drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in php
Name: |
Mehrere Probleme in php |
|
ID: |
RHSA-2006:0688-01 |
|
Distribution: |
Red Hat |
|
Plattformen: |
Red Hat Application Stack |
|
Datum: |
Do, 5. Oktober 2006, 13:43 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4482
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4485
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4486
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4812 |
|
Applikationen: |
PHP |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
- --------------------------------------------------------------------- Red Hat Security Advisory
Synopsis: Important: php security update Advisory ID: RHSA-2006:0688-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0688.html Issue date: 2006-10-05 Updated on: 2006-10-05 Product: Red Hat Application Stack CVE Names: CVE-2006-4020 CVE-2006-4482 CVE-2006-4484 CVE-2006-4485 CVE-2006-4486 CVE-2006-4812 - ---------------------------------------------------------------------
1. Summary:
Updated PHP packages that fix multiple security issues are now available for the Red Hat Application Stack.
This update has been rated as having important security impact by the Red Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64 Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64
3. Problem description:
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server.
An integer overflow was discovered in the PHP memory handling routines. If a script can cause memory allocation based on untrusted user data, a remote attacker sending a carefully crafted request could execute arbitrary code as the 'apache' user. (CVE-2006-4812)
A buffer overflow was discovered in the PHP sscanf() function. If a script used the sscanf() function with positional arguments in the format string, a remote attacker sending a carefully crafted request could execute arbitrary code as the 'apache' user. (CVE-2006-4020)
An integer overflow was discovered in the PHP wordwrap() and str_repeat() functions. If a script running on a 64-bit server used either of these functions on untrusted user data, a remote attacker sending a carefully crafted request might be able to cause a heap overflow. (CVE-2006-4482)
A buffer overflow was discovered in the PHP gd extension. If a script was set up to process GIF images from untrusted sources using the gd extension, a remote attacker could cause a heap overflow. (CVE-2006-4484)
A buffer overread was discovered in the PHP stripos() function. If a script used the stripos() function with untrusted user data, PHP may read past the end of a buffer, which could allow a denial of service attack by a remote user. (CVE-2006-4485)
An integer overflow was discovered in the PHP memory allocation handling. On 64-bit platforms, the "memory_limit" setting was not enforced correctly, which could allow a denial of service attack by a remote user. (CVE-2006-4486)
These packages also contain a fix for a bug where certain input strings to the metaphone() function could cause memory corruption.
Users of PHP should upgrade to these updated packages, which contain backported patches to correct these issues.
4. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.
5. Bug IDs fixed (http://bugzilla.redhat.com/):
207090 - CVE-2006-4020 PHP security issues (CVE-2006-4482 CVE-2006-4484 CVE-2006-4485 CVE-2006-4486) 209408 - CVE-2006-4812 PHP ecalloc integer overflow
6. RPMs required:
Red Hat Application Stack v1 for Enterprise Linux AS (v.4):
SRPMS: ftp://updates.redhat.com/4AS-RHWAS/en/os/SRPMS/php-5.1.4-1.el4s1.4.src.rpm 8450536ffd216fffd7a2c350ef2d8122 php-5.1.4-1.el4s1.4.src.rpm
i386: d8504a875caf435ac3d87be51da23cbb php-5.1.4-1.el4s1.4.i386.rpm 0b093ab3604f91f031e77fc374851333 php-bcmath-5.1.4-1.el4s1.4.i386.rpm be94330943e42d6ce9795ac1aa005c5c php-dba-5.1.4-1.el4s1.4.i386.rpm 6a69ac6b8f30363beb5eb774ae8a7582 php-debuginfo-5.1.4-1.el4s1.4.i386.rpm 89e204920cedc8129dca821268de2fdb php-devel-5.1.4-1.el4s1.4.i386.rpm 9404807f4baab567cebf50e00dc0328c php-gd-5.1.4-1.el4s1.4.i386.rpm c08f52b6d7dbb729e09f4b95f89562b1 php-imap-5.1.4-1.el4s1.4.i386.rpm 9944e216a9b9d6b06a73d620e2d5a26e php-ldap-5.1.4-1.el4s1.4.i386.rpm 399033da724e5d135fbd4c5bea8641a3 php-mbstring-5.1.4-1.el4s1.4.i386.rpm 8cdb68afa789a1744f9c0cc4cb25f680 php-mysql-5.1.4-1.el4s1.4.i386.rpm 80b3a6b0e0b029255fea1ae1b892b3a8 php-ncurses-5.1.4-1.el4s1.4.i386.rpm 67fe4b574af94f99e22042e0b1b0617d php-odbc-5.1.4-1.el4s1.4.i386.rpm f3794d4b2cc0c41efb3029efea456129 php-pdo-5.1.4-1.el4s1.4.i386.rpm ff9b98642ebf3726ab189b8b07c78cf4 php-pgsql-5.1.4-1.el4s1.4.i386.rpm 42144bb23cfba2f20967d280f6bc4087 php-snmp-5.1.4-1.el4s1.4.i386.rpm dfe2fdeecd4fc439bad8c05e2abdefac php-soap-5.1.4-1.el4s1.4.i386.rpm 877b079373e5d1809d7c4e092b04c12a php-xml-5.1.4-1.el4s1.4.i386.rpm b2a43cb90b877484085c562d931daa06 php-xmlrpc-5.1.4-1.el4s1.4.i386.rpm
x86_64: 21e04b311dc5f7b9bef079dc1dbdd01a php-5.1.4-1.el4s1.4.x86_64.rpm 372a46e2847f69de0b14ca16cb43eaf3 php-bcmath-5.1.4-1.el4s1.4.x86_64.rpm 23531793db020c866ebe475fcddf750d php-dba-5.1.4-1.el4s1.4.x86_64.rpm 5327f3805a18b235140ba91ece545400 php-debuginfo-5.1.4-1.el4s1.4.x86_64.rpm db2a441639cae736640e13ab7cbe133a php-devel-5.1.4-1.el4s1.4.x86_64.rpm 1634a9dc26e120084a6fe49262e0f0e0 php-gd-5.1.4-1.el4s1.4.x86_64.rpm 45becd8779a8da71b139b1ba3ee9400e php-imap-5.1.4-1.el4s1.4.x86_64.rpm 3b2ef5dede854065651495602fa6c126 php-ldap-5.1.4-1.el4s1.4.x86_64.rpm 5d27f29c72f624c1a868f3cdbefd0b77 php-mbstring-5.1.4-1.el4s1.4.x86_64.rpm edaafb7eca7e3c41acbf69259c525d14 php-mysql-5.1.4-1.el4s1.4.x86_64.rpm c15c8d27058ad09b838a53b4f4c81b6e php-ncurses-5.1.4-1.el4s1.4.x86_64.rpm d888187eb18ffa7f46550138d84700fa php-odbc-5.1.4-1.el4s1.4.x86_64.rpm 6d5d2387c96663442bf90b9a2cb45253 php-pdo-5.1.4-1.el4s1.4.x86_64.rpm c68935c8f98ea97fc468c173c6d36509 php-pgsql-5.1.4-1.el4s1.4.x86_64.rpm a7ac3a5427b16926fae2e91f347ea585 php-snmp-5.1.4-1.el4s1.4.x86_64.rpm 8143af224065383c5518c5f0b8764fb2 php-soap-5.1.4-1.el4s1.4.x86_64.rpm 1255ae1a27002b314951340ef15d886f php-xml-5.1.4-1.el4s1.4.x86_64.rpm 19d384ad3ccaf7fa73c21ffa7ff012c8 php-xmlrpc-5.1.4-1.el4s1.4.x86_64.rpm
Red Hat Application Stack v1 for Enterprise Linux ES (v.4):
SRPMS: ftp://updates.redhat.com/4ES-RHWAS/en/os/SRPMS/php-5.1.4-1.el4s1.4.src.rpm 8450536ffd216fffd7a2c350ef2d8122 php-5.1.4-1.el4s1.4.src.rpm
i386: d8504a875caf435ac3d87be51da23cbb php-5.1.4-1.el4s1.4.i386.rpm 0b093ab3604f91f031e77fc374851333 php-bcmath-5.1.4-1.el4s1.4.i386.rpm be94330943e42d6ce9795ac1aa005c5c php-dba-5.1.4-1.el4s1.4.i386.rpm 6a69ac6b8f30363beb5eb774ae8a7582 php-debuginfo-5.1.4-1.el4s1.4.i386.rpm 89e204920cedc8129dca821268de2fdb php-devel-5.1.4-1.el4s1.4.i386.rpm 9404807f4baab567cebf50e00dc0328c php-gd-5.1.4-1.el4s1.4.i386.rpm c08f52b6d7dbb729e09f4b95f89562b1 php-imap-5.1.4-1.el4s1.4.i386.rpm 9944e216a9b9d6b06a73d620e2d5a26e php-ldap-5.1.4-1.el4s1.4.i386.rpm 399033da724e5d135fbd4c5bea8641a3 php-mbstring-5.1.4-1.el4s1.4.i386.rpm 8cdb68afa789a1744f9c0cc4cb25f680 php-mysql-5.1.4-1.el4s1.4.i386.rpm 80b3a6b0e0b029255fea1ae1b892b3a8 php-ncurses-5.1.4-1.el4s1.4.i386.rpm 67fe4b574af94f99e22042e0b1b0617d php-odbc-5.1.4-1.el4s1.4.i386.rpm f3794d4b2cc0c41efb3029efea456129 php-pdo-5.1.4-1.el4s1.4.i386.rpm ff9b98642ebf3726ab189b8b07c78cf4 php-pgsql-5.1.4-1.el4s1.4.i386.rpm 42144bb23cfba2f20967d280f6bc4087 php-snmp-5.1.4-1.el4s1.4.i386.rpm dfe2fdeecd4fc439bad8c05e2abdefac php-soap-5.1.4-1.el4s1.4.i386.rpm 877b079373e5d1809d7c4e092b04c12a php-xml-5.1.4-1.el4s1.4.i386.rpm b2a43cb90b877484085c562d931daa06 php-xmlrpc-5.1.4-1.el4s1.4.i386.rpm
x86_64: 21e04b311dc5f7b9bef079dc1dbdd01a php-5.1.4-1.el4s1.4.x86_64.rpm 372a46e2847f69de0b14ca16cb43eaf3 php-bcmath-5.1.4-1.el4s1.4.x86_64.rpm 23531793db020c866ebe475fcddf750d php-dba-5.1.4-1.el4s1.4.x86_64.rpm 5327f3805a18b235140ba91ece545400 php-debuginfo-5.1.4-1.el4s1.4.x86_64.rpm db2a441639cae736640e13ab7cbe133a php-devel-5.1.4-1.el4s1.4.x86_64.rpm 1634a9dc26e120084a6fe49262e0f0e0 php-gd-5.1.4-1.el4s1.4.x86_64.rpm 45becd8779a8da71b139b1ba3ee9400e php-imap-5.1.4-1.el4s1.4.x86_64.rpm 3b2ef5dede854065651495602fa6c126 php-ldap-5.1.4-1.el4s1.4.x86_64.rpm 5d27f29c72f624c1a868f3cdbefd0b77 php-mbstring-5.1.4-1.el4s1.4.x86_64.rpm edaafb7eca7e3c41acbf69259c525d14 php-mysql-5.1.4-1.el4s1.4.x86_64.rpm c15c8d27058ad09b838a53b4f4c81b6e php-ncurses-5.1.4-1.el4s1.4.x86_64.rpm d888187eb18ffa7f46550138d84700fa php-odbc-5.1.4-1.el4s1.4.x86_64.rpm 6d5d2387c96663442bf90b9a2cb45253 php-pdo-5.1.4-1.el4s1.4.x86_64.rpm c68935c8f98ea97fc468c173c6d36509 php-pgsql-5.1.4-1.el4s1.4.x86_64.rpm a7ac3a5427b16926fae2e91f347ea585 php-snmp-5.1.4-1.el4s1.4.x86_64.rpm 8143af224065383c5518c5f0b8764fb2 php-soap-5.1.4-1.el4s1.4.x86_64.rpm 1255ae1a27002b314951340ef15d886f php-xml-5.1.4-1.el4s1.4.x86_64.rpm 19d384ad3ccaf7fa73c21ffa7ff012c8 php-xmlrpc-5.1.4-1.el4s1.4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4485 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4486 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4812 http://www.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/
Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQFFJO9IXlSAg2UNWIIRAozxAJwNsQSNktv8JuyqHgkmUaFz/1nSPACgwW7i so2WVMWnfwhHzi9F9VYISwE= =hl2j -----END PGP SIGNATURE-----
-- Enterprise-watch-list mailing list Enterprise-watch-list@redhat.com https://www.redhat.com/mailman/listinfo/enterprise-watch-list
|
|
|
|