Login
Newsletter
Werbung
Sicherheit: Zwei Probleme in php
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in php
ID: USN-112-1
Distribution: Ubuntu
Plattformen: Ubuntu 4.10
Datum: Fr, 15. April 2005, 13:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1043
Applikationen: PHP

Originalnachricht

 
===========================================================
Ubuntu Security Notice USN-112-1	     April 14, 2005
php4 vulnerabilities
CAN-2005-1042, CAN-2005-1043
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

libapache2-mod-php4
php4-cgi

The problem can be corrected by upgrading the affected package to
version 4:4.3.8-3ubuntu7.8. After performing a standard system upgrade
you need to reload the PHP module in the webserver by executing

  sudo /etc/init.d/apache2 reload

to effect the necessary changes. 

Details follow:

An integer overflow was discovered in the exif_process_IFD_TAG()
function in PHP4's EXIF module. EXIF tags with a specially crafted
"Image File Directory" (IFD) tag caused a buffer overflow which could
have been exploited to execute arbitrary code with the privileges of
the PHP4 server. (CAN-2005-1042)

The same module also contained a Denial of Service vulnerability. EXIF
headers with a large IFD nesting level caused an unbound recursion
which would eventually overflow the stack and cause the executed
program to crash. (CAN-2005-1043)

In web applications that automatically process EXIF tags of uploaded
images, both vulnerabilities could be exploited remotely.


  Source archives:

    php4_4.3.8-3ubuntu7.8.diff.gz
      Size/MD5:   615279 bccbf61fbd657d604778ef0807602269
    php4_4.3.8-3ubuntu7.8.dsc
      Size/MD5:     1624 50fb00c9c97235f29bd5e0b5be38719f
    http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.8.orig.tar.gz
      Size/MD5:  4832570 dd69f8c89281f088eadf4ade3dbd39ee

  Architecture independent packages:

    php4-dev_4.3.8-3ubuntu7.8_all.deb
      Size/MD5:   332212 c7b9169952458bc1c9c6bb38894e44dd
    php4-pear_4.3.8-3ubuntu7.8_all.deb
      Size/MD5:   333344 8df62c694a6f3161c9856ce3ddc72880

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    libapache2-mod-php4_4.3.8-3ubuntu7.8_amd64.deb
      Size/MD5:  1689076 ea68676e40465cfaf63e9c040097cf5e
    php4-cgi_4.3.8-3ubuntu7.8_amd64.deb
      Size/MD5:  3198192 73d27ba5818baffd5364bf600bde839d
    php4-curl_4.3.8-3ubuntu7.8_amd64.deb
      Size/MD5:    17268 af6a393057cbc02db58bf8161971c920
    php4-domxml_4.3.8-3ubuntu7.8_amd64.deb
      Size/MD5:    40424 68c1a0c15a6cf8a73e34312ab4490fda
    php4-gd_4.3.8-3ubuntu7.8_amd64.deb
      Size/MD5:    33490 04e4f118c9c254f124647d3f79331b40
    php4-ldap_4.3.8-3ubuntu7.8_amd64.deb
      Size/MD5:    21228 7b3a3ec6ee219d8a20b5ae4908356223
    php4-mcal_4.3.8-3ubuntu7.8_amd64.deb
      Size/MD5:    18402 3ccc063e13e057bb046134106f7a4af0
    php4-mhash_4.3.8-3ubuntu7.8_amd64.deb
      Size/MD5:     7984 3a6f3b7fa3c05de874ff133efed8a005
    php4-mysql_4.3.8-3ubuntu7.8_amd64.deb
      Size/MD5:    23106 c5eb05dc58ec37535f4abbcca2fd376b
    php4-odbc_4.3.8-3ubuntu7.8_amd64.deb
      Size/MD5:    28318 ba50aa51d1878db08656192e4942a672
    php4-recode_4.3.8-3ubuntu7.8_amd64.deb
      Size/MD5:     7612 492f40b7948f52691ba10aefda76509c
    php4-snmp_4.3.8-3ubuntu7.8_amd64.deb
      Size/MD5:    12966 e4c676a19934de18daea3c7c5558c6bb
    php4-sybase_4.3.8-3ubuntu7.8_amd64.deb
      Size/MD5:    21504 5634e0379238d42bbd446c768f19d865
    php4-xslt_4.3.8-3ubuntu7.8_amd64.deb
      Size/MD5:    17244 b3ade86c59d1bf070936cc8d3e0798ec
    php4_4.3.8-3ubuntu7.8_amd64.deb
      Size/MD5:  1704972 48b6f63a1bd9e74a32d1765f83a7a766

  i386 architecture (x86 compatible Intel/AMD)

    libapache2-mod-php4_4.3.8-3ubuntu7.8_i386.deb
      Size/MD5:  1630966 33f6c6e64aeee06c9f4ce5529bfb5270
    php4-cgi_4.3.8-3ubuntu7.8_i386.deb
      Size/MD5:  3044286 a0d8f50a76ba83181ff3120086615610
    php4-curl_4.3.8-3ubuntu7.8_i386.deb
      Size/MD5:    16846 452346f69df9d3610c1e49be50c20bda
    php4-domxml_4.3.8-3ubuntu7.8_i386.deb
      Size/MD5:    35546 33628c2ce0a6c4dce3ffd9191004a7c0
    php4-gd_4.3.8-3ubuntu7.8_i386.deb
      Size/MD5:    31064 d04e46c79926bfe840141ae8de168e71
    php4-ldap_4.3.8-3ubuntu7.8_i386.deb
      Size/MD5:    19464 3b1e7da084cc652c54ed7ee809262bc5
    php4-mcal_4.3.8-3ubuntu7.8_i386.deb
      Size/MD5:    17038 320f44d0b84c2d1907f85f16464b05f7
    php4-mhash_4.3.8-3ubuntu7.8_i386.deb
      Size/MD5:     7742 a82e71021460f23a3c27258a60dec76d
    php4-mysql_4.3.8-3ubuntu7.8_i386.deb
      Size/MD5:    20898 0bdc2c8eb237dcbd9fcdb65348f583d2
    php4-odbc_4.3.8-3ubuntu7.8_i386.deb
      Size/MD5:    26058 0fb042c54fcdf259142a599f287597e0
    php4-recode_4.3.8-3ubuntu7.8_i386.deb
      Size/MD5:     7374 60bff288d952728c56839059830a46d0
    php4-snmp_4.3.8-3ubuntu7.8_i386.deb
      Size/MD5:    12318 1873822251912089841c8b9ad5087fa2
    php4-sybase_4.3.8-3ubuntu7.8_i386.deb
      Size/MD5:    20002 5073920959f7e45ba0440cc40d5d2a0b
    php4-xslt_4.3.8-3ubuntu7.8_i386.deb
      Size/MD5:    15878 c5bb3e00817367294f83e239e16876ec
    php4_4.3.8-3ubuntu7.8_i386.deb
      Size/MD5:  1645576 f0f01be88bdc787ab135d1a865f4f308

  powerpc architecture (Apple Macintosh G3/G4/G5)

    libapache2-mod-php4_4.3.8-3ubuntu7.8_powerpc.deb
      Size/MD5:  1690872 071804bfe714bbfa054aade588d40023
    php4-cgi_4.3.8-3ubuntu7.8_powerpc.deb
      Size/MD5:  3203670 3fa86de2cf426a6eaa6e99a5c7bdd4b7
    php4-curl_4.3.8-3ubuntu7.8_powerpc.deb
      Size/MD5:    19086 7acaf730006b0a0ebc103057c28b74e2
    php4-domxml_4.3.8-3ubuntu7.8_powerpc.deb
      Size/MD5:    38282 010967a7de5cd770e9748937376f0560
    php4-gd_4.3.8-3ubuntu7.8_powerpc.deb
      Size/MD5:    34008 ad454fc9b99f41b76c76b58b54a7f32f
    php4-ldap_4.3.8-3ubuntu7.8_powerpc.deb
      Size/MD5:    21478 7a57f51114a5990b40aa326b6224afaa
    php4-mcal_4.3.8-3ubuntu7.8_powerpc.deb
      Size/MD5:    19312 e4d275a2e44183a608e3a120ec23175a
    php4-mhash_4.3.8-3ubuntu7.8_powerpc.deb
      Size/MD5:     9320 3566967bd9d610d91106222756584dcc
    php4-mysql_4.3.8-3ubuntu7.8_powerpc.deb
      Size/MD5:    22690 c1a2e74f03baba2cedc8dec36329e794
    php4-odbc_4.3.8-3ubuntu7.8_powerpc.deb
      Size/MD5:    28408 090402935f36668bcd42b459935b1fa3
    php4-recode_4.3.8-3ubuntu7.8_powerpc.deb
      Size/MD5:     9006 87db57559484b64fd0e4d68909859710
    php4-snmp_4.3.8-3ubuntu7.8_powerpc.deb
      Size/MD5:    14322 fa6f48dc42e8734e260c83a8efbd2703
    php4-sybase_4.3.8-3ubuntu7.8_powerpc.deb
      Size/MD5:    22192 e4d2b2a283cfd4a8d1ac92d6e2327b0e
    php4-xslt_4.3.8-3ubuntu7.8_powerpc.deb
      Size/MD5:    18058 18411dc4784022996fcc5e7387b32ac7
    php4_4.3.8-3ubuntu7.8_powerpc.deb
      Size/MD5:  1708846 82dee976e21613a81b3e5935a1e2f590



-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
http://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung