int(1533)

Boletines de Vulnerabilidades


Múltiples vulnerabilidades en PHP

Clasificación de la vulnerabilidad

Propiedad Valor
Nivel de Confianza Oficial
Impacto Obtener acceso
Dificultad Experto
Requerimientos del atacante Acceso remoto sin cuenta a un servicio exotico

Información sobre el sistema

Propiedad Valor
Fabricant afectat GNU/Linux
Software afectado PHP <5.0.4
PHP <4.3.11

Descripción

Se han descubierto múltiples vulnerabilidades en las versiones anteriores a la 5.0.4 y a la 4.3.11 de PHP. Las vulnerabilidades son descritas a continuación:

- CAN-2005-1042: Desbordamiento de entero podría permitir a un atacante local o remoto ejecutar código arbitrario mediante una imagen con una etiqueta IDF especialmente diseñada.

- CAN-2005-1043: Vulnerabilidad en el manejo de las cabeceras EXIF podría permitir a un atacante local o remoto provocar una situación de denegación de servicio de la aplicación vulnerable por un consumo desmesurado de memoria debido a una recursividad infinita.

Solución

Si lo desea, aplique los mecanismos de actualización propios de su distribución, o bien baje las fuentes del software y compílelo usted mismo.


Actualización de software

PHP
PHP 5.0.4
http://www.php.net/downloads.php#v5
PHP 4.3.11
http://www.php.net/downloads.php#v4

Mandriva Linux

Mandrakelinux 10.0
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libphp_common432-4.3.4-4.5.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/php-cgi-4.3.4-4.5.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/php-cli-4.3.4-4.5.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/php432-devel-4.3.4-4.5.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/php-4.3.4-4.5.100mdk.src.rpm
AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64php_common432-4.3.4-4.5.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/php-cgi-4.3.4-4.5.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/php-cli-4.3.4-4.5.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/php432-devel-4.3.4-4.5.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/php-4.3.4-4.5.100mdk.src.rpm

Mandrakelinux 10.1
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libphp_common432-4.3.8-3.3.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/php-cgi-4.3.8-3.3.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/php-cli-4.3.8-3.3.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/php432-devel-4.3.8-3.3.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/php-4.3.8-3.3.101mdk.src.rpm
X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64php_common432-4.3.8-3.3.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/php-cgi-4.3.8-3.3.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/php-cli-4.3.8-3.3.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/php432-devel-4.3.8-3.3.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/php-4.3.8-3.3.101mdk.src.rpm

Corporate Server 2.1
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/php-4.2.3-4.4.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/php-common-4.2.3-4.4.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/php-devel-4.2.3-4.4.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/php-pear-4.2.3-4.4.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/SRPMS/php-4.2.3-4.4.C21mdk.src.rpm
X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/php-4.2.3-4.4.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/php-common-4.2.3-4.4.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/php-devel-4.2.3-4.4.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/php-pear-4.2.3-4.4.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/SRPMS/php-4.2.3-4.4.C21mdk.src.rpm

Corporate Server 3.0
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/libphp_common432-4.3.4-4.5.C30mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/php-cgi-4.3.4-4.5.C30mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/php-cli-4.3.4-4.5.C30mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/php432-devel-4.3.4-4.5.C30mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/php-4.3.4-4.5.C30mdk.src.rpm
X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/libphp_common432-4.3.4-4.5.C30mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/php-cgi-4.3.4-4.5.C30mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/php-cli-4.3.4-4.5.C30mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/php432-devel-4.3.4-4.5.C30mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/SRPMS/php-4.3.4-4.5.C30mdk.src.rpm

Mandrivalinux LE2005
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/libphp_common432-4.3.10-7.1.102mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/php-cgi-4.3.10-7.1.102mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/php-cli-4.3.10-7.1.102mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/php432-devel-4.3.10-7.1.102mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/SRPMS/php-4.3.10-7.1.102mdk.src.rpm
X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/lib64php_common432-4.3.10-7.1.102mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/php-cgi-4.3.10-7.1.102mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/php-cli-4.3.10-7.1.102mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/php432-devel-4.3.10-7.1.102mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/SRPMS/php-4.3.10-7.1.102mdk.src.rpm

Red Hat Linux
Red Hat Desktop (v. 3)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)
https://rhn.redhat.com/

SUSE Linux
Actualizar mediante YaST Online Update

Apple
Mac OS X Server 10.4.1
Mac OS X 10.4.1
http://www.apple.com/support/downloads/securityupdate2005006macosx1041.html
Mac OS X Server 10.3.9
Mac OS X 10.3.9
http://www.apple.com/support/downloads/securityupdate2005006macosx1039.html

Identificadores estándar

Propiedad Valor
CVE CAN-2005-1042
CAN-2005-1043
BID

Recursos adicionales

Mandriva Security Advisories MDKSA-2005:072
http://www.mandriva.com/security/advisories?name=MDKSA-2005:072

Red Hat Security Advisory RHSA-2005:405-06
https://rhn.redhat.com/errata/RHSA-2005-405.html

SUSE Security Summary Report SUSE-SR:2005:012
http://www.novell.com/linux/security/advisories/2005_12_sr.html

Red Hat Security Advisory RHSA-2005:406-11
https://rhn.redhat.com/errata/RHSA-2005-406.html

Apple Mac OS X Security Update 2005-006
http://docs.info.apple.com/article.html?artnum=301742

Histórico de versiones

Versión Comentario Data
1.0 Aviso emitido 2005-04-19
1.1 Aviso emitido por Red Hat (RHSA-2005:405-06) 2005-04-29
1.2 Aviso emitido por SUSE (SUSE-SR:2005:012) 2005-05-03
1.3 Aviso emitido por Red Hat (RHSA-2005:406-11) 2005-05-05
1.4 Aviso emitido por Apple (2005-006) 2005-06-09
Ministerio de Defensa
CNI
CCN
CCN-CERT