[PHP-DEV] Bug #6642 Updated: Userspace exploit crashes web-serving machine

yohgaki Mon, 28 Jan 2002 16:49:07 -0800

ID: 6642
Updated by: yohgaki
Reported By: [EMAIL PROTECTED]
Old Status: Open
Status: Bogus
Bug Type: Feature/Change Request
Operating System: Debian/Linux  kernel 2.2.17
PHP Version: 4.0.2
New Comment:


Including script itself is perfectly valid just like recursive function
call.
It's user's responsibitily not to write script that executes the same
portion of code forever.



Previous Comments:
------------------------------------------------------------------------

[2000-12-29 12:34:09] [EMAIL PROTECTED]

unassigning it

------------------------------------------------------------------------

[2000-12-29 12:30:04] [EMAIL PROTECTED]

OK for me it isnt that bad.. each apache process dies in turn but the
computer is still 100% usable even with 1000 requests, the usage of
apache grows then apache becomes defunct at which point another process
is started.

This is with apache as mod_php and CGI.

CHanging this to a feature change request as your asking that a script
cannot include itself.

James

------------------------------------------------------------------------

[2000-12-23 21:07:12] [EMAIL PROTECTED]

I will test to see if this is the case if so I doubt there will be a
fix due to speed but maybe somthing for a future safemode improvemnt.

James

------------------------------------------------------------------------

[2000-09-09 15:01:25] [EMAIL PROTECTED]

Using: Apache 1.3.12/PHP4 with MySQL support

I have recently discovered a bug in PHP 4 (but not specifically 4)
which unviels the fact that any user on the system can crash the
machine
with a very simple PHP document.  They can do this by using the
Include()
function to include the same document being loaded, causing a serious
recursion problem which will quickly max out CPU and memory usage of
the web-serving machine, especially if a phpInfo() call is done before
the Include()

I am currently working on a patch for this.

Here is the exploitable code:

index.php:

<html lang="en">
<body>
<?php phpInfo(); ?>
<?php Include("./index.php"); ?>
</body>
</html>

------------------------------------------------------------------------



Edit this bug report at http://bugs.php.net/?id=6642&edit=1


-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP-DEV] Bug #6642 Updated: Userspace exploit crashes web-serving machine

Reply via email to