OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: redhat-announce-list-adminredhat.com
Date: Fri Mar 22 2002 - 10:23:49 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    ---------------------------------------------------------------------
                       Red Hat, Inc. Red Hat Security Advisory

    Synopsis: Updated PHP packages are available [updated 2002-Mar-11]
    Advisory ID: RHSA-2002:035-18
    Issue date: 2002-02-27
    Updated on: 2002-03-21
    Product: Red Hat Linux
    Keywords: PHP remote exploit mulitpart MIME
    Cross references:
    Obsoletes: RHSA-2000:088 RHSA-2000:136
    ---------------------------------------------------------------------

    1. Topic:

    Updated PHP packages are available to fix vulnerabilities in the functions
    that parse multipart MIME data, which are used when uploading files
    through forms.

    This revised advisory contains updated packages for Red Hat Linux 7, 7.1,
    and 7.2.

    2. Relevant releases/architectures:

    Red Hat Linux 6.2 - alpha, i386, sparc

    Red Hat Linux 7.0 - alpha, i386

    Red Hat Linux 7.1 - alpha, i386, ia64

    Red Hat Linux 7.2 - i386, ia64, s390

    3. Problem description:

    PHP is an HTML-embeddable scripting language. A number of flaws have been
    found in the way PHP handles multipart/form-data POST requests. Each of
    these flaws could allow an attacker to execute arbitrary code on the remote
    system.

    PHP 3.10-3.18 contains a broken boundary check (hard to exploit) and an
    arbitrary heap overflow (easy to exploit). These versions of PHP were
    shipped with Red Hat Linux 6.2.
       
    PHP 4.0.1-4.0.3pl1 contains a broken boundary check (hard to exploit) and a
    heap-off-by-one (easy to exploit). These versions of PHP were shipped with
    Red Hat Linux 7.0.

    PHP 4.0.2-4.0.5 contains two broken boundary checks (one very easy and one
    hard to exploit). These versions of PHP were shipped with Red Hat Linux
    7.1 and as erratas to 7.0.

    PHP 4.0.6-4.0.7RC2 contains a broken boundary check (very easy to exploit).
    These versions of PHP were shipped with Red Hat Linux 7.2
          
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CAN-2002-0081 to this issue.

    If you are running PHP 4.0.3 or above, one way to work around these bugs is
    to disable the fileupload support within your php.ini file (by setting
    file_uploads = Off).

    All users of PHP are advised to immediately upgrade to these errata
    packages which close these vulnerabilities.

    A previous version of this erratum included a version of the MySQL
    extension which was compiled with an incorrect default pathname for the
    socket used to connect to database servers residing on the local host.

    This setting corresponds to the mysql.default_socket setting in the
    /etc/php.ini file, and can also be corrected there.

    4. Solution:

    Before applying this update, make sure all previously released errata
    relevant to your system have been applied.

    To update all RPMs for your particular architecture, run:

    rpm -Fvh [filenames]

    where [filenames] is a list of the RPMs you wish to upgrade. Only those
    RPMs which are currently installed will be updated. Those RPMs which are
    not installed but included in the list will not be updated. Note that you
    can also use wildcards (*.rpm) if your current directory *only* contains
    the
    desired RPMs.

    Please note that this update is also available via Red Hat Network. Many
    people find this an easier way to apply updates. To use Red Hat Network,
    launch the Red Hat Update Agent with the following command:

    up2date

    This will start an interactive process that will result in the appropriate
    RPMs being upgraded on your system.

    After applying these updates you will need to restart your web server if it
    was running before the update was applied.

    5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):

    6. RPMs required:

    Red Hat Linux 6.2:

    SRPMS:
    ftp://updates.redhat.com/6.2/en/os/SRPMS/php-3.0.18-8.src.rpm

    alpha:
    ftp://updates.redhat.com/6.2/en/os/alpha/php-3.0.18-8.alpha.rpm
    ftp://updates.redhat.com/6.2/en/os/alpha/php-manual-3.0.18-8.alpha.rpm
    ftp://updates.redhat.com/6.2/en/os/alpha/php-pgsql-3.0.18-8.alpha.rpm
    ftp://updates.redhat.com/6.2/en/os/alpha/php-imap-3.0.18-8.alpha.rpm
    ftp://updates.redhat.com/6.2/en/os/alpha/php-ldap-3.0.18-8.alpha.rpm

    i386:
    ftp://updates.redhat.com/6.2/en/os/i386/php-3.0.18-8.i386.rpm
    ftp://updates.redhat.com/6.2/en/os/i386/php-manual-3.0.18-8.i386.rpm
    ftp://updates.redhat.com/6.2/en/os/i386/php-pgsql-3.0.18-8.i386.rpm
    ftp://updates.redhat.com/6.2/en/os/i386/php-imap-3.0.18-8.i386.rpm
    ftp://updates.redhat.com/6.2/en/os/i386/php-ldap-3.0.18-8.i386.rpm

    sparc:
    ftp://updates.redhat.com/6.2/en/os/sparc/php-3.0.18-8.sparc.rpm
    ftp://updates.redhat.com/6.2/en/os/sparc/php-manual-3.0.18-8.sparc.rpm
    ftp://updates.redhat.com/6.2/en/os/sparc/php-pgsql-3.0.18-8.sparc.rpm
    ftp://updates.redhat.com/6.2/en/os/sparc/php-imap-3.0.18-8.sparc.rpm
    ftp://updates.redhat.com/6.2/en/os/sparc/php-ldap-3.0.18-8.sparc.rpm

    Red Hat Linux 7.0:

    SRPMS:
    ftp://updates.redhat.com/7.0/en/os/SRPMS/php-4.0.6-13.src.rpm

    alpha:
    ftp://updates.redhat.com/7.0/en/os/alpha/php-4.0.6-13.alpha.rpm
    ftp://updates.redhat.com/7.0/en/os/alpha/php-devel-4.0.6-13.alpha.rpm
    ftp://updates.redhat.com/7.0/en/os/alpha/php-imap-4.0.6-13.alpha.rpm
    ftp://updates.redhat.com/7.0/en/os/alpha/php-ldap-4.0.6-13.alpha.rpm
    ftp://updates.redhat.com/7.0/en/os/alpha/php-manual-4.0.6-13.alpha.rpm
    ftp://updates.redhat.com/7.0/en/os/alpha/php-mysql-4.0.6-13.alpha.rpm
    ftp://updates.redhat.com/7.0/en/os/alpha/php-odbc-4.0.6-13.alpha.rpm
    ftp://updates.redhat.com/7.0/en/os/alpha/php-pgsql-4.0.6-13.alpha.rpm

    i386:
    ftp://updates.redhat.com/7.0/en/os/i386/php-4.0.6-13.i386.rpm
    ftp://updates.redhat.com/7.0/en/os/i386/php-devel-4.0.6-13.i386.rpm
    ftp://updates.redhat.com/7.0/en/os/i386/php-imap-4.0.6-13.i386.rpm
    ftp://updates.redhat.com/7.0/en/os/i386/php-ldap-4.0.6-13.i386.rpm
    ftp://updates.redhat.com/7.0/en/os/i386/php-manual-4.0.6-13.i386.rpm
    ftp://updates.redhat.com/7.0/en/os/i386/php-mysql-4.0.6-13.i386.rpm
    ftp://updates.redhat.com/7.0/en/os/i386/php-odbc-4.0.6-13.i386.rpm
    ftp://updates.redhat.com/7.0/en/os/i386/php-pgsql-4.0.6-13.i386.rpm

    Red Hat Linux 7.1:

    SRPMS:
    ftp://updates.redhat.com/7.1/en/os/SRPMS/php-4.0.6-14.src.rpm

    alpha:
    ftp://updates.redhat.com/7.1/en/os/alpha/php-4.0.6-14.alpha.rpm
    ftp://updates.redhat.com/7.1/en/os/alpha/php-devel-4.0.6-14.alpha.rpm
    ftp://updates.redhat.com/7.1/en/os/alpha/php-imap-4.0.6-14.alpha.rpm
    ftp://updates.redhat.com/7.1/en/os/alpha/php-ldap-4.0.6-14.alpha.rpm
    ftp://updates.redhat.com/7.1/en/os/alpha/php-manual-4.0.6-14.alpha.rpm
    ftp://updates.redhat.com/7.1/en/os/alpha/php-mysql-4.0.6-14.alpha.rpm
    ftp://updates.redhat.com/7.1/en/os/alpha/php-odbc-4.0.6-14.alpha.rpm
    ftp://updates.redhat.com/7.1/en/os/alpha/php-pgsql-4.0.6-14.alpha.rpm

    i386:
    ftp://updates.redhat.com/7.1/en/os/i386/php-4.0.6-14.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/php-devel-4.0.6-14.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/php-imap-4.0.6-14.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/php-ldap-4.0.6-14.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/php-manual-4.0.6-14.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/php-mysql-4.0.6-14.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/php-odbc-4.0.6-14.i386.rpm
    ftp://updates.redhat.com/7.1/en/os/i386/php-pgsql-4.0.6-14.i386.rpm

    ia64:
    ftp://updates.redhat.com/7.1/en/os/ia64/php-4.0.6-14.ia64.rpm
    ftp://updates.redhat.com/7.1/en/os/ia64/php-devel-4.0.6-14.ia64.rpm
    ftp://updates.redhat.com/7.1/en/os/ia64/php-imap-4.0.6-14.ia64.rpm
    ftp://updates.redhat.com/7.1/en/os/ia64/php-ldap-4.0.6-14.ia64.rpm
    ftp://updates.redhat.com/7.1/en/os/ia64/php-manual-4.0.6-14.ia64.rpm
    ftp://updates.redhat.com/7.1/en/os/ia64/php-mysql-4.0.6-14.ia64.rpm
    ftp://updates.redhat.com/7.1/en/os/ia64/php-odbc-4.0.6-14.ia64.rpm
    ftp://updates.redhat.com/7.1/en/os/ia64/php-pgsql-4.0.6-14.ia64.rpm

    Red Hat Linux 7.2:

    SRPMS:
    ftp://updates.redhat.com/7.2/en/os/SRPMS/php-4.0.6-15.src.rpm

    i386:
    ftp://updates.redhat.com/7.2/en/os/i386/php-4.0.6-15.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/php-devel-4.0.6-15.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/php-imap-4.0.6-15.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/php-ldap-4.0.6-15.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/php-manual-4.0.6-15.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/php-mysql-4.0.6-15.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/php-odbc-4.0.6-15.i386.rpm
    ftp://updates.redhat.com/7.2/en/os/i386/php-pgsql-4.0.6-15.i386.rpm

    ia64:
    ftp://updates.redhat.com/7.2/en/os/ia64/php-4.0.6-15.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/php-devel-4.0.6-15.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/php-imap-4.0.6-15.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/php-ldap-4.0.6-15.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/php-manual-4.0.6-15.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/php-mysql-4.0.6-15.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/php-odbc-4.0.6-15.ia64.rpm
    ftp://updates.redhat.com/7.2/en/os/ia64/php-pgsql-4.0.6-15.ia64.rpm

    7. Verification:

    MD5 sum Package Name
    --------------------------------------------------------------------------
    f07b6317aee9ade09625a8166641edc7 6.2/en/os/SRPMS/php-3.0.18-8.src.rpm
    c56a2c896756ce982e14b329ee122c97 6.2/en/os/alpha/php-3.0.18-8.alpha.rpm
    1a14f54cf642e41b6474f7bd8d89b4b7 6.2/en/os/alpha/php-imap-3.0.18-8.alpha.rpm
    90244d18f76ce2f254e946edcb28e4b9 6.2/en/os/alpha/php-ldap-3.0.18-8.alpha.rpm
    7b05bacc07896a17866cbe73b9c37eba 6.2/en/os/alpha/php-manual-3.0.18-8.alpha.rpm
    1266ab137b0fb24e7447683e9100c501 6.2/en/os/alpha/php-pgsql-3.0.18-8.alpha.rpm
    f4219464571e14737e1e5e3d414ae5d2 6.2/en/os/i386/php-3.0.18-8.i386.rpm
    9e4250f304c8832a0d0e99d98109f59c 6.2/en/os/i386/php-imap-3.0.18-8.i386.rpm
    31630b40f901d1617cfe0fce4a2e14df 6.2/en/os/i386/php-ldap-3.0.18-8.i386.rpm
    78ade58fa6517548264f21996bf799a3 6.2/en/os/i386/php-manual-3.0.18-8.i386.rpm
    c4985d7263824fd4c837f997605afff2 6.2/en/os/i386/php-pgsql-3.0.18-8.i386.rpm
    08e4722c97645d8bde860ff0b9dbb48c 6.2/en/os/sparc/php-3.0.18-8.sparc.rpm
    17d9aaac1927e3dd631dfd26fd75e25e 6.2/en/os/sparc/php-imap-3.0.18-8.sparc.rpm
    4f9a316f188315dddc6d2d7b3f643abc 6.2/en/os/sparc/php-ldap-3.0.18-8.sparc.rpm
    f7783e877972c2cd4a8c91574fef4655 6.2/en/os/sparc/php-manual-3.0.18-8.sparc.rpm
    b2ac8533b51b8a63db12cee2e334bc70 6.2/en/os/sparc/php-pgsql-3.0.18-8.sparc.rpm
    bb29d69be271e9392ac5d7927bb5898b 7.0/en/os/SRPMS/php-4.0.6-13.src.rpm
    0b712264f703cbeb1ec8bfd4aef472fc 7.0/en/os/alpha/php-4.0.6-13.alpha.rpm
    6ad1e3760f43c0bc6565aeb0e3e893c4 7.0/en/os/alpha/php-devel-4.0.6-13.alpha.rpm
    a591f97833ef17101dcdf4d3a83afca8 7.0/en/os/alpha/php-imap-4.0.6-13.alpha.rpm
    71c2a9c5ac2110886a40fc95531bbc9b 7.0/en/os/alpha/php-ldap-4.0.6-13.alpha.rpm
    0340411a93de40a1adf9399cf4250f98 7.0/en/os/alpha/php-manual-4.0.6-13.alpha.rpm
    a867a755350bdb973ca9bb6715d8ee02 7.0/en/os/alpha/php-mysql-4.0.6-13.alpha.rpm
    85f509ab6df2eeff3598ee83a00a4894 7.0/en/os/alpha/php-odbc-4.0.6-13.alpha.rpm
    00181ed29d93b2b58b0b80898c15b4db 7.0/en/os/alpha/php-pgsql-4.0.6-13.alpha.rpm
    af89043ea355c15f56b956851d0aa4d5 7.0/en/os/i386/php-4.0.6-13.i386.rpm
    df120a36632bfefed5e8214c103153c8 7.0/en/os/i386/php-devel-4.0.6-13.i386.rpm
    954c496e71a391754431e604fea27d3a 7.0/en/os/i386/php-imap-4.0.6-13.i386.rpm
    fe6a47d82357ff4b2f2ecb3c4b5b9263 7.0/en/os/i386/php-ldap-4.0.6-13.i386.rpm
    6494c2fe238beb90e8f5d374bef78b82 7.0/en/os/i386/php-manual-4.0.6-13.i386.rpm
    c9756317b0164b5a9eb4e598233f6603 7.0/en/os/i386/php-mysql-4.0.6-13.i386.rpm
    0d219a74f9a603faa6bec0d6cae404ff 7.0/en/os/i386/php-odbc-4.0.6-13.i386.rpm
    b31f9833aa9de5fb146bd7b0d83d3447 7.0/en/os/i386/php-pgsql-4.0.6-13.i386.rpm
    744b77f8a3cc55a27d4d60ab7981c535 7.1/en/os/SRPMS/php-4.0.6-14.src.rpm
    c050178fb44e084ff22c5df45313e4c5 7.1/en/os/alpha/php-4.0.6-14.alpha.rpm
    20aec96fa6f11d258e7341364c7267fe 7.1/en/os/alpha/php-devel-4.0.6-14.alpha.rpm
    0efbcddd0fece2113f11b4d73ed8fe7d 7.1/en/os/alpha/php-imap-4.0.6-14.alpha.rpm
    4c312b08af6779ec7d232f6d5ee48110 7.1/en/os/alpha/php-ldap-4.0.6-14.alpha.rpm
    46847ebec323ce1eee75f94a5e211ff9 7.1/en/os/alpha/php-manual-4.0.6-14.alpha.rpm
    59ef323131bed33623b9e1fba289ed2f 7.1/en/os/alpha/php-mysql-4.0.6-14.alpha.rpm
    9fbcb899edc3541018ec122c40576ff5 7.1/en/os/alpha/php-odbc-4.0.6-14.alpha.rpm
    e278989038dc0f87936569846aa293fc 7.1/en/os/alpha/php-pgsql-4.0.6-14.alpha.rpm
    dc1140d7f7b18781d672e309dd7ca04b 7.1/en/os/i386/php-4.0.6-14.i386.rpm
    fa4b579888995b6573e7a73804158f96 7.1/en/os/i386/php-devel-4.0.6-14.i386.rpm
    1263d98ba75ec5ca1e65d48bd368379d 7.1/en/os/i386/php-imap-4.0.6-14.i386.rpm
    74efc20c094b707be855dabaf2add1f4 7.1/en/os/i386/php-ldap-4.0.6-14.i386.rpm
    cbc44ab6b2fc44a02494bf2471919961 7.1/en/os/i386/php-manual-4.0.6-14.i386.rpm
    5d495b80a74f66322a47fd944966f279 7.1/en/os/i386/php-mysql-4.0.6-14.i386.rpm
    b354335acc5b940d2f0e738fc4787be6 7.1/en/os/i386/php-odbc-4.0.6-14.i386.rpm
    d077d9fa21dadb3c057678230b3074c0 7.1/en/os/i386/php-pgsql-4.0.6-14.i386.rpm
    3228e983d9ddc1d489a842530b89d243 7.1/en/os/ia64/php-4.0.6-14.ia64.rpm
    4833f11cffa29e2ddb875363e5b3f251 7.1/en/os/ia64/php-devel-4.0.6-14.ia64.rpm
    47b48d59b575a9b575d611e0f172b7aa 7.1/en/os/ia64/php-imap-4.0.6-14.ia64.rpm
    e4332a1b20a06ed9fb8f81fde2cc804b 7.1/en/os/ia64/php-ldap-4.0.6-14.ia64.rpm
    6f7f723ee3f53ffca3f3d5ff45019b79 7.1/en/os/ia64/php-manual-4.0.6-14.ia64.rpm
    3724f9d8d8f4d220346863a88de13d76 7.1/en/os/ia64/php-mysql-4.0.6-14.ia64.rpm
    4b8f83a823e31ed823a3140a760483ff 7.1/en/os/ia64/php-odbc-4.0.6-14.ia64.rpm
    3f3331675054fddb9da31bf86b0c5547 7.1/en/os/ia64/php-pgsql-4.0.6-14.ia64.rpm
    66ecdcea3196a94160ce6cdbc2ddc4d6 7.2/en/os/SRPMS/php-4.0.6-15.src.rpm
    39ba1ae47d084733ed62d13bdc2c94c7 7.2/en/os/i386/php-4.0.6-15.i386.rpm
    78b159fdd343e51f94999702535b0ea7 7.2/en/os/i386/php-devel-4.0.6-15.i386.rpm
    ee99d2eef98e265a3bbf8f8a7560aae2 7.2/en/os/i386/php-imap-4.0.6-15.i386.rpm
    71e442a419d01253b28e153bb8c0e14d 7.2/en/os/i386/php-ldap-4.0.6-15.i386.rpm
    dfe7acedf564e7870ec6ae2a5ba35cea 7.2/en/os/i386/php-manual-4.0.6-15.i386.rpm
    79c7dd197bd32308cd6fde471ab6ecf9 7.2/en/os/i386/php-mysql-4.0.6-15.i386.rpm
    6f361675b3abdf2a0217e1060102b4d3 7.2/en/os/i386/php-odbc-4.0.6-15.i386.rpm
    d4fed68c16d30a4bc8a810ffa1e38f47 7.2/en/os/i386/php-pgsql-4.0.6-15.i386.rpm
    f4576c3f1337e53762cb5faa3f6c1d50 7.2/en/os/ia64/php-4.0.6-15.ia64.rpm
    206f11bcc8a84d18b742f3e1200bf284 7.2/en/os/ia64/php-devel-4.0.6-15.ia64.rpm
    68320556a17082261578fca3b7b8cb83 7.2/en/os/ia64/php-imap-4.0.6-15.ia64.rpm
    dfe2bf8b9ed61589e43acf87d4d37c22 7.2/en/os/ia64/php-ldap-4.0.6-15.ia64.rpm
    bf8af9aa9891e0491bd5e4e3d22ae821 7.2/en/os/ia64/php-manual-4.0.6-15.ia64.rpm
    971ba2e0d2fdec91d80bb7337a7f7b9f 7.2/en/os/ia64/php-mysql-4.0.6-15.ia64.rpm
    d6f5e5077ba72d94a21479923382cfe4 7.2/en/os/ia64/php-odbc-4.0.6-15.ia64.rpm
    9141daf011bb0bd53543214cb438bbc8 7.2/en/os/ia64/php-pgsql-4.0.6-15.ia64.rpm
     

    These packages are GPG signed by Red Hat, Inc. for security. Our key
    is available at:
        http://www.redhat.com/about/contact/pgpkey.html

    You can verify each package with the following command:
        rpm --checksig <filename>

    If you only wish to verify that each package has not been corrupted or
    tampered with, examine only the md5sum with the following command:
        rpm --checksig --nogpg <filename>

    8. References:

    http://security.e-matters.de/advisories/012002.html
    http://www.kb.cert.org/vuls/id/297363
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0081

    Copyright(c) 2000, 2001, 2002 Red Hat, Inc.

    _______________________________________________
    Redhat-watch-list mailing list
    To unsubscribe, visit: https://listman.redhat.com/mailman/listinfo/redhat-watch-list

    _______________________________________________
    redhat-announce-list mailing list
    redhat-announce-listredhat.com
    https://listman.redhat.com/mailman/listinfo/redhat-announce-list