[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Advisory 11/2004: PHP memory_limit remote vulnerability
- To: vulndiscuss@xxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxx
- Subject: Re: [Full-Disclosure] Advisory 11/2004: PHP memory_limit remote vulnerability
- From: Florian Weimer <fw@xxxxxxxxxxxxx>
- Date: Wed, 14 Jul 2004 09:55:45 +0200
* Stefan Esser:
> Application: PHP <= 4.3.7
> PHP5 <= 5.0.0RC3
> Severity: A vulnerability within PHP allows remote code
> execution on PHP servers with activated memory_limit
> Risk: Critical
Uh-oh. Has anybody got a minimal patch to fix this issue (and only
this issue)?
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html