OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
[SA12070] Mandrake update for php

From: Secunia Security Advisories (sec-advsecunia.com)
Date: Thu Jul 15 2004 - 04:10:45 CDT

TITLE:
Mandrake update for php

SECUNIA ADVISORY ID:
SA12070

VERIFY ADVISORY:
http://secunia.com/advisories/12070/

CRITICAL:
Highly critical

IMPACT:
System access, Security Bypass

WHERE:
From remote

OPERATING SYSTEM:
Mandrake Multi Network Firewall 8.x
http://secunia.com/product/1112/
Mandrake Linux 9.x
http://secunia.com/product/398/
Mandrake Corporate Server 2.x
http://secunia.com/product/1222/

DESCRIPTION:
MandrakeSoft has issued an update for php. This fixes two
vulnerabilities, which can be exploited by malicious people to bypass
certain security functionality or compromise a vulnerable system.

For more information:
SA12064

SOLUTION:
Apply updated packages.

Corporate Server 2.1:
e1326fedc5957661efd6eec69c4e66cf
corporate/2.1/RPMS/php-4.2.3-4.2.C21mdk.i586.rpm
31337953ddfec7c379c8bcad70e97f7f
corporate/2.1/RPMS/php-common-4.2.3-4.2.C21mdk.i586.rpm
346f004bb741c5d3a279d495eadc61c5
corporate/2.1/RPMS/php-devel-4.2.3-4.2.C21mdk.i586.rpm
91ef39ceeb256c72f449ebd2f73fdc3a
corporate/2.1/RPMS/php-pear-4.2.3-4.2.C21mdk.i586.rpm
06a1c08156a866f9b78e1949df881425
corporate/2.1/SRPMS/php-4.2.3-4.2.C21mdk.src.rpm

Corporate Server 2.1/x86_64:
da53a0003ad75379dd473ca297c9b4f0
x86_64/corporate/2.1/RPMS/php-4.2.3-4.2.C21mdk.x86_64.rpm
190da4dbf19fd83c3e8b2db3ebe7e186
x86_64/corporate/2.1/RPMS/php-common-4.2.3-4.2.C21mdk.x86_64.rpm
7c32a33ced47f7feaf47f801718b6d8d
x86_64/corporate/2.1/RPMS/php-devel-4.2.3-4.2.C21mdk.x86_64.rpm
0a747e5e17d82642f77cdfee44afe201
x86_64/corporate/2.1/RPMS/php-pear-4.2.3-4.2.C21mdk.x86_64.rpm
06a1c08156a866f9b78e1949df881425
x86_64/corporate/2.1/SRPMS/php-4.2.3-4.2.C21mdk.src.rpm

Mandrakelinux 9.1:
53e9be87d1e87c11384c78e656fb045b
9.1/RPMS/libphp_common430-430-11.2.91mdk.i586.rpm
d726c6e61503ace236d41e96dd2aacc4
9.1/RPMS/php-cgi-4.3.1-11.2.91mdk.i586.rpm
c0f0638a6977b0747b9cef6421f0baa2
9.1/RPMS/php-cli-4.3.1-11.2.91mdk.i586.rpm
846433aa57319fcf5ab760bb784c7f60
9.1/RPMS/php430-devel-430-11.2.91mdk.i586.rpm
68d0872d095bdb4976541debcdaa11d7
9.1/SRPMS/php-4.3.1-11.2.91mdk.src.rpm

Mandrakelinux 9.1/PPC:
929514cf49ddeb4ac321b20ffa6fdb49
ppc/9.1/RPMS/libphp_common430-430-11.2.91mdk.ppc.rpm
429cafb67ce1e36012eabad5c46d0a26
ppc/9.1/RPMS/php-cgi-4.3.1-11.2.91mdk.ppc.rpm
0bab7923e30ccaf668a04b41925adc0b
ppc/9.1/RPMS/php-cli-4.3.1-11.2.91mdk.ppc.rpm
af5f2be485dad26cb88103f3373a8188
ppc/9.1/RPMS/php430-devel-430-11.2.91mdk.ppc.rpm
68d0872d095bdb4976541debcdaa11d7
ppc/9.1/SRPMS/php-4.3.1-11.2.91mdk.src.rpm

Mandrakelinux 9.2:
f731f578cdb9d458c4880a48f20c0027
9.2/RPMS/libphp_common432-4.3.3-2.1.92mdk.i586.rpm
732ba08087b14490c057a9454c6b706d
9.2/RPMS/php-cgi-4.3.3-2.1.92mdk.i586.rpm
d7aeca9053611e06ddeeb374ebc38fd5
9.2/RPMS/php-cli-4.3.3-2.1.92mdk.i586.rpm
dfdbda0df15baea7861646b4c42eb1d2
9.2/RPMS/php432-devel-4.3.3-2.1.92mdk.i586.rpm
8495c4332df4f8262d3f0b9b2b781739
9.2/SRPMS/php-4.3.3-2.1.92mdk.src.rpm

Mandrakelinux 9.2/AMD64:
7440678e5a938931b88953232c5c2a46
amd64/9.2/RPMS/lib64php_common432-4.3.3-2.1.92mdk.amd64.rpm
4375a9c46be6b1ef103959253b469035
amd64/9.2/RPMS/php-cgi-4.3.3-2.1.92mdk.amd64.rpm
3cd4c385732e3b31b9f20fa93b6a7ee5
amd64/9.2/RPMS/php-cli-4.3.3-2.1.92mdk.amd64.rpm
dbf7471c02799c02a32e46a727ee87f3
amd64/9.2/RPMS/php432-devel-4.3.3-2.1.92mdk.amd64.rpm
8495c4332df4f8262d3f0b9b2b781739
amd64/9.2/SRPMS/php-4.3.3-2.1.92mdk.src.rpm

Multi Network Firewall 8.2:
f91aac5bc43fa5c79317b8dd2d6fbfb2
mnf8.2/RPMS/php-common-4.1.2-1.3.M82mdk.i586.rpm
9805edbc685f9418c54e9ea20f968b15
mnf8.2/SRPMS/php-4.1.2-1.3.M82mdk.src.rpm

ORIGINAL ADVISORY:
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:068

OTHER REFERENCES:
SA12064:
http://secunia.com/advisories/12064/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------