Forum | Features | Download | Patches | Help | #emech | Links | About | Contact |
Versions | News Archive | Installing | Linking | Configuration | Commands | FAQ |

Exploit: phf buffer overflow (CGI)
Date: November 15th, 2000.

Funny how a program thats almost a decade old is still around
to haunt us, isnt it?

This should be a potent reminder for all CGI authors out there
that these things can live forever.

This exploit will give remote access on most (all?) Linux-ix86
boxes (and freebsd?) with phf installed, patch or no patch,
its vulnerable.

There is only one remedy, remove it!

If your mailer(s) trash the source below, you can also download
it from


Copyright © 2000-2005 Proton,  All rights reserved.  Last edited December 9th, 2004.