Paid Advertising is
ha.ckers sla.cking
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Buffer overflow in PHP+APC
Posted by: dannyp
Date: March 25, 2008 12:33PM

I recently disclosed a buffer overflow in PHP+APC, and provided a proof of concept local vulnerability. The same technique could be used against a superset of applications that are vulnerable to remote file includes -- allow_url_fopen is of no help to you now, nor is ensuring the string begins or ends with anything specific.

The bug has been fixed in APC CVS there is apparently a new APC release forthcoming.

Daniel P

Options: ReplyQuote
Re: Buffer overflow in PHP+APC
Posted by: eXeCuTeR
Date: May 03, 2008 03:13PM

Why did you load 500 times the return address? you could just fill it with more junk actually..
Good job.

Edit: Oh, sorry for bumping this thread!

Edited 1 time(s). Last edit at 05/03/2008 03:14PM by eXeCuTeR.

Options: ReplyQuote

Sorry, only registered users may post in this forum.