 Symfony Securitiy Issue - validation bypass method [message #5457] |
Tue, 25 April 2006 15:56  |
|
Synopsis
--------
Symfony's built in validation system can by bypassed by altering the case of a URL.
Affected Versions
-----------------
All current versions of symfony are affected.
Description
-----------
Symfony provides a system to validate actions by specifying rules in a configuration file whos name is dependent upon the requested action. Due to the case insensitivity of PHP coupled with the case sensitivity of the underlying file system, validation rules can by bypassed by changing the case of the action in the URL.
Example
-------
http://site.com/module/action/id/4 - might be validated by a file called 'validate/action.yml'. However, changing the URL to
http://site.com/module/acTIOn/id/4 would bypass the validation (validate/acTiOn.yml would not exist)
Impact
------
The impact of this issue will vary on an application to application basis. For applications relying on validation to sanitize data – unsanitized data could be injected into your site. Some applications might be using the validation system for permissions checking, this issue will allow users to bypass your sites security.
Workaround
----------
Currently there is no known work around.
[Updated on: Tue, 25 April 2006 16:10]
http://shurl.net - the only URL shortening service written with symfony!
|
|
|
 |
Symfony Securitiy Issue - validation bypass method
By: pookey on Tue, 25 April 2006 15:56 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: simonbun on Tue, 25 April 2006 17:01 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: francois on Tue, 25 April 2006 17:38 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: pookey on Tue, 25 April 2006 17:52 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: sshadow on Tue, 25 April 2006 19:50 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: chtito on Tue, 25 April 2006 20:33 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: pookey on Tue, 25 April 2006 21:29 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: chtito on Tue, 25 April 2006 22:26 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: pookey on Tue, 25 April 2006 22:37 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: bcaspe on Wed, 24 May 2006 17:48 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: bcaspe on Wed, 24 May 2006 18:40 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: bcaspe on Wed, 24 May 2006 18:42 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: halfer on Wed, 24 May 2006 18:14 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: pookey on Wed, 24 May 2006 18:19 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: halfer on Wed, 24 May 2006 19:07 |
|
Re: Symfony Securitiy Issue - validation bypass method
|
|
Re: Symfony Securitiy Issue - validation bypass method
By: phptub on Wed, 15 November 2006 08:14 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: halfer on Wed, 15 November 2006 11:07 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: phptub on Wed, 15 November 2006 11:42 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: halfer on Wed, 15 November 2006 11:56 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: phptub on Wed, 15 November 2006 12:41 |
|
Re: Symfony Securitiy Issue - validation bypass method
By: halfer on Wed, 15 November 2006 12:58 |
Members
Search
FAQ
Register
Login
Home
