LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 15th, 2014
Linux Security Week: September 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: Updated php packages fix information disclosure vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake A vulnerability was discovered where the html_entity_decode() function would return a chunk of memory with length equal to the string supplied, which could include php code, php ini data, other user data, etc. Note that by default, Corporate 3.0 and Mandriva Linux LE2005 ship with magic_quotes_gpc on which seems to protect against this vulnerability "out of the box" but users are encourages to upgrade regardless.
 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:063
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : php
 Date    : April 2, 2006
 Affected: 10.2, 2006.0, Corporate 3.0, Multi Network Firewall 2.0
 _______________________________________________________________________
 
 Problem Description:
 
 A vulnerability was discovered where the html_entity_decode() function
 would return a chunk of memory with length equal to the string
 supplied, which could include php code, php ini data, other user data,
 etc.  Note that by default, Corporate 3.0 and Mandriva Linux LE2005
 ship with magic_quotes_gpc on which seems to protect against this
 vulnerability "out of the box" but users are encourages to upgrade
 regardless.
 
 Once the upgraded packages have been installed, users will need to
 issue a "service httpd restart" in order for the fixed packages to be
 properly loaded.
 
 Updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 10.2:
 ef3fa2a2d14fb8be4f3febaf83bbffa9  10.2/RPMS/libphp_common432-4.3.10-7.8.102mdk.i586.rpm
 4a883be9e264869febfdfc5cdf529a49  10.2/RPMS/php432-devel-4.3.10-7.8.102mdk.i586.rpm
 2c1627712cca538956c5f851f616d5ce  10.2/RPMS/php-cgi-4.3.10-7.8.102mdk.i586.rpm
 8c6727cf7e6eb10dabc18eab21bfb2e4  10.2/RPMS/php-cli-4.3.10-7.8.102mdk.i586.rpm
 42d36049ac84a54b170d64fb1e4bdbfc  10.2/SRPMS/php-4.3.10-7.8.102mdk.src.rpm

 Mandriva Linux 10.2/X86_64:
 0bc53707143b53de67d92e09c3f681ce  x86_64/10.2/RPMS/lib64php_common432-4.3.10-7.8.102mdk.x86_64.rpm
 aa2afe3688d5467753f3b65f977cdfe2  x86_64/10.2/RPMS/php432-devel-4.3.10-7.8.102mdk.x86_64.rpm
 b69f7d7333fd59fc53f2c3cb775cb92d  x86_64/10.2/RPMS/php-cgi-4.3.10-7.8.102mdk.x86_64.rpm
 9efe4691fa443904d12e05628ec32d1f  x86_64/10.2/RPMS/php-cli-4.3.10-7.8.102mdk.x86_64.rpm
 42d36049ac84a54b170d64fb1e4bdbfc  x86_64/10.2/SRPMS/php-4.3.10-7.8.102mdk.src.rpm

 Mandriva Linux 2006.0:
 2a7b4c48f38f0ca7ca1bfc6ee017e27b  2006.0/RPMS/libphp5_common5-5.0.4-9.4.20060mdk.i586.rpm
 2b0fe0ae0adfcea994618097ccd8f43e  2006.0/RPMS/php-cgi-5.0.4-9.4.20060mdk.i586.rpm
 6495845826ffc3963ea5fa7602413d99  2006.0/RPMS/php-cli-5.0.4-9.4.20060mdk.i586.rpm
 67e7e6ac6ffd75ebb3cfb067e16a6e90  2006.0/RPMS/php-devel-5.0.4-9.4.20060mdk.i586.rpm
 a07dfb39972947e39fc464895703e54f  2006.0/RPMS/php-fcgi-5.0.4-9.4.20060mdk.i586.rpm
 c71f42f38e21d547bc3121df180a1f9d  2006.0/SRPMS/php-5.0.4-9.4.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 c8d248402a14d3395df39d8460b2d09e  x86_64/2006.0/RPMS/lib64php5_common5-5.0.4-9.4.20060mdk.x86_64.rpm
 48903c848a6b6e95e602c9167f21140b  x86_64/2006.0/RPMS/php-cgi-5.0.4-9.4.20060mdk.x86_64.rpm
 cf2c3ef8f5dd6a399026777f225e61c2  x86_64/2006.0/RPMS/php-cli-5.0.4-9.4.20060mdk.x86_64.rpm
 78f44b12e62d382cdde698eddb98de7d  x86_64/2006.0/RPMS/php-devel-5.0.4-9.4.20060mdk.x86_64.rpm
 e6f2546f0ad6786b235ff9d3a5037f18  x86_64/2006.0/RPMS/php-fcgi-5.0.4-9.4.20060mdk.x86_64.rpm
 c71f42f38e21d547bc3121df180a1f9d  x86_64/2006.0/SRPMS/php-5.0.4-9.4.20060mdk.src.rpm

 Corporate 3.0:
 bfe7ada522d7d8c94d145d1345ea1cd2  corporate/3.0/RPMS/libphp_common432-4.3.4-4.12.C30mdk.i586.rpm
 d6e143fb483b0b491712b1f19d89d343  corporate/3.0/RPMS/php432-devel-4.3.4-4.12.C30mdk.i586.rpm
 bbc4009f6a6ae8c1c57dd19d4d835a76  corporate/3.0/RPMS/php-cgi-4.3.4-4.12.C30mdk.i586.rpm
 30559d249370d48b6620f836857d4a03  corporate/3.0/RPMS/php-cli-4.3.4-4.12.C30mdk.i586.rpm
 c2a531e21b0337d6e2e189922de96444  corporate/3.0/SRPMS/php-4.3.4-4.12.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 775eb72e9367dfa3f58fbf58baecbbef  x86_64/corporate/3.0/RPMS/lib64php_common432-4.3.4-4.12.C30mdk.x86_64.rpm
 acb65ffa3867a095ec685f3c8964dc79  x86_64/corporate/3.0/RPMS/php432-devel-4.3.4-4.12.C30mdk.x86_64.rpm
 7ab648313c53a521b42c5fbe861ebefe  x86_64/corporate/3.0/RPMS/php-cgi-4.3.4-4.12.C30mdk.x86_64.rpm
 56821179db1b9e456894a58c816f3766  x86_64/corporate/3.0/RPMS/php-cli-4.3.4-4.12.C30mdk.x86_64.rpm
 c2a531e21b0337d6e2e189922de96444  x86_64/corporate/3.0/SRPMS/php-4.3.4-4.12.C30mdk.src.rpm

 Multi Network Firewall 2.0:
 e58ffa871474e313deb349926b22cc7e  mnf/2.0/RPMS/libphp_common432-4.3.4-4.12.M20mdk.i586.rpm
 0f58a032dcdb3bc45b37b67f2ce3f6bc  mnf/2.0/RPMS/php432-devel-4.3.4-4.12.M20mdk.i586.rpm
 7dd0f603a0870b896c9396357dcd9efc  mnf/2.0/RPMS/php-cgi-4.3.4-4.12.M20mdk.i586.rpm
 a594814232b0dfa9bdbdf2db8d9089fd  mnf/2.0/RPMS/php-cli-4.3.4-4.12.M20mdk.i586.rpm
 650755a113c483af227369551a1431a3  mnf/2.0/SRPMS/php-4.3.4-4.12.M20mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Middle-School Dropout Codes Clever Chat Program That Foils NSA Spying
FreeBSD Patches DoS Vulnerability
Rogue cell towers discovered in Washington, D.C.
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.