php-4.0.6 vulnerability

From: Adam Malewski (adammalewskiat_private)
Date: Tue Jul 30 2002 - 02:42:00 PDT

Next message: KF: "Re: Operation TIPS - the FEMA response"

Previous message: uraken: "Re: Does MSN Messenger Bypass Group Policy?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,
could someone (clap! clap! author ! author !) explain how
"7350fun" exploit is supposed to harm php-4.0.6 ? From the
analysis of php-4.0.6/main/rfc1867.c it seems possible to scan
the memory area after the raw mime stream; but no possibility
of overwriting anything is visible ? e-matters advisory claims
that the exploit is "simple", but provides no details.

AdamM 



-----------------------------------------------------------------------
Kraków, Sopot, Zakopane, Hel - miasto na lato :-)
Zaprasza sieć wakacyjnych serwisów informacyjnych < http://naszemiasto.pl >

Next message: KF: "Re: Operation TIPS - the FEMA response"
Previous message: uraken: "Re: Does MSN Messenger Bypass Group Policy?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 30 2002 - 09:58:35 PDT