MyBB Community Forums

MyBB Community Forums > Community > General Discussion > new php exploit
Full Version: new php exploit
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

squall_leonhart69r

2006-01-08, 06:09 AM
Advisory ID : FrSIRT/ADV-2006-0046
Rated as : Moderate Risk
Note : Affects PHP versions 4.x on Windows

<?php

//Exploit for
// Apache/1.3.33
// PHP/4.4.0
//Windows only

$eip = "71AB5651"; //EIP - CALL ESI from Winsock 2.0 ws2_32.dll v5.1.2600.0
$esi = "10000000"; //ESI - Temporary. The memory under this location will be trashed.

http://www.frsirt.com/exploits/20060105.phpflaw.php

Chris Boulton

2006-01-08, 07:13 AM
I fail to see what this has to do with us here.

Also.
Quote:Note : Affects PHP versions 4.x on Windows
People should be updating to 5.x now anyway.

squall_leonhart69r

2006-01-09, 08:32 AM
its called news, gives people more reason to upgrade to 5

WDZ

2006-01-09, 05:59 PM
squall_leonhart69r Wrote:gives people more reason to upgrade to 5
As far as I know, PHP 4 is still supported, and bugs are being fixed. I bet version 4.4.2 will be released soon with this bug patched. Smile

WDZ

2006-01-13, 05:36 PM
WDZ Wrote:I bet version 4.4.2 will be released soon
http://www.php.net/release_4_4_2.php Big Grin

I'm not sure if this particular bug is fixed, but they did fix a number of things...
MyBB Community Forums > Community > General Discussion > new php exploit