Vulnerability Bulletins

int(2537)

Vulnerability Bulletins

Múltiples vulnerabilidades en PHP
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Integridad
Dificulty	Avanzado
Required attacker level	Acceso remoto sin cuenta a un servicio estandar
System information
Property	Value
Affected manufacturer	GNU/Linux
Affected software	PHP < 4.4.3 PHP < 5.1.4
Description
Se han descubierto múltiples vulnerabilidades en PHP. Las vulnerabilidades son descritas a continuación: - CVE-2006-1017: La vulnerabilidad reside en la librería "c-client" 2000, 2001, o 2004 cuando se usa en aplicaciones que aceptan datos suministrados por el usuario como argumento "mailbox" a la función "imap_open". Un atacante remoto podría acceder a estructuras de datos IMAP stream y realizar acciones IMAP. - CVE-2006-2563: La vulnerabilidad reside en un error en la librería cURL (libcurl) al manejar ciertas peticiones con caracteres nulos. Un atacante remoto podría saltarse las restricciones del modo seguro y acceder a ficheros arbitrarios mediante una petición "file://". - CVE-2006-2660: La vulnerabilidad reside en una vulnerabilidad al usar datos de un búfer en la función "tempnam". Un atacante local podría saltarse algunas restricciones y crear ficheros PHP con nombres fijos mediante un argumento "pathname" de longitud mayor a MAXPATHLEN. - CVE-2006-3011: La vulnerabilidad reside en la función "error_log". Un atacante local podría saltarse las restricciones del modo seguro y de "open_basedir" mediante un esquema tipo "php://" como tercer argumento de la función. - CVE-2006-3016: La vulnerabilidad reside en un error no especificado en "session.c", aunque se sabe está relacionado con el manejo de ciertos caracteres en nombres de sesión. Se desconoce el impacto y las vías de ataque. - CVE-2006-3018: La vulnerabilidad reside en un error no especificado en la funcionalidad "session extension". Se desconoce el impacto y vías de ataque aunque se cree que está relacionado con corrupción de heap.
Solution
Actualización de software Mandriva Corporate Server 3.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/libphp_common432-4.3.4-4.18.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/php432-devel-4.3.4-4.18.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/php-cgi-4.3.4-4.18.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/php-cli-4.3.4-4.18.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/php-gd-4.3.4-1.3.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/php-imap-4.3.4-1.3.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/php-4.3.4-4.18.C30mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/php-gd-4.3.4-1.3.C30mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/php-imap-4.3.4-1.3.C30mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/lib64php_common432-4.3.4-4.18.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/php432-devel-4.3.4-4.18.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/php-cgi-4.3.4-4.18.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/php-cli-4.3.4-4.18.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/php-gd-4.3.4-1.3.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/php-imap-4.3.4-1.3.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/SRPMS/php-4.3.4-4.18.C30mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/SRPMS/php-gd-4.3.4-1.3.C30mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/SRPMS/php-imap-4.3.4-1.3.C30mdk.src.rpm Multi Network Firewall 2.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/libphp_common432-4.3.4-4.18.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/php432-devel-4.3.4-4.18.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/php-cgi-4.3.4-4.18.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/php-cli-4.3.4-4.18.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/php-gd-4.3.4-1.3.M20mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/SRPMS/php-4.3.4-4.18.M20mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/SRPMS/php-gd-4.3.4-1.3.M20mdk.src.rpm Mandrivalinux LE2005 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/libphp_common432-4.3.10-7.14.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/php432-devel-4.3.10-7.14.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/php-cgi-4.3.10-7.14.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/php-cli-4.3.10-7.14.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/php-imap-4.3.10-6.3.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/SRPMS/php-4.3.10-7.14.102mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/SRPMS/php-imap-4.3.10-6.3.102mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/lib64php_common432-4.3.10-7.14.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/php432-devel-4.3.10-7.14.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/php-cgi-4.3.10-7.14.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/php-cli-4.3.10-7.14.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/php-imap-4.3.10-6.3.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/SRPMS/php-4.3.10-7.14.102mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/SRPMS/php-imap-4.3.10-6.3.102mdk.src.rpm Mandrivalinux 2006 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/libphp5_common5-5.0.4-9.12.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/php-cgi-5.0.4-9.12.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/php-cli-5.0.4-9.12.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/php-curl-5.0.4-1.3.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/php-devel-5.0.4-9.12.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/php-fcgi-5.0.4-9.12.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/php-imap-5.0.4-2.3.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/SRPMS/php-5.0.4-9.12.20060mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/SRPMS/php-curl-5.0.4-1.3.20060mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/SRPMS/php-imap-5.0.4-2.3.20060mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/lib64php5_common5-5.0.4-9.12.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/php-cgi-5.0.4-9.12.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/php-cli-5.0.4-9.12.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/php-curl-5.0.4-1.3.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/php-devel-5.0.4-9.12.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/php-fcgi-5.0.4-9.12.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/php-imap-5.0.4-2.3.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/SRPMS/php-5.0.4-9.12.20060mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/SRPMS/php-curl-5.0.4-1.3.20060mdk.src.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/SRPMS/php-imap-5.0.4-2.3.20060mdk.src.rpm Red Hat Linux (php) Red Hat Desktop (v. 3) Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 3) Red Hat Enterprise Linux WS (v. 4) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Linux Advanced Workstation 2.1 Itanium Processor https://rhn.redhat.com/
Standar resources
Property	Value
CVE	CVE-2006-1017 CVE-2006-2563 CVE-2006-2660 CVE-2006-3011 CVE-2006-3016 CVE-2006-3018
BID	18116
Other resources
Mandriva Security Advisory (MDKSA-2006:122) http://www.mandriva.com/security/advisories?name=MDKSA-2006:122 Red Hat Security Advisory RHSA-2006:0669-12 https://rhn.redhat.com/errata/RHSA-2006-0669.html Red Hat Security Advisory RHSA-2006:0682-6 https://rhn.redhat.com/errata/RHSA-2006-0682.html

Version history
Version	Comments	Date
1.0	Aviso emitido	2006-07-14
1.1	Avisos emitidos por Red Hat (RHSA-2006:0669-12, RHSA-2006:0682-6)	2006-10-04

Vulnerability Bulletins

Múltiples vulnerabilidades en PHP

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history