[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[linux-security] remotely exploitable vulnerability in PHP
- To: linux-security@sfu.ca
- Subject: [linux-security] remotely exploitable vulnerability in PHP
- From: Martin Siegert <siegert@sfu.ca>
- Date: Mon, 30 Aug 2004 17:16:00 -0700
- User-Agent: Mutt/1.4.1i
Topic
=====
remote exploit in php
Problem Description
===================
PHP is a well known, widely-used scripting language often used within
web server setups. A problem with the "memory_limit" handling of PHP
allows remote attackers to execute arbitrary code as the user running
the PHP interpreter (CAN-2004-0594, CAN-2004-0595).
Affected Versions
=================
php-4.3.7 and earlier.
Solution
========
Upgrade to php-4.3.8 (or later) or a patched version for your distribution.
SuSE-8.0
--------
rpm -Fvh mod_php4-4.1.0-317.i386.rpm \
mod_php4-core-4.1.0-317.i386.rpm \
mod_php4-servlet-4.1.0-317.i386.rpm \
SuSE-8.1
--------
rpm -Fvh mod_php4-4.2.2-479.i586.rpm \
mod_php4-core-4.2.2-479.i586.rpm \
mod_php4-servlet-4.2.2-479.i586.rpm
SuSE-8.2
--------
rpm -Fvh mod_php4-4.3.1-169.i586.rpm \
mod_php4-core-4.3.1-169.i586.rpm \
SuSE-9.0
--------
rpm -Fvh mod_php4-4.3.3-177.i586.rpm \
mod_php4-core-4.3.3-177.i586.rpm \
mod_php4-servlet-4.3.3-177.i586.rpm
SuSE-9.1
--------
rpm -Fvh php4-4.3.4-43.11.i586.rpm \
php4-servlet-4.3.4-43.11.i586.rpm \
php4-imap-4.3.4-43.11.i586.rpm \
php4-mysql-4.3.4-43.11.i586.rpm \
php4-session-4.3.4-43.11.i586.rpm \
php4-wddx-4.3.4-43.11.i586.rpm
SFU-1.0 (RedHat 7.3)
--------------------
[packages available from ftp://ftp.sfu.ca/pub/linux/7.3/RPMS/]
rpm -Fvh php-4.1.2-7.4.i386.rpm \
php-devel-4.1.2-7.4.i386.rpm \
php-imap-4.1.2-7.4.i386.rpm \
php-ldap-4.1.2-7.4.i386.rpm \
php-manual-4.1.2-7.4.i386.rpm \
php-mysql-4.1.2-7.4.i386.rpm \
php-odbc-4.1.2-7.4.i386.rpm \
php-pgsql-4.1.2-7.4.i386.rpm \
php-snmp-4.1.2-7.4.i386.rpm
Debian 3.0 (woody)
------------------
update to php4_4.1.2-7.0.1_i386.deb,
php4-cgi_4.1.2-7.0.1_i386.deb,
php4-curl_4.1.2-7.0.1_i386.deb,
php4-domxml_4.1.2-7.0.1_i386.deb,
php4-gd_4.1.2-7.0.1_i386.deb,
php4-imap_4.1.2-7.0.1_i386.deb,
php4-ldap_4.1.2-7.0.1_i386.deb,
php4-mcal_4.1.2-7.0.1_i386.deb,
php4-mhash_4.1.2-7.0.1_i386.deb,
php4-mysql_4.1.2-7.0.1_i386.deb,
php4-odbc_4.1.2-7.0.1_i386.deb,
php4-recode_4.1.2-7.0.1_i386.deb,
php4-snmp_4.1.2-7.0.1_i386.deb,
php4-sybase_4.1.2-7.0.1_i386.deb,
php4-xslt_4.1.2-7.0.1_i386.deb,
caudium-php4_4.1.2-7.0.1_i386.deb
Madrake 9.1
-----------
rpm -Fvh php-cgi-4.3.1-11.2.91mdk.i586.rpm \
php-cli-4.3.1-11.2.91mdk.i586.rpm \
php430-devel-430-11.2.91mdk.i586.rpm \
libphp_common430-430-11.2.91mdk.i586.rpm
Madrake 9.2
-----------
rpm -Fvh php-cgi-4.3.3-2.1.92mdk.i586.rpm \
php-cli-4.3.3-2.1.92mdk.i586.rpm \
php432-devel-4.3.3-2.1.92mdk.i586.rpm \
libphp_common432-4.3.3-2.1.92mdk.i586.rpm
Mandrake 10.0
-------------
rpm -Fvh php-cgi-4.3.4-4.1.100mdk.i586.rpm \
php-cli-4.3.4-4.1.100mdk.i586.rpm \
php432-devel-4.3.4-4.1.100mdk.i586.rpm \
libphp_common432-4.3.4-4.1.100mdk.i586.rpm
Fedora Core 1
-------------
rpm -Fvh php-4.3.8-1.1.i386.rpm \
php-devel-4.3.8-1.1.i386.rpm \
php-imap-4.3.8-1.1.i386.rpm \
php-ldap-4.3.8-1.1.i386.rpm \
php-mysql-4.3.8-1.1.i386.rpm \
php-pgsql-4.3.8-1.1.i386.rpm \
php-odbc-4.3.8-1.1.i386.rpm \
php-snmp-4.3.8-1.1.i386.rpm \
php-domxml-4.3.8-1.1.i386.rpm \
php-xmlrpc-4.3.8-1.1.i386.rpm \
php-mbstring-4.3.8-1.1.i386.rpm
Fedora Core 2
-------------
rpm -Fvh php-4.3.8-2.1.i386.rpm \
php-devel-4.3.8-2.1.i386.rpm \
php-pear-4.3.8-2.1.i386.rpm \
php-imap-4.3.8-2.1.i386.rpm \
php-ldap-4.3.8-2.1.i386.rpm \
php-mysql-4.3.8-2.1.i386.rpm \
php-pgsql-4.3.8-2.1.i386.rpm \
php-odbc-4.3.8-2.1.i386.rpm \
php-snmp-4.3.8-2.1.i386.rpm \
php-domxml-4.3.8-2.1.i386.rpm \
php-xmlrpc-4.3.8-2.1.i386.rpm \
php-mbstring-4.3.8-2.1.i386.rpm