Login
Newsletter
Werbung

Sicherheit: Pufferüberlauf in php
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in php
ID: TLSA-2007-11
Distribution: TurboLinux
Plattformen: Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal
Datum: Do, 1. März 2007, 03:50
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455
Applikationen: PHP

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2007-11
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Original released date: 28 Feb 2007
Last revised: 28 Feb 2007

Package: php

Summary: Buffer overflow

More information:
PHP is an HTML-embedded scripting language.

Buffer overflow vulnerability exists in php GD Graphics Library.

Impact:
This vulnerability may allow remote attackers to execute arbitrary
code via a crafted string with a JIS encoded font.

Affected Products:
- Turbolinux Appliance Server 2.0
- Turbolinux 10 Server x64 Edition
- Turbolinux 10 Server
- Turbolinux Home
- Turbolinux 10 F...
- Turbolinux 10 Desktop
- Turbolinux Multimedia
- Turbolinux Personal


<Turbolinux Appliance Server 2.0>

Source Packages
Size: MD5

php4-4.3.11-10.src.rpm
12522722 7dac8c434ed80a6e27aa9e59584b473e

Binary Packages
Size: MD5

php4-4.3.11-10.i586.rpm
5360755 12d37116eb1b4ee3191662ce56d8e7ec
php4-gd-4.3.11-10.i586.rpm
47400 ff1046801594b896c6b197d230730b65
php4-imap-4.3.11-10.i586.rpm
12809 0511407be90ee9fc7efed9cc85caf06c
php4-ldap-4.3.11-10.i586.rpm
36168 c207bb93afcd4f44f295d53669413a0a
php4-manual-4.3.11-10.i586.rpm
7504084 17528b92e6f24ea36b2980e68971c10b
php4-ming-4.3.11-10.i586.rpm
47597 3d2fb8e69a8fbc4e1aff246c2a8823d8
php4-mysql-4.3.11-10.i586.rpm
123493 9642371c62acb3595e4f66d3b853cbbb
php4-pgsql-4.3.11-10.i586.rpm
72722 3c976ec6c455b3233a98a7a0c9005cb3

<Turbolinux 10 Server x64 Edition>

Source Packages
Size: MD5

php4-4.3.9-15.src.rpm
12369640 6d3b874e93858d5bd43e0ef55d104ed7

Binary Packages
Size: MD5

php4-4.3.9-15.x86_64.rpm
5476858 9483241f63037294e899256e96585949
php4-debug-4.3.9-15.x86_64.rpm
6577964 5b94bc7f209b3d890c9c2f3f429cd1ec
php4-gd-4.3.9-15.x86_64.rpm
51004 b1662e4bfc903670f4f3092bccea482e
php4-imap-4.3.9-15.x86_64.rpm
11367 e52432a43a1cb7b75059fc289103425e
php4-ldap-4.3.9-15.x86_64.rpm
39190 0eea2fa53f2da1e644ac4bc89a0db592
php4-manual-4.3.9-15.x86_64.rpm
7502884 d2271a9151a089149543eab6ff29dd00
php4-ming-4.3.9-15.x86_64.rpm
51295 3da84d0aa895ed1e889e83119f622b21
php4-mysql-4.3.9-15.x86_64.rpm
134598 d78ce08a56066395ca9cc55e1db739ef
php4-pgsql-4.3.9-15.x86_64.rpm
76237 75c18a6c53d58f4ec345bf38868268a0

<Turbolinux 10 Server>

Source Packages
Size: MD5

php4-4.3.11-10.src.rpm
12522722 7dac8c434ed80a6e27aa9e59584b473e

Binary Packages
Size: MD5

php4-4.3.11-10.i586.rpm
5360755 12d37116eb1b4ee3191662ce56d8e7ec
php4-debug-4.3.11-10.i586.rpm
6442907 df9f85275da3b04c56087594eb15d73e
php4-gd-4.3.11-10.i586.rpm
47400 ff1046801594b896c6b197d230730b65
php4-imap-4.3.11-10.i586.rpm
12809 0511407be90ee9fc7efed9cc85caf06c
php4-ldap-4.3.11-10.i586.rpm
36168 c207bb93afcd4f44f295d53669413a0a
php4-manual-4.3.11-10.i586.rpm
7504084 17528b92e6f24ea36b2980e68971c10b
php4-ming-4.3.11-10.i586.rpm
47597 3d2fb8e69a8fbc4e1aff246c2a8823d8
php4-mysql-4.3.11-10.i586.rpm
123493 9642371c62acb3595e4f66d3b853cbbb
php4-pgsql-4.3.11-10.i586.rpm
72722 3c976ec6c455b3233a98a7a0c9005cb3

<Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux
Multimedia, Turbolinux Personal>

Source Packages
Size: MD5

php4-4.3.3-21.src.rpm
4197223 bf2533e85d18b4f37a0063d14a12884c

Binary Packages
Size: MD5

php4-4.3.3-21.i586.rpm
3408820 9356fd085a41f059d717e37299237a53
php4-gd-4.3.3-21.i586.rpm
31884 369b9da9e15f2b284a3dafa308eb3969
php4-imap-4.3.3-21.i586.rpm
10496 af3e3362d06a5ff494944b78689b6404
php4-ldap-4.3.3-21.i586.rpm
24867 cc94dfbfe2320d0aca30f5ec37d8562c
php4-manual-4.3.3-21.i586.rpm
342888 d068cdf026a5880c8ebea0c899fe1ec1
php4-ming-4.3.3-21.i586.rpm
31384 44beb1f296bde3e07ef9303a8795cd67
php4-mysql-4.3.3-21.i586.rpm
82396 2583d946780b5d61b411287a813b4985
php4-pgsql-4.3.3-21.i586.rpm
48884 fb0d9f660d54c495b6f51c82f2f16ae0


References:

CVE
[CVE-2007-0455]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455

--------------------------------------------------------------------------
Revision History
28 Feb 2007 Initial release
--------------------------------------------------------------------------

Copyright(C) 2007 Turbolinux, Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFF5SwEK0LzjOqIJMwRAuDdAJ9L0l0XoncZPUjKEQWwyI0jofAtYwCeI3l4
p0MX7rx6iEBovE7IHklOGmo=
=oiZN
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung