A tale of openssl_seal(), PHP and Apache2handle

February 3, 2016 007admin Leave a comment

Posted by s3810 on Feb 03

Hey folks,

The openssl_seal() [4] is prone to use uninitialized memory that can be
turned into a code execution. This document describes technical details of
our journey to hijack apache2 requests.

What the heck is openssl_seal()?

[…]
int openssl_seal ( string $data , string &$sealed_data , array &$env_keys , array $pub_key_ids [,
string $method = “RC4” ] )

openssl_seal() seals (encrypts) data by using the given…

007 Software

A tale of openssl_seal(), PHP and Apache2handle

Leave a Reply Cancel reply

Software and Security Information