|
Message-ID: <489C5E69.5010804@gentoo.org>
Date: Fri, 08 Aug 2008 16:55:37 +0200
From: Christian Hoffmann <hoffie@...too.org>
To: oss-security@...ts.openwall.com
CC: jorton@...hat.com
Subject: Re: CVE request: php-5.2.6 overflow issues
On 2008-08-08 16:01, Joe Orton wrote:
> The explode() bug could only be triggered if a script passed a delimiter
> from untrusted script input without sanitizing/checking it first, which
> is fairly pathological behaviour. I would call that a script bug, not
> an issue in the PHP interpreter.
Ok, sounds reasonable.
No idea whether a CVE should be assigned anyway -- if it does indeed
allow for (local) code execution, that'd effectively mean bypass of
safe_mode/open_basedir. Such issues already got CVEs assigned in the
pass, so I guess this one should as well.
Local DoS only could be caused by several other means as well (infinite
recursion, ...), so if somebody could prove it that it only allows for
DoS, then there is probably no need for a CVE.
Thanks for your reply!
--
Christian Hoffmann
Download attachment "signature.asc" of type "application/pgp-signature" (261 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.