ID: 15736 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] Status: Open Bug Type: Unknown/Other Function Operating System: All UNIX PHP Version: 4.1.1 New Comment:
The patch for file rfc1867.c applied to php 4.0.6 seems to not work when trying to upload from Opera 6.01 (on Windows). Uploading in Internet Explorer (6.0) seems to work allright, whereas uploading with Opera simply either times out or just fails (without any errors). Previous Comments: ------------------------------------------------------------------------ [2002-02-26 13:41:58] [EMAIL PROTECTED] Well, the part of doing this before Apache demotes its priviledges doesn't sound feasible to me. Apache forks child processes as a non-privileged user. You can't get it to serve up a PHP request as root. And if you could, then why use a "high port" as you mentioned? We will however have a fix for the file upload buffer overflow shortly. In the meantime, simply turn off file uploads in your php.ini file to protect yourself against this. ------------------------------------------------------------------------ [2002-02-26 13:34:46] [EMAIL PROTECTED] I am trying to get the source code, or at least an strace of the binary used for this exploit. ------------------------------------------------------------------------ [2002-02-26 13:31:53] [EMAIL PROTECTED] There's a security exploit for php that gives you remote root by binding a rootshell to a high port. Exploits php before apache demotes its privledges. Looks like it uses the POST method. Buffer overflow. I don't have the program (binary) available as a friend of mine had limited access to it. BUt it affect ALL versions of php. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=15736&edit=1
