NYCPHP Meetup

[nycphp-talk] PHP DLOpen Vulnerability WAS: php problems from SecurityFocus Newsletter # 210

Hans Zaunere hans at nyphp.org
Mon Aug 18 17:14:20 EDT 2003


> ---------------------------
> A PROBLEM IN PHP ITSELF !!!
> ---------------------------
> PHP DLOpen Arbitrary Web Server Process Memory Vulnerability
> http://www.securityfocus.com/bid/8405
> 
> A problem has been reported in the dlopen function of PHP when used with
> the Apache web server.  Because of this, an attacker may be able to gain
> unauthorized access to potentially sensitive information.
> 
> The problem is in the ability to access the memory of the calling process.
> When a PHP script is executed by an Apache process, it is possible to
> dump the contents of the Apache process memory to a text file.  This could
> be used by an attacker to gain access to potentially sensitive information
> which could include authentication credentials.  The function may also
> permit other attacks, such as allowing an attacker to deliver different
> content other than what the server is configured to serve.

Hmm... does this strike anyone else as an odd report?  The report must be referring to mod_php and since it's loaded directly into Apache, of course it can read the memory - as can any Apache module...  any thoughts from those with more Apache/PHP internal knowledge than I?

Seems like a "duh" report and a false-positive,

H




More information about the talk mailing list