Bug 174167 - CVE-2005-3390 PHP register globals arbitrary code execution
Summary: CVE-2005-3390 PHP register globals arbitrary code execution
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: php
Version: 5
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Joe Orton
QA Contact: David Lawrence
URL:
Whiteboard: impact=moderate,public=20051031,sourc...
Depends On: 172208
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-11-25 12:41 UTC by Mark J. Cox
Modified: 2007-11-30 22:11 UTC (History)
2 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2006-03-06 13:36:39 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Mark J. Cox 2005-11-25 12:41:36 UTC
FC5test1 tracking bug

+++ This bug was initially created as a clone of Bug #172207 +++

The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5,
when register_globals is enabled, allows remote attackers to modify the
GLOBALS array and bypass security protections of PHP applications via a
multipart/form-data POST request with a "GLOBALS" fileupload field.

http://www.hardened-php.net/advisory_202005.79.html

This issue should also affect FC3

-- Additional comment from jorton on 2005-11-08 06:28 EST --
*** Bug 172200 has been marked as a duplicate of this bug. ***

Comment 1 Mark J. Cox 2006-01-16 13:02:18 UTC
leaving vulnerable for FC5test2 until we check to make sure this is actually
fixed in upstream 5.1.1

Comment 2 Mark J. Cox 2006-01-31 08:18:01 UTC
ping!  if fixed in rawhide please close this bug, otherwise please try to fix
this before FC5Test3 (Feb 6)

Comment 3 Mark J. Cox 2006-02-06 09:18:41 UTC
ping!  if fixed in rawhide please close this bug, otherwise please try to fix
this before FC5Test3 (Feb 13 freeze)

Comment 4 Rahul Sundaram 2006-02-20 11:31:40 UTC

These bugs are being closed since a large number of updates have been released
after the FC5 test1 and test2 releases. Kindly update your system by running yum
update as root user or try out the third and final test version of FC5 being
released in a short while and verify if the bugs are still present on the system
.Reopen or file new bug reports as appropriate after confirming the presence of
this issue. Thanks

Comment 5 Joe Orton 2006-03-06 13:36:39 UTC
By code inspection, this is fixed in the 5.1.2 tree.


Note You need to log in before you can comment on or make changes to this bug.