[nycphp-talk] PHP DLOpen Vulnerability WAS: php problems from SecurityFocus Newsletter # 210
Analysis & Solutions
danielc at analysisandsolutions.com
Tue Aug 19 11:09:27 EDT 2003
Folks:
On Mon, Aug 18, 2003 at 05:14:20PM -0400, Hans Zaunere wrote:
>
> >PHP DLOpen Arbitrary Web Server Process Memory Vulnerability
> >http://www.securityfocus.com/bid/8405
>
> Hmm... does this strike anyone else as an odd report?
Yes, I thought so when I first read it, but I didn't feel like bothering
with commentary when I posted.
First, it seemed more like an Apache issue. Then, why would this one
function be a problem? Doesn't everything go into memory? So, I went to
php.net/dlopen to research what this function does. Turns out it's not in
the manual. Is this a function that's used by PHP internals or something?
--Dan
--
FREE scripts that make web and database programming easier
http://www.analysisandsolutions.com/software/
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409
More information about the talk
mailing list