Source

Scenario

A vulnerability was identified in a widely used product. Download the challenge attachment and review the code to identify it. Vulnerability Categories (Use this list to answer the related question. Example: Path Traversal): 1. Authentication Bypass 2. Buffer Overflow 3. Code Execution 4. Command Execution 5. Cryptographic flaw 6. Cross Origin Resource Sharing bypass 7. File Inclusion 8. Insecure Direct Object Reference 9. Insecure Deserialization 10. Path Traversal 11. Race Condition 12. Server-Side Request Forgery 13. Server-Side Template Injection 14. SQL Injection 15. XML External Entity

Solution

1. What is the technology affected? (5 points)

   Searching "zlib.c" vulnerability yielded the following article: https://nakedsecurity.sophos.com/2021/03/30/php-web-language-narrowly-avoids-dangerous-supply-chain-attack/

   Answer: PHP

2. Based on the list of vulnerability categories in the challenge scenario, which one describes the identified vulnerability? (5 points)

   Source: https://github.com/php/php-src/commit/2b0f239b211c7544ebc7a4cd2c977a5b7a11ed8a#commitcomment-48834940

   Answer: Command Execution

3. See the corresponding commit. How many lines of code were added when the vulnerability was introduced? (5 points)

   Source: https://github.com/php/php-src/commit/c730aa26bd52829a49f2ad284b181b7e82a68d7d

   Answer: 11

4. What HTTP head is required to exploit the vulnerability? (5 points)

   Source: https://nakedsecurity.sophos.com/2021/03/30/php-web-language-narrowly-avoids-dangerous-supply-chain-attack/

   Answer: User-Agentt

---

Tags

1. code review (Private)
2. 20 points (Private)
3. medium (Private)