NYCPHP Meetup

[nycphp-talk] security focus "vulnerability" in apache process with php.

Anthony anthony.leung at virgin.net
Fri Aug 29 12:10:53 EDT 2003


I'm (tenuously) responsibile for looking at php in my company and thought it
isn't really approved for use yet, I was wondering if people could share any
light on this "vulnerability". It's been discussed before, but I really need
to know if this is something that is a threat: ie, could an external attacker
get apache to dump logins and passwords to whatever place, or to get it to
serve items not intended to be available?

Cheers,
Anthony

===============================================
PHP DLOpen Arbitrary Web Server Process Memory Vulnerability
BugTraq ID: 8405
Remote: No
Date Published: Aug 13 2003 12:00A
Relevant URL: http://www.securityfocus.com/bid/8405
Summary:
PHP is the Personal Home Page web application development suite.  It is
available for the Unix, Linux, and Microsoft platforms.

A problem has been reported in the dlopen function of PHP when used with
the Apache web server.  Because of this, an attacker may be able to gain
unauthorized access to potentially sensitive information.

The problem is in the ability to access the memory of the calling process.
 When a PHP script is executed by an Apache process, it is possible to dump
the contents of the Apache process memory to a text file.  This could be
used by an attacker to gain access to potentially sensitive information
which could include authentication credentials.  The function may also
permit other attacks, such as allowing an attacker to deliver different
content other than what the server is configured to serve.

_________________________________________________________
This mail sent using V-webmail - http://www.v-webmail.org




More information about the talk mailing list