[Full-Disclosure] Advisory 11/2004: PHP memory_limit remote vulnerability

Florian Weimer fw at deneb.enyo.de
Wed Jul 14 08:55:45 BST 2004

Previous message: [Full-Disclosure] Advisory 11/2004: PHP memory_limit remote vulnerability
Next message: [Full-Disclosure] Advisory 12/2004: PHP strip_tags() bypass vulnerability
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Stefan Esser:

>   Application: PHP <= 4.3.7
>                PHP5 <= 5.0.0RC3
>      Severity: A vulnerability within PHP allows remote code
>                execution on PHP servers with activated memory_limit
>          Risk: Critical

Uh-oh.  Has anybody got a minimal patch to fix this issue (and only
this issue)?

Previous message: [Full-Disclosure] Advisory 11/2004: PHP memory_limit remote vulnerability
Next message: [Full-Disclosure] Advisory 12/2004: PHP strip_tags() bypass vulnerability
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Full-Disclosure is hosted and sponsored by Secunia.