Squeeze PHP 5.3 memory corruption issue
Hi,
I have the following Errors
===================
Dec 27 05:20:06 primary suhosin[15840]: ALERT - canary mismatch on
efree() - heap overflow detected at 0x7f77bd4e7618 (attacker
'REMOTE_ADDR not set', file
'/var/www/gopher/app/wo/Services/gopher/database/database.php', line
42)
Dec 27 05:20:06 primary suhosin[15823]: ALERT - canary mismatch on
efree() - heap overflow detected at 0x7f77bd4e7618 (attacker
'REMOTE_ADDR not set', file
'/var/www/gopher/app/wo/Services/gopher/database/database.php', line
42)
Dec 27 05:30:17 primary shutdown[17338]: shutting down for system reboot
Dec 30 04:33:00 primary suhosin[22322]: ALERT - ASCII-NUL chars not
allowed within request variables - dropped variable 'g' (attacker
'91.98.99.162', file '/var/www/gopher/web/index.php')
Dec 31 16:03:24 primary suhosin[32496]: ALERT - ASCII-NUL chars not
allowed within request variables - dropped variable 'app' (attacker
'72.167.203.208', file '/var/www/gopher/web/index.php')
Dec 31 16:03:24 primary suhosin[1899]: ALERT - ASCII-NUL chars not
allowed within request variables - dropped variable 'app' (attacker
'72.167.203.208', file '/var/www/gopher/web/index.php'
===================
in my /var/log/user.log
Searching h internet brings me to this detailed explanation
http://www.suspekt.org/2008/10/12/suhosin-canary-mismatch-on-efree-heap-overflow-detected/
My System details are
=============
Linux primary 2.6.32-5-amd64 #1 SMP Fri Dec 10 15:35:08 UTC 2010
x86_64 GNU/Linux
user@primary:/var/log$ dpkg -l |grep php
ii libapache2-mod-php5 5.3.3-6
server-side, HTML-embedded scripting language (Apache 2 module)
ii php-fpdf 3:1.6.dfsg-1
PHP class to generate PDF files
ii php-pear 5.3.3-6
PEAR - PHP Extension and Application Repository
ii php5 5.3.3-6
server-side, HTML-embedded scripting language (metapackage)
ii php5-cli 5.3.3-6
command-line interpreter for the php5 scripting language
ii php5-common 5.3.3-6
Common files for packages built from the php5 source
ii php5-curl 5.3.3-6
CURL module for php5
ii php5-dev 5.3.3-6
Files for PHP5 module development
ii php5-gd 5.3.3-6 GD
module for php5
ii php5-mcrypt 5.3.3-6
MCrypt module for php5
ii php5-mysql 5.3.3-6
MySQL module for php5
ii php5-suhosin 0.9.32.1-1
advanced protection module for php5
=========================
my concerns are
1) Are others getting similar errors?
2) What are the security concerns of using this PHP Stack on Squeeze.
3) What can I do to fix this?
Also what is actually logged in /var/log/user.log ?
Thanks :-)
--Siju
Reply to: