oss-security - Re: CVE request: php 5.3.1 - proc_open() bypass PHP Bug #49026 [was: Re: CVE request: php 5.3.1 update]

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [day] [month] [year] [list]

Message-Id: <1259329345.3047.6.camel@dco-milen.globul.bg>
Date: Fri, 27 Nov 2009 15:42:25 +0200
From: Milen Rangelov <mrangelov@...bul.bg>
To: oss-security@...ts.openwall.com
Subject: Re: CVE request: php 5.3.1 - proc_open() bypass PHP Bug #49026
 [was: Re: CVE request: php 5.3.1 update]

Hello, 


>CVE-2009-4018

>PHP before 5.3.1 proc_open() can be used to bypass the
>safe_mode_protected_env_vars INI setting. This could be used to alter the
>process environment possibly executing arbitrary code.
>
>
>http://www.php.net/ChangeLog-5.php#5.3.1
>http://bugs.php.net/bug.php?id=49026
>http://marc.info/?l=oss-security&m=125897935330618&w=2
>
>Thanks.
>
>-- 
>    JB




Great to see an almost one-year-old bug getting fixed (and assigned a
CVE ID for that matter).

It was reported back in 2008 but apparently noone took care:

http://www.securityfocus.com/bid/32717/info


Regards,

Milen Rangelov

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.