Is this serious? PHP <= 4.4.3 / 5.1.4 (objIndex) Local Buffer Overflow Exploit PoC

**BianchiDude** · 08-15-2006 12:54 PM

Is this serious?
PHP <= 4.4.3 / 5.1.4 (objIndex) Local Buffer Overflow Exploit PoC

I have php 4.4.2, am I at risk?
# php -v
PHP 4.4.2

**jamesbond** · 08-15-2006 02:44 PM

Just add sscanf to your php.ini disable_functions line, and you should be fine. It's not a very commonly used function.

This vulnerability also exists in PHP 4.4.3. Nevertheless you should upgrade to PHP 4.4.3, since several other security issues were fixed in that version.

**BianchiDude** · 08-15-2006 03:02 PM

Have you been able to get that exploit to work?

I keep getting a segmentation fault

[/tmp]# php sscanf.php
Segmentation fault

**darkkouta** · 08-15-2006 04:10 PM

see

http://www.securityfocus.com/archive/1/442438

and

http://bugs.php.net/bug.php?id=38322

**chirpy** · 08-15-2006 04:12 PM

Vulnearability is fixed in CVS.

Shame PHP hasn't mentioned when they're going to bother actually releasing a fixed version instead of leaving it to twiddle its thumbs in CVS, especially since it was reported to them so long ago.

**BianchiDude** · 08-15-2006 06:28 PM

Originally Posted by darkkouta

see

http://www.securityfocus.com/archive/1/442438

and

http://bugs.php.net/bug.php?id=38322

So it always gives a segmentation fault? Its not a security risk then, no?

LinkBack

Thread Tools

Is this serious? PHP <= 4.4.3 / 5.1.4 (objIndex) Local Buffer Overflow Exploit PoC

Mail Server Fails PCI Compliance because of SMTP Buffer Overflow Threat

Buffer Overflow Attemp?

OpenSSH Buffer Exploit

CERT Advisory CA-2002-19 Buffer Overflow in Multiple DNS Res