TUCoPS :: Web :: PHP :: tb13395.htm

PHP <= 5.2.5 stream_wrapper_register() denial of service
PHP <= 5.2.5 stream_wrapper_register() denial of service
PHP <= 5.2.5 stream_wrapper_register() denial of service


Application: PHP <= 5.2.5=0D
Web Site: http://php.net=0D 
Platform: unix=0D
Bug: Denial of service=0D
fonction: stream_wrapper_register()=0D
special condition: default php-memory-limit=0D
-------------------------------------------------------=0D
=0D
1) Introduction=0D
2) Bug=0D
3) Proof of concept=0D
4) Greets=0D
5) Credits=0D
============0D
1) Introduction=0D
============0D
=0D
"PHP is a widely-used general-purpose scripting language that=0D
is especially suited for Web development and can be embedded into HTML."=0D
=0D
=======0D
2) Bug=0D
=======0D
=0D
stream_wrapper_register() is vulnerable to a denial of service=0D
=0D
======0D
3)Proof of concept=0D
======0D
=0D
Proof of concept example :=0D
=0D
=0D
=0D
result:=0D
root@unsafebox:~/Desktop# php shot.php=0D
Erreur de segmentation (core dumped)=0D
root@unsafebox:~/Desktop#=0D
=0D
=========0D
4)Greets=0D
=========0D
Benjilenoob, Ivanlef0u, la team soh, #futurezone, #soh=0D
=0D
======0D
5)Credits=0D
======0D
laurent gaffi=E9=0D
=0D

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH