I have the src to 73501867.c if you want??? ----- Original Message ----- From: "Andreas Hasenack" <andreasat_private> To: "BoneMachine" <BoneMachineat_private> Cc: <vuln-devat_private> Sent: Monday, May 13, 2002 4:11 PM Subject: Re: Vulnerability in PHP ?!? > Check out http://bugs.php.net/bug.php?id=15772 > > The security fix introduced this crash problem into 4.1.2, maybe > that's what you are seeing/hearing. > > BTW, beware, a packetstorm mirror had a trojaned > exploit: > > http://packetstormsecurity.nl/73501867.html > > Em Mon, May 13, 2002 at 06:26:19PM +0200, BoneMachine escreveu: > > I've posted this before but it was not processed. > > > > --- > > > > I stumbled on some exploit code from TESO that is available at > > packetstorm (http://packetstormsecurity.nl/filedesc/7350fun.html). The > > code exists as a binary that is supposed to exploit > > mod_php 4.0.x and crash at least 4.1.2 > > > > I am curious what hole is being exploited. I can't remember a buffer > > overflow vulnerability being reported for mod_php 4.1.2 > > Anyone with ideas ? > > > > TIA > > Bone Machine >
This archive was generated by hypermail 2b30 : Mon May 13 2002 - 20:25:52 PDT