[php-maint] Bug#354690: PHP4 in Sarge appears vulnerable to
nickpj at gmail.com
Tue Feb 28 06:39:36 UTC 2006
A problem when a request was terminated due to memory_limit constraints during
certain parse_str() calls.
The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called
with only one parameter, allows remote attackers to enable the register_globals
directive via inputs that cause a request to be terminated due to the
setting, which causes PHP to set an internal flag that enables
and allows attackers to exploit vulnerabilities in PHP applications that would
otherwise be protected.
Vulnerable PHP versions:
PHP4 up to 4.4.0 (according to CVE)
More information about the pkg-php-maint