The security controls within the Zend Framework mitigate the XXE attack vectors by first calling libxml_disable_entity_loader(), and then looping through the DOMDocument nodes testing if any is of type: XML_DOCUMENT_TYPE_NODE If so, an exception is raised and PHP script execution is halted. Bypassing the controls may allow XXE attacks and lead to the aforementioned exploitation possibilities on systems where the XML parser is set to resolve entities. Exploiting XXE issues on PHP applications may also lead to denial of service or in some cases (for example, when an ‘expect’ PHP module is installed) lead to command execution.Īn independent security research of Zend Framework revealed that it is possible to bypass XXE security controls within the framework in case when the PHP application using Zend XML related classes (e.g Zend_XmlRpc_Server, Zend_Feed, Zend_Config_Xml etc.) from Zend Framework (including the latest version) is served via PHP FPM. The application may be forced to open arbitrary files and/or network resources. XXE (XML eXternal Entity) attack is an attack on an application that parses XML input from untrusted sources using incorrectly configured XML parser. The XML standard defines a concept of an external entites. ZendXml is a utility component for XML usage and best practices in PHP.
SSD was designed by researchers for researchers and will give you the fast response and great support you need to make top dollar for your discoveries.
SecuriTeam Secure Disclosure ( SSD) provides the support you need to turn your experience uncovering security vulnerabilities into a highly paid career.