[prev in list] [next in list] [prev in thread] [next in thread] 

List:       vuln-dev
Subject:    php-4.0.6 vulnerability
From:       "Adam Malewski" <adammalewski () wp ! pl>
Date:       2002-07-30 9:42:00
[Download RAW message or body]

Hi,
could someone (clap! clap! author ! author !) explain how
"7350fun" exploit is supposed to harm php-4.0.6 ? From the
analysis of php-4.0.6/main/rfc1867.c it seems possible to scan
the memory area after the raw mime stream; but no possibility
of overwriting anything is visible ? e-matters advisory claims
that the exploit is "simple", but provides no details.

AdamM 



-----------------------------------------------------------------------
Kraków, Sopot, Zakopane, Hel - miasto na lato :-)
Zaprasza sieć wakacyjnych serwisów informacyjnych < http://naszemiasto.pl >

[prev in list] [next in list] [prev in thread] [next in thread]