Author: jmm-guest Date: 2007-04-02 17:54:08 +0000 (Mon, 02 Apr 2007) New Revision: 5613 Modified: data/mopb.txt Log: checked some more MOPB issues Modified: data/mopb.txt ==================================================================--- data/mopb.txt 2007-04-02 14:34:12 UTC (rev 5612) +++ data/mopb.txt 2007-04-02 17:54:08 UTC (rev 5613) @@ -1,3 +1,39 @@ +44 PHP 5.2.0 Memory Manager Signed Comparision Vulnerability +TODO + +43 PHP msg_receive() Memory Allocation Integer Overflow Vulnerabilty +TODO + +42 PHP 5 php_stream_filter_create() Off By One Vulnerablity +TODO, needs to be fixed, Sarge not affected + +41 PHP 5 sqlite_udf_decode_binary() Buffer Overflow Vulnerability +TODO + +40 PHP imap_mail_compose() Boundary Stack Buffer Overflow Vulnerability +TODO, needs to be fixed + +39 PHP str_replace() Memory Allocation Integer Overflow Vulnerability +TODO + +38 PHP printf() Family 64 Bit Casting Vulnerabilities +TODO + +37 PHP iptcembed() Interruption Information Leak Vulnerability +N/A Only triggerable by malicious script + +36 PHP session.save_path open_basedir Bypass Vulnerability +N/A open_basedir bypasses not supported, CVE-2007-1461 + +35 PHP 4 zip_entry_read() Integer Overflow Vulnerability +TODO + +34 PHP mail() Header Injection Through Subject and To Parameters +TODO, needs to be fixed + +33 PHP mail() Message ASCIIZ Byte Truncation +N/A I don''t see how this can become a security problem? + 32 PHP 4.4.5/4.4.6 session_decode() Double Free Vulnerability (U) TODO, needs to be fixed in php/etch, sarge not affected