oss-sec mailing list archives
Re: CVE affected for PHP 5.3.9 ?
From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 13 Jan 2012 09:54:54 -0700
On 01/13/2012 08:19 AM, Nicolas Grégoire wrote:
Hello, PHP released v5.3.9 earlier this month : http://php.net/ChangeLog-5.php#5.3.9 I wonder if CVE identifiers were already affected to these security vulnerabilities. I'm looking specifically for bug 54446 that I reported : https://bugs.php.net/bug.php?id=54446 Regards, Nicolas
I'm not clear on how this crosses a security boundary. The attacker would need to write a custom script that uses the "<sax:output href="0wn3d.php" method="text">" and the user the script runs as (apache usually or whatever local account is in use) would also need write permissions to the directory in question. How is this different than say using fopen/fwrite to create the file? -- -- Kurt Seifried / Red Hat Security Response Team
Current thread:
- CVE affected for PHP 5.3.9 ? Nicolas Grégoire (Jan 13)
- Re: CVE affected for PHP 5.3.9 ? Kurt Seifried (Jan 13)
- Re: CVE affected for PHP 5.3.9 ? Nicolas Grégoire (Jan 13)
- Re: CVE affected for PHP 5.3.9 ? Kurt Seifried (Jan 13)
- Re: CVE affected for PHP 5.3.9 ? Nicolas Grégoire (Jan 13)
- Re: CVE affected for PHP 5.3.9 ? Kurt Seifried (Jan 13)
- Re: CVE affected for PHP 5.3.9 ? Ignacio Espinosa (Jan 14)
- Re: CVE affected for PHP 5.3.9 ? Kurt Seifried (Jan 14)
- Re: CVE affected for PHP 5.3.9 ? Nicolas Grégoire (Jan 14)
- Re: CVE affected for PHP 5.3.9 ? Kurt Seifried (Jan 14)
- Re: CVE affected for PHP 5.3.9 ? Nicolas Grégoire (Jan 15)
- Re: CVE affected for PHP 5.3.9 ? Kurt Seifried (Jan 17)
- Re: CVE affected for PHP 5.3.9 ? Nicolas Grégoire (Jan 13)
- Re: CVE affected for PHP 5.3.9 ? Kurt Seifried (Jan 13)