LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: October 20th, 2014
Linux Advisory Watch: October 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
RedHat: Important: php security update Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
RedHat Linux Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 5.A heap buffer overflow flaw was found in the PHP 'xmlrpc' extension. A PHP script which implements an XML-RPC server using this extension could allow a remote attacker to execute arbitrary code as the 'apache' user. This update has been rated as having important security impact by the Red Hat Security Response Team.
- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Important: php security update
Advisory ID:       RHSA-2007:0348-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2007-0348.html
Issue date:        2007-05-08
Updated on:        2007-05-08
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2007-1864 CVE-2007-2509 CVE-2007-2510 
- ---------------------------------------------------------------------

1. Summary:

Updated PHP packages that fix several security issues are now available for
Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Web server. 

A heap buffer overflow flaw was found in the PHP 'xmlrpc' extension.  A
PHP script which implements an XML-RPC server using this extension
could allow a remote attacker to execute arbitrary code as the 'apache'
user.  Note that this flaw does not affect PHP applications using the
pure-PHP XML_RPC class provided in /usr/share/pear. (CVE-2007-1864)

A flaw was found in the PHP 'ftp' extension.  If a PHP script used this
extension to provide access to a private FTP server, and passed untrusted
script input directly to any function provided by this extension, a remote
attacker would be able to send arbitrary FTP commands to the server. 
(CVE-2007-2509)

A buffer overflow flaw was found in the PHP 'soap' extension, regarding the
handling of an HTTP redirect response when using the SOAP client provided
by this extension with an untrusted SOAP server.  No mechanism to trigger
this flaw remotely is known.  (CVE-2007-2510)

Users of PHP should upgrade to these updated packages which contain
backported patches to correct these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

239015 - CVE-2007-1864 various PHP security issues (CVE-2007-2509 CVE-2007-2510)

6. RPMs required:

RHEL Desktop Workstation (v. 5 client):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/php-5.1.6-12.el5.src.rpm
1f072047b7d34d64fe5fbe532f6777c0  php-5.1.6-12.el5.src.rpm

i386:
db4e221120959052ff76d76baa356333  php-5.1.6-12.el5.i386.rpm
623ea7a18a737dad4ecd3b59f70e4a7b  php-bcmath-5.1.6-12.el5.i386.rpm
13a42879b670133c45728223a95fd402  php-cli-5.1.6-12.el5.i386.rpm
e189f866ed98fce01d040f324a80391d  php-common-5.1.6-12.el5.i386.rpm
a60aa421383db832b4edd0c850df8ecf  php-dba-5.1.6-12.el5.i386.rpm
1c451d5a3716708b254a66143f4557db  php-debuginfo-5.1.6-12.el5.i386.rpm
6f5036e7ca118e1915226e3cd8f9518b  php-devel-5.1.6-12.el5.i386.rpm
2800999d688186d3dbeee5fb3e61575b  php-gd-5.1.6-12.el5.i386.rpm
a1904ac67baff1e51a3fbf5599440b52  php-imap-5.1.6-12.el5.i386.rpm
1bfe2a4ae5e40cc269a1dbc1352c4b80  php-ldap-5.1.6-12.el5.i386.rpm
b3cff46d0c907a5ed67713145e1b4152  php-mbstring-5.1.6-12.el5.i386.rpm
15efa04cf7427b2747c2020dbe759029  php-mysql-5.1.6-12.el5.i386.rpm
bbca3680c0437d9ec164b572c9f5f8ef  php-ncurses-5.1.6-12.el5.i386.rpm
78a45360f99144504120ed460739aab1  php-odbc-5.1.6-12.el5.i386.rpm
83612401d798529d67d2695164559183  php-pdo-5.1.6-12.el5.i386.rpm
a062000075fc8bbf21b647c2f40d77bf  php-pgsql-5.1.6-12.el5.i386.rpm
46000dee2a3c58e8b30919fbb46843c6  php-snmp-5.1.6-12.el5.i386.rpm
38d8e0bb05631def31f60fa3b7198772  php-soap-5.1.6-12.el5.i386.rpm
6f0476ea1a367d88e2e5039fdbc3a198  php-xml-5.1.6-12.el5.i386.rpm
fa48b781751b85839fd64d806abe41f4  php-xmlrpc-5.1.6-12.el5.i386.rpm

x86_64:
68d771ed24af81d04ee7e100a5a5e635  php-5.1.6-12.el5.x86_64.rpm
ea6a80e9d0d7158d94901ac4d63ed0f0  php-bcmath-5.1.6-12.el5.x86_64.rpm
3db0909942b504af6fb2ab6319dfc418  php-cli-5.1.6-12.el5.x86_64.rpm
e87c1bcd044c475afd36b4fd76eb306e  php-common-5.1.6-12.el5.x86_64.rpm
b52703dcbbd302ca6a5881691c8a4791  php-dba-5.1.6-12.el5.x86_64.rpm
a54f2b329966f6ae8d973e8c5bd9b3c9  php-debuginfo-5.1.6-12.el5.x86_64.rpm
b24a0cf47bbd36af3e27f63cf8f2a44d  php-devel-5.1.6-12.el5.x86_64.rpm
683ee6300a6021f31b9b378b5ebbae91  php-gd-5.1.6-12.el5.x86_64.rpm
2558b23ddb574e4d757a3ee45b4b09db  php-imap-5.1.6-12.el5.x86_64.rpm
4e12feed47c6bdfa745b408c3a2f0be9  php-ldap-5.1.6-12.el5.x86_64.rpm
802ac4070f6183f3c3fa729f6ef753b0  php-mbstring-5.1.6-12.el5.x86_64.rpm
f6a3268ac2d5868b56750b125b7e4000  php-mysql-5.1.6-12.el5.x86_64.rpm
7e2467e812eb1ecb34bec48d61ce75f5  php-ncurses-5.1.6-12.el5.x86_64.rpm
8d9d4c8f30a8310b4b55f40260cd705e  php-odbc-5.1.6-12.el5.x86_64.rpm
a2f79a2d00ee92c37fbcd575abc9031b  php-pdo-5.1.6-12.el5.x86_64.rpm
b0cfb786017cedfdef3c9a7e4abbf61b  php-pgsql-5.1.6-12.el5.x86_64.rpm
18d164a275b9b357a84c976fd24929af  php-snmp-5.1.6-12.el5.x86_64.rpm
c359a4bd47f55245a28832e004ede4b3  php-soap-5.1.6-12.el5.x86_64.rpm
263c811cd28b288ba2cadd65ed5daf5e  php-xml-5.1.6-12.el5.x86_64.rpm
b2b3a11ccf426e54b41d74df6eb33da8  php-xmlrpc-5.1.6-12.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/php-5.1.6-12.el5.src.rpm
1f072047b7d34d64fe5fbe532f6777c0  php-5.1.6-12.el5.src.rpm

i386:
db4e221120959052ff76d76baa356333  php-5.1.6-12.el5.i386.rpm
623ea7a18a737dad4ecd3b59f70e4a7b  php-bcmath-5.1.6-12.el5.i386.rpm
13a42879b670133c45728223a95fd402  php-cli-5.1.6-12.el5.i386.rpm
e189f866ed98fce01d040f324a80391d  php-common-5.1.6-12.el5.i386.rpm
a60aa421383db832b4edd0c850df8ecf  php-dba-5.1.6-12.el5.i386.rpm
1c451d5a3716708b254a66143f4557db  php-debuginfo-5.1.6-12.el5.i386.rpm
6f5036e7ca118e1915226e3cd8f9518b  php-devel-5.1.6-12.el5.i386.rpm
2800999d688186d3dbeee5fb3e61575b  php-gd-5.1.6-12.el5.i386.rpm
a1904ac67baff1e51a3fbf5599440b52  php-imap-5.1.6-12.el5.i386.rpm
1bfe2a4ae5e40cc269a1dbc1352c4b80  php-ldap-5.1.6-12.el5.i386.rpm
b3cff46d0c907a5ed67713145e1b4152  php-mbstring-5.1.6-12.el5.i386.rpm
15efa04cf7427b2747c2020dbe759029  php-mysql-5.1.6-12.el5.i386.rpm
bbca3680c0437d9ec164b572c9f5f8ef  php-ncurses-5.1.6-12.el5.i386.rpm
78a45360f99144504120ed460739aab1  php-odbc-5.1.6-12.el5.i386.rpm
83612401d798529d67d2695164559183  php-pdo-5.1.6-12.el5.i386.rpm
a062000075fc8bbf21b647c2f40d77bf  php-pgsql-5.1.6-12.el5.i386.rpm
46000dee2a3c58e8b30919fbb46843c6  php-snmp-5.1.6-12.el5.i386.rpm
38d8e0bb05631def31f60fa3b7198772  php-soap-5.1.6-12.el5.i386.rpm
6f0476ea1a367d88e2e5039fdbc3a198  php-xml-5.1.6-12.el5.i386.rpm
fa48b781751b85839fd64d806abe41f4  php-xmlrpc-5.1.6-12.el5.i386.rpm

ia64:
cafd614aafbb93a9c1cc2f6353830cd7  php-5.1.6-12.el5.ia64.rpm
2441c3bb036579f4f90a68ec83d26f35  php-bcmath-5.1.6-12.el5.ia64.rpm
cb7bef1fdbc92fea05df95f8d6584555  php-cli-5.1.6-12.el5.ia64.rpm
e10fe0ff4bc338ddec9b4e367291e566  php-common-5.1.6-12.el5.ia64.rpm
fa100ac6fe4b0a91991abd936565f0fc  php-dba-5.1.6-12.el5.ia64.rpm
5a59f0808d88c867760042409bb34b78  php-debuginfo-5.1.6-12.el5.ia64.rpm
ae02c7d2e2d4d44718f996c250d42d71  php-devel-5.1.6-12.el5.ia64.rpm
f0f191aaf58ec5589f21df085504e239  php-gd-5.1.6-12.el5.ia64.rpm
cf26517d261c3aaa55fb214a859d103b  php-imap-5.1.6-12.el5.ia64.rpm
d1509a29380c85b385fc63ee44815083  php-ldap-5.1.6-12.el5.ia64.rpm
e1f2318bd68675d7f849234e8354a2e3  php-mbstring-5.1.6-12.el5.ia64.rpm
a3ce3b1d3a49127a2162a1465a73886e  php-mysql-5.1.6-12.el5.ia64.rpm
d42e7353d8088fef65b36ba973b195ae  php-ncurses-5.1.6-12.el5.ia64.rpm
e05c2cd733dc4cc8369321e90d899d68  php-odbc-5.1.6-12.el5.ia64.rpm
1f1efbb4539364a08d52c0dab7795239  php-pdo-5.1.6-12.el5.ia64.rpm
3e312ac2b401c91d861894c3b33ded17  php-pgsql-5.1.6-12.el5.ia64.rpm
feaac214d523a64ebadaad9e93f1242a  php-snmp-5.1.6-12.el5.ia64.rpm
30b1ea6f26dda2395b11736333f7b2ce  php-soap-5.1.6-12.el5.ia64.rpm
d0999b5660b02e62b39f121ec8327500  php-xml-5.1.6-12.el5.ia64.rpm
d73065f5f63f38a16cb95616baa4f8e0  php-xmlrpc-5.1.6-12.el5.ia64.rpm

ppc:
34ae027262d0d089256344c389bbe08c  php-5.1.6-12.el5.ppc.rpm
3b3d5738933e697bb776d04ff46a7f12  php-bcmath-5.1.6-12.el5.ppc.rpm
49cabf54b4400a953b739b6ed2b30f9e  php-cli-5.1.6-12.el5.ppc.rpm
2122545a7ba2b26df9e520cb1180b7c7  php-common-5.1.6-12.el5.ppc.rpm
9e30dfaa845be5c78163cb75924bd2b4  php-dba-5.1.6-12.el5.ppc.rpm
96fa588b28469fd0b08b961fbedc758b  php-debuginfo-5.1.6-12.el5.ppc.rpm
423f4664277d806dcaf857bb147d8e4b  php-devel-5.1.6-12.el5.ppc.rpm
0f3f6615f97f175bee885bcafe8a5859  php-gd-5.1.6-12.el5.ppc.rpm
0801cf3c02afce07b604b7dfe7fd1905  php-imap-5.1.6-12.el5.ppc.rpm
2add1b41bbb8bd8be31e2d444704406b  php-ldap-5.1.6-12.el5.ppc.rpm
d5b9f5d3c17bf87507594b1baa3e79f7  php-mbstring-5.1.6-12.el5.ppc.rpm
325e97ecee92904bd55945c4b1d1b639  php-mysql-5.1.6-12.el5.ppc.rpm
55143aa36a5830a28a05f97f7d981760  php-ncurses-5.1.6-12.el5.ppc.rpm
18d8ef4334b2388b09e6c83dfcc58882  php-odbc-5.1.6-12.el5.ppc.rpm
9767a87db24d9f8afcce9f1428065c60  php-pdo-5.1.6-12.el5.ppc.rpm
ee48fe969439c899283d1ec3eb60f530  php-pgsql-5.1.6-12.el5.ppc.rpm
4065ec9d77ad5b9659e1b0f848cb0215  php-snmp-5.1.6-12.el5.ppc.rpm
c309aa4721f4f7be3c15086700eca7ba  php-soap-5.1.6-12.el5.ppc.rpm
ff5887a936ee9d00ddea099144662a6a  php-xml-5.1.6-12.el5.ppc.rpm
47966500a9b6eecc2e27cbef9159496a  php-xmlrpc-5.1.6-12.el5.ppc.rpm

s390x:
e858f359b54fa3c4849f1fc1ef07824f  php-5.1.6-12.el5.s390x.rpm
f974f231c4b713c6ac2191bea2328c9b  php-bcmath-5.1.6-12.el5.s390x.rpm
f369fcc7d4f6a08cb295a5e2fb521b27  php-cli-5.1.6-12.el5.s390x.rpm
0f1749de657015b792c76c60b04284fd  php-common-5.1.6-12.el5.s390x.rpm
c754ed24d8d995411e98d8401b26acde  php-dba-5.1.6-12.el5.s390x.rpm
a3c853fc4990507a7a8dc3e51c6bb696  php-debuginfo-5.1.6-12.el5.s390x.rpm
8f5143ea58f9985a341ff583a7f76aa0  php-devel-5.1.6-12.el5.s390x.rpm
2f100e01b637407a5dc5ca8e2a23bbba  php-gd-5.1.6-12.el5.s390x.rpm
104d04a1fa14f2f7707e792c86329f9c  php-imap-5.1.6-12.el5.s390x.rpm
e452fa10840ba5accb455ec03884cd50  php-ldap-5.1.6-12.el5.s390x.rpm
1fa864cbe5f5293a698d808fa19afae9  php-mbstring-5.1.6-12.el5.s390x.rpm
d8a0fd9257da5af3a764e5b1dfe6ad77  php-mysql-5.1.6-12.el5.s390x.rpm
a1a20fbb68f630030dd6299ecf416596  php-ncurses-5.1.6-12.el5.s390x.rpm
6a67e25eda0d52b30ca16613302c5ac2  php-odbc-5.1.6-12.el5.s390x.rpm
f5783c22f5a47556c865e788314b6053  php-pdo-5.1.6-12.el5.s390x.rpm
34c8f6098740ddcabb6dc52782c4377d  php-pgsql-5.1.6-12.el5.s390x.rpm
2903ad9be536f69ed2e659258bad601c  php-snmp-5.1.6-12.el5.s390x.rpm
f6be7d172c09f7b94dee797609c0e833  php-soap-5.1.6-12.el5.s390x.rpm
f96b56c8c02bac91c00fdb255fc1c979  php-xml-5.1.6-12.el5.s390x.rpm
c231339723fc58a722841ded28f10b65  php-xmlrpc-5.1.6-12.el5.s390x.rpm

x86_64:
68d771ed24af81d04ee7e100a5a5e635  php-5.1.6-12.el5.x86_64.rpm
ea6a80e9d0d7158d94901ac4d63ed0f0  php-bcmath-5.1.6-12.el5.x86_64.rpm
3db0909942b504af6fb2ab6319dfc418  php-cli-5.1.6-12.el5.x86_64.rpm
e87c1bcd044c475afd36b4fd76eb306e  php-common-5.1.6-12.el5.x86_64.rpm
b52703dcbbd302ca6a5881691c8a4791  php-dba-5.1.6-12.el5.x86_64.rpm
a54f2b329966f6ae8d973e8c5bd9b3c9  php-debuginfo-5.1.6-12.el5.x86_64.rpm
b24a0cf47bbd36af3e27f63cf8f2a44d  php-devel-5.1.6-12.el5.x86_64.rpm
683ee6300a6021f31b9b378b5ebbae91  php-gd-5.1.6-12.el5.x86_64.rpm
2558b23ddb574e4d757a3ee45b4b09db  php-imap-5.1.6-12.el5.x86_64.rpm
4e12feed47c6bdfa745b408c3a2f0be9  php-ldap-5.1.6-12.el5.x86_64.rpm
802ac4070f6183f3c3fa729f6ef753b0  php-mbstring-5.1.6-12.el5.x86_64.rpm
f6a3268ac2d5868b56750b125b7e4000  php-mysql-5.1.6-12.el5.x86_64.rpm
7e2467e812eb1ecb34bec48d61ce75f5  php-ncurses-5.1.6-12.el5.x86_64.rpm
8d9d4c8f30a8310b4b55f40260cd705e  php-odbc-5.1.6-12.el5.x86_64.rpm
a2f79a2d00ee92c37fbcd575abc9031b  php-pdo-5.1.6-12.el5.x86_64.rpm
b0cfb786017cedfdef3c9a7e4abbf61b  php-pgsql-5.1.6-12.el5.x86_64.rpm
18d164a275b9b357a84c976fd24929af  php-snmp-5.1.6-12.el5.x86_64.rpm
c359a4bd47f55245a28832e004ede4b3  php-soap-5.1.6-12.el5.x86_64.rpm
263c811cd28b288ba2cadd65ed5daf5e  php-xml-5.1.6-12.el5.x86_64.rpm
b2b3a11ccf426e54b41d74df6eb33da8  php-xmlrpc-5.1.6-12.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2509
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2510
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
The Hacktivist as Angry Young Man
The Hacker Wars Hits NYC
CAINE Linux Distribution Helps Investigators With Forensic Analysis
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.