Buffer overflow in the crack extension (CrackLib), as bundled with PHP 4.4.6 and other versions before 5.0.0, might allow local users to gain privileges via a long argument to the crack_opendict function.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Php | Php | 4.4.6 (including) | 4.4.6 (including) |
| Php4 | Ubuntu | dapper | * |
| Php4 | Ubuntu | edgy | * |
References
- http://retrogod.altervista.org/php_446_crack_opendict_local_bof.html
- http://securityreason.com/securityalert/2405
- http://www.securityfocus.com/archive/1/462226/100/0/threaded
- https://www.exploit-db.com/exploits/3431
- http://retrogod.altervista.org/php_446_crack_opendict_local_bof.html
- http://securityreason.com/securityalert/2405
- http://www.securityfocus.com/archive/1/462226/100/0/threaded
- https://www.exploit-db.com/exploits/3431