Date: Wed, 13 May 2009 11:51:44 +0200 From: Oden Eriksson <oeriksson@...driva.com> To: oss-security@...ts.openwall.com Subject: Re: php mb_ereg_replace() onsdag 13 maj 2009 09:40:20 skrev Sebastian Krahmer: > Hi, > > anyone aware of Bugtraq ID 34873 (http://www.securityfocus.com/bid/34873)? > Seems there is no CVE or anything else (not even a patch). > > Sebastian Got this reply from Derick Rethans asking on security@....net: > It was brought to my attention there is a new security issue in php as shown > here: > > http://www.securityfocus.com/bid/34873 > > Could you please advice? How is this a bug, the documentation for mb_ereg_replace writes: "If e is specified, replacement string will be evaluated as PHP expression. " In the example "e" is specified, so of course it will execute the code. regards, Derick -- Regards // Oden Eriksson
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ