View Issue Details

IDProjectCategoryView StatusLast Update
0006521CentOS-6phppublic2014-01-10 21:33
Reporterdevrock4 
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
PlatformLinuxOSCentosOS Version6.4
Product Version6.4 
Target VersionFixed in Version6.5 
Summary0006521: PHP 5.3.3 version is vulnerable to the NULL Byte attack (CVE-2006-7243)
DescriptionIt was reported [1],[2] that PHP would accept filenames with a NULL character in the string, and silently truncate anything after the NULL character. This could lead to unexpected results and could possibly disclose the existence of certain system files. This was initially reported against the file_exists() function, but a number of other functions were changed to prevent PHP from considering paths with a NULL character as being valid [2].

This has been corrected in the upstream 5.3.4 release [3].

[1] http://bugs.php.net/39863
[2] http://www.madirish.net/?article=436
[3] http://svn.php.net/viewvc/?view=revision&revision=305507
[4] http://www.php.net/archive/2010.php#id2010-12-10-1

This issue can potentially impact sane PHP code and is not limited to safe_mode / open_basedir restrictions.
TagsNo tags attached.

Activities

tigalch

tigalch

2013-06-26 16:44

manager   ~0017599

Adding upstream bugzilla entry for reference:
https://bugzilla.redhat.com/show_bug.cgi?id=662707

Allthough not shure when this will be fixed. Also affects C5 (both php and php53).
tigalch

tigalch

2013-11-19 20:09

manager   ~0018370

php53 for C5 got this issue fixed with https://rhn.redhat.com/errata/RHSA-2013-1307.html
tigalch

tigalch

2014-01-10 21:33

manager   ~0019024

Also now fixed in C6 with https://rhn.redhat.com/errata/RHSA-2013-1615.html (release of 6.5).

Issue History

Date Modified Username Field Change
2013-06-26 08:14 devrock4 New Issue
2013-06-26 16:44 tigalch Note Added: 0017599
2013-11-19 20:09 tigalch Note Added: 0018370
2014-01-10 21:33 tigalch Note Added: 0019024
2014-01-10 21:33 tigalch Status new => resolved
2014-01-10 21:33 tigalch Fixed in Version => 6.5
2014-01-10 21:33 tigalch Resolution open => fixed