Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 08 Aug 2008 16:55:37 +0200
From: Christian Hoffmann <hoffie@...too.org>
To: oss-security@...ts.openwall.com
CC: jorton@...hat.com
Subject: Re: CVE request: php-5.2.6 overflow issues

On 2008-08-08 16:01, Joe Orton wrote:
> The explode() bug could only be triggered if a script passed a delimiter 
> from untrusted script input without sanitizing/checking it first, which 
> is fairly pathological behaviour.  I would call that a script bug, not 
> an issue in the PHP interpreter.
Ok, sounds reasonable.

No idea whether a CVE should be assigned anyway -- if it does indeed 
allow for (local) code execution, that'd effectively mean bypass of 
safe_mode/open_basedir. Such issues already got CVEs assigned in the 
pass, so I guess this one should as well.

Local DoS only could be caused by several other means as well (infinite 
recursion, ...), so if somebody could prove it that it only allows for 
DoS, then there is probably no need for a CVE.


Thanks for your reply!

-- 
Christian Hoffmann



Download attachment "signature.asc" of type "application/pgp-signature" (261 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.