Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [SECURITY] [DSA 729-1] New PHP4 packages fix denial of service

from [John GALLET] Network Security [Permanent Link]
Subject: Re: [SECURITY] [DSA 729-1] New PHP4 packages fix denial of service
Date: Fri, 27 May 2005 10:24:43 +0200 (CEST) 
Hi there,



An iDEFENSE researcher discovered two problems in the image processing
functions of PHP, a server-side, HTML-embedded scripting language, of
which one is present in woody as well.  When reading a JPEG image, PHP
can be tricked into an endless loop due to insufficient input
validation.


I don't see anything in the latest change logs, could anyone please point
me to more information about this error ? Is it located in the GD php
extension ?

Sincerely,
JG
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Re: [SECURITY] [DSA 729-1] New PHP4 packages fix denial of service, John GALLET <=
Previous by Date:  Citrix security contact, Eyal Udassin
Next by Date:  RE: ACROS Security: HTML Injection in BEA WebLogic Server Console (2), ACROS Security
Previous by Thread:  Citrix security contact, Eyal Udassin
Next by Thread:  SQL Injection Exploit for myBloggie 2.1.1 - 2.1.2, Alberto Trivero
Indexes:  [Date] [Thread] [Top] [All Lists]