Project

General

Profile

Actions
Copy link

Bug #94640

open

Feature: #91354 - Integrate server response security checks causes linux-malware-detect trigger "false" detection

Added by Rene Tobias almost 3 years ago. Updated almost 3 years ago.

Status:
New
Priority:
Should have
Assignee:
-
Category:
Security
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
9
PHP Version:
7.3
Tags:
Complexity:
medium
Is Regression:
Sprint Focus:

Description

Hello,

Feature: #91354 - Integrate server response security checks - causes linux-malware-detect trigger "false" detection.

So your code which TYPO3 include in files '.php.wrong' and '.php.txt' triggers malware detection.

For malware detection we are using "linux-malware-detect" - https://github.com/rfxn/linux-malware-detect https://www.rfxn.com/projects/linux-malware-detect/

The problematic code is: base64_decode('UEhQIGNvbnRlbnQ=');

Full code:

<!DOCTYPE html><html lang="en"><body><div><?php echo base64_decode('UEhQIGNvbnRlbnQ=');?></div></body></html>

TYPO3 9.5.18
CenOS 7.9

Related issues 1 (0 open1 closed)

Related to TYPO3 Core - Task #91354: Integrate server response security checksClosedOliver Hader2020-05-10

Actions
Actions
Copy link

Also available in: Atom PDF