oss-sec mailing list archives
Re: CVE request: php-5.2.6 overflow issues
From: Joe Orton <jorton () redhat com>
Date: Fri, 8 Aug 2008 16:45:00 +0100
On Fri, Aug 08, 2008 at 04:55:37PM +0200, Christian Hoffmann wrote:
On 2008-08-08 16:01, Joe Orton wrote:The explode() bug could only be triggered if a script passed a delimiter from untrusted script input without sanitizing/checking it first, which is fairly pathological behaviour. I would call that a script bug, not an issue in the PHP interpreter.Ok, sounds reasonable. No idea whether a CVE should be assigned anyway -- if it does indeed allow for (local) code execution, that'd effectively mean bypass of safe_mode/open_basedir. Such issues already got CVEs assigned in the pass, so I guess this one should as well.
We (Red Hat) don't consider bugs which allow bypass of safe_mode or open_basedir to be security issues; opinions here vary but having a CVE name is useful anyway so that the issue can be identified definitively. Regards, Joe
Current thread:
- CVE request: php-5.2.6 overflow issues Christian Hoffmann (Aug 08)
- Re: CVE request: php-5.2.6 overflow issues Joe Orton (Aug 08)
- Re: CVE request: php-5.2.6 overflow issues Christian Hoffmann (Aug 08)
- Re: CVE request: php-5.2.6 overflow issues Joe Orton (Aug 08)
- Re: CVE request: php-5.2.6 overflow issues Christian Hoffmann (Aug 08)
- Re: CVE request: php-5.2.6 overflow issues Steven M. Christey (Aug 12)
- Re: CVE request: php-5.2.6 overflow issues Christian Hoffmann (Aug 13)
- Re: CVE request: php-5.2.6 overflow issues Joe Orton (Aug 08)