Flaws in the popular open source scripting language PHP could allow crackers to execute arbitrary code on a victim's system or crash a Web server, security clearing house CERT has warned. The vulnerabilities arise from the way PHP handles multipart/form-data POST requests (aka POST fileuploads) which give rise to a variety of possible attacks, with varying degrees of difficulty. Tests by Stefan Esser, a PHP developer at German security consultancy e-matters, who discovered the bugs, suggest that not only PHP4 but also older versions of PHP3 tree are vulnerable. Most of these vulnerabilities are exploitable only on Linux or Solaris, but one relatively trivial attack is only exploitable on x86 boxes and an arbitrary heap overflow in PHP3 is relatively easily exploitable on most platforms, including BSD. According to our contacts a PHP exploit, targeted at Linux servers, is in circulation, though its not been widely used, as yet. This makes the PHP vulnerabilities a serious security issue.
Read more from here.
Read more from here.
