On Wednesday 9 May 2007 00:12, you wrote: > Hmm, I not sure about this. The issue at hand seems like a generic design > issue in PHP that's unlikely to be ever fixed inside the interpreter. I > would assume that limits to recursion depth would beed to be imposed > application-specific instead.
It's a MOPB-found bug in PHP which have already been fixed inside the interpreter, and in fact, it has been fixed specifically in a security upload to etch: http://security-tracker.debian.net/tracker/CVE-2006-1549 Only sarge is still "vulnerable". http://www.php-security.org/MOPB/MOPB-02-2007.html > What's the outlined attack here? A database administrator being able to DoS > the webserver instance serving his phpmyadmin instance or being able to > mess up the MySQL database itself? If it's the former it appears harmless > anyway. It's in any case a mild issue, but something that should be fixed when you have the chance. Especially in mass-hosting environments where lots of accounts are handed out, it would at least be inconvenient if someone could very easily DoS the webserver. And it's not trivial to find out who did it. Thijs _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
