[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] RE: Windows PHP 4.x "0-day" buffer overflow
- To: "LE Backup" <lucretias@xxxxxxx>
- Subject: [Full-disclosure] RE: Windows PHP 4.x "0-day" buffer overflow
- From: <mercenary@xxxxxxxxxxxx>
- Date: Sun, 8 Jan 2006 10:56:21 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This has nothing to do with the named pipe itself. This is a flaw
in the way PHP parses a server name containing a named pipe
declaration.
If you read it again, you will find this is a classical stack based
buffer overflow before the named pipe is even created. It's a
parsing error.
On Fri, 06 Jan 2006 16:01:59 -0800 LE Backup <lucretias@xxxxxxx>
wrote:
>I believe using named pipes on windows has ALWAYS been known for
>MANY YEARS
>that it was exploitable.
>
>Products we were working on in 2003 were quite aware of this
>potential, and
>simply don't use named pipes.
>
>What this has to do with PHP I'm not certain either as this seems
>to
>highlight MySQL.
>
>Cheers,
>
>James Friesen, CIO
>
>Lucretia Enterprises
>"Our World Is Here..."
>Info at lucretia dot ca
>http://lucretia.ca
>
>
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4
wkYEARECAAYFAkPBXxAACgkQLpU3lrW2nNMuXQCghzGCcZzuOpZL5xSOaQW+ef/RHisA
njIicbv6w9ZgWDOiLn4l2WGwl5NI
=mgxU
-----END PGP SIGNATURE-----
Concerned about your privacy? Instantly send FREE secure email, no account
required
http://www.hushmail.com/send?l=480
Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/