Penetration Testing mailing list archives
Re: PHP -> Fatal error: Allowed memory size
From: clez <bugtraq-pt () clez net>
Date: Thu, 17 Jun 2010 13:51:36 +0200
Actually it is a protection mechanism. The server process handling your request reached the predefined memory limit and stops. It's easy to provoke such an abort by calling a script with huge array definitions. If you got this error message in your browser, I'd consider having "display_errors = on" being the bigger flaw. On Saturday 12 June 2010 18:08:25 Jacky Jack wrote:
Hi Requesting certain attack payload triggers:Fatal error: Allowed memory size of *** bytes (tried ...)Error in a PHP application. May this be security flaw like DOS? Thank you. ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- PHP -> Fatal error: Allowed memory size Jacky Jack (Jun 16)
- Re: PHP -> Fatal error: Allowed memory size clez (Jun 18)