drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in php
Name: |
Mehrere Probleme in php |
|
ID: |
RHSA-2007:0088-01 |
|
Distribution: |
Red Hat |
|
Plattformen: |
Red Hat Application Stack |
|
Datum: |
Do, 22. Februar 2007, 12:13 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0988 |
|
Applikationen: |
PHP |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
- --------------------------------------------------------------------- Red Hat Security Advisory
Synopsis: Important: php security update Advisory ID: RHSA-2007:0088-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0088.html Issue date: 2007-02-22 Updated on: 2007-02-22 Product: Red Hat Application Stack CVE Names: CVE-2007-0906 CVE-2007-0907 CVE-2007-0908 CVE-2007-0909 CVE-2007-0910 CVE-2007-0988 - ---------------------------------------------------------------------
1. Summary:
Updated PHP packages that fix several security issues are now available for Red Hat Application Stack v1.1.
This update has been rated as having important security impact by the Red Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64 Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64
3. Problem description:
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server.
A number of buffer overflow flaws were found in the PHP session extension; the str_replace() function; and the imap_mail_compose() function. If very long strings were passed to the str_replace() function, an integer overflow could occur in memory allocation. If a script used the imap_mail_compose() function to create a new MIME message based on an input body from an untrusted source, it could result in a heap overflow. An attacker with access to a PHP application affected by any these issues could trigger the flaws and possibly execute arbitrary code as the 'apache' user. (CVE-2007-0906)
When unserializing untrusted data on 64-bit platforms, the zend_hash_init() function could be forced into an infinite loop, consuming CPU resources for a limited time, until the script timeout alarm aborted execution of the script. (CVE-2007-0988)
If the wddx extension was used to import WDDX data from an untrusted source, certain WDDX input packets could expose a random portion of heap memory. (CVE-2007-0908)
If the odbc_result_all() function was used to display data from a database, and the database table contents were under an attacker's control, a format string vulnerability was possible which could allow arbitrary code execution. (CVE-2007-0909)
A one byte memory read always occurs before the beginning of a buffer. This could be triggered, for example, by any use of the header() function in a script. However it is unlikely that this would have any effect. (CVE-2007-0907)
Several flaws in PHP could allow attackers to "clobber" certain super-global variables via unspecified vectors. (CVE-2007-0910)
Red Hat would like to thank Stefan Esser for his help diagnosing these issues.
4. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.
Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.
5. Bug IDs fixed (http://bugzilla.redhat.com/):
229337 - CVE-2007-0906 PHP security issues (CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0988)
6. RPMs required:
Red Hat Application Stack v1 for Enterprise Linux AS (v.4):
SRPMS: php-5.1.6-3.el4s1.5.src.rpm 65c254f44be0f72149d1a6d2481f83d1 php-5.1.6-3.el4s1.5.src.rpm
i386: 78d8e01b70f58962f336c8bfb5ba4b96 php-5.1.6-3.el4s1.5.i386.rpm 6d2e8fa3d1b7c38b238e1ac3f7476956 php-bcmath-5.1.6-3.el4s1.5.i386.rpm 6b8b46df3e7baa0f8d3f172f17282259 php-cli-5.1.6-3.el4s1.5.i386.rpm 8ced783df3b11e6d0f6dd1f6b6829fdf php-common-5.1.6-3.el4s1.5.i386.rpm 740a6c287dcbac0661a253ed3ff66814 php-dba-5.1.6-3.el4s1.5.i386.rpm f7e791945b706248c53a01c1b45bfdce php-debuginfo-5.1.6-3.el4s1.5.i386.rpm f35f870ec7d08950d8e62ce9525c4c70 php-devel-5.1.6-3.el4s1.5.i386.rpm 23e2fd214a78125b380c59dce8b866cc php-gd-5.1.6-3.el4s1.5.i386.rpm ffca8a8be48b47ac67d3dafe706a17c6 php-imap-5.1.6-3.el4s1.5.i386.rpm 4c1f239d32b5e6ae2e26198116a2df40 php-ldap-5.1.6-3.el4s1.5.i386.rpm 4ab5f2d77d903027e47cde5ce2b00391 php-mbstring-5.1.6-3.el4s1.5.i386.rpm 70f18b061ad856f91d752afc602321fb php-mysql-5.1.6-3.el4s1.5.i386.rpm dc8653b119d187f4502ea7768d0b4df3 php-ncurses-5.1.6-3.el4s1.5.i386.rpm eaeeb0c20afcc2f6092f2ee86026b289 php-odbc-5.1.6-3.el4s1.5.i386.rpm 8626f179feb2edf6a65592e8b7ccf4ac php-pdo-5.1.6-3.el4s1.5.i386.rpm 29394ec7b3a94bf7800984b6261645dc php-pgsql-5.1.6-3.el4s1.5.i386.rpm 1458d727cb6e7ca1f8b157e7e9e6647b php-snmp-5.1.6-3.el4s1.5.i386.rpm 2852e877c69badc913b3d45508f6174d php-soap-5.1.6-3.el4s1.5.i386.rpm 83fc3d913035f739d9f467760141131a php-xml-5.1.6-3.el4s1.5.i386.rpm 72e4d8d62154edd162e302e4ef998237 php-xmlrpc-5.1.6-3.el4s1.5.i386.rpm
x86_64: 9febc8aa7713fcc6e6d782e8cfad8b6b php-5.1.6-3.el4s1.5.x86_64.rpm a50b99d084118534a60713dc7072bfe8 php-bcmath-5.1.6-3.el4s1.5.x86_64.rpm ec1c3659254920ee751528b70048dc8f php-cli-5.1.6-3.el4s1.5.x86_64.rpm a5d8daf2c536b025cc7916c93b29dba9 php-common-5.1.6-3.el4s1.5.x86_64.rpm 6759778469af7a9a70258aa3e07e57fc php-dba-5.1.6-3.el4s1.5.x86_64.rpm fdcc247456d423f893f83277525191d0 php-debuginfo-5.1.6-3.el4s1.5.x86_64.rpm f2d186ccf814a716661e05f9b9e8b968 php-devel-5.1.6-3.el4s1.5.x86_64.rpm e9ae0a6fcb0a383c5e0ccce6d5625d10 php-gd-5.1.6-3.el4s1.5.x86_64.rpm 007ccf652a68a291f02ea20a64b17c19 php-imap-5.1.6-3.el4s1.5.x86_64.rpm e3438ac7fa45ec4d18c5b440e6ab8b51 php-ldap-5.1.6-3.el4s1.5.x86_64.rpm 2ff48b915dd6a96e0218fbd22eb38e18 php-mbstring-5.1.6-3.el4s1.5.x86_64.rpm a7249f1c5007a3cbaa1db03db1947e08 php-mysql-5.1.6-3.el4s1.5.x86_64.rpm 6bca262f258fa401f85ba494b2c31e6f php-ncurses-5.1.6-3.el4s1.5.x86_64.rpm f0300356cfa9a0ec53f06b22bf9831bc php-odbc-5.1.6-3.el4s1.5.x86_64.rpm cc1d0f4eb90a42bf2b97c901dc7e675e php-pdo-5.1.6-3.el4s1.5.x86_64.rpm 281e15be5c482bf80b9b364baa18c464 php-pgsql-5.1.6-3.el4s1.5.x86_64.rpm 5974ebe042e427a9bb63ebc3efd0e503 php-snmp-5.1.6-3.el4s1.5.x86_64.rpm 5504e7372468eb793607c7050109a7c9 php-soap-5.1.6-3.el4s1.5.x86_64.rpm ec5eeca15244e5e676c2dd438bc4add0 php-xml-5.1.6-3.el4s1.5.x86_64.rpm 55e2405c3136cd7ba733391770d8e4ba php-xmlrpc-5.1.6-3.el4s1.5.x86_64.rpm
Red Hat Application Stack v1 for Enterprise Linux ES (v.4):
SRPMS: php-5.1.6-3.el4s1.5.src.rpm 65c254f44be0f72149d1a6d2481f83d1 php-5.1.6-3.el4s1.5.src.rpm
i386: 78d8e01b70f58962f336c8bfb5ba4b96 php-5.1.6-3.el4s1.5.i386.rpm 6d2e8fa3d1b7c38b238e1ac3f7476956 php-bcmath-5.1.6-3.el4s1.5.i386.rpm 6b8b46df3e7baa0f8d3f172f17282259 php-cli-5.1.6-3.el4s1.5.i386.rpm 8ced783df3b11e6d0f6dd1f6b6829fdf php-common-5.1.6-3.el4s1.5.i386.rpm 740a6c287dcbac0661a253ed3ff66814 php-dba-5.1.6-3.el4s1.5.i386.rpm f7e791945b706248c53a01c1b45bfdce php-debuginfo-5.1.6-3.el4s1.5.i386.rpm f35f870ec7d08950d8e62ce9525c4c70 php-devel-5.1.6-3.el4s1.5.i386.rpm 23e2fd214a78125b380c59dce8b866cc php-gd-5.1.6-3.el4s1.5.i386.rpm ffca8a8be48b47ac67d3dafe706a17c6 php-imap-5.1.6-3.el4s1.5.i386.rpm 4c1f239d32b5e6ae2e26198116a2df40 php-ldap-5.1.6-3.el4s1.5.i386.rpm 4ab5f2d77d903027e47cde5ce2b00391 php-mbstring-5.1.6-3.el4s1.5.i386.rpm 70f18b061ad856f91d752afc602321fb php-mysql-5.1.6-3.el4s1.5.i386.rpm dc8653b119d187f4502ea7768d0b4df3 php-ncurses-5.1.6-3.el4s1.5.i386.rpm eaeeb0c20afcc2f6092f2ee86026b289 php-odbc-5.1.6-3.el4s1.5.i386.rpm 8626f179feb2edf6a65592e8b7ccf4ac php-pdo-5.1.6-3.el4s1.5.i386.rpm 29394ec7b3a94bf7800984b6261645dc php-pgsql-5.1.6-3.el4s1.5.i386.rpm 1458d727cb6e7ca1f8b157e7e9e6647b php-snmp-5.1.6-3.el4s1.5.i386.rpm 2852e877c69badc913b3d45508f6174d php-soap-5.1.6-3.el4s1.5.i386.rpm 83fc3d913035f739d9f467760141131a php-xml-5.1.6-3.el4s1.5.i386.rpm 72e4d8d62154edd162e302e4ef998237 php-xmlrpc-5.1.6-3.el4s1.5.i386.rpm
x86_64: 9febc8aa7713fcc6e6d782e8cfad8b6b php-5.1.6-3.el4s1.5.x86_64.rpm a50b99d084118534a60713dc7072bfe8 php-bcmath-5.1.6-3.el4s1.5.x86_64.rpm ec1c3659254920ee751528b70048dc8f php-cli-5.1.6-3.el4s1.5.x86_64.rpm a5d8daf2c536b025cc7916c93b29dba9 php-common-5.1.6-3.el4s1.5.x86_64.rpm 6759778469af7a9a70258aa3e07e57fc php-dba-5.1.6-3.el4s1.5.x86_64.rpm fdcc247456d423f893f83277525191d0 php-debuginfo-5.1.6-3.el4s1.5.x86_64.rpm f2d186ccf814a716661e05f9b9e8b968 php-devel-5.1.6-3.el4s1.5.x86_64.rpm e9ae0a6fcb0a383c5e0ccce6d5625d10 php-gd-5.1.6-3.el4s1.5.x86_64.rpm 007ccf652a68a291f02ea20a64b17c19 php-imap-5.1.6-3.el4s1.5.x86_64.rpm e3438ac7fa45ec4d18c5b440e6ab8b51 php-ldap-5.1.6-3.el4s1.5.x86_64.rpm 2ff48b915dd6a96e0218fbd22eb38e18 php-mbstring-5.1.6-3.el4s1.5.x86_64.rpm a7249f1c5007a3cbaa1db03db1947e08 php-mysql-5.1.6-3.el4s1.5.x86_64.rpm 6bca262f258fa401f85ba494b2c31e6f php-ncurses-5.1.6-3.el4s1.5.x86_64.rpm f0300356cfa9a0ec53f06b22bf9831bc php-odbc-5.1.6-3.el4s1.5.x86_64.rpm cc1d0f4eb90a42bf2b97c901dc7e675e php-pdo-5.1.6-3.el4s1.5.x86_64.rpm 281e15be5c482bf80b9b364baa18c464 php-pgsql-5.1.6-3.el4s1.5.x86_64.rpm 5974ebe042e427a9bb63ebc3efd0e503 php-snmp-5.1.6-3.el4s1.5.x86_64.rpm 5504e7372468eb793607c7050109a7c9 php-soap-5.1.6-3.el4s1.5.x86_64.rpm ec5eeca15244e5e676c2dd438bc4add0 php-xml-5.1.6-3.el4s1.5.x86_64.rpm 55e2405c3136cd7ba733391770d8e4ba php-xmlrpc-5.1.6-3.el4s1.5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0988 http://www.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/
Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFF3Xq8XlSAg2UNWIIRAhyAAJ0VW5uMUdJPbAMlKL/HCeomv/WnIgCfTRgW 31rxkqofwf6aYAXCukY6IiI= =//rW -----END PGP SIGNATURE-----
-- Enterprise-watch-list mailing list Enterprise-watch-list@redhat.com https://www.redhat.com/mailman/listinfo/enterprise-watch-list
|
|
|
|