PHP function *() Memory Access Error Local DoS

2006-04-08T09:17:37
ID OSVDB:24485
Type osvdb
Reporter Maksymilian Arciemowicz(max@jestsuper.pl)
Modified 2006-04-08T09:17:37

Description

Vulnerability Description

PHP contains a flaw that may allow an attacker to cause a denial of service condition. The issue occurs when an attacker defines and executes a recursive function. This may cause PHP to crash via a segmentation fault.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

PHP contains a flaw that may allow an attacker to cause a denial of service condition. The issue occurs when an attacker defines and executes a recursive function. This may cause PHP to crash via a segmentation fault.

Manual Testing Notes

The following provokes a segfault:

php -r 'function cx(){ cx(); } cx();'

References:

Vendor URL: http://www.php.net/ Security Tracker: 1015880 Secunia Advisory ID:19599 Related OSVDB ID: 24487 Related OSVDB ID: 24486 Related OSVDB ID: 24484 Other Advisory URL: http://www.php-security.org/MOPB/MOPB-02-2007.html Other Advisory URL: http://securityreason.com/achievement_securityalert/35 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0170.html Keyword: cXIb8O3 CVE-2006-1549