php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Sec Bug #67432 heap-based buffer overflow in DNS TXT record parsing
Submitted: 2014-06-13 06:21 UTC Modified: 2014-06-15 08:09 UTC
From: remi@php.net Assigned: pollita (profile)
Status: Closed Package: *Network Functions
PHP Version: 5.4.29 OS: irrevelant
Private report: No CVE-ID: 2014-4049
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: remi@php.net
New email:
PHP Version: OS:

 

 [2014-06-13 06:21 UTC] remi@php.net
Description:
------------
Stefan Esser pointed out that the following commit fixes a heap-based buffer overflow in DNS TXT record parsing:


https://github.com/php/php-src/commit/b34d7849ed90ced9345f8ea1c59bc8d101c18468

A malicious server or man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application uses dns_get_record() to perform a DNS query. 


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-06-13 06:22 UTC] remi@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: pollita -CVE-ID: +CVE-ID: 2014-4049
 [2014-06-13 06:22 UTC] remi@php.net
The fix for this bug has been committed.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Nov 21 11:01:29 2024 UTC