[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20050217113359.GB11305@box79162.elkhouse.de>
From: martin.pitt at canonical.com (Martin Pitt)
Subject: [USN-66-2] PHP vulnerability
===========================================================
Ubuntu Security Notice USN-66-2 February 17, 2005
php4 vulnerability
http://www.securitytracker.com/alerts/2004/Oct/1011984.html
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
The following packages are affected:
libapache2-mod-php4
php4-cgi
php4-curl
The problem can be corrected by upgrading the affected package to
version 4:4.3.8-3ubuntu7.4. In general, a standard system upgrade is
sufficient to effect the necessary changes.
Details follow:
Ubuntu Security Notice USN-66-1 described a circumvention of the
"open_basedir" restriction by using the cURL module. Adam Conrad
discovered that the fix from USN-66-1 still allowed to bypass this
restriction with certain variants of path specifications.
In addition this update fixes the crash of the PHP interpreter if
curl_init() was called without parameters.
For reference, this is the relevant part of the original advisory:
FraMe from kernelpanik.org reported that the cURL module does not
respect open_basedir restrictions. As a result, scripts which used
cURL to open files with an user-specified path could read arbitrary
local files outside of the open_basedir directory.
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.8-3ubuntu7.4.diff.gz
Size/MD5: 611060 76c53132842eb8ece0ec556bee7000cf
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.8-3ubuntu7.4.dsc
Size/MD5: 1624 e25032760f5ed679add0be6d48527170
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.8.orig.tar.gz
Size/MD5: 4832570 dd69f8c89281f088eadf4ade3dbd39ee
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-dev_4.3.8-3ubuntu7.4_all.deb
Size/MD5: 331626 ce1e79fb8ecc58f78d233066883f6725
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-pear_4.3.8-3ubuntu7.4_all.deb
Size/MD5: 332790 429505efcf671fb1d4da2968226ee4c6
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4_4.3.8-3ubuntu7.4_amd64.deb
Size/MD5: 1687480 462c58ddaab48de37ca1039e698c4c8c
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.8-3ubuntu7.4_amd64.deb
Size/MD5: 3195780 51c1d068f62232af75e63f7e2a3c2230
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-curl_4.3.8-3ubuntu7.4_amd64.deb
Size/MD5: 17284 2f63e4d476d65e08233e57f933694ff2
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-domxml_4.3.8-3ubuntu7.4_amd64.deb
Size/MD5: 40426 506434df3df05c237fc63da763825c95
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-gd_4.3.8-3ubuntu7.4_amd64.deb
Size/MD5: 33486 df79e497971d085a0680b3ddd9a269f1
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-ldap_4.3.8-3ubuntu7.4_amd64.deb
Size/MD5: 21228 f2554def1efd2fa45c909a4261162e68
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mcal_4.3.8-3ubuntu7.4_amd64.deb
Size/MD5: 18400 e01c3969357a1b4bf152e7ad06bfef40
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mhash_4.3.8-3ubuntu7.4_amd64.deb
Size/MD5: 7992 a8817082c98b83b1fb55c214846512b2
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mysql_4.3.8-3ubuntu7.4_amd64.deb
Size/MD5: 23102 d0c791b8a5f10a7e9ea87b055a228312
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-odbc_4.3.8-3ubuntu7.4_amd64.deb
Size/MD5: 28320 c1e191ce25142c8ed3f7ae5daf4d9b39
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-recode_4.3.8-3ubuntu7.4_amd64.deb
Size/MD5: 7612 606949271082345c796d3f9e9c2ec541
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-snmp_4.3.8-3ubuntu7.4_amd64.deb
Size/MD5: 12970 3393e20aa9e3d1e3c2cf0bc0359f5806
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-sybase_4.3.8-3ubuntu7.4_amd64.deb
Size/MD5: 21494 62868364df45a402a308c252657e60fa
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-xslt_4.3.8-3ubuntu7.4_amd64.deb
Size/MD5: 17246 6361e60943f278449acd6d750c56025d
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4_4.3.8-3ubuntu7.4_amd64.deb
Size/MD5: 1703470 0e99f41c4ce66dc0e06491ba5295d51b
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4_4.3.8-3ubuntu7.4_i386.deb
Size/MD5: 1629902 38955a05f0f084ac684b834cfdc6edc7
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.8-3ubuntu7.4_i386.deb
Size/MD5: 3042760 42ffd6b9ca6d0e493f788a02b5b257fb
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-curl_4.3.8-3ubuntu7.4_i386.deb
Size/MD5: 16860 77ff98449d50e457bee48e9769d19cd2
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-domxml_4.3.8-3ubuntu7.4_i386.deb
Size/MD5: 35552 bddb8b6a234231e8f5d0c163b6a479a5
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-gd_4.3.8-3ubuntu7.4_i386.deb
Size/MD5: 31070 dd71ae9453c1205a39e454c1ca532649
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-ldap_4.3.8-3ubuntu7.4_i386.deb
Size/MD5: 19478 9184835f69706e26c2cdefdf5b4c9564
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mcal_4.3.8-3ubuntu7.4_i386.deb
Size/MD5: 17054 df4db9d3dd5d481f56a7b6484594b26f
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mhash_4.3.8-3ubuntu7.4_i386.deb
Size/MD5: 7736 90eb3961904849858ddc8a044c3ce237
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mysql_4.3.8-3ubuntu7.4_i386.deb
Size/MD5: 20900 d317c8c39d855aed6b8973be556688be
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-odbc_4.3.8-3ubuntu7.4_i386.deb
Size/MD5: 26064 2d6327245d431c74b13e06fdeea80e62
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-recode_4.3.8-3ubuntu7.4_i386.deb
Size/MD5: 7370 bc7e541267ec1f44bad50c4dfac5a49a
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-snmp_4.3.8-3ubuntu7.4_i386.deb
Size/MD5: 12310 eb1944171d6a299501c0cea2097343a1
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-sybase_4.3.8-3ubuntu7.4_i386.deb
Size/MD5: 20000 6e0e22f1f03a6b5ffe3899420276457c
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-xslt_4.3.8-3ubuntu7.4_i386.deb
Size/MD5: 15870 54ac4231dcce2d17c68ff502714ad13e
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4_4.3.8-3ubuntu7.4_i386.deb
Size/MD5: 1644360 e10c54aeb7a05c1a0c2138efa39d20f9
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4_4.3.8-3ubuntu7.4_powerpc.deb
Size/MD5: 1689706 fd463f39564a21417c7019f04d1cfec8
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.8-3ubuntu7.4_powerpc.deb
Size/MD5: 3202562 44201779f8f3f774f55d48e32d408b8d
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-curl_4.3.8-3ubuntu7.4_powerpc.deb
Size/MD5: 19106 64330e974972871eebe4bcd87279fc4d
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-domxml_4.3.8-3ubuntu7.4_powerpc.deb
Size/MD5: 38270 d7042bc5d75870eb2d432e846a2a5441
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-gd_4.3.8-3ubuntu7.4_powerpc.deb
Size/MD5: 33998 738571843aab9897a901c6f6f65f98ee
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-ldap_4.3.8-3ubuntu7.4_powerpc.deb
Size/MD5: 21468 2d7e4c5c20c5dbdce612ed69ac3fd880
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mcal_4.3.8-3ubuntu7.4_powerpc.deb
Size/MD5: 19304 7f1f2acf123d2786989bf99aec13ef83
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mhash_4.3.8-3ubuntu7.4_powerpc.deb
Size/MD5: 9314 bfe0398e5c8d468d68e5a01a2aa4cdc4
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mysql_4.3.8-3ubuntu7.4_powerpc.deb
Size/MD5: 22682 846114bf787f908a5437948be449d631
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-odbc_4.3.8-3ubuntu7.4_powerpc.deb
Size/MD5: 28404 b4bb776334efd838f1b3d7d484cbd519
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-recode_4.3.8-3ubuntu7.4_powerpc.deb
Size/MD5: 8998 b7b29936ce086da1785794f41b6589be
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-snmp_4.3.8-3ubuntu7.4_powerpc.deb
Size/MD5: 14328 cf8af9f1d5ca318d186faafb7b5ad600
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-sybase_4.3.8-3ubuntu7.4_powerpc.deb
Size/MD5: 22186 8acd3167949589f38e2a203a815cd102
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-xslt_4.3.8-3ubuntu7.4_powerpc.deb
Size/MD5: 18056 66c7fe1689e4ccfa84de0da867fd43f9
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4_4.3.8-3ubuntu7.4_powerpc.deb
Size/MD5: 1707320 35ee359643a7677e0c75a79f00687c6d
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050217/fda73686/attachment.bin
Powered by blists - more mailing lists