about the varnish-commit
mailing list