full-disclosure-uk May 2007 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: [Full-disclosure] [ MDKSA-2007:102 ] - Updat

[Full-disclosure] [ MDKSA-2007:102 ] - Updated php packages fix multiple vulnerabilities

From: <security_at_nospam>
Date: Fri May 11 2007 - 01:24:04 GMT
To: full-disclosure@lists.grok.org.uk

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


  Mandriva Linux Security Advisory MDKSA-2007:102  http://www.mandriva.com/security/
  Package : php Date : May 10, 2007 Affected: 2007.0, 2007.1, Corporate 4.0
_______________________________________________________________________

 Problem Description:  

 A heap buffer overflow flaw was found in the xmlrpc extension for PHP.  A script that implements an XML-RPC server using this extension could  allow a remote attacker to execute arbitrary code as the apache user.  This flaw does not, however, affect PHP applications using the pure-PHP  XML_RPC class provided via PEAR (CVE-2007-1864).  

 A flaw was found in the ftp extension for PHP. A script using  this extension to provide access to a private FTP server and which  passed untrusted script input directly to any function provided by  this extension could allow a remote attacker to send arbitrary FTP  commands to the server (CVE-2007-2509).  

 A buffer overflow flaw was found in the soap extension for PHP  in the handling of an HTTP redirect response when using the SOAP  client provided by the extension with an untrusted SOAP server  (CVE-2007-2510).    A buffer overflow in the user_filter_factory_create() function has  unknown impact and local attack vectors (CVE-2007-2511).  

 Updated packages have been patched to prevent this issue.


 References:   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2509 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2510 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2511
_______________________________________________________________________

 Updated Packages:  

 Mandriva Linux 2007.0: 9e0a7c06446b813079775e0b21113c35 2007.0/i586/libphp5_common5-5.1.6-1.8mdv2007.0.i586.rpm a9fbb8f3a69749c14794f25ed9c4fb4a 2007.0/i586/php-cgi-5.1.6-1.8mdv2007.0.i586.rpm 343800759b3f2c748e902b578c983b31 2007.0/i586/php-cli-5.1.6-1.8mdv2007.0.i586.rpm f144fe50b14fe959782ee648bc5ac9c3 2007.0/i586/php-devel-5.1.6-1.8mdv2007.0.i586.rpm 1ab27ba607339b5da160f4222e4785f2 2007.0/i586/php-fcgi-5.1.6-1.8mdv2007.0.i586.rpm fe0bb39c1ab53cf83b39c58714247b3f 2007.0/i586/php-ftp-5.1.6-1.1mdv2007.0.i586.rpm 930f34d92678a52b2ce6e83cb28a693f 2007.0/i586/php-soap-5.1.6-1.1mdv2007.0.i586.rpm 4469d5f7cdec688feba83a30698a7e9a 2007.0/i586/php-xmlrpc-5.1.6-1.1mdv2007.0.i586.rpm d7102292c93885b089d35caaff6005b7 2007.0/SRPMS/php-5.1.6-1.8mdv2007.0.src.rpm 239e5928d8a53c749c128e8ddc75746f 2007.0/SRPMS/php-ftp-5.1.6-1.1mdv2007.0.src.rpm ef26d693f275ba3755dcebd89f2f0d54 2007.0/SRPMS/php-soap-5.1.6-1.1mdv2007.0.src.rpm 51fdcfb1821296eb9b69cefd136faf5e 2007.0/SRPMS/php-xmlrpc-5.1.6-1.1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64: 4d514769b03d199a1f96982e6d2887e2 2007.0/x86_64/lib64php5_common5-5.1.6-1.8mdv2007.0.x86_64.rpm dcb785c5dc18be7817c3c6e5c22c4156 2007.0/x86_64/php-cgi-5.1.6-1.8mdv2007.0.x86_64.rpm c9d3851f0b201e1ac248fc448b507a70 2007.0/x86_64/php-cli-5.1.6-1.8mdv2007.0.x86_64.rpm c56837be9c8e4850bc15082c2ea6b7f6 2007.0/x86_64/php-devel-5.1.6-1.8mdv2007.0.x86_64.rpm 50c8b6228670b93318e4db01f464f327 2007.0/x86_64/php-fcgi-5.1.6-1.8mdv2007.0.x86_64.rpm e8878dab282186a60846fa79c6a7ff12 2007.0/x86_64/php-ftp-5.1.6-1.1mdv2007.0.x86_64.rpm 0c700664f8b9eabb6889247f63b8a2ff 2007.0/x86_64/php-soap-5.1.6-1.1mdv2007.0.x86_64.rpm d8159dcb23ebd35ec65e9988c51e8077 2007.0/x86_64/php-xmlrpc-5.1.6-1.1mdv2007.0.x86_64.rpm d7102292c93885b089d35caaff6005b7 2007.0/SRPMS/php-5.1.6-1.8mdv2007.0.src.rpm 239e5928d8a53c749c128e8ddc75746f 2007.0/SRPMS/php-ftp-5.1.6-1.1mdv2007.0.src.rpm ef26d693f275ba3755dcebd89f2f0d54 2007.0/SRPMS/php-soap-5.1.6-1.1mdv2007.0.src.rpm 51fdcfb1821296eb9b69cefd136faf5e 2007.0/SRPMS/php-xmlrpc-5.1.6-1.1mdv2007.0.src.rpm

 Mandriva Linux 2007.1: 888da0d6a1c570e006b70d3d61b74118 2007.1/i586/libphp5_common5-5.2.1-4.2mdv2007.1.i586.rpm c398e10cccc582eece4b5620c4f63ce0 2007.1/i586/php-cgi-5.2.1-4.2mdv2007.1.i586.rpm 83ed8f228e65da902f2e2fe701af9775 2007.1/i586/php-cli-5.2.1-4.2mdv2007.1.i586.rpm b492372b2e170b529cf9594b2471098b 2007.1/i586/php-devel-5.2.1-4.2mdv2007.1.i586.rpm a075fce9b55f9eee29f40dddd7adcd85 2007.1/i586/php-fcgi-5.2.1-4.2mdv2007.1.i586.rpm e2c50d2aec5905cf36199b51a3fc9996 2007.1/i586/php-ftp-5.2.1-1.1mdv2007.1.i586.rpm 283e088a1a51b05203c819da3628a215 2007.1/i586/php-openssl-5.2.1-4.2mdv2007.1.i586.rpm b573393fee439ad07f7a171d7f19fcc9 2007.1/i586/php-soap-5.2.1-1.1mdv2007.1.i586.rpm 879268bc4d99891f35cc51dc48509693 2007.1/i586/php-xmlrpc-5.2.1-1.1mdv2007.1.i586.rpm 0801e43d083f307ca9647ee7f956c418 2007.1/i586/php-zlib-5.2.1-4.2mdv2007.1.i586.rpm c871caed81c2756605036c551860511d 2007.1/SRPMS/php-5.2.1-4.2mdv2007.1.src.rpm 0a5c8faf80552ac48c612be0bc694f20 2007.1/SRPMS/php-ftp-5.2.1-1.1mdv2007.1.src.rpm cbeda10353be0ce9d5412fc0dbada997 2007.1/SRPMS/php-soap-5.2.1-1.1mdv2007.1.src.rpm 1da80b11eb48516f303f214195fb7f48 2007.1/SRPMS/php-xmlrpc-5.2.1-1.1mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64: 04c572d2ade5326c1466ce86cac25a4a 2007.1/x86_64/lib64php5_common5-5.2.1-4.2mdv2007.1.x86_64.rpm 72b14c819dcbbe579f02877446d4665b 2007.1/x86_64/php-cgi-5.2.1-4.2mdv2007.1.x86_64.rpm 8e44a5bc06d1690b5aed76863ecb4ab9 2007.1/x86_64/php-cli-5.2.1-4.2mdv2007.1.x86_64.rpm a31b209aecd4b65898f444a2e54429ae 2007.1/x86_64/php-devel-5.2.1-4.2mdv2007.1.x86_64.rpm 712e7b8c58366589daf34c189fb780d3 2007.1/x86_64/php-fcgi-5.2.1-4.2mdv2007.1.x86_64.rpm bfd4bdcb2d0a5b6ce40bbf1bdbf92c34 2007.1/x86_64/php-ftp-5.2.1-1.1mdv2007.1.x86_64.rpm 71373d76b719c3f88a87c81b277403e5 2007.1/x86_64/php-openssl-5.2.1-4.2mdv2007.1.x86_64.rpm 019b04338019939b68e7dd2b7133bfcb 2007.1/x86_64/php-soap-5.2.1-1.1mdv2007.1.x86_64.rpm 295c266bc58f787ced40c5b19bf8ac51 2007.1/x86_64/php-xmlrpc-5.2.1-1.1mdv2007.1.x86_64.rpm 7d0b9653eac35a5fbe99d4850c0c2976 2007.1/x86_64/php-zlib-5.2.1-4.2mdv2007.1.x86_64.rpm c871caed81c2756605036c551860511d 2007.1/SRPMS/php-5.2.1-4.2mdv2007.1.src.rpm 0a5c8faf80552ac48c612be0bc694f20 2007.1/SRPMS/php-ftp-5.2.1-1.1mdv2007.1.src.rpm cbeda10353be0ce9d5412fc0dbada997 2007.1/SRPMS/php-soap-5.2.1-1.1mdv2007.1.src.rpm 1da80b11eb48516f303f214195fb7f48 2007.1/SRPMS/php-xmlrpc-5.2.1-1.1mdv2007.1.src.rpm

 Corporate 4.0: 541ec0d4bd065819fd5de0345271725a corporate/4.0/i586/libphp5_common5-5.1.6-1.7.20060mlcs4.i586.rpm 1b961a0d43019c0b1702e89049a84874 corporate/4.0/i586/php-cgi-5.1.6-1.7.20060mlcs4.i586.rpm 1bc38555880faa6b5db431c07d3742af corporate/4.0/i586/php-cli-5.1.6-1.7.20060mlcs4.i586.rpm 64491744bae5210b6d4e42a17f90c469 corporate/4.0/i586/php-devel-5.1.6-1.7.20060mlcs4.i586.rpm d0163400726e451bc70eebfa2b8ff8cf corporate/4.0/i586/php-fcgi-5.1.6-1.7.20060mlcs4.i586.rpm 025a55227972e61802383a635c2ed079 corporate/4.0/i586/php-ftp-5.1.6-1.1.20060mlcs4.i586.rpm f403a917dc5ec71e22838df9ef4b0056 corporate/4.0/i586/php-soap-5.1.6-1.1.20060mlcs4.i586.rpm 5f65dc5ebe901a313cfc9234eda9fc23 corporate/4.0/i586/php-xmlrpc-5.1.6-1.1.20060mlcs4.i586.rpm ee7ba870487ce356fe245fbc656356e5 corporate/4.0/SRPMS/php-5.1.6-1.7.20060mlcs4.src.rpm 0215d16b276dfb23853757c5faf5f421 corporate/4.0/SRPMS/php-ftp-5.1.6-1.1.20060mlcs4.src.rpm 941ec9715e80441950e47ca0517805e9 corporate/4.0/SRPMS/php-soap-5.1.6-1.1.20060mlcs4.src.rpm 46ee561cff952e60367ef056d6541c6f corporate/4.0/SRPMS/php-xmlrpc-5.1.6-1.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64: f507eea19a26bb21379905bfdfd0f824 corporate/4.0/x86_64/lib64php5_common5-5.1.6-1.7.20060mlcs4.x86_64.rpm c2b6cb9eff1254f6ce7518fd26cc532e corporate/4.0/x86_64/php-cgi-5.1.6-1.7.20060mlcs4.x86_64.rpm 980bb3942284c10a56834ef30ed3cb7d corporate/4.0/x86_64/php-cli-5.1.6-1.7.20060mlcs4.x86_64.rpm dcb189bb7be8665cb546ef7ab02a0af2 corporate/4.0/x86_64/php-devel-5.1.6-1.7.20060mlcs4.x86_64.rpm e90deb547bfafe90f5719f4397ea0134 corporate/4.0/x86_64/php-fcgi-5.1.6-1.7.20060mlcs4.x86_64.rpm 04a09ca766e17788d34de8dae17c9ead corporate/4.0/x86_64/php-ftp-5.1.6-1.1.20060mlcs4.x86_64.rpm 728ca6786465d9d7e10abcaf196f6249 corporate/4.0/x86_64/php-soap-5.1.6-1.1.20060mlcs4.x86_64.rpm 8f1904a291d30f800d483ffc8288599f corporate/4.0/x86_64/php-xmlrpc-5.1.6-1.1.20060mlcs4.x86_64.rpm ee7ba870487ce356fe245fbc656356e5 corporate/4.0/SRPMS/php-5.1.6-1.7.20060mlcs4.src.rpm 0215d16b276dfb23853757c5faf5f421 corporate/4.0/SRPMS/php-ftp-5.1.6-1.1.20060mlcs4.src.rpm 941ec9715e80441950e47ca0517805e9 corporate/4.0/SRPMS/php-soap-5.1.6-1.1.20060mlcs4.src.rpm 46ee561cff952e60367ef056d6541c6f corporate/4.0/SRPMS/php-xmlrpc-5.1.6-1.1.20060mlcs4.src.rpm
_______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi. The verification  of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security. You can obtain the  GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com


 Type Bits/KeyID Date User ID
 pub 1024D/22458A98 2000-07-10 Mandriva Security Team   <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGQ5romqjQ0CJFipgRAmVnAJ9whGuv+94H7CPsGQEn5SIM0lFDpgCaAxxk kEDlGAD1UT8DmjOCXKWA1yQ=
=64Jo
-----END PGP SIGNATURE-----



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/