Login

Noch kein Login?
Daten vergessen?

 
Newsletter
Werbung
Sicherheit: Mehrere Probleme in PHP
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in PHP
ID: USN-1231-1
Distribution: Ubuntu
Plattformen: Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04, Ubuntu 11.10
Datum: Di, 18. Oktober 2011, 11:24
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1914
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2484
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1657
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2202
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2483
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3267

Originalnachricht

 

--===============3844262106394145357==
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature";
 boundary="X1bOJ3K7DJ5YkBrT"
Content-Disposition: inline


--X1bOJ3K7DJ5YkBrT
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

==========================================================================
Ubuntu Security Notice USN-1231-1
October 18, 2011

php5 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
- Ubuntu 8.04 LTS

Summary:

Several security issues were fixed in PHP.

Software Description:
- php5: HTML-embedded scripting language interpreter

Details:

Mateusz Kocielski, Marek Kroemeke and Filip Palian discovered that a
stack-based buffer overflow existed in the socket_connect function's
handling of long pathnames for AF_UNIX sockets. A remote attacker
might be able to exploit this to execute arbitrary code; however,
the default compiler options for affected releases should reduce
the vulnerability to a denial of service. This issue affected Ubuntu
10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1938)

Krzysztof Kotowicz discovered that the PHP post handler function
does not properly restrict filenames in multipart/form-data POST
requests. This may allow remote attackers to conduct absolute
path traversal attacks and possibly create or overwrite arbitrary
files. This issue affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu
10.10 and Ubuntu 11.04. (CVE-2011-2202)

It was discovered that the crypt function for blowfish does not
properly handle 8-bit characters. This could make it easier for an
attacker to discover a cleartext password containing an 8-bit character
that has a matching blowfish crypt value. This issue affected Ubuntu
10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-2483)

It was discovered that PHP did not properly check the return values of
the malloc(3), calloc(3) and realloc(3) library functions in multiple
locations. This could allow an attacker to cause a denial of service
via a NULL pointer dereference or possibly execute arbitrary code.
This issue affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10
and Ubuntu 11.04. (CVE-2011-3182)

Maksymilian Arciemowicz discovered that PHP did not properly implement
the error_log function. This could allow an attacker to cause a denial
of service via an application crash. This issue affected Ubuntu 10.04
LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3267)

Maksymilian Arciemowicz discovered that the ZipArchive functions
addGlob() and addPattern() did not properly check their flag arguments.
This could allow a malicious script author to cause a denial of
service via application crash. This issue affected Ubuntu 10.04 LTS,
Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-1657)

It was discovered that the Xend opcode parser in PHP could be interrupted
while handling the shift-left, shift-right, and bitwise-xor opcodes.
This could allow a malicious script author to expose memory
contents. This issue affected Ubuntu 10.04 LTS. (CVE-2010-1914)

It was discovered that the strrchr function in PHP could be interrupted
by a malicious script, allowing the exposure of memory contents. This
issue affected Ubuntu 8.04 LTS. (CVE-2010-2484)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.10:
  libapache2-mod-php5             5.3.6-13ubuntu3.2
  php5-cgi                        5.3.6-13ubuntu3.2
  php5-cli                        5.3.6-13ubuntu3.2
  php5-common                     5.3.6-13ubuntu3.2

Ubuntu 11.04:
  libapache2-mod-php5             5.3.5-1ubuntu7.3
  php5-cgi                        5.3.5-1ubuntu7.3
  php5-cli                        5.3.5-1ubuntu7.3
  php5-common                     5.3.5-1ubuntu7.3

Ubuntu 10.10:
  libapache2-mod-php5             5.3.3-1ubuntu9.6
  php5-cgi                        5.3.3-1ubuntu9.6
  php5-cli                        5.3.3-1ubuntu9.6
  php5-common                     5.3.3-1ubuntu9.6

Ubuntu 10.04 LTS:
  libapache2-mod-php5             5.3.2-1ubuntu4.10
  php5-cgi                        5.3.2-1ubuntu4.10
  php5-cli                        5.3.2-1ubuntu4.10
  php5-common                     5.3.2-1ubuntu4.10

Ubuntu 8.04 LTS:
  libapache2-mod-php5             5.2.4-2ubuntu5.18
  php5-cgi                        5.2.4-2ubuntu5.18
  php5-cli                        5.2.4-2ubuntu5.18
  php5-common                     5.2.4-2ubuntu5.18

In general, a standard system update will make all the necessary changes.

References:
  http://www.ubuntu.com/usn/usn-1231-1
  CVE-2010-1914, CVE-2010-2484, CVE-2011-1657, CVE-2011-1938,
  CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3267

Package Information:
  https://launchpad.net/ubuntu/+source/php5/5.3.6-13ubuntu3.2
  https://launchpad.net/ubuntu/+source/php5/5.3.5-1ubuntu7.3
  https://launchpad.net/ubuntu/+source/php5/5.3.3-1ubuntu9.6
  https://launchpad.net/ubuntu/+source/php5/5.3.2-1ubuntu4.10
  https://launchpad.net/ubuntu/+source/php5/5.2.4-2ubuntu5.18


--X1bOJ3K7DJ5YkBrT
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCgAGBQJOnR8VAAoJEC8Jno0AXoH0eCcP/jYnuobJ8uC9MIVwskyVU0ns
u88oJdEz0PFDt1Dky+L149RW0d+/NQIytJ95fcXSwiROoGunq701p645CyHJS7ds
4KR+CfXmdkg0MBQgcwFlbYpIlKhxEC8mhhMu3yh4LL1tv0BQNCJLc56tfIPAh4Yj
cc8X9lIzg/Md735W4xpOV3RNt7O2KNq/JiKoKBwNNpbLHzzSJN4TRh/zZsdfOjqM
KWBcISjbeT0egVYxS3aWAHIHU1/O4w4WsYGHc/omgygbsCEgW+bfdfO55JkSQoNt
U2mkZqJzUPNxP81ZeH47asShWNXYWZDIiYAWeXxpVlZvqByyD7Oz2viqyuG4aGBH
jaTq4MESnBlTgk+llH6BIfhPKllaIhVFh9Oqr3ET6KKRERYeNeZJYeVLzuOH4kpE
l1SQwULlv1PLSQj30JwZazYwUjZCoI4Gpq3OSSQiY0SPeaL1epswbe7hYUFOzpaq
XR/nGfeix4wwwAYfwd9bJf3G2+Vc2vBH2Ye72OBbGe6Oibrob/nZAajtFU+pBt78
Swf4uXvmVh/vgJTzDb8XJxQ50oxXF/IaFBI4JdnlvuBPpvvkUtOionpLXyOc/pzP
i5Bkn6xOqA933Oqa2rtwil0I8CVfjijJIWEuFUKDrnnKIVHvm8H354zxKmbLiYbb
vnx4QJQGRTwBQZVF1bEF
=+Mgm
-----END PGP SIGNATURE-----

--X1bOJ3K7DJ5YkBrT--


--===============3844262106394145357==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============3844262106394145357==--
Pro-Linux
Gewinnspiel
Neue Nachrichten

11
Paragon stellt ExtFS für Windows vor

5
Qemu 1.5 er­schie­nen

8
Perl 5.18.0 frei­ge­ge­ben

0
Neptune 3.1 ver­öf­fent­licht

1
Arduino Yún: Leonardo mit WiFi-SoC

14
Mageia 3 frei­ge­ge­ben

6
Erstes Smart­pho­ne mit Sailfish OS vor­be­stell­bar

0
Zend Framework 2.2.0 ver­spricht mehr Kon­sis­tenz

27
Firefox 22 aktiviert WebRTC

9
10 Jahre Groklaw
 
Werbung