174168 – CVE-2005-3389 PHP parse_str can enable register_globals

Bug 174168 - CVE-2005-3389 PHP parse_str can enable register_globals

Summary: CVE-2005-3389 PHP parse_str can enable register_globals

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	php
Sub Component:
Version:	5
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	low
Target Milestone:	---
Assignee:	Joe Orton
QA Contact:	David Lawrence
Docs Contact:
URL:
Whiteboard:	impact=low,public=20051031,source=ful...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-11-25 12:43 UTC by Mark J. Cox
Modified:	2007-11-30 22:11 UTC (History)
CC List:	0 users
Fixed In Version:	5.1.1-2
Clone Of:
Environment:
Last Closed:	2005-12-05 15:27:31 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Mark J. Cox 2005-11-25 12:43:02 UTC

tracking bug

+++ This bug was initially created as a clone of Bug #172209 +++

The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called
with only one parameter, allows remote attackers to disable the
register_globals directive via inputs that cause a request to be terminated
due to the memory_limit setting, which causes PHP to set an internal flag that
enables register_globals and allows attackers to exploit vulnerabilities in
PHP applications that would otherwise be protected.

http://www.hardened-php.net/advisory_192005.78.html

This issue also affects FC3

Comment 1 Joe Orton 2005-12-05 15:27:31 UTC

Fixed in Raw Hide with update to 5.1.1.

Note You need to log in before you can comment on or make changes to this bug.