[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20040714172614.GB17752@tinysofa.org>
Date: Thu, 15 Jul 2004 03:26:14 +1000
From: tinysofa Security Team <security@...ysofa.org>
To: bugtraq@...urityfocus.com
Subject: TSSA-2004-013 - php
===========================================================================
_
|_ . _ _ _ (_ _
|_ | | ) \/ _) (_) | (_|
/
Security Advisory #2004-013
Package name: php
Summary: Multiple Security Fixes
Advisory ID: TSSA-2004-013
Date: 2004-07-14
Affected versions: tinysofa enterprise server 1.0
tinysofa enterprise server 2.0-pre[1-3]
===========================================================================
Security Fixes
==============
Description
-----------
php:
* PHP [0] is a widely-used general-purpose scripting language that is
especially suited for Web development and can be embedded into HTML.
[Issue #1]
During a reaudit of the memory_limit problem it was discovered that it
is possible for a remote attacker to trigger the memory_limit request
termination in places where an interruption is unsafe. This can be
abused to execute arbitrary code on remote PHP servers.
This problem has been assigned the name CAN-2004-0594 [1] by the
Common Vulnerabilities and Exposures (CVE) project, and was first
reported by Stefan Esser [2] of e-matters GmbH.
[Issue #2]
During an audit of the PHP source code a binary safety problem in the
handling of allowed tags within PHP's strip_tags() function was
discovered. This problem may allow injection of malicious Javascript
in the Internet Explorer and Safari browsers.
This problem has been assigned the name CAN-2004-0595 [3] by the
Common Vulnerabilities and Exposures (CVE) project, and was first
reported by Stefan Esser [4] of e-matters GmbH.
References
----------
[0] http://www.php.org/
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0594
[2] http://security.e-matters.de/advisories/112004.html
[3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0595
[4] http://security.e-matters.de/advisories/122004.html
Recommended Action
==================
We recommend that all systems with these packages installed be upgraded.
Please note that if you do not need the functionality provided by this
package, you may want to remove it from your system.
Location
========
All tinysofa updates are available from
<URI:http://http.tinysofa.org/pub/tinysofa/updates/>
<URI:ftp://ftp.tinysofa.org/pub/tinysofa/updates/>
Automatic Updates
=================
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Users of the APT tool may use the 'apt-get update' command, followed
by an 'apt-get upgrade' command.
Questions?
==========
Check out our mailing lists:
<URI:http://www.tinysofa.org/support/>
Verification
============
This advisory is signed with the tinysofa security sign key.
This key is available from:
<URI:http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xAEDCBB4B>
All tinysofa packages are signed with the tinysofa stable sign key.
This key is available from:
<URI:http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x0F1240A2>
The advisory is available from the tinysofa errata database at
<URI:http://www.tinysofa.org/support/errata/>
or directly at
<URI:http://www.tinysofa.org/support/errata/2004/013.html>
MD5sums Of The Packages
=======================
[server-1.0]
e1ffce3acc558c7e5269fd637b38d085 mod_php4-4.3.8-1ts.i586.rpm
c02a8166b6d89269fa2c8d02589b3690 mod_php4-cli-4.3.8-1ts.i586.rpm
909156cf09c5489c7e0042d5c21d0bf7 mod_php4-devel-4.3.8-1ts.i586.rpm
e7c08ddfb7137d7aeb30290f24675d50 mod_php4-domxml-4.3.8-1ts.i586.rpm
ee1c25883b22f549b6a8e0996d3be18c mod_php4-exif-4.3.8-1ts.i586.rpm
2c5e9012c4d9868f041049269009485c mod_php4-gd-4.3.8-1ts.i586.rpm
348a60d1b953c62eadfb7d866697f18e mod_php4-imap-4.3.8-1ts.i586.rpm
6e950a881ec0e15f6ceedf0250cbc820 mod_php4-ldap-4.3.8-1ts.i586.rpm
89ce47c168e4de0be68ad1b59ce6df33 mod_php4-mysql-4.3.8-1ts.i586.rpm
e982347926de5e427af28a97b6659a72 mod_php4-pgsql-4.3.8-1ts.i586.rpm
69f18f4ee8639f422c02e3db0c77796b mod_php4-sysv-4.3.8-1ts.i586.rpm
6484043213a52fe8dd26ef0ab9868ade mod_php4-test-4.3.8-1ts.i586.rpm
[server-2.0]
26f4138ba3d6b5f4f23290be8643a6df php-4.3.8-1ts.i386.rpm
a6e96cda8777dac2a1f536ece6cf0c85 php-devel-4.3.8-1ts.i386.rpm
10859240ea4aae5b79317d0eb4db6d2e php-domxml-4.3.8-1ts.i386.rpm
853644f7e40e3b71b2ed2f78c591d653 php-gd-4.3.8-1ts.i386.rpm
7e54e37375696909678e10c152b459e2 php-imap-4.3.8-1ts.i386.rpm
ac80ece11dfea8e9cae08d8cbf6c4fb6 php-ldap-4.3.8-1ts.i386.rpm
aee6a93771032b191d7e9369db6d45cd php-mbstring-4.3.8-1ts.i386.rpm
f7d361ea347b3d2e8b1723ec8e051614 php-mssql-4.3.8-1ts.i386.rpm
ad23fa72f9ca067b7e033e782c4913cb php-mysql-4.3.8-1ts.i386.rpm
70afbec8a0969160f22dd5847f54f2dc php-ncurses-4.3.8-1ts.i386.rpm
4ab163aa1df09619936f8a8930b7973c php-odbc-4.3.8-1ts.i386.rpm
a6196a1d96643ae90b00e0c27255dbbf php-openssl-4.3.8-1ts.i386.rpm
a88dab2943a986b0b44683ff8bb15750 php-pear-4.3.8-1ts.i386.rpm
78c60456204e51183cb58511861a0268 php-pgsql-4.3.8-1ts.i386.rpm
f5d1edd1859eba41fe9bd735b8fee856 php-snmp-4.3.8-1ts.i386.rpm
1a0a1039daa8b21d28bc398c8167ed59 php-xmlrpc-4.3.8-1ts.i386.rpm
--
tinysofa Security Team <security at tinysofa dot org>
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists