Debian Bug report logs -
#453295
CVE-2007-6039: possible DoS
Reported by: Steffen Joeris <steffen.joeris@skolelinux.de>
Date: Wed, 28 Nov 2007 12:00:01 UTC
Severity: important
Tags: security
Fixed in versions php5/5.2.5-1, php5/5.2.0-8+etch9
Done: Thijs Kinkhorst <thijs@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>
:
Bug#453295
; Package php5-common
.
(full text, mbox, link).
Acknowledgement sent to Steffen Joeris <steffen.joeris@skolelinux.de>
:
New Bug report received and forwarded. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>
.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: php5-common
Severity: important
Tags: security
Hi
The following CVE[0] has been issued against php5. Could you please
check, if the debian packages are affected?
CVE-2007-6039:
PHP 5.2.5 and earlier allows context-dependent attackers to cause a
denial of service (application crash) via a long string in (1) the
domain parameter to the dgettext function, the message parameter to the
(2) dcgettext or (3) gettext function, the msgid1 parameter to the (4)
dngettext or (5) ngettext function, or (6) the classname parameter to
the stream_wrapper_register function. NOTE: this might not be a
vulnerability in most web server environments that support multiple
threads, unless this issue can be demonstrated for code execution.
In case you fix this bug by an upload, please mention the CVE id in your
changelog.
Cheers
Steffen
[0]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6039
Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>
:
Bug#453295
; Package php5-common
.
(full text, mbox, link).
Acknowledgement sent to Steffen Joeris <steffen.joeris@skolelinux.de>
:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>
.
(full text, mbox, link).
Message #10 received at 453295@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Hi
There were three more CVEs[0][1][2] issued for php5.
CVE-2007-5900:
PHP before 5.2.5 allows local users to bypass protection mechanisms configured
through php_admin_value or php_admin_flag in httpd.conf by using ini_set to
modify arbitrary configuration variables, a different issue than
CVE-2006-4625.
CVE-2007-5898:
The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5
accept partial multibyte sequences, which has unknown impact and attack
vectors, a different issue than CVE-2006-5465.
CVE-2007-5899:
The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms
in which the ACTION attribute references a non-local URL, which allows remote
attackers to obtain potentially sensitive information by reading the requests
for this URL, as demonstrated by a rewritten form containing a local session
ID.
Cheers
Steffen
[0]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5900
[1]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5898
[2]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5899
[signature.asc (application/pgp-signature, inline)]
Bug marked as fixed in version 5.2.5-1, send any further explanations to Steffen Joeris <steffen.joeris@skolelinux.de>
Request was from Thijs Kinkhorst <thijs@debian.org>
to control@bugs.debian.org
.
(Wed, 07 May 2008 10:24:03 GMT) (full text, mbox, link).
Bug marked as fixed in version 5.2.0-8+etch9, send any further explanations to Steffen Joeris <steffen.joeris@skolelinux.de>
Request was from Thijs Kinkhorst <thijs@debian.org>
to control@bugs.debian.org
.
(Wed, 07 May 2008 10:24:04 GMT) (full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Thu, 05 Jun 2008 07:41:04 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 15:24:32 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.