Penetration Testing mailing list archives

Exploits for PHP and APACHE!

From: "Juan Manuel Garcia" <kernelinux () gmail com>
Date: Tue, 22 Apr 2008 22:12:30 -0300

Hi List!!

I`m doing a penetration test for my company and I found this
vulnerabilitys but I DON`T HAVE THE EXPLOITS.
  Any of you can send me the exploits, source codes or a url to download it??

I need it as soon as posibble, Thanks!

PHP/4.3.8:

* PHP HTML Entity Encoder Heap Overflow Vulnerability (CVE-2006-5465)

* Zend_Hash_Del_Key_Or_Index  Vulnerability

* PHP Remote Arbitrary Location File Upload Vulnerability (CAN-2004-0959)

Apache/2.0.52 (Unix):

*Apache Mod_Rewrite Off-By-One Buffer Overflow  Vulnerability (CVE-2006-3747)

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

Exploits for PHP and APACHE! Juan Manuel Garcia (Apr 22)
- Re: Exploits for PHP and APACHE! Paul Melson (Apr 23)
- <Possible follow-ups>
- Re: Exploits for PHP and APACHE! Yousif (Apr 22)