#6642 [Com]: Userspace exploit crashes web-serving machine

theaxiom at charter dot net Tue, 28 Oct 2003 07:01:17 -0800

 ID:               6642
 Comment by:       theaxiom at charter dot net
 Reported By:      macabre at fl dot rr dot com
 Status:           Bogus
 Bug Type:         Feature/Change Request
 Operating System: Debian/Linux  kernel 2.2.17
 PHP Version:      4.0.2
 New Comment:


That is just not fair! I own a webhosting company and any one of my
customers can do that!!!


Previous Comments:
------------------------------------------------------------------------

[2002-01-28 20:05:23] [EMAIL PROTECTED]

Including script itself is perfectly valid just like recursive function
call.
It's user's responsibitily not to write script that executes the same
portion of code forever.


------------------------------------------------------------------------

[2000-12-29 12:34:09] [EMAIL PROTECTED]

unassigning it

------------------------------------------------------------------------

[2000-12-29 12:30:04] [EMAIL PROTECTED]

OK for me it isnt that bad.. each apache process dies in turn but the
computer is still 100% usable even with 1000 requests, the usage of
apache grows then apache becomes defunct at which point another process
is started.

This is with apache as mod_php and CGI.

CHanging this to a feature change request as your asking that a script
cannot include itself.

James

------------------------------------------------------------------------

[2000-12-23 21:07:12] [EMAIL PROTECTED]

I will test to see if this is the case if so I doubt there will be a
fix due to speed but maybe somthing for a future safemode improvemnt.

James

------------------------------------------------------------------------

[2000-09-09 15:01:25] macabre at fl dot rr dot com

Using: Apache 1.3.12/PHP4 with MySQL support

I have recently discovered a bug in PHP 4 (but not specifically 4)
which unviels the fact that any user on the system can crash the
machine
with a very simple PHP document.  They can do this by using the
Include()
function to include the same document being loaded, causing a serious
recursion problem which will quickly max out CPU and memory usage of
the web-serving machine, especially if a phpInfo() call is done before
the Include()

I am currently working on a patch for this.

Here is the exploitable code:

index.php:

<html lang="en">
<body>
<?php phpInfo(); ?>
<?php Include("./index.php"); ?>
</body>
</html>

------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=6642&edit=1

#6642 [Com]: Userspace exploit crashes web-serving machine

Reply via email to