OpenBSD VuXML: Documenting security issues in the OpenBSD Ports & Packages Collection

php4 -- memory_limit remote vulnerability

Affected packages
php4-core < 4.3.8

Details

VuXML ID 87443336-d787-11d8-97dd-00304f19272c
Discovery 2004-07-14
Entry 2004-07-15
Modified 2005-02-21

During a reaudit of the memory_limit problematic it was discovered that it is possible for a remote attacker to trigger the memory_limit request termination in places where an interruption is unsafe. This can be abused to execute arbitrary code on remote PHP servers.

References

URL http://security.e-matters.de/advisories/112004.html

Copyright © 2003-2005 Jacques Vidrine, Robert Nagy, and contributors.
Please see the source of this document for full copyright information.