ID: 33313 User updated by: trustpunk at hotmail dot com -Summary: I found a flaq in the ISAPI build Reported By: trustpunk at hotmail dot com Status: Open Bug Type: Unknown/Other Function Operating System: Windows -PHP Version: 5.0.4 +PHP Version: 5.0.4/4.3.11 New Comment:
I had to edit my post , to fix the Topic. Previous Comments: ------------------------------------------------------------------------ [2005-06-11 22:32:03] trustpunk at hotmail dot com Description: ------------ When running PHP as an ISAPI module , you can remotely crash the web server by creating a specially crafted URL. This bug was discovered by accident and I actually refer it as a DDoS type of attack on the web server. Please fix this! PHP versions effected so far: v4.3.11 , v5.0.4 Reproduce code: --------------- Using a URL like this will crash the web server , only ISAPI is effected. http://www.your-site.com/script.php/num=10101 I discovered this when writing a Binary to Decimal converter. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=33313&edit=1
