Debian Bug report logs -
#382257
CVE-2006-4023: php ip2long function incorrect address validation
Reported by: Stefan Fritsch <sf@sfritsch.de>
Date: Wed, 9 Aug 2006 19:18:22 UTC
Severity: important
Tags: security
Done: sean finney <seanius@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Debian Security Team <team@security.debian.org>, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>
:
Bug#382257
; Package php5
.
(full text, mbox, link).
Acknowledgement sent to Stefan Fritsch <sf@sfritsch.de>
:
New Bug report received and forwarded. Copy sent to Debian Security Team <team@security.debian.org>, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>
.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: php5
Severity: important
Tags: security
CVE-2006-4023:
The ip2long function in PHP 5.1.4 and earlier may incorrectly validate
an arbitrary string and return a valid network IP address, which
allows remote attackers to obtain network information and facilitate
other attacks, as demonstrated using SQL injection in the
X-FORWARDED-FOR Header in index.php in MiniBB 2.0. NOTE: it could be
argued that the ip2long behavior represents a risk for
security-relevant issues in a way that is similar to strcpy's role in
buffer overflows, in which case this would be a class of
implementation bugs that would require separate CVE items for each PHP
application that uses ip2long in a security-relevant manner.
I am not sure whether this has to be fixed in php or the applications.
Please check.
Reply sent to sean finney <seanius@debian.org>
:
You have taken responsibility.
(full text, mbox, link).
Notification sent to Stefan Fritsch <sf@sfritsch.de>
:
Bug acknowledged by developer.
(full text, mbox, link).
Message #12 received at 382257-done@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
hey stefan,
the agreement via the security team was that this was an implementation
issue, not a php issue. thus, if any other packages in debian use
ip2long we should verify that they are not vulnerable to such an attack,
but in the meantime php shouldn't be considered vulnerable.
thanks,
sean
[signature.asc (application/pgp-signature, inline)]
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Mon, 18 Jun 2007 10:13:01 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 17:51:55 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.