oss-sec mailing list archives

Re: CVE Request: various issues in PHP

From: Lior Kaplan <kaplanlior () gmail com>
Date: Mon, 18 May 2015 10:23:04 +0300

Sending again.

See CVE requests on behalf of PHP security team.

Kaplan

On Wed, May 13, 2015 at 11:21 AM, Lior Kaplan <kaplanlior () gmail com> wrote:

(Adding cve-assign)

On Wed, May 13, 2015 at 2:07 AM, Stanislav Malyshev <smalyshev () gmail com>
wrote:

Hi!

We have a number of security issues for which we need CVEs:

https://bugs.php.net/bug.php?id=69453 - phar issue, can lead to memory
read beyond buffer and in some (unlikely) circumstances, 1-byte memory
write

https://bugs.php.net/bug.php?id=69545 - integer overflow on reading FTP
server data leading to heap overflow, potential exploit by hostile FTP
server

https://bugs.php.net/bug.php?id=69364 - DoS possibility due to
ineffective parsing of form data

https://bugs.php.net/bug.php?id=69418,
https://bugs.php.net/bug.php?id=68598 - various functions allow \0 in
paths where they shouldn't. In theory, that could lead to security
failure for path-based access controls if the user injects string with
\0 in it. It's a bit theoretical, but it's a possibility.


--
Stas Malyshev
smalyshev () gmail com

Current thread:

Re: CVE Request: various issues in PHP Lior Kaplan (May 18)
- Re: Re: CVE Request: various issues in PHP Vasyl Kaigorodov (May 20)
  - Re: Re: CVE Request: various issues in PHP Tomas Hoger (May 29)
    - Re: Re: CVE Request: various issues in PHP Tomas Hoger (Jun 15)
    - Re: CVE Request: various issues in PHP cve-assign (Jun 16)
    - Re: Re: CVE Request: various issues in PHP Tomas Hoger (Jun 18)
    - Re: CVE Request: various issues in PHP cve-assign (Jun 18)
    - Re: CVE Request: various issues in PHP cve-assign (Jun 18)