Add another burned vuln to the php8 rules

author: Julien Voisin 2023-02-16 11:35:48 +0100
committer: GitHub 2023-02-16 11:35:48 +0100
commit: 53b3f53b0665fa1d98a63e49e82273ec52e5f9f1 (patch)
tree: 237684225f476e8bf8ba42117745bc5e67049c24 /config
parent: b5fd2a9ec46260e55ffd49aa68b2d0d4f9828707 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/config/default_php8.rules b/config/default_php8.rules
index 6d6b88e..4773b4e 100644
--- a/config/default_php8.rules
+++ b/config/default_php8.rules
@@ -43,6 +43,7 @@ sp.disable_function.function("mail").param("additional_parameters").value_r("\\-
 # Since it's now burned, me might as well mitigate it publicly
 sp.disable_function.function("putenv").param("assignment").value_r("LD_").drop()
+sp.disable_function.function("putenv").param("assignment").value("PATH").drop()
 # This one was burned in Nov 2019 - https://gist.github.com/LoadLow/90b60bd5535d6c3927bb24d5f9955b80
 sp.disable_function.function("putenv").param("assignment").value_r("GCONV_").drop()
author	Julien Voisin	2023-02-16 11:35:48 +0100
committer	GitHub	2023-02-16 11:35:48 +0100
commit	53b3f53b0665fa1d98a63e49e82273ec52e5f9f1 (patch)
tree	237684225f476e8bf8ba42117745bc5e67049c24 /config
parent	b5fd2a9ec46260e55ffd49aa68b2d0d4f9828707 (diff)

diff --git a/config/default_php8.rules b/config/default_php8.rules index 6d6b88e..4773b4e 100644 --- a/config/default_php8.rules +++ b/config/default_php8.rules
@@ -43,6 +43,7 @@ sp.disable_function.function("mail").param("additional_parameters").value_r("\\-
43		43
44	# Since it's now burned, me might as well mitigate it publicly	44	# Since it's now burned, me might as well mitigate it publicly
45	sp.disable_function.function("putenv").param("assignment").value_r("LD_").drop()	45	sp.disable_function.function("putenv").param("assignment").value_r("LD_").drop()
		46	sp.disable_function.function("putenv").param("assignment").value("PATH").drop()
46		47
47	# This one was burned in Nov 2019 - https://gist.github.com/LoadLow/90b60bd5535d6c3927bb24d5f9955b80	48	# This one was burned in Nov 2019 - https://gist.github.com/LoadLow/90b60bd5535d6c3927bb24d5f9955b80
48	sp.disable_function.function("putenv").param("assignment").value_r("GCONV_").drop()	49	sp.disable_function.function("putenv").param("assignment").value_r("GCONV_").drop()