oss-sec mailing list archives
Re: CVE request: php-5.2.6 overflow issues
From: Christian Hoffmann <hoffie () gentoo org>
Date: Fri, 08 Aug 2008 16:55:37 +0200
On 2008-08-08 16:01, Joe Orton wrote:
The explode() bug could only be triggered if a script passed a delimiter from untrusted script input without sanitizing/checking it first, which is fairly pathological behaviour. I would call that a script bug, not an issue in the PHP interpreter.
Ok, sounds reasonable.No idea whether a CVE should be assigned anyway -- if it does indeed allow for (local) code execution, that'd effectively mean bypass of safe_mode/open_basedir. Such issues already got CVEs assigned in the pass, so I guess this one should as well.
Local DoS only could be caused by several other means as well (infinite recursion, ...), so if somebody could prove it that it only allows for DoS, then there is probably no need for a CVE.
Thanks for your reply! -- Christian Hoffmann
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- CVE request: php-5.2.6 overflow issues Christian Hoffmann (Aug 08)
- Re: CVE request: php-5.2.6 overflow issues Joe Orton (Aug 08)
- Re: CVE request: php-5.2.6 overflow issues Christian Hoffmann (Aug 08)
- Re: CVE request: php-5.2.6 overflow issues Joe Orton (Aug 08)
- Re: CVE request: php-5.2.6 overflow issues Christian Hoffmann (Aug 08)
- Re: CVE request: php-5.2.6 overflow issues Steven M. Christey (Aug 12)
- Re: CVE request: php-5.2.6 overflow issues Christian Hoffmann (Aug 13)
- Re: CVE request: php-5.2.6 overflow issues Joe Orton (Aug 08)