News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Secunia:
Cisco Products PHP "htmlentities()" and "htmlspecialchars()" Buffer Overflows
April 26, 2007 @ 07:55:00

Cicso product users should check out this latest issue Secunia has released today - a problem with the htmlentities and htmlspecialchars functions that can lead to buffer overflows.

The vulnerabilities are caused due to boundary errors within the "htmlentities()" and "htmlspecialchars()" functions. If a PHP application uses these functions to process user-supplied input, this can be exploited to cause a heap-based buffer overflow by passing specially crafted data to the affected application.

Successful exploitation may allow execution of arbitrary code, but requires that the UTF-8 character set is selected.

Products affected include the Network Analysis Modules (NAM) for Cisco 6500 switch, Cisco 7600 router/Branch Routers and the CiscoWorks Wireless LAN Solution Engine (WLSE) and CiscoWorks Wireless LAN Solution (among others, check out the advisory for a more complete list).

There are some patches that have been released to correct this issue (like the one for the Cisco Unified Application Environment) but others are still yet to come. They recommend limiting access to only trusted IPs and devices only to reduce the risk of the problem being exploited.

1 comment voice your opinion now!
cisco buffer overflow htmlspecialchars htmlentities advisory cisco buffer overflow htmlspecialchars htmlentities advisory


blog comments powered by Disqus

Similar Posts

Hardened-PHP Project: PHP HTML Entity Encoder Heap Overflow Vulnerability

Secunia: Cisco Products PHP "htmlentities()" and "htmlspecialchars()" Buffer Overflows

SecurityReason: Three Advisories for PHP 5.2.4 (dl, iconv_substr & setlocale)

Kae Verens' Blog: Serving files through a script

Ilia Alshanetsky's Blog: PHP's Output Buffering


Community Events

Don't see your event here?
Let us know!


php7 series example laravel community api security opinion laravel5 interview framework list voicesoftheelephpant extension release library language podcast introduction version

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework