Hi, could someone (clap! clap! author ! author !) explain how "7350fun" exploit is supposed to harm php-4.0.6 ? From the analysis of php-4.0.6/main/rfc1867.c it seems possible to scan the memory area after the raw mime stream; but no possibility of overwriting anything is visible ? e-matters advisory claims that the exploit is "simple", but provides no details. AdamM ----------------------------------------------------------------------- Kraków, Sopot, Zakopane, Hel - miasto na lato :-) Zaprasza sieć wakacyjnych serwisów informacyjnych < http://naszemiasto.pl >
This archive was generated by hypermail 2b30 : Tue Jul 30 2002 - 09:58:35 PDT