Squeeze PHP 5.3 memory corruption issue

To: Debian User <debian-user@lists.debian.org>
Subject: Squeeze PHP 5.3 memory corruption issue
From: Siju George <sgeorge.ml@gmail.com>
Date: Tue, 4 Jan 2011 12:36:59 +0530
Message-id: <[🔎] AANLkTinbCYAm+o4gvKZR0mY_KM487bYQWUgLkqA9K=tQ@mail.gmail.com>

Hi,

I have the following Errors

===================
Dec 27 05:20:06 primary suhosin[15840]: ALERT - canary mismatch on
efree() - heap overflow detected at 0x7f77bd4e7618 (attacker
'REMOTE_ADDR not set', file
'/var/www/gopher/app/wo/Services/gopher/database/database.php', line
42)
Dec 27 05:20:06 primary suhosin[15823]: ALERT - canary mismatch on
efree() - heap overflow detected at 0x7f77bd4e7618 (attacker
'REMOTE_ADDR not set', file
'/var/www/gopher/app/wo/Services/gopher/database/database.php', line
42)
Dec 27 05:30:17 primary shutdown[17338]: shutting down for system reboot
Dec 30 04:33:00 primary suhosin[22322]: ALERT - ASCII-NUL chars not
allowed within request variables - dropped variable 'g' (attacker
'91.98.99.162', file '/var/www/gopher/web/index.php')
Dec 31 16:03:24 primary suhosin[32496]: ALERT - ASCII-NUL chars not
allowed within request variables - dropped variable 'app' (attacker
'72.167.203.208', file '/var/www/gopher/web/index.php')
Dec 31 16:03:24 primary suhosin[1899]: ALERT - ASCII-NUL chars not
allowed within request variables - dropped variable 'app' (attacker
'72.167.203.208', file '/var/www/gopher/web/index.php'
===================

in my /var/log/user.log

Searching h internet brings me to this detailed explanation


http://www.suspekt.org/2008/10/12/suhosin-canary-mismatch-on-efree-heap-overflow-detected/

My System details are

=============
Linux primary 2.6.32-5-amd64 #1 SMP Fri Dec 10 15:35:08 UTC 2010
x86_64 GNU/Linux

user@primary:/var/log$ dpkg -l |grep php
ii  libapache2-mod-php5                 5.3.3-6
server-side, HTML-embedded scripting language (Apache 2 module)
ii  php-fpdf                            3:1.6.dfsg-1
PHP class to generate PDF files
ii  php-pear                            5.3.3-6
PEAR - PHP Extension and Application Repository
ii  php5                                5.3.3-6
server-side, HTML-embedded scripting language (metapackage)
ii  php5-cli                            5.3.3-6
command-line interpreter for the php5 scripting language
ii  php5-common                         5.3.3-6
Common files for packages built from the php5 source
ii  php5-curl                           5.3.3-6
CURL module for php5
ii  php5-dev                            5.3.3-6
Files for PHP5 module development
ii  php5-gd                             5.3.3-6                     GD
module for php5
ii  php5-mcrypt                         5.3.3-6
MCrypt module for php5
ii  php5-mysql                          5.3.3-6
MySQL module for php5
ii  php5-suhosin                        0.9.32.1-1
advanced protection module for php5
=========================
my concerns are

1) Are others getting similar errors?
2) What are the security concerns of using this PHP Stack on Squeeze.
3) What can I do to fix this?

Also what is actually logged in /var/log/user.log ?

Thanks :-)

--Siju

Reply to:

Prev by Date: Re: making a pdf file smaller the debian way....
Next by Date: Re: Debian 5 installation
Previous by thread: ez-ipupdate and gnudip2.yi.org
Next by thread: Wayward crons and inits
Index(es):
- Date
- Thread