ID CVE-2007-4255
Summary Buffer overflow in the mSQL extension in PHP 5.2.3 allows context-dependent attackers to execute arbitrary code via a long first argument to the msql_connect function.
References
Vulnerable Configurations
  • PHP 5.2.3
    cpe:2.3:a:php:php:5.2.3
CVSS
Base: 7.5 (as of 09-08-2007 - 11:11)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
description PHP mSQL (msql_connect) Local Buffer Overflow PoC. CVE-2007-4255. Dos exploits for multiple platform
file exploits/multiple/dos/4260.php
id EDB-ID:4260
last seen 2016-01-31
modified 2007-08-06
platform multiple
port
published 2007-08-06
reporter NetJackal
source https://www.exploit-db.com/download/4260/
title PHP mSQL msql_connect Local Buffer Overflow PoC
type dos
nessus via4
NASL family CGI abuses
NASL id PHP_5_2_4.NASL
description According to its banner, the version of PHP installed on the remote host is older than 5.2.4. Such versions may be affected by various issues, including but not limited to several overflows.
last seen 2019-02-21
modified 2018-07-24
plugin id 25971
published 2007-09-03
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=25971
title PHP < 5.2.4 Multiple Vulnerabilities
refmap via4
bid 25213
bugtraq 20070805 PHP mSQL (msql_connect) Buffer Overflow PoC
exploit-db 4260
xf php-msql-connect-bo(35830)
statements via4
contributor Joshua Bressers
lastmodified 2007-08-09
organization Red Hat
statement Not vulnerable. PHP packages as shipped with Red Hat Enterprise Linux versions 2.1, 3, 4, and 5 are not compiled with msql library and are not vulnerable to this issue.
Last major update 05-09-2008 - 17:27
Published 08-08-2007 - 19:17
Last modified 15-10-2018 - 17:34
Back to Top