[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FD] Use After Free Vulnerabilities in unserialize()

To: Taoguang Chen <taoguangchen@xxxxxxxxx>
Subject: Re: [FD] Use After Free Vulnerabilities in unserialize()
From: Christian Kujau <lists@xxxxxxxxxxxxxxx>
Date: Wed, 16 Sep 2015 16:20:11 -0700 (PDT)

On Sat, 5 Sep 2015, Taoguang Chen wrote:
> The PoC works on standard MacOSX 10.11 installation of PHP 5.4.43.

Has 10.11 been released yet? And MacOSX 10.10.5 already ships with PHP 
v5.5.27

$ php uafpoc.php
Warning: Class __PHP_Incomplete_Class has no unserializer in uafpoc.php on line 
20
bool(false)

$ php -v
PHP 5.5.27 (cli) (built: Jul 23 2015 00:21:59) 
Copyright (c) 1997-2015 The PHP Group
Zend Engine v2.5.0, Copyright (c) 1998-2015 Zend Technologies


-- 
BOFH excuse #394:

Jupiter is aligned with Mars.

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

References:
- [FD] Use After Free Vulnerabilities in unserialize()
  - From: Taoguang Chen

Prev by Date: [FD] APPLE-SA-2015-09-16-4 OS X Server 5.0.3
Next by Date: [FD] KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation
Previous by thread: Re: [FD] Use After Free Vulnerabilities in unserialize()
Next by thread: [FD] Use After Free Vulnerabilities in Session Deserializer
Index(es):
- Date
- Thread