Vulnerability Development mailing list archives
Re: Vulnerability in PHP ?!?
From: "John" <john () flaccess com>
Date: Mon, 13 May 2002 18:18:22 -0400
I have the src to 73501867.c if you want??? ----- Original Message ----- From: "Andreas Hasenack" <andreas () conectiva com br> To: "BoneMachine" <BoneMachine () sdf lonestar org> Cc: <vuln-dev () securityfocus com> Sent: Monday, May 13, 2002 4:11 PM Subject: Re: Vulnerability in PHP ?!?
Check out http://bugs.php.net/bug.php?id=15772 The security fix introduced this crash problem into 4.1.2, maybe that's what you are seeing/hearing. BTW, beware, a packetstorm mirror had a trojaned exploit: http://packetstormsecurity.nl/73501867.html Em Mon, May 13, 2002 at 06:26:19PM +0200, BoneMachine escreveu:I've posted this before but it was not processed. --- I stumbled on some exploit code from TESO that is available at packetstorm (http://packetstormsecurity.nl/filedesc/7350fun.html). The code exists as a binary that is supposed to exploit mod_php 4.0.x and crash at least 4.1.2 I am curious what hole is being exploited. I can't remember a buffer overflow vulnerability being reported for mod_php 4.1.2 Anyone with ideas ? TIA Bone Machine
Current thread:
- Vulnerability in PHP ?!? BoneMachine (May 13)
- Re: Vulnerability in PHP ?!? Andreas Hasenack (May 13)
- Re: Vulnerability in PHP ?!? John (May 13)
- Re: Vulnerability in PHP ?!? Matthew Kauffman (May 13)
- Re: Vulnerability in PHP ?!? Matthew Kauffman (May 13)
- <Possible follow-ups>
- Re: Vulnerability in PHP ?!? lion (May 13)
- Re: Vulnerability in PHP ?!? Andreas Hasenack (May 13)