CVE-2008-1488

Alternative PHP Cache (APC) <3.0.16 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1488. PoCs published by dannyp.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in the PECL Alternative PHP Cache (APC) extension (versions prior to 3.0.17). It leverages a stack-based overflow to execute arbitrary shellcode, providing reverse shells for Linux and FreeBSD systems.

Description

Stack-based buffer overflow in apc.c in Alternative PHP Cache (APC) 3.0.11 through 3.0.16 allows remote attackers to execute arbitrary code via a long filename.

Exploits (1)

exploitdb WORKING POC VERIFIED

by dannyp · phpremotelinux

https://www.exploit-db.com/exploits/31540

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in the PECL Alternative PHP Cache (APC) extension (versions prior to 3.0.17). It leverages a stack-based overflow to execute arbitrary shellcode, providing reverse shells for Linux and FreeBSD systems.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Racy

Target: PECL Alternative PHP Cache (APC) < 3.0.17

No auth needed

Prerequisites: PHP with APC extension (3.0.11-3.0.16) · Ability to execute PHP code on the target system · Knowledge of the target system's memory layout for return address calculation

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →