Core dump checker PHP script
Description
This vulnerability identifies the presence of coredumpcheck.php, a diagnostic script that enumerates and displays core dump files in the web-accessible directory. Core dumps are memory snapshots automatically generated by the operating system when a process crashes or terminates abnormally. When this script is accessible via the web server, it allows unauthorized users to discover and potentially access these sensitive memory dumps without authentication.
Remediation
Immediately remove the coredumpcheck.php file from all web-accessible directories. Additionally, implement the following security measures:
1. Delete or relocate all core dump files outside the web root directory
2. Configure your web server to deny access to .core and core dump files by adding rules to .htaccess (Apache) or server configuration:
Apache (.htaccess):
<FilesMatch "\.(core|dump)$">
Require all denied
</FilesMatch>3. Disable core dump generation in production environments by setting appropriate ulimit values in your system configuration
4. If core dumps are needed for debugging, store them in non-web-accessible directories with restricted file permissions (chmod 600)
5. Implement regular security scans to detect diagnostic or debug scripts in production environments