Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 166779 - dev-lang/php 5.2.1 str_ireplace Off by One CVE-2007-0911
Summary: dev-lang/php 5.2.1 str_ireplace Off by One CVE-2007-0911
Status: RESOLVED DUPLICATE of bug 153911
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://www.php-security.org/
Whiteboard: A3 [upstream] Falco
Keywords:
Depends on:
Blocks:
 
Reported: 2007-02-14 01:46 UTC by Executioner
Modified: 2007-03-04 23:19 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Executioner 2007-02-14 01:46:45 UTC
Off-by-one error in the str_ireplace function in PHP 5.2.1 might allow context-dependent attackers to cause a denial of service (crash).

Reproducible: Didn't try




http://www.securityfocus.com/bid/22505
Comment 1 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-02-14 11:06:59 UTC
damn.

PHP CVS fixed
Comment 2 James Porter 2007-02-20 19:55:55 UTC
/me snickers...this bug would matter if we had 5.2.1
Comment 3 Executioner 2007-02-20 20:43:16 UTC
I put this one in here because bug 153911 was about to cause a bump to 5.2.1, but it doesn't look like they've done it, so these two bugs can probably be merged or disregarded.
Comment 4 Jakub Moc (RETIRED) gentoo-dev 2007-02-21 02:54:34 UTC
Please don't resolve security bugs (or any other bugs for that matter where nothing has been done in our CVS).
Comment 5 Executioner 2007-02-21 02:59:46 UTC
5.2.1 is not even packaged with gentoo
Comment 6 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-03-04 23:13:30 UTC
Here we'll handle the bugs for this month of PHP bugs that are not already fixed in 4.4.6, 5.1.6-r* and 5.2.1-r* at the same time. Status is [upstream]

If you find bugs that are already fixed in those versions, please comment on bug 153911 instead (status [stable])


* CVE-2007-0911: php-5.2.1 str_ireplace Off by One 

* XSS in phpinfo()

Comment 7 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-03-04 23:15:46 UTC
sorry that str_ireplace off-by-one is already fixed in 5.2.1-r3 :)  going to bug 169372 consequently
Comment 8 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-03-04 23:19:00 UTC
back to the off-by-one error... affects 5.2.1, but fixed in our 5.2.1-r3. There will be one stabilization process, of course. See bug 153911
Comment 9 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-03-04 23:19:16 UTC

*** This bug has been marked as a duplicate of bug 153911 ***