[unisog] php memory_limit vulernability.

Vijay S Sarvepalli VSSARVEP VSSARVEP at uncg.edu
Mon Dec 6 15:56:47 GMT 2004


I have tested the vulernability 
wget http://www.felinemenace.org/~gyan/phpnolimit.c

It doesnt seem to work on any of my linux / openbsd systems.  It might 
still be tweakable to make the xploit work. 

Is everybody (or anybody) here taking a lass action to upgrade all php to 
4.3.8 or 5.+ latest ?

Aparently entropy.ch website was defaced recently.

Info also at
http://www.securityfocus.com/bid/10725/info/

Vijay 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.dshield.org/pipermail/unisog/attachments/20041206/13b749cf/attachment.htm


More information about the unisog mailing list