From owner-freebsd-security@FreeBSD.ORG  Wed Dec 29 22:23:23 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5EB6A16A4DC
	for <freebsd-security@freebsd.org>;
	Wed, 29 Dec 2004 22:23:23 +0000 (GMT)
Received: from sherryl.salk.edu (sherryl.snl.salk.edu [198.202.70.151])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2F1AD43D1F
	for <freebsd-security@freebsd.org>;
	Wed, 29 Dec 2004 22:23:23 +0000 (GMT)	(envelope-from cadams@salk.edu)
Received: from salk.edu (malacarne.snl.salk.edu [198.202.70.215])
	by sherryl.salk.edu (8.12.10/8.12.10) with SMTP id iBTMNMu3064947
	for <freebsd-security@freebsd.org>;
	Wed, 29 Dec 2004 14:23:22 -0800 (PST)
Received: (nullmailer pid 17004 invoked by uid 1179);
	Wed, 29 Dec 2004 22:23:22 -0000
Date: Wed, 29 Dec 2004 14:23:22 -0800
To: freebsd-security@freebsd.org
Message-ID: <20041229222322.GA15584@salk.edu>
References: <34657.24.230.37.14.1104187002.squirrel@24.230.37.14>
	<2990.24.98.86.57.1104197295.squirrel@24.98.86.57>
	<41D0C276.7080100@elischer.org> <xzpk6r1tdc2.fsf@dwp.des.no>
	<20041229205115.GO21044@silverwraith.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20041229205115.GO21044@silverwraith.com>
User-Agent: Mutt/1.5.6+20040907i
From: <cadams@salk.edu>
Subject: Re: Found security expliot in port phpBB 2.0.8  FreeBSD4.10
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Dec 2004 22:23:23 -0000

On Wed, Dec 29, 2004 at 12:51:15PM -0800, Avleen Vig wrote:
> > Julian Elischer <julian@elischer.org> writes:
> > > might be a good idea if we "urged" users to update their phpbb  a bit
> > > more vocally.
> 
> I was under the impression, that upgrading to PHP 4.3.10 would also fix
> this, or was that a different issue?

There have been multiple issues being attacked: 4.3.10 fixes a problem
where you could exploit code which accepted serialized data structures
directly from clients; most of the prolems were caused, however, by a
bug in phpBB which had nothing to do with this.

In either case the problem has very little to do with PHP - it's yet
another case of programmers not sanitizing input from untrusted
sources.

Chris