|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re:
(#)Mordred Labs advisory - Integer overflow in PHP memory allocator
Dulliengmx.de
Date: Thu Mar 27 2003 - 17:57:41 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hey Mr. Mordred, all,
> In PHP emalloc() function implements the error safe wrapper around
> malloc().
> Unfortunately this function suffers from an integer overflow and
> considering the fact that emalloc() is used in many places around PHP
> source code, it may lead to many serious security issues.
IIRC this bug was mentioned in a talk at last summers Black Hat conference.
http://www.blackhat.com/html/bh-usa-02/bh-usa-02-speakers.html#Dowd
Cheers,
dulliengmx.de
--
+++ GMX - Mail, Messaging & more http://www.gmx.net +++
Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage!
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]