On Wed, Jul 24, 2002 at 01:37:12PM -0700, Thomas Cannon wrote: > >---------- Forwarded message ---------- > >Date: Wed, 24 Jul 2002 16:12:06 -0400 (EDT) > >From: Dan Kalowsky <[EMAIL PROTECTED]> > >To: [EMAIL PROTECTED] > >Subject: Re: Bug #18547 Updated: Remote attacker can cause SIGSEGV > > > >Please send it to [EMAIL PROTECTED] > > (Okay, that's easy enough -- I posted this in the web form, but it > wrapped all to hell. Thanks for the email address, Mr. Kalowsky) > > Hello. While working on an exploit for the multipart_buffer_headers() hole > that you just fixed, and I found another problem that you might want to > look into. It looks like a DoS only, but there might be a way to execute > arbitrary code and I just haven't found it yet. Credit for the find goes > to myself and members of the [0dd] 0-Day Digest.
FWIW, I was able to reproduce the SEGV, one per connection, on a Linux 2.4.18 server here. - Dave [EMAIL PROTECTED] -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, visit: http://www.php.net/unsub.php
