oss-sec mailing list archives
Re: CVE request: php 5.3.1 - "max_file_uploads" [was: Re: [oss-security] CVE request: php 5.3.1 update]
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Mon, 23 Nov 2009 13:18:14 +0100
Eren Türkay wrote:
On Friday 20 November 2009 12:41:50 pm Thomas Biege wrote:* Added "max_file_uploads" INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion.Bogdan Calin disclosed the details about that vulnerability on full-disclosure mailing list. He didn't disclosed his script but I wrote a PoC that works like a charm. It makes DoS possible for any server that runs PHP within 1 minute with a few requests.Additionally, this vulnerability affects 5.2.11. I guess all products before PHP 5.3.1 are vulnerable.I think this deserves CVE Id. Any ideas?
Josh, could you please allocate one? Also changed the topic to match only 'php 5.3.1 - "max_file_uploads"' thing, so it isn't lost in other mails. Thanks && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Current thread:
- CVE request: php 5.3.1 update Thomas Biege (Nov 20)
- Re: CVE request: php 5.3.1 update Joe Orton (Nov 20)
- Re: CVE request: php 5.3.1 update Tomas Hoger (Nov 20)
- Re: CVE request: php 5.3.1 update Eren Türkay (Nov 20)
- Re: CVE request: php 5.3.1 - "max_file_uploads" [was: Re: [oss-security] CVE request: php 5.3.1 update] Jan Lieskovsky (Nov 23)
- Re: CVE request: php 5.3.1 update security curmudgeon (Nov 21)
- Re: CVE request: php 5.3.1 update Joe Orton (Nov 20)