From owner-freebsd-questions@FreeBSD.ORG Mon Oct 16 07:38:54 2006 Return-Path: X-Original-To: freebsd-questions@FreeBSD.org Delivered-To: freebsd-questions@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BD03716A403 for ; Mon, 16 Oct 2006 07:38:54 +0000 (UTC) (envelope-from keramida@ceid.upatras.gr) Received: from igloo.linux.gr (igloo.linux.gr [62.1.205.36]) by mx1.FreeBSD.org (Postfix) with ESMTP id DD91143D46 for ; Mon, 16 Oct 2006 07:38:53 +0000 (GMT) (envelope-from keramida@ceid.upatras.gr) Received: from gothmog.pc (host5.bedc.ondsl.gr [62.103.39.229]) (authenticated bits=128) by igloo.linux.gr (8.13.8/8.13.8/Debian-2) with ESMTP id k9G7bvY6008243 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 16 Oct 2006 10:37:58 +0300 Received: from gothmog.pc (gothmog [127.0.0.1]) by gothmog.pc (8.13.8/8.13.8) with ESMTP id k9G7cYhu080741; Mon, 16 Oct 2006 10:38:34 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Received: (from giorgos@localhost) by gothmog.pc (8.13.8/8.13.8/Submit) id k9G7cX54080740; Mon, 16 Oct 2006 10:38:33 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Date: Mon, 16 Oct 2006 10:38:33 +0300 From: Giorgos Keramidas To: Mark Message-ID: <20061016073833.GH80186@gothmog.pc> References: <200610141827.k9EIQvId018475@asarian-host.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200610141827.k9EIQvId018475@asarian-host.net> X-Hellug-MailScanner: Found to be clean X-Hellug-MailScanner-SpamCheck: not spam, SpamAssassin (score=-2.586, required 5, AWL -0.19, BAYES_00 -2.60, DNS_FROM_RFC_ABUSE 0.20, UNPARSEABLE_RELAY 0.00) X-Hellug-MailScanner-From: keramida@ceid.upatras.gr X-Spam-Status: No Cc: freebsd-questions@FreeBSD.org Subject: Re: "canary mismatch on efree()" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Oct 2006 07:38:54 -0000 On 2006-10-14 18:27, Mark wrote: > > Hello, > > I'm running Apache/1.3.37 (Unix) and PHP/4.4.4 with Suhosin-Patch. All of > a sudden I get this in my log: > > [Sat Oct 14 19:54:32 2006] [error] ALERT - canary mismatch on efree() - > heap overflow or double efree detected (attacker '192.168.1.4', file > '/www/vhosts/asarian-host.net/htdocs/phpMyAdmin/index.php') > > This is not good. If a simple thing like phpMyAdmin causes it, then I will > have to disable the Suhosin-Patch (which propably means recompiling from > scratch, right?). o What version of FreeBSD are you using? o What php-related and apache-related packages have you installed and what options did you use while installing them? o Does this happen only with phpMyAdmin or with other PHP scripts too?