[nycphp-talk] PHP DLOpen Vulnerability WAS: php problems from SecurityFocus Newsletter # 210

Analysis & Solutions danielc at
Tue Aug 19 11:09:27 EDT 2003


On Mon, Aug 18, 2003 at 05:14:20PM -0400, Hans Zaunere wrote:
> >PHP DLOpen Arbitrary Web Server Process Memory Vulnerability
> >
> Hmm... does this strike anyone else as an odd report?

Yes, I thought so when I first read it, but I didn't feel like bothering 
with commentary when I posted.

First, it seemed more like an Apache issue.  Then, why would this one
function be a problem?  Doesn't everything go into memory?  So, I went to to research what this function does.  Turns out it's not in
the manual.  Is this a function that's used by PHP internals or something?


     FREE scripts that make web and database programming easier
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
 4015 7th Ave #4AJ, Brooklyn NY    v: 718-854-0335   f: 718-854-0409

More information about the talk mailing list