Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 18 May 2015 10:23:04 +0300
From: Lior Kaplan <kaplanlior@...il.com>
To: cve-assign@...re.org
Cc: "security@....net" <security@....net>, oss-security@...ts.openwall.com
Subject: Re: CVE Request: various issues in PHP

Sending again.

See CVE requests on behalf of PHP security team.

Kaplan

On Wed, May 13, 2015 at 11:21 AM, Lior Kaplan <kaplanlior@...il.com> wrote:

> (Adding cve-assign)
>
> On Wed, May 13, 2015 at 2:07 AM, Stanislav Malyshev <smalyshev@...il.com>
> wrote:
>
>> Hi!
>>
>> We have a number of security issues for which we need CVEs:
>>
>> https://bugs.php.net/bug.php?id=69453 - phar issue, can lead to memory
>> read beyond buffer and in some (unlikely) circumstances, 1-byte memory
>> write
>>
>> https://bugs.php.net/bug.php?id=69545 - integer overflow on reading FTP
>> server data leading to heap overflow, potential exploit by hostile FTP
>> server
>>
>> https://bugs.php.net/bug.php?id=69364 - DoS possibility due to
>> ineffective parsing of form data
>>
>> https://bugs.php.net/bug.php?id=69418,
>> https://bugs.php.net/bug.php?id=68598 - various functions allow \0 in
>> paths where they shouldn't. In theory, that could lead to security
>> failure for path-based access controls if the user injects string with
>> \0 in it. It's a bit theoretical, but it's a possibility.
>>
>>
>> --
>> Stas Malyshev
>> smalyshev@...il.com
>>
>
>

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ