Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 20 May 2015 15:49:34 +0200
From: Vasyl Kaigorodov <>
Subject: Re: Re: CVE Request: various issues in PHP


All those have CVEs assigned as far as I can see in the PHP bug

On Mon, 18 May 2015, Lior Kaplan wrote:
> >> - phar issue, can lead to memory
> >> read beyond buffer and in some (unlikely) circumstances, 1-byte memory
> >> write


> >> - integer overflow on reading FTP
> >> server data leading to heap overflow, potential exploit by hostile FTP
> >> server


> >> - DoS possibility due to
> >> ineffective parsing of form data


> >>,
> >> - various functions allow \0 in
> >> paths where they shouldn't. In theory, that could lead to security
> >> failure for path-based access controls if the user injects string with
> >> \0 in it. It's a bit theoretical, but it's a possibility.

CVE-2015-4025, CVE-2015-4026 respectively.

Vasyl Kaigorodov | Red Hat Product Security
PGP:  0xABB6E828 A7E0 87FF 5AB5 48EB 47D0 2868 217B F9FC ABB6 E828
Free/Busy status:

Come talk to Red Hat Product Security at the Summit!
Red Hat Summit 2015 -

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ