[php-maint] Bug#354690: PHP4 in Sarge appears vulnerable to CVE-2005-3389

Nick Jenkins nickpj at gmail.com
Tue Feb 28 06:39:36 UTC 2006

Package: php4
Version: 4:4.3.10-16
Severity: normal
Tags: security


 A problem when a request was terminated due to memory_limit constraints during
 certain parse_str() calls.
  The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called
 with only one parameter, allows remote attackers to enable the register_globals
 directive via inputs that cause a request to be terminated due to the
  setting, which causes PHP to set an internal flag that enables
  and allows attackers to exploit vulnerabilities in PHP applications that would
 otherwise be protected.

Vulnerable PHP versions:
  PHP4 up to 4.4.0 (according to CVE)

More information about the pkg-php-maint mailing list