FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 01-04-2011, 06:06 AM
Siju George
 
Default Squeeze PHP 5.3 memory corruption issue

Hi,

I have the following Errors

===================
Dec 27 05:20:06 primary suhosin[15840]: ALERT - canary mismatch on
efree() - heap overflow detected at 0x7f77bd4e7618 (attacker
'REMOTE_ADDR not set', file
'/var/www/gopher/app/wo/Services/gopher/database/database.php', line
42)
Dec 27 05:20:06 primary suhosin[15823]: ALERT - canary mismatch on
efree() - heap overflow detected at 0x7f77bd4e7618 (attacker
'REMOTE_ADDR not set', file
'/var/www/gopher/app/wo/Services/gopher/database/database.php', line
42)
Dec 27 05:30:17 primary shutdown[17338]: shutting down for system reboot
Dec 30 04:33:00 primary suhosin[22322]: ALERT - ASCII-NUL chars not
allowed within request variables - dropped variable 'g' (attacker
'91.98.99.162', file '/var/www/gopher/web/index.php')
Dec 31 16:03:24 primary suhosin[32496]: ALERT - ASCII-NUL chars not
allowed within request variables - dropped variable 'app' (attacker
'72.167.203.208', file '/var/www/gopher/web/index.php')
Dec 31 16:03:24 primary suhosin[1899]: ALERT - ASCII-NUL chars not
allowed within request variables - dropped variable 'app' (attacker
'72.167.203.208', file '/var/www/gopher/web/index.php'
===================

in my /var/log/user.log

Searching h internet brings me to this detailed explanation


http://www.suspekt.org/2008/10/12/suhosin-canary-mismatch-on-efree-heap-overflow-detected/

My System details are

=============
Linux primary 2.6.32-5-amd64 #1 SMP Fri Dec 10 15:35:08 UTC 2010
x86_64 GNU/Linux

user@primary:/var/log$ dpkg -l |grep php
ii libapache2-mod-php5 5.3.3-6
server-side, HTML-embedded scripting language (Apache 2 module)
ii php-fpdf 3:1.6.dfsg-1
PHP class to generate PDF files
ii php-pear 5.3.3-6
PEAR - PHP Extension and Application Repository
ii php5 5.3.3-6
server-side, HTML-embedded scripting language (metapackage)
ii php5-cli 5.3.3-6
command-line interpreter for the php5 scripting language
ii php5-common 5.3.3-6
Common files for packages built from the php5 source
ii php5-curl 5.3.3-6
CURL module for php5
ii php5-dev 5.3.3-6
Files for PHP5 module development
ii php5-gd 5.3.3-6 GD
module for php5
ii php5-mcrypt 5.3.3-6
MCrypt module for php5
ii php5-mysql 5.3.3-6
MySQL module for php5
ii php5-suhosin 0.9.32.1-1
advanced protection module for php5
=========================
my concerns are

1) Are others getting similar errors?
2) What are the security concerns of using this PHP Stack on Squeeze.
3) What can I do to fix this?

Also what is actually logged in /var/log/user.log ?

Thanks :-)

--Siju


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: AANLkTinbCYAm+o4gvKZR0mY_KM487bYQWUgLkqA9K=tQ@mail .gmail.com">http://lists.debian.org/AANLkTinbCYAm+o4gvKZR0mY_KM487bYQWUgLkqA9K=tQ@mail .gmail.com
 

Thread Tools




All times are GMT. The time now is 09:30 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org