Advertisement
Promo

Security threats Toolkit

PHP exploit code found on image-hosting site

Dawn Kawamoto CNET News

Published: 21 Jun 2007 14:10 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Security researchers have found PHP exploit code embedded in a GIF on a major image-hosting site.

The exploit code slipped through the site's defences with the aid of a legitimate image at the beginning of the file, according to a blog post on the Sans Institute's Internet Storm Center.

"It is a clever way to pass exploit code to others without it setting off alarms or attracting attention, all [the] while bypassing network security tools," the blog noted.

Malicious attackers planted PHP-coded exploit script within an image file. PHP is often used as a programming language to create dynamic websites.

Once this type of malicious GIF is uploaded to a server, it can cause havoc by remotely allowing more exploits to be deployed on the system, said Johannes Ullrich, chief research officer for the Sans Institute.

When users download the image to view it, the server parses the PHP code and the exploit is executed, as it serves the image to the user.

Over the past six months, this type of technique has been occurring with increasing frequency, Ullrich said.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
14 out of 18 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

2 comments

  1. Probably has to do with IMG SRC attribute! Thinkingman
  2. Why is the server parsing an image file? gurnaik

Related Links

More In Security threats



Company/Topic Alerts

Create a new alert from the list below:






Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Official Organizations Losing Data

How does this article from earlier today make you feel? How many more government, health service, or military officials are going to lose pen drives, DVDs, USB hard disks and even entire... More

1 comment

Twitter hack was DNS redirect

Twitter has said an attack on Thursday which took the site offline for many users was the result of a DNS redirect. A group calling itself the Iranian Cyber Army redirected users... More

1 comment

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Win a BlackBerry with Vlingo voice recognition

Win a BlackBerry with Vlingo voice recognition

What is ZDNet UK's usual tagline?

Competition closes - 14 Jan 2010


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters