Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  news  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Fri, 08 Aug 2008 16:55:37 +0200
From: Christian Hoffmann <hoffie@...too.org>
To: oss-security@...ts.openwall.com
CC: jorton@...hat.com
Subject: Re: CVE request: php-5.2.6 overflow issues

On 2008-08-08 16:01, Joe Orton wrote:
> The explode() bug could only be triggered if a script passed a delimiter 
> from untrusted script input without sanitizing/checking it first, which 
> is fairly pathological behaviour.  I would call that a script bug, not 
> an issue in the PHP interpreter.
Ok, sounds reasonable.

No idea whether a CVE should be assigned anyway -- if it does indeed 
allow for (local) code execution, that'd effectively mean bypass of 
safe_mode/open_basedir. Such issues already got CVEs assigned in the 
pass, so I guess this one should as well.

Local DoS only could be caused by several other means as well (infinite 
recursion, ...), so if somebody could prove it that it only allows for 
DoS, then there is probably no need for a CVE.


Thanks for your reply!

-- 
Christian Hoffmann



[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux