Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Advisory 11/2004: PHP memory_limit remote vulnerability
From: Florian Weimer <fw () deneb enyo de>
Date: Wed, 14 Jul 2004 09:55:45 +0200

* Stefan Esser:

  Application: PHP <= 4.3.7
               PHP5 <= 5.0.0RC3
     Severity: A vulnerability within PHP allows remote code
               execution on PHP servers with activated memory_limit
         Risk: Critical

Uh-oh.  Has anybody got a minimal patch to fix this issue (and only
this issue)?

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]