Boletines de Vulnerabilidades

int(1214)

Boletines de Vulnerabilidades

Actualización de PHP resuelve múltiples vulnerabilidades
Clasificación de la vulnerabilidad
Propiedad	Valor
Nivel de Confianza	Oficial
Impacto	Obtener acceso
Dificultad	Avanzado
Requerimientos del atacante	Acceso remoto sin cuenta a un servicio estandar
Información sobre el sistema
Propiedad	Valor
Fabricante afectado	GNU/Linux
Software afectado	php < 4.3.10 HP System Management Homepage 2.0.0-2.0.2
Descripción
Una nueva version de php (4.3.10) resuelve múltiples vulnerabilidades: CAN-2004-1018 - Desbordamiento de búfer en shmop_write(). CAN-2004-1018 - Desbordamiento de búfer en las funciones pack() y unpack(). CAN-2004-1019 - Fuga de información y doble "free" CAN-2004-1020 - Vulnerabilidad en la función addslashes() CAN-2004-1063 - safe_mode execution directory bypass. CAN-2004-1064 - Acceso a archivos arbitrarios. CAN-2004-1065 - Desbordamiento en nombres de sección en exif_read_data(). Existe un exploit público disponible para algunas de estas vulnerabilidades.
Solución
Actualización de software PHP PHP 4.3.10 http://www.php.net/downloads.php Fedora Linux (CAN-2004-1019) y (CVE CAN-2004-1065) Actualización para Linux Fedora Core 2 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ Actualización para Linux Fedora Core 3 http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ Mandrake Linux Mandrake Linux 9.2 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libphp_common432-4.3.3-2.3.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/php-cgi-4.3.3-2.3.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/php-cli-4.3.3-2.3.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/php432-devel-4.3.3-2.3.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/SRPMS/php-4.3.3-2.3.92mdk.src.rpm Mandrake Linux 9.2/AMD64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64php_common432-4.3.3-2.3.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/php-cgi-4.3.3-2.3.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/php-cli-4.3.3-2.3.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/php432-devel-4.3.3-2.3.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/SRPMS/php-4.3.3-2.3.92mdk.src.rpm Mandrake Linux10.0 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libphp_common432-4.3.4-4.3.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/php-cgi-4.3.4-4.3.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/php-cli-4.3.4-4.3.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/php432-devel-4.3.4-4.3.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/php-4.3.4-4.3.100mdk.src.rpm Mandrake Linux 10.0/AMD64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64php_common432-4.3.4-4.3.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/php-cgi-4.3.4-4.3.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/php-cli-4.3.4-4.3.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/php432-devel-4.3.4-4.3.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/php-4.3.4-4.3.100mdk.src.rpm Mandrake Linux 10.1 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libphp_common432-4.3.8-3.2.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/php-cgi-4.3.8-3.2.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/php-cli-4.3.8-3.2.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/php432-devel-4.3.8-3.2.101mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/php-4.3.8-3.2.101mdk.src.rpm Mandrake Linux 10.1/X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64php_common432-4.3.8-3.2.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/php-cgi-4.3.8-3.2.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/php-cli-4.3.8-3.2.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/php432-devel-4.3.8-3.2.101mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/php-4.3.8-3.2.101mdk.src.rpm Corporate Server 2.1 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/php-4.2.3-4.3.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/php-common-4.2.3-4.3.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/php-devel-4.2.3-4.3.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/php-pear-4.2.3-4.3.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/SRPMS/php-4.2.3-4.3.C21mdk.src.rpm Corporate Server 2.1/X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/php-4.2.3-4.3.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/php-common-4.2.3-4.3.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/php-devel-4.2.3-4.3.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/php-pear-4.2.3-4.3.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/SRPMS/php-4.2.3-4.3.C21mdk.src.rpm Red Hat Linux Red Hat Desktop (v. 3)/SRPMS: php-4.3.2-19.ent.src.rpm Red Hat Desktop (v. 3)/IA-32: php-4.3.2-19.ent.i386.rpm php-devel-4.3.2-19.ent.i386.rpm php-imap-4.3.2-19.ent.i386.rpm php-ldap-4.3.2-19.ent.i386.rpm php-mysql-4.3.2-19.ent.i386.rpm php-odbc-4.3.2-19.ent.i386.rpm php-pgsql-4.3.2-19.ent.i386.rpm Red Hat Desktop (v. 3)/x86_64: php-4.3.2-19.ent.x86_64.rpm php-devel-4.3.2-19.ent.x86_64.rpm php-imap-4.3.2-19.ent.x86_64.rpm php-ldap-4.3.2-19.ent.x86_64.rpm php-mysql-4.3.2-19.ent.x86_64.rpm php-odbc-4.3.2-19.ent.x86_64.rpm php-pgsql-4.3.2-19.ent.x86_64.rpm Red Hat Enterprise Linux AS (v. 3)/SRPMS: php-4.3.2-19.ent.src.rpm Red Hat Enterprise Linux AS (v. 3)/IA-32: php-4.3.2-19.ent.i386.rpm php-devel-4.3.2-19.ent.i386.rpm php-imap-4.3.2-19.ent.i386.rpm php-ldap-4.3.2-19.ent.i386.rpm php-mysql-4.3.2-19.ent.i386.rpm php-odbc-4.3.2-19.ent.i386.rpm php-pgsql-4.3.2-19.ent.i386.rpm Red Hat Enterprise Linux AS (v. 3)/IA-64: php-4.3.2-19.ent.ia64.rpm php-devel-4.3.2-19.ent.ia64.rpm php-imap-4.3.2-19.ent.ia64.rpm php-ldap-4.3.2-19.ent.ia64.rpm php-mysql-4.3.2-19.ent.ia64.rpm php-odbc-4.3.2-19.ent.ia64.rpm php-pgsql-4.3.2-19.ent.ia64.rpm Red Hat Enterprise Linux AS (v. 3)/PPC: php-4.3.2-19.ent.ppc.rpm php-devel-4.3.2-19.ent.ppc.rpm php-imap-4.3.2-19.ent.ppc.rpm php-ldap-4.3.2-19.ent.ppc.rpm php-mysql-4.3.2-19.ent.ppc.rpm php-odbc-4.3.2-19.ent.ppc.rpm php-pgsql-4.3.2-19.ent.ppc.rpm Red Hat Enterprise Linux AS (v. 3)/s390: php-4.3.2-19.ent.s390.rpm php-devel-4.3.2-19.ent.s390.rpm php-imap-4.3.2-19.ent.s390.rpm php-ldap-4.3.2-19.ent.s390.rpm php-mysql-4.3.2-19.ent.s390.rpm php-odbc-4.3.2-19.ent.s390.rpm php-pgsql-4.3.2-19.ent.s390.rpm Red Hat Enterprise Linux AS (v. 3)/s390x: php-4.3.2-19.ent.s390x.rpm php-devel-4.3.2-19.ent.s390x.rpm php-imap-4.3.2-19.ent.s390x.rpm php-ldap-4.3.2-19.ent.s390x.rpm php-mysql-4.3.2-19.ent.s390x.rpm php-odbc-4.3.2-19.ent.s390x.rpm php-pgsql-4.3.2-19.ent.s390x.rpm Red Hat Enterprise Linux AS (v. 3)/x86_64: php-4.3.2-19.ent.x86_64.rpm php-devel-4.3.2-19.ent.x86_64.rpm php-imap-4.3.2-19.ent.x86_64.rpm php-ldap-4.3.2-19.ent.x86_64.rpm php-mysql-4.3.2-19.ent.x86_64.rpm php-odbc-4.3.2-19.ent.x86_64.rpm php-pgsql-4.3.2-19.ent.x86_64.rpm Red Hat Enterprise Linux ES (v. 3)/SRPMS: php-4.3.2-19.ent.src.rpm Red Hat Enterprise Linux ES (v. 3)/IA-32: php-4.3.2-19.ent.i386.rpm php-devel-4.3.2-19.ent.i386.rpm php-imap-4.3.2-19.ent.i386.rpm php-ldap-4.3.2-19.ent.i386.rpm php-mysql-4.3.2-19.ent.i386.rpm php-odbc-4.3.2-19.ent.i386.rpm php-pgsql-4.3.2-19.ent.i386.rpm Red Hat Enterprise Linux ES (v. 3)/IA-64: php-4.3.2-19.ent.ia64.rpm php-devel-4.3.2-19.ent.ia64.rpm php-imap-4.3.2-19.ent.ia64.rpm php-ldap-4.3.2-19.ent.ia64.rpm php-mysql-4.3.2-19.ent.ia64.rpm php-odbc-4.3.2-19.ent.ia64.rpm php-pgsql-4.3.2-19.ent.ia64.rpm Red Hat Enterprise Linux ES (v. 3)/x86_64: php-4.3.2-19.ent.x86_64.rpm php-devel-4.3.2-19.ent.x86_64.rpm php-imap-4.3.2-19.ent.x86_64.rpm php-ldap-4.3.2-19.ent.x86_64.rpm php-mysql-4.3.2-19.ent.x86_64.rpm php-odbc-4.3.2-19.ent.x86_64.rpm php-pgsql-4.3.2-19.ent.x86_64.rpm Red Hat Enterprise Linux WS (v. 3)/SRPMS: php-4.3.2-19.ent.src.rpm Red Hat Enterprise Linux WS (v. 3)/IA-32: php-4.3.2-19.ent.i386.rpm php-devel-4.3.2-19.ent.i386.rpm php-imap-4.3.2-19.ent.i386.rpm php-ldap-4.3.2-19.ent.i386.rpm php-mysql-4.3.2-19.ent.i386.rpm php-odbc-4.3.2-19.ent.i386.rpm php-pgsql-4.3.2-19.ent.i386.rpm Red Hat Enterprise Linux WS (v. 3)/IA-64: php-4.3.2-19.ent.ia64.rpm php-devel-4.3.2-19.ent.ia64.rpm php-imap-4.3.2-19.ent.ia64.rpm php-ldap-4.3.2-19.ent.ia64.rpm php-mysql-4.3.2-19.ent.ia64.rpm php-odbc-4.3.2-19.ent.ia64.rpm php-pgsql-4.3.2-19.ent.ia64.rpm Red Hat Enterprise Linux WS (v. 3)/x86_64: php-4.3.2-19.ent.x86_64.rpm php-devel-4.3.2-19.ent.x86_64.rpm php-imap-4.3.2-19.ent.x86_64.rpm php-ldap-4.3.2-19.ent.x86_64.rpm php-mysql-4.3.2-19.ent.x86_64.rpm php-odbc-4.3.2-19.ent.x86_64.rpm php-pgsql-4.3.2-19.ent.x86_64.rpm https://rhn.redhat.com/ SUSE Linux x86: SUSE Linux 9.2: rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/php4-4.3.8-8.3.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/apache2-mod_php4-4.3.8-8.3.i586.rpm patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/php4-4.3.8-8.3.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/apache2-mod_php4-4.3.8-8.3.i586.patch.rpm source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/php4-4.3.8-8.3.src.rpm SUSE Linux 9.1: rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/php4-4.3.4-43.22.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/apache2-mod_php4-4.3.4-43.22.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mod_php4-core-4.3.4-43.22.i586.rpm patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/php4-4.3.4-43.22.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/apache2-mod_php4-4.3.4-43.22.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mod_php4-core-4.3.4-43.22.i586.patch.rpm source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/php4-4.3.4-43.22.src.rpm SUSE Linux 9.0: rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mod_php4-4.3.3-183.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/apache2-mod_php4-4.3.3-183.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mod_php4-core-4.3.3-183.i586.rpm patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mod_php4-4.3.3-183.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/apache2-mod_php4-4.3.3-183.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mod_php4-core-4.3.3-183.i586.patch.rpm source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/mod_php4-4.3.3-183.src.rpm SUSE Linux 8.2: rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mod_php4-4.3.1-174.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/apache2-mod_php4-4.3.1-174.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mod_php4-core-4.3.1-174.i586.rpm patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mod_php4-4.3.1-174.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/apache2-mod_php4-4.3.1-174.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mod_php4-core-4.3.1-174.i586.patch.rpm source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/mod_php4-4.3.1-174.src.rpm SUSE Linux 8.1: rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-4.2.2-485.i586.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-core-4.2.2-485.i586.rpm patch rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-4.2.2-485.i586.patch.rpm ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-core-4.2.2-485.i586.patch.rpm source rpm(s): ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/mod_php4-4.2.2-485.src.rpm x86-64: SUSE Linux 9.2: rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/php4-4.3.8-8.3.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/apache2-mod_php4-4.3.8-8.3.x86_64.rpm source rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/src/php4-4.3.8-8.3.src.rpm SUSE Linux 9.1: rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/php4-4.3.4-43.22.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/apache2-mod_php4-4.3.4-43.22.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mod_php4-core-4.3.4-43.22.x86_64.rpm patch rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/php4-4.3.4-43.22.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/apache2-mod_php4-4.3.4-43.22.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mod_php4-core-4.3.4-43.22.x86_64.patch.rpm source rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/php4-4.3.4-43.22.src.rpm SUSE Linux 9.0: rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mod_php4-4.3.3-183.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/apache2-mod_php4-4.3.3-183.x86_64.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mod_php4-core-4.3.3-183.x86_64.rpm patch rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mod_php4-4.3.3-183.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/apache2-mod_php4-4.3.3-183.x86_64.patch.rpm ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mod_php4-core-4.3.3-183.x86_64.patch.rpm source rpm(s): ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/mod_php4-4.3.3-183.src.rpm Red Hat Linux (nuevos parches) Red Hat Enterprise Linux AS (v. 2.1) / SRPMS: php-4.1.2-2.2.src.rpm Red Hat Enterprise Linux AS (v. 2.1) / IA-32: php-4.1.2-2.2.i386.rpm php-devel-4.1.2-2.2.i386.rpm php-imap-4.1.2-2.2.i386.rpm php-ldap-4.1.2-2.2.i386.rpm php-manual-4.1.2-2.2.i386.rpm php-mysql-4.1.2-2.2.i386.rpm php-odbc-4.1.2-2.2.i386.rpm php-pgsql-4.1.2-2.2.i386.rpm Red Hat Enterprise Linux AS (v. 2.1) / IA-64: php-4.1.2-2.2.ia64.rpm php-devel-4.1.2-2.2.ia64.rpm php-imap-4.1.2-2.2.ia64.rpm php-ldap-4.1.2-2.2.ia64.rpm php-manual-4.1.2-2.2.ia64.rpm php-mysql-4.1.2-2.2.ia64.rpm php-odbc-4.1.2-2.2.ia64.rpm php-pgsql-4.1.2-2.2.ia64.rpm Red Hat Enterprise Linux ES (v. 2.1) / SRPMS: php-4.1.2-2.2.src.rpm Red Hat Enterprise Linux ES (v. 2.1) / IA-32: php-4.1.2-2.2.i386.rpm php-devel-4.1.2-2.2.i386.rpm php-imap-4.1.2-2.2.i386.rpm php-ldap-4.1.2-2.2.i386.rpm php-manual-4.1.2-2.2.i386.rpm php-mysql-4.1.2-2.2.i386.rpm php-odbc-4.1.2-2.2.i386.rpm php-pgsql-4.1.2-2.2.i386.rpm Red Hat Enterprise Linux WS (v. 2.1) / SRPMS: php-4.1.2-2.2.src.rpm Red Hat Enterprise Linux WS (v. 2.1) / IA-32: php-4.1.2-2.2.i386.rpm php-devel-4.1.2-2.2.i386.rpm php-imap-4.1.2-2.2.i386.rpm php-ldap-4.1.2-2.2.i386.rpm php-manual-4.1.2-2.2.i386.rpm php-mysql-4.1.2-2.2.i386.rpm php-odbc-4.1.2-2.2.i386.rpm php-pgsql-4.1.2-2.2.i386.rpm Red Hat Linux Advanced Workstation 2.1 Itanium Processor / SRPMS: php-4.1.2-2.2.src.rpm Red Hat Linux Advanced Workstation 2.1 Itanium Processor / IA-64: php-4.1.2-2.2.ia64.rpm php-devel-4.1.2-2.2.ia64.rpm php-imap-4.1.2-2.2.ia64.rpm php-ldap-4.1.2-2.2.ia64.rpm php-manual-4.1.2-2.2.ia64.rpm php-mysql-4.1.2-2.2.ia64.rpm php-odbc-4.1.2-2.2.ia64.rpm php-pgsql-4.1.2-2.2.ia64.rpm Apple Mac OS X 10.2.8 Client http://www.apple.com/support/downloads/securityupdate2005001macosx1028client.html Mac OS X 10.2.8 Server http://www.apple.com/support/downloads/securityupdate2005001macosx1028server.html Mac OS X 10.3.7 Client http://www.apple.com/support/downloads/securityupdate2005001macosx1037client.html Mac OS X 10.3.7 Server http://www.apple.com/support/downloads/securityupdate2005001macosx1037server.html Red Hat Linux Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 4) https://rhn.redhat.com/ Hewlett-Packard System Management Homepage v2.1.2.127 / Windows http://h18023.www1.hp.com/support/files/server/us/download/23023.html System Management Homepage v2.1.2.127 / Linux http://h18023.www1.hp.com/support/files/server/us/download/23233.html
Identificadores estándar
Propiedad	Valor
CVE	CAN-2004-1018 CAN-2004-1019 CAN-2004-1020 CAN-2004-1063 CAN-2004-1064 CAN-2004-1065
BID
Recursos adicionales
PHP 4.3.10 Release Announcement http://www.php.net/release_4_3_10.php Fedora Update Notification: FEDORA-2004-567 http://www.redhat.com/archives/fedora-announce-list/2004-December/msg00092.html Fedora Update Notification: FEDORA-2004-568 http://www.redhat.com/archives/fedora-announce-list/2004-December/msg00091.html Mandrakesoft Security Advisories (MDKSA-2004:151) http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:151 Red Hat Security Advisory RHSA-2004:687-05 http://rhn.redhat.com/errata/RHSA-2004-687.html SUSE Security Announcement SUSE-SA:2005:002 http://www.novell.com/linux/security/advisories/2005_02_php4_mod_php4.html Red Hat Linux Security Advisory RHSA-2005:031-08 https://rhn.redhat.com/errata/RHSA-2005-031.html Security Update 2005-001 for Mac OS X http://docs.info.apple.com/article.html?artnum=300770 Red Hat Security Advisory RHSA-2005:032-06 https://rhn.redhat.com/errata/RHSA-2005-032.html HP Security Bulletin (HPSBMA01212) http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA01212

Histórico de versiones
Versión	Comentario	Fecha
1.0	Aviso emitido. Exploit público disponible.	2004-12-20
1.1	Avisos emitidos por Fedora Linux (FEDORA-2004-567, FEDORA-2004-568), Mandrake Linux (MDKSA-2004:151) y Red Hat Linux (RHSA-2004:687-05)	2004-12-23
1.2	Aviso emitido por SUSE Linux (SUSE-SA:2005:002)	2005-01-18
1.3	Nuevos parches emitidos por Red Hat Linux (RHSA-2005:031-08)	2005-01-21
1.4	Aviso emitido por Apple (2005-001)	2005-01-26
1.5	Aviso emitido por Red Hat (RHSA-2005:032-06)	2005-02-16
1.6	Aviso emitido por Hewlett-Packard (HPSBMA01212)	2005-08-11
1.7	Aviso actualizado por Hewlett-Packard (HPSBMA01212)	2005-09-26

Boletines de Vulnerabilidades

Actualización de PHP resuelve múltiples vulnerabilidades

Clasificación de la vulnerabilidad

Información sobre el sistema

Descripción

Solución

Identificadores estándar

Recursos adicionales

Histórico de versiones