[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[linux-security] remotely exploitable vulnerability in PHP



Topic
=====
remote exploit in php

Problem Description
===================
PHP is a well known, widely-used scripting language often used within
web server setups. A problem with the "memory_limit" handling of PHP
allows remote attackers to execute arbitrary code as the user running
the PHP interpreter (CAN-2004-0594, CAN-2004-0595).

Affected Versions
=================
php-4.3.7 and earlier.

Solution
========
Upgrade to php-4.3.8 (or later) or a patched version for your distribution.

SuSE-8.0
--------
rpm -Fvh mod_php4-4.1.0-317.i386.rpm \
         mod_php4-core-4.1.0-317.i386.rpm \
         mod_php4-servlet-4.1.0-317.i386.rpm \

SuSE-8.1
--------
rpm -Fvh mod_php4-4.2.2-479.i586.rpm \
         mod_php4-core-4.2.2-479.i586.rpm \
         mod_php4-servlet-4.2.2-479.i586.rpm

SuSE-8.2
--------
rpm -Fvh mod_php4-4.3.1-169.i586.rpm \
         mod_php4-core-4.3.1-169.i586.rpm \

SuSE-9.0
--------
rpm -Fvh mod_php4-4.3.3-177.i586.rpm \
         mod_php4-core-4.3.3-177.i586.rpm \
         mod_php4-servlet-4.3.3-177.i586.rpm

SuSE-9.1
--------
rpm -Fvh php4-4.3.4-43.11.i586.rpm \
         php4-servlet-4.3.4-43.11.i586.rpm \
         php4-imap-4.3.4-43.11.i586.rpm \
         php4-mysql-4.3.4-43.11.i586.rpm \
         php4-session-4.3.4-43.11.i586.rpm \
         php4-wddx-4.3.4-43.11.i586.rpm

SFU-1.0 (RedHat 7.3)
--------------------
[packages available from ftp://ftp.sfu.ca/pub/linux/7.3/RPMS/]

rpm -Fvh php-4.1.2-7.4.i386.rpm \
         php-devel-4.1.2-7.4.i386.rpm \
         php-imap-4.1.2-7.4.i386.rpm \
         php-ldap-4.1.2-7.4.i386.rpm \
         php-manual-4.1.2-7.4.i386.rpm \
         php-mysql-4.1.2-7.4.i386.rpm \
         php-odbc-4.1.2-7.4.i386.rpm \
         php-pgsql-4.1.2-7.4.i386.rpm \
         php-snmp-4.1.2-7.4.i386.rpm

Debian 3.0 (woody)
------------------
update to php4_4.1.2-7.0.1_i386.deb,
          php4-cgi_4.1.2-7.0.1_i386.deb,
          php4-curl_4.1.2-7.0.1_i386.deb,
          php4-domxml_4.1.2-7.0.1_i386.deb,
          php4-gd_4.1.2-7.0.1_i386.deb,
          php4-imap_4.1.2-7.0.1_i386.deb,
          php4-ldap_4.1.2-7.0.1_i386.deb,
          php4-mcal_4.1.2-7.0.1_i386.deb,
          php4-mhash_4.1.2-7.0.1_i386.deb,
          php4-mysql_4.1.2-7.0.1_i386.deb,
          php4-odbc_4.1.2-7.0.1_i386.deb,
          php4-recode_4.1.2-7.0.1_i386.deb,
          php4-snmp_4.1.2-7.0.1_i386.deb,
          php4-sybase_4.1.2-7.0.1_i386.deb,
          php4-xslt_4.1.2-7.0.1_i386.deb,
          caudium-php4_4.1.2-7.0.1_i386.deb

Madrake 9.1
-----------
rpm -Fvh php-cgi-4.3.1-11.2.91mdk.i586.rpm \
         php-cli-4.3.1-11.2.91mdk.i586.rpm \
         php430-devel-430-11.2.91mdk.i586.rpm \
         libphp_common430-430-11.2.91mdk.i586.rpm

Madrake 9.2
-----------
rpm -Fvh php-cgi-4.3.3-2.1.92mdk.i586.rpm \
         php-cli-4.3.3-2.1.92mdk.i586.rpm \
         php432-devel-4.3.3-2.1.92mdk.i586.rpm \
         libphp_common432-4.3.3-2.1.92mdk.i586.rpm

Mandrake 10.0
-------------
rpm -Fvh php-cgi-4.3.4-4.1.100mdk.i586.rpm \
         php-cli-4.3.4-4.1.100mdk.i586.rpm \
         php432-devel-4.3.4-4.1.100mdk.i586.rpm \
         libphp_common432-4.3.4-4.1.100mdk.i586.rpm

Fedora Core 1
-------------
rpm -Fvh php-4.3.8-1.1.i386.rpm \
         php-devel-4.3.8-1.1.i386.rpm \
         php-imap-4.3.8-1.1.i386.rpm \
         php-ldap-4.3.8-1.1.i386.rpm \
         php-mysql-4.3.8-1.1.i386.rpm \
         php-pgsql-4.3.8-1.1.i386.rpm \
         php-odbc-4.3.8-1.1.i386.rpm \
         php-snmp-4.3.8-1.1.i386.rpm \
         php-domxml-4.3.8-1.1.i386.rpm \
         php-xmlrpc-4.3.8-1.1.i386.rpm \
         php-mbstring-4.3.8-1.1.i386.rpm

Fedora Core 2
-------------
rpm -Fvh php-4.3.8-2.1.i386.rpm \
         php-devel-4.3.8-2.1.i386.rpm \
         php-pear-4.3.8-2.1.i386.rpm \
         php-imap-4.3.8-2.1.i386.rpm \
         php-ldap-4.3.8-2.1.i386.rpm \
         php-mysql-4.3.8-2.1.i386.rpm \
         php-pgsql-4.3.8-2.1.i386.rpm \
         php-odbc-4.3.8-2.1.i386.rpm \
         php-snmp-4.3.8-2.1.i386.rpm \
         php-domxml-4.3.8-2.1.i386.rpm \
         php-xmlrpc-4.3.8-2.1.i386.rpm \
         php-mbstring-4.3.8-2.1.i386.rpm