| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <32F17A8E-60FA-444F-AD8D-C0B5BDCD826F@prohost.org> Date: Sat, 6 Dec 2008 10:00:14 -0500 From: Ilia Alshanetsky <ilia@...host.org> To: Eygene Ryabinkin <rea-sec@...elabs.ru> Cc: Maksymilian Arciemowicz <cxib@...urityreason.com>, bugtraq@...urityfocus.com Subject: Re: SecurityReason : PHP 5.2.6 dba_replace() destroying file The PHP 4.X tree has been discontinued and all users should upgrade to the 5.x tree. On 6-Dec-08, at 7:47 AM, Eygene Ryabinkin wrote: > Maksymilian, Ilia, good day. > > Thu, Nov 27, 2008 at 11:54:44PM -0000, cxib@...urityreason.com wrote: >> [ SecurityReason.com PHP 5.2.6 dba_replace() destroying file ] > [...] >> - --- 1. dba_replace() destroying file --- >> >> Function dba_replace() are not filtring strings key and value. There >> is a possibility the destruction of the file. > > This vulnerability exists in 4.x line as well and it is still > unpatched. > Had verified it for dba extension from 4.4.9. > > According to the revision log, > http://cvs.php.net/viewvc.cgi/php-src/ext/dba/libinifile/inifile.c?view=log&pathrev= > there is no fix in the official PHP tree for 4.x yet. > -- > Eygene Ilia Alshanetsky
Powered by blists - more mailing lists