Bug 474824 (CVE-2008-5658)
Summary: | CVE-2008-5658 php: ZipArchive::extractTo() Directory Traversal Vulnerability | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | fedora, jorton, mjc, rpm |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-03-29 08:46:44 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 494531 | ||
Bug Blocks: |
Description
Tomas Hoger
2008-12-05 14:48:59 UTC
This issue does not affect PHP versions as shipped in Red Hat Enterprise Linux 2.1, 3, 4, and 5, and Red Hat Application Stack v1. PHP version in Red Hat Application Stack v2 is affected. PHP 5.1.x (RHEL5 and Stack-v1) does not ship zip extension at all. PHP 4.x (RHEL2.1 - RHEL4) contains zip extension, but it different from the one used in PHP 5.2+ (no ZipArchive class), and requires zzlib library. This library is not shipped in any version of Red Hat Enterprise Linux, and there PHP packages in RHEL2.1 - RHEL4 are not built with zip extension. CVE id CVE-2008-5658 was assigned to this issue: Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences. This issue has been addressed in following products: Red Hat Web Application Stack for RHEL 5 Via RHSA-2009:0350 https://rhn.redhat.com/errata/RHSA-2009-0350.html maniadrive-1.2-13.fc10, php-5.2.9-2.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. maniadrive-1.2-13.fc9, php-5.2.9-2.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. |