On Wed, Jul 03, 2002 at 10:31:01AM +0200, Olaf Kirch wrote:
The security fix we issued should plug the hole. So either you're seeing a different attack, or the patch we issued for 7.3 still has problems.
Okay, I went back and checked the patch. There is a problem with the patch distributed by the PHP team. php will crash if someone tries to exploit the file upload bug. This is not exploitable however; php dies trying to derefence a pointer containing the address 0x01. So far, I've verified this problem only with php 4.0.6; PHP 4.1 as shipped with SL 8.0 should not be affected. Olaf -- Olaf Kirch | Anyone who has had to work with X.509 has probably okir@suse.de | experienced what can best be described as ---------------+ ISO water torture. -- Peter Gutmann