-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 //@(#) Mordred Security Labs advisory Release date: March 27, 2003 Name: PHP for Windows - buffer overflow in openlog() function Versions affected: all versions for Windows platforms Risk: average Author: Sir Mordred (mordred@s-mail.com) I. Description: PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Please visit http://www.php.net for more information about PHP. II. Details: There exists a classic stack overflow in the openlog() function and the following short script will illustrate this vulnerability: $ cat t1.php <?php openlog(str_repeat("X", 1500), LOG_PID, LOG_DAEMON); ?> III. Platforms tested Windows 200 with IIS 5.0 / PHP 4.3.1 III. Workaround Not available at the time of writing. IV. Vendor PHP developers notified. -----BEGIN PGP SIGNATURE----- Version: Hush 2.2 (Java) Note: This signature can be verified at https://www.hushtools.com/verify wmAEARECACAFAj6DH5sZHHNpci5tb3JkcmVkQGh1c2htYWlsLmNvbQAKCRAOkXvN4BZr fN4fAJ9EhQBM1k8JukU4JjZ6VTVVi5k/IwCeO8GoK/V4zuG7HbAgXkb2CNlXelg= =t5SO -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Big $$$ to be made with the HushMail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427
This archive was generated by hypermail 2b30 : Thu Mar 27 2003 - 10:00:02 PST