Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  NEWS  community  lists  Wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Fri, 20 Nov 2009 19:46:14 +0200
From: Eren Türkay <eren@...dus.org.tr>
To: oss-security@...ts.openwall.com
Cc: Thomas Biege <thomas@...e.de>
Subject: Re: CVE request: php 5.3.1 update

On Friday 20 November 2009 12:41:50 pm Thomas Biege wrote:
> * Added "max_file_uploads" INI directive, which can be set to limit the
> number of file uploads per-request to 20 by default, to prevent possible
> DOS via temporary file exhaustion.

Bogdan Calin disclosed the details about that vulnerability on full-disclosure 
mailing list. He didn't disclosed his script but I wrote a PoC that works like 
a charm. It makes DoS possible for any server that runs PHP within 1 minute 
with a few requests.

Additionally, this vulnerability affects 5.2.11. I guess all products before 
PHP 5.3.1 are vulnerable.

I think this deserves CVE Id. Any ideas?

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ