Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  news  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Fri, 8 Aug 2008 16:45:00 +0100
From: Joe Orton <jorton@...hat.com>
To: Christian Hoffmann <hoffie@...too.org>
Cc: oss-security@...ts.openwall.com
Subject: Re: CVE request: php-5.2.6 overflow issues

On Fri, Aug 08, 2008 at 04:55:37PM +0200, Christian Hoffmann wrote:
> On 2008-08-08 16:01, Joe Orton wrote:
>> The explode() bug could only be triggered if a script passed a 
>> delimiter from untrusted script input without sanitizing/checking it 
>> first, which is fairly pathological behaviour.  I would call that a 
>> script bug, not an issue in the PHP interpreter.
> Ok, sounds reasonable.
>
> No idea whether a CVE should be assigned anyway -- if it does indeed  
> allow for (local) code execution, that'd effectively mean bypass of  
> safe_mode/open_basedir. Such issues already got CVEs assigned in the  
> pass, so I guess this one should as well.

We (Red Hat) don't consider bugs which allow bypass of safe_mode or 
open_basedir to be security issues; opinions here vary but having a CVE 
name is useful anyway so that the issue can be identified definitively.

Regards, Joe

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux