oss-sec mailing list archives
Re: Re: CVE Request: various issues in PHP
From: Vasyl Kaigorodov <vkaigoro () redhat com>
Date: Wed, 20 May 2015 15:49:34 +0200
Hello, All those have CVEs assigned as far as I can see in the PHP bug tracker: On Mon, 18 May 2015, Lior Kaplan wrote:
https://bugs.php.net/bug.php?id=69453 - phar issue, can lead to memory read beyond buffer and in some (unlikely) circumstances, 1-byte memory write
CVE-2015-4021
https://bugs.php.net/bug.php?id=69545 - integer overflow on reading FTP server data leading to heap overflow, potential exploit by hostile FTP server
CVE-2015-4022
https://bugs.php.net/bug.php?id=69364 - DoS possibility due to ineffective parsing of form data
CVE-2015-4024
https://bugs.php.net/bug.php?id=69418, https://bugs.php.net/bug.php?id=68598 - various functions allow \0 in paths where they shouldn't. In theory, that could lead to security failure for path-based access controls if the user injects string with \0 in it. It's a bit theoretical, but it's a possibility.
CVE-2015-4025, CVE-2015-4026 respectively. -- Vasyl Kaigorodov | Red Hat Product Security PGP: 0xABB6E828 A7E0 87FF 5AB5 48EB 47D0 2868 217B F9FC ABB6 E828 Free/Busy status: https://url.corp.redhat.com/vk-free-busy-status Come talk to Red Hat Product Security at the Summit! Red Hat Summit 2015 - https://www.redhat.com/summit/
Attachment:
_bin
Description:
Current thread:
- Re: CVE Request: various issues in PHP Lior Kaplan (May 18)
- Re: Re: CVE Request: various issues in PHP Vasyl Kaigorodov (May 20)
- Re: Re: CVE Request: various issues in PHP Tomas Hoger (May 29)
- Re: Re: CVE Request: various issues in PHP Tomas Hoger (Jun 15)
- Re: CVE Request: various issues in PHP cve-assign (Jun 16)
- Re: Re: CVE Request: various issues in PHP Tomas Hoger (Jun 18)
- Re: CVE Request: various issues in PHP cve-assign (Jun 18)
- Re: CVE Request: various issues in PHP cve-assign (Jun 18)
- Re: Re: CVE Request: various issues in PHP Tomas Hoger (May 29)
- Re: Re: CVE Request: various issues in PHP Vasyl Kaigorodov (May 20)