hacking memacached, suhosin saves

Ing. Branislav Gerzo 2ge at 2ge.us
Mon Nov 19 13:32:35 UTC 2007

Hello all,

I saw in log files something strange:
Nov 19 11:24:20 web1 suhosin[87751]: ALERT - canary mismatch on efree() -
heap overflow or double efree detected (attacker '',
file '/data/www/public_html/index.php', line 67)

line 67: $memcache->pconnect($CONF['memcache_host'], $CONF['memcache_port']) or die("Memcache: Could not connect");

Server config:
PHP Version 4.4.7
This server is protected with the Suhosin Patch 0.9.6
memcache: Revision      $Revision: 1.92 $

I tried search for "memcache suhosin", nothing found, so maybe you
should be aware of this and make a correction, if necesary.

Thank you

More information about the memcached mailing list