Re: [suse-security] Re: Apache+php Proof of Concept Exploit

A couple more folks tested and we have come to the conclusion that if you had applied the patches on http://www.suse.com/en/support/download/updates/72_i386.html you would get some error like: "[error] [client xxx.xxx.xxx.xxx] Invalid URI in request POST index.php HTTP/1.0" but if you didn't patch it, you would get the Seg Fault error. I turned file_uploads = Off to On and rcapache restart and tested and it didn't make any difference. So I was wrong on that. Hope this explains. I plan to leave file_uploads = Off, and I'd suggest other folks make sure it's patched up. thanks. On Wednesday 06 March 2002 03:14, you wrote:

Greetings,

I just had someone test this in IRC and it crashed his apache. However, I have file_uploads = Off in my /etc/php.ini so, I think this may be why.

thanks for the help .

On Wednesday 06 March 2002 02:19, you wrote:

...

Yuppa,

phil wrote:

...

Greetings,

I was testing out the source code on http://online.securityfocus.com/archive/82/259542

this version of the exploit contains an error, the author has posted a corrected version in his next post:

http://online.securityfocus.com/cgi-bin/archive.pl?id=82&start=2002-03-03 &e nd=2002-03-09&mid=259574&threads=0

This is an exploit for the vulns in php4.0.6 et al, published a few days ago. Looks nice... :)

I will also give it a try and re-post.

Boris Lorenz ---

-- Linux 2.4.7-4GB #1 Thu Oct 25 17:53:12 GMT 2001 i586