Security issue

Hey guys! I got the message from my server security system, it says that i have some possible breaches in Snapshot plugin.

Here is the message (it's in Russian, but you won't need to know it, it's easy to understand):
=====================
SSH1.php | ?? ???????
???????: /media/plugins/snapshot/lib/Snapshot/Model/Destination/ftp/phpseclib0.2.2/Net
?? ???????: PregReplace.E
????????????????? ???? ?????????: 20 ?????? 19:33:03

SSH2.php | ?? ???????
???????: /media/plugins/snapshot/lib/Snapshot/Model/Destination/ftp/phpseclib0.2.2/Net
?? ???????: PregReplace.E
????????????????? ???? ?????????: 20 ?????? 19:33:03
===========================
Oops, your site doesn't support cyrillic symbols :slight_smile:

If you want more info, here it is.
Screenshot of ssh1.php
https://www.dropbox.com/s/mu0zpi0dvzzxmtb/ssh1.png?dl=0
Screenshot of ssh2.php
https://www.dropbox.com/s/ghmxj3ybvsu7n4o/ssh2.png?dl=0

I understand that it can be false alarm, or maybe you are using some sneaky tricks for better compatibility, but decided to write you about that. Who knows, it might be useful.

At last, the question: what is better way? Do nothing and wait for updates, or add these files to ignore list?

Cheers!

  • Predrag Dubajic

    Hey Jellymind,

    Hope you're doing well :slight_smile:

    Thanks for your question, I had to ping our devs about this to be sure but there's nothing to worry about as this is part of PHP secure communication library, code in question is handling pretty print of format logs so there's no security issues in this case.
    Though preg_replace can pose a security risk in certain situations this is not one of them.

    Let us know if you have any followup questions about this :slight_smile:

    Best regards,
    Predrag

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.