Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 08 Aug 2008 15:31:45 +0200
From: Christian Hoffmann <>
Subject: CVE request: php-5.2.6 overflow issues


two security issues, which might possibly allow for arbitrary code 
execution (afaik nobody has analyzed the details...), but at least DoS 
(think of FastCGI setups), were silently fixed in PHP again:

   * Overflow in ext/gd's imageloadfont() function [1] [2] [3]
   * Overflow in php's internal memnstr() function which is exposed
     to userspace as "explode()" [1] [2] [4] [5]

As those functions might take user-supplied data in certain webapps 
(which is a valid use case at least in case of explode()), those issues 
should probably expected to be remotely exploitable.

Those issues are fixed by the recent php-4.4.9 release, but they affect 
php-5.2.6 as well and the fixes are not part of any released version in 
case of 5.2.

Can we get CVEs for these please? :)


Christian Hoffmann

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ