oss-sec mailing list archives
Re: Re: NULL byte poisoning fix in php 5.3.4+
From: "Steven M. Christey" <coley () linus mitre org>
Date: Thu, 9 Dec 2010 09:34:26 -0500 (EST)
On Thu, 9 Dec 2010, Pierre Joye wrote:
We are about to release 5.2.15 and 5.3.4, can anyone please get an id for this issue?
I just assigned CVE-2006-7243 to the http://bugs.php.net/39863 issue, i.e. NULL injection in file_exists() *only*.
However, as already stated, the issue of NULL byte injection with PHP dates back to 1999 or so (ouch... I remember that). If PHP is addressing NULL byte injection beyond just file_exists(), then that may need a separate CVE.
- Steve
Thanks, On Tue, Nov 30, 2010 at 3:26 AM, Pierre Joye <pierre.php () gmail com> wrote:Coley? :) On Mon, Nov 22, 2010 at 5:21 PM, Josh Bressers <bressers () redhat com> wrote:Steve, Can MITRE take this one. It looks like it's from 2006 (from looking at the upstream bug). I don't see a CVE id for this anywhere. Thanks. -- JB ----- "Pierre Joye" <pierre.php () gmail com> wrote:anyone? On Thu, Nov 18, 2010 at 5:43 PM, Pierre Joye <pierre.php () gmail com> wrote:forgot to add the fixes revs: http://svn.php.net/viewvc?view=revision&revision=305507 revert of part of the OCI8 fix http://svn.php.net/viewvc?view=revision&revision=305509 OCI8 fix (committed separately) http://svn.php.net/viewvc?view=revision&revision=305412 On Thu, Nov 18, 2010 at 5:22 PM, Pierre Joye <pierre.php () gmail com> wrote:hi, The problem describes here http://www.madirish.net/?article=436, in http://bugs.php.net/39863 (and numerous other places) has been fixed in PHP_5_3, targetting 5.3.4 (RC1 to be released today). It is a well (old) known issue in PHP and I wonder if there is a CVE already for it? If not I think having one could helpful. or? Cheers, -- Pierre-- Pierre @pierrejoye | http://blog.thepimp.net | http://www.libgd.org-- Pierre @pierrejoye | http://blog.thepimp.net | http://www.libgd.org
Current thread:
- NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Nov 18)
- Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Nov 18)
- Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Nov 22)
- Re: Re: NULL byte poisoning fix in php 5.3.4+ Josh Bressers (Nov 22)
- Re: Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Nov 29)
- Re: Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Dec 09)
- Re: Re: NULL byte poisoning fix in php 5.3.4+ Steven M. Christey (Dec 09)
- Re: Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Dec 09)
- Re: Re: NULL byte poisoning fix in php 5.3.4+ Steven M. Christey (Dec 09)
- Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Nov 22)
- Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Nov 18)
- Re: Re: NULL byte poisoning fix in php 5.3.4+ Pierre Joye (Dec 09)