PHP :: Request #6642 :: Userspace exploit crashes web-serving machine

Userspace exploit crashes web-serving machine

Submitted:

2000-09-09 15:01 UTC

Modified:

2002-01-28 20:05 UTC

Votes:	1
Avg. Score:	5.0 ± 0.0
Reproduced:	0 of 1 (0.0%)

From:

macabre at fl dot rr dot com

Assigned:

Status:

Not a bug

Package:

Feature/Change Request

PHP Version:

4.0.2

OS:

Debian/Linux kernel 2.2.17

Private report:

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	macabre at fl dot rr dot com
New email:
PHP Version:		OS:

New Comment:

[2000-09-09 15:01 UTC] macabre at fl dot rr dot com

Using: Apache 1.3.12/PHP4 with MySQL support

I have recently discovered a bug in PHP 4 (but not specifically 4)
which unviels the fact that any user on the system can crash the machine
with a very simple PHP document.  They can do this by using the Include()
function to include the same document being loaded, causing a serious recursion problem which will quickly max out CPU and memory usage of the web-serving machine, especially if a phpInfo() call is done before the Include()

I am currently working on a patch for this.

Here is the exploitable code:

index.php:

<html lang="en">
<body>
<?php phpInfo(); ?>
<?php Include("./index.php"); ?>
</body>
</html>

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-01-28 20:05 UTC] yohgaki@php.net

Including script itself is perfectly valid just like recursive function call.
It's user's responsibitily not to write script that executes the same portion of code forever.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 16:01:28 2024 UTC