Re: Vulnerability in PHP ?!?

From: Andreas Hasenack (andreasat_private)
Date: Mon May 13 2002 - 13:11:06 PDT

Next message: Matthew Kauffman: "Re: Vulnerability in PHP ?!?"

Previous message: BoneMachine: "Vulnerability in PHP ?!?"
In reply to: BoneMachine: "Vulnerability in PHP ?!?"
Next in thread: John: "Re: Vulnerability in PHP ?!?"
Next in thread: Matthew Kauffman: "Re: Vulnerability in PHP ?!?"
Reply: John: "Re: Vulnerability in PHP ?!?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Check out http://bugs.php.net/bug.php?id=15772

The security fix introduced this crash problem into 4.1.2, maybe
that's what you are seeing/hearing.

BTW, beware, a packetstorm mirror had a trojaned
exploit:

http://packetstormsecurity.nl/73501867.html

Em Mon, May 13, 2002 at 06:26:19PM +0200, BoneMachine escreveu:
> I've posted this before but it was not processed.
> 
> --- 
> 
> I stumbled on some exploit code from TESO that is available at
> packetstorm (http://packetstormsecurity.nl/filedesc/7350fun.html). The
> code exists as a binary that is supposed to exploit
> mod_php 4.0.x and crash at least 4.1.2
> 
> I am curious what hole is being exploited. I can't remember a buffer
> overflow vulnerability being reported for mod_php 4.1.2
> Anyone with ideas ?
> 
> TIA
> Bone Machine

Next message: Matthew Kauffman: "Re: Vulnerability in PHP ?!?"
Previous message: BoneMachine: "Vulnerability in PHP ?!?"
In reply to: BoneMachine: "Vulnerability in PHP ?!?"
Next in thread: John: "Re: Vulnerability in PHP ?!?"
Next in thread: Matthew Kauffman: "Re: Vulnerability in PHP ?!?"
Reply: John: "Re: Vulnerability in PHP ?!?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon May 13 2002 - 15:15:10 PDT