Re: [Full-Disclosure] Advisory 11/2004: PHP memory_limit remote vulnerability

From: Florian Weimer (fw_at_deneb.enyo.de)
Date: 07/14/04

  • Next message: Maarten: "Re: [Full-Disclosure] Erasing a hard disk easily"
    To: vulndiscuss@vulnwatch.org, full-disclosure@lists.netsys.com
    Date: Wed, 14 Jul 2004 09:55:45 +0200
    
    

    * Stefan Esser:

    > Application: PHP <= 4.3.7
    > PHP5 <= 5.0.0RC3
    > Severity: A vulnerability within PHP allows remote code
    > execution on PHP servers with activated memory_limit
    > Risk: Critical

    Uh-oh. Has anybody got a minimal patch to fix this issue (and only
    this issue)?

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Maarten: "Re: [Full-Disclosure] Erasing a hard disk easily"

    Relevant Pages