Abrir sesión
logo

DEFENSA FRENTE A LAS CIBERAMENAZAS

barra-separadora

Boletines de Vulnerabilidades


Actualización de PHP resuelve múltiples vulnerabilidades

Clasificación de la vulnerabilidad

Propiedad Valor
Nivel de Confianza Oficial
Impacto Obtener acceso
Dificultad Avanzado
Requerimientos del atacante Acceso remoto sin cuenta a un servicio estandar

Información sobre el sistema

Propiedad Valor
Fabricante afectado GNU/Linux
Software afectado php < 4.3.10
HP System Management Homepage 2.0.0-2.0.2

Descripción

Una nueva version de php (4.3.10) resuelve múltiples vulnerabilidades:

CAN-2004-1018 - Desbordamiento de búfer en shmop_write().
CAN-2004-1018 - Desbordamiento de búfer en las funciones pack() y unpack().
CAN-2004-1019 - Fuga de información y doble "free"
CAN-2004-1020 - Vulnerabilidad en la función addslashes()
CAN-2004-1063 - safe_mode execution directory bypass.
CAN-2004-1064 - Acceso a archivos arbitrarios.
CAN-2004-1065 - Desbordamiento en nombres de sección en exif_read_data().

Existe un exploit público disponible para algunas de estas vulnerabilidades.

Solución



Actualización de software

PHP
PHP 4.3.10
http://www.php.net/downloads.php

Fedora Linux (CAN-2004-1019) y (CVE CAN-2004-1065)
Actualización para Linux Fedora Core 2
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
Actualización para Linux Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

Mandrake Linux
Mandrake Linux 9.2
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libphp_common432-4.3.3-2.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/php-cgi-4.3.3-2.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/php-cli-4.3.3-2.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/php432-devel-4.3.3-2.3.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/SRPMS/php-4.3.3-2.3.92mdk.src.rpm
Mandrake Linux 9.2/AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64php_common432-4.3.3-2.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/php-cgi-4.3.3-2.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/php-cli-4.3.3-2.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/php432-devel-4.3.3-2.3.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/SRPMS/php-4.3.3-2.3.92mdk.src.rpm
Mandrake Linux10.0
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libphp_common432-4.3.4-4.3.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/php-cgi-4.3.4-4.3.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/php-cli-4.3.4-4.3.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/php432-devel-4.3.4-4.3.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/php-4.3.4-4.3.100mdk.src.rpm
Mandrake Linux 10.0/AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64php_common432-4.3.4-4.3.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/php-cgi-4.3.4-4.3.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/php-cli-4.3.4-4.3.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/php432-devel-4.3.4-4.3.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/php-4.3.4-4.3.100mdk.src.rpm
Mandrake Linux 10.1
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/libphp_common432-4.3.8-3.2.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/php-cgi-4.3.8-3.2.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/php-cli-4.3.8-3.2.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/php432-devel-4.3.8-3.2.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/php-4.3.8-3.2.101mdk.src.rpm
Mandrake Linux 10.1/X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/lib64php_common432-4.3.8-3.2.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/php-cgi-4.3.8-3.2.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/php-cli-4.3.8-3.2.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/php432-devel-4.3.8-3.2.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/php-4.3.8-3.2.101mdk.src.rpm
Corporate Server 2.1
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/php-4.2.3-4.3.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/php-common-4.2.3-4.3.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/php-devel-4.2.3-4.3.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/php-pear-4.2.3-4.3.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/SRPMS/php-4.2.3-4.3.C21mdk.src.rpm
Corporate Server 2.1/X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/php-4.2.3-4.3.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/php-common-4.2.3-4.3.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/php-devel-4.2.3-4.3.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/php-pear-4.2.3-4.3.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/SRPMS/php-4.2.3-4.3.C21mdk.src.rpm

Red Hat Linux

Red Hat Desktop (v. 3)/SRPMS:
php-4.3.2-19.ent.src.rpm t

Red Hat Desktop (v. 3)/IA-32:
php-4.3.2-19.ent.i386.rpm t
php-devel-4.3.2-19.ent.i386.rpm t
php-imap-4.3.2-19.ent.i386.rpm t
php-ldap-4.3.2-19.ent.i386.rpm t
php-mysql-4.3.2-19.ent.i386.rpm t
php-odbc-4.3.2-19.ent.i386.rpm t
php-pgsql-4.3.2-19.ent.i386.rpm t

Red Hat Desktop (v. 3)/x86_64:
php-4.3.2-19.ent.x86_64.rpm t
php-devel-4.3.2-19.ent.x86_64.rpm t
php-imap-4.3.2-19.ent.x86_64.rpm t
php-ldap-4.3.2-19.ent.x86_64.rpm t
php-mysql-4.3.2-19.ent.x86_64.rpm t
php-odbc-4.3.2-19.ent.x86_64.rpm t
php-pgsql-4.3.2-19.ent.x86_64.rpm t

Red Hat Enterprise Linux AS (v. 3)/SRPMS:
php-4.3.2-19.ent.src.rpm t

Red Hat Enterprise Linux AS (v. 3)/IA-32:
php-4.3.2-19.ent.i386.rpm t
php-devel-4.3.2-19.ent.i386.rpm t
php-imap-4.3.2-19.ent.i386.rpm t
php-ldap-4.3.2-19.ent.i386.rpm t
php-mysql-4.3.2-19.ent.i386.rpm t
php-odbc-4.3.2-19.ent.i386.rpm t
php-pgsql-4.3.2-19.ent.i386.rpm t

Red Hat Enterprise Linux AS (v. 3)/IA-64:
php-4.3.2-19.ent.ia64.rpm t
php-devel-4.3.2-19.ent.ia64.rpm t
php-imap-4.3.2-19.ent.ia64.rpm t
php-ldap-4.3.2-19.ent.ia64.rpm t
php-mysql-4.3.2-19.ent.ia64.rpm t
php-odbc-4.3.2-19.ent.ia64.rpm t
php-pgsql-4.3.2-19.ent.ia64.rpm t

Red Hat Enterprise Linux AS (v. 3)/PPC:
php-4.3.2-19.ent.ppc.rpm t
php-devel-4.3.2-19.ent.ppc.rpm t
php-imap-4.3.2-19.ent.ppc.rpm t
php-ldap-4.3.2-19.ent.ppc.rpm t
php-mysql-4.3.2-19.ent.ppc.rpm t
php-odbc-4.3.2-19.ent.ppc.rpm t
php-pgsql-4.3.2-19.ent.ppc.rpm t

Red Hat Enterprise Linux AS (v. 3)/s390:
php-4.3.2-19.ent.s390.rpm t
php-devel-4.3.2-19.ent.s390.rpm t
php-imap-4.3.2-19.ent.s390.rpm t
php-ldap-4.3.2-19.ent.s390.rpm t
php-mysql-4.3.2-19.ent.s390.rpm t
php-odbc-4.3.2-19.ent.s390.rpm t
php-pgsql-4.3.2-19.ent.s390.rpm t

Red Hat Enterprise Linux AS (v. 3)/s390x:
php-4.3.2-19.ent.s390x.rpm t
php-devel-4.3.2-19.ent.s390x.rpm t
php-imap-4.3.2-19.ent.s390x.rpm t
php-ldap-4.3.2-19.ent.s390x.rpm t
php-mysql-4.3.2-19.ent.s390x.rpm t
php-odbc-4.3.2-19.ent.s390x.rpm t
php-pgsql-4.3.2-19.ent.s390x.rpm t

Red Hat Enterprise Linux AS (v. 3)/x86_64:
php-4.3.2-19.ent.x86_64.rpm t
php-devel-4.3.2-19.ent.x86_64.rpm t
php-imap-4.3.2-19.ent.x86_64.rpm t
php-ldap-4.3.2-19.ent.x86_64.rpm t
php-mysql-4.3.2-19.ent.x86_64.rpm t
php-odbc-4.3.2-19.ent.x86_64.rpm t
php-pgsql-4.3.2-19.ent.x86_64.rpm t

Red Hat Enterprise Linux ES (v. 3)/SRPMS:
php-4.3.2-19.ent.src.rpm t

Red Hat Enterprise Linux ES (v. 3)/IA-32:
php-4.3.2-19.ent.i386.rpm t
php-devel-4.3.2-19.ent.i386.rpm t
php-imap-4.3.2-19.ent.i386.rpm t
php-ldap-4.3.2-19.ent.i386.rpm t
php-mysql-4.3.2-19.ent.i386.rpm t
php-odbc-4.3.2-19.ent.i386.rpm t
php-pgsql-4.3.2-19.ent.i386.rpm t

Red Hat Enterprise Linux ES (v. 3)/IA-64:
php-4.3.2-19.ent.ia64.rpm t
php-devel-4.3.2-19.ent.ia64.rpm t
php-imap-4.3.2-19.ent.ia64.rpm t
php-ldap-4.3.2-19.ent.ia64.rpm t
php-mysql-4.3.2-19.ent.ia64.rpm t
php-odbc-4.3.2-19.ent.ia64.rpm t
php-pgsql-4.3.2-19.ent.ia64.rpm t

Red Hat Enterprise Linux ES (v. 3)/x86_64:
php-4.3.2-19.ent.x86_64.rpm t
php-devel-4.3.2-19.ent.x86_64.rpm t
php-imap-4.3.2-19.ent.x86_64.rpm t
php-ldap-4.3.2-19.ent.x86_64.rpm t
php-mysql-4.3.2-19.ent.x86_64.rpm t
php-odbc-4.3.2-19.ent.x86_64.rpm t
php-pgsql-4.3.2-19.ent.x86_64.rpm t

Red Hat Enterprise Linux WS (v. 3)/SRPMS:
php-4.3.2-19.ent.src.rpm t

Red Hat Enterprise Linux WS (v. 3)/IA-32:
php-4.3.2-19.ent.i386.rpm t
php-devel-4.3.2-19.ent.i386.rpm t
php-imap-4.3.2-19.ent.i386.rpm t
php-ldap-4.3.2-19.ent.i386.rpm t
php-mysql-4.3.2-19.ent.i386.rpm t
php-odbc-4.3.2-19.ent.i386.rpm t
php-pgsql-4.3.2-19.ent.i386.rpm t

Red Hat Enterprise Linux WS (v. 3)/IA-64:
php-4.3.2-19.ent.ia64.rpm t
php-devel-4.3.2-19.ent.ia64.rpm t
php-imap-4.3.2-19.ent.ia64.rpm t
php-ldap-4.3.2-19.ent.ia64.rpm t
php-mysql-4.3.2-19.ent.ia64.rpm t
php-odbc-4.3.2-19.ent.ia64.rpm t
php-pgsql-4.3.2-19.ent.ia64.rpm t

Red Hat Enterprise Linux WS (v. 3)/x86_64:
php-4.3.2-19.ent.x86_64.rpm t
php-devel-4.3.2-19.ent.x86_64.rpm t
php-imap-4.3.2-19.ent.x86_64.rpm t
php-ldap-4.3.2-19.ent.x86_64.rpm t
php-mysql-4.3.2-19.ent.x86_64.rpm t
php-odbc-4.3.2-19.ent.x86_64.rpm t
php-pgsql-4.3.2-19.ent.x86_64.rpm
https://rhn.redhat.com/

SUSE Linux

x86:

SUSE Linux 9.2:
rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/php4-4.3.8-8.3.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/apache2-mod_php4-4.3.8-8.3.i586.rpm
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/php4-4.3.8-8.3.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/apache2-mod_php4-4.3.8-8.3.i586.patch.rpm
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/php4-4.3.8-8.3.src.rpm

SUSE Linux 9.1:
rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/php4-4.3.4-43.22.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/apache2-mod_php4-4.3.4-43.22.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mod_php4-core-4.3.4-43.22.i586.rpm
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/php4-4.3.4-43.22.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/apache2-mod_php4-4.3.4-43.22.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mod_php4-core-4.3.4-43.22.i586.patch.rpm
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/php4-4.3.4-43.22.src.rpm

SUSE Linux 9.0:
rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mod_php4-4.3.3-183.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/apache2-mod_php4-4.3.3-183.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mod_php4-core-4.3.3-183.i586.rpm
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mod_php4-4.3.3-183.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/apache2-mod_php4-4.3.3-183.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mod_php4-core-4.3.3-183.i586.patch.rpm
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/mod_php4-4.3.3-183.src.rpm

SUSE Linux 8.2:
rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mod_php4-4.3.1-174.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/apache2-mod_php4-4.3.1-174.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mod_php4-core-4.3.1-174.i586.rpm
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mod_php4-4.3.1-174.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/apache2-mod_php4-4.3.1-174.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mod_php4-core-4.3.1-174.i586.patch.rpm
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/mod_php4-4.3.1-174.src.rpm

SUSE Linux 8.1:
rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-4.2.2-485.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-core-4.2.2-485.i586.rpm
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-4.2.2-485.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-core-4.2.2-485.i586.patch.rpm
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/mod_php4-4.2.2-485.src.rpm

x86-64:

SUSE Linux 9.2:
rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/php4-4.3.8-8.3.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/apache2-mod_php4-4.3.8-8.3.x86_64.rpm
source rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/src/php4-4.3.8-8.3.src.rpm

SUSE Linux 9.1:
rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/php4-4.3.4-43.22.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/apache2-mod_php4-4.3.4-43.22.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mod_php4-core-4.3.4-43.22.x86_64.rpm
patch rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/php4-4.3.4-43.22.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/apache2-mod_php4-4.3.4-43.22.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mod_php4-core-4.3.4-43.22.x86_64.patch.rpm
source rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/php4-4.3.4-43.22.src.rpm

SUSE Linux 9.0:
rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mod_php4-4.3.3-183.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/apache2-mod_php4-4.3.3-183.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mod_php4-core-4.3.3-183.x86_64.rpm
patch rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mod_php4-4.3.3-183.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/apache2-mod_php4-4.3.3-183.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mod_php4-core-4.3.3-183.x86_64.patch.rpm
source rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/mod_php4-4.3.3-183.src.rpm

Red Hat Linux (nuevos parches)

Red Hat Enterprise Linux AS (v. 2.1) / SRPMS:
php-4.1.2-2.2.src.rpm t

Red Hat Enterprise Linux AS (v. 2.1) / IA-32:
php-4.1.2-2.2.i386.rpm t
php-devel-4.1.2-2.2.i386.rpm t
php-imap-4.1.2-2.2.i386.rpm t
php-ldap-4.1.2-2.2.i386.rpm t
php-manual-4.1.2-2.2.i386.rpm t
php-mysql-4.1.2-2.2.i386.rpm t
php-odbc-4.1.2-2.2.i386.rpm t
php-pgsql-4.1.2-2.2.i386.rpm t

Red Hat Enterprise Linux AS (v. 2.1) / IA-64:
php-4.1.2-2.2.ia64.rpm t
php-devel-4.1.2-2.2.ia64.rpm t
php-imap-4.1.2-2.2.ia64.rpm t
php-ldap-4.1.2-2.2.ia64.rpm t
php-manual-4.1.2-2.2.ia64.rpm t
php-mysql-4.1.2-2.2.ia64.rpm t
php-odbc-4.1.2-2.2.ia64.rpm t
php-pgsql-4.1.2-2.2.ia64.rpm t

Red Hat Enterprise Linux ES (v. 2.1) / SRPMS:
php-4.1.2-2.2.src.rpm t

Red Hat Enterprise Linux ES (v. 2.1) / IA-32:
php-4.1.2-2.2.i386.rpm t
php-devel-4.1.2-2.2.i386.rpm t
php-imap-4.1.2-2.2.i386.rpm t
php-ldap-4.1.2-2.2.i386.rpm t
php-manual-4.1.2-2.2.i386.rpm t
php-mysql-4.1.2-2.2.i386.rpm t
php-odbc-4.1.2-2.2.i386.rpm t
php-pgsql-4.1.2-2.2.i386.rpm t

Red Hat Enterprise Linux WS (v. 2.1) / SRPMS:
php-4.1.2-2.2.src.rpm t

Red Hat Enterprise Linux WS (v. 2.1) / IA-32:
php-4.1.2-2.2.i386.rpm t
php-devel-4.1.2-2.2.i386.rpm t
php-imap-4.1.2-2.2.i386.rpm t
php-ldap-4.1.2-2.2.i386.rpm t
php-manual-4.1.2-2.2.i386.rpm t
php-mysql-4.1.2-2.2.i386.rpm t
php-odbc-4.1.2-2.2.i386.rpm t
php-pgsql-4.1.2-2.2.i386.rpm t

Red Hat Linux Advanced Workstation 2.1 Itanium Processor / SRPMS:
php-4.1.2-2.2.src.rpm t

Red Hat Linux Advanced Workstation 2.1 Itanium Processor / IA-64:
php-4.1.2-2.2.ia64.rpm t
php-devel-4.1.2-2.2.ia64.rpm t
php-imap-4.1.2-2.2.ia64.rpm t
php-ldap-4.1.2-2.2.ia64.rpm t
php-manual-4.1.2-2.2.ia64.rpm t
php-mysql-4.1.2-2.2.ia64.rpm t
php-odbc-4.1.2-2.2.ia64.rpm t
php-pgsql-4.1.2-2.2.ia64.rpm

Apple
Mac OS X 10.2.8 Client
http://www.apple.com/support/downloads/securityupdate2005001macosx1028client.html
Mac OS X 10.2.8 Server
http://www.apple.com/support/downloads/securityupdate2005001macosx1028server.html
Mac OS X 10.3.7 Client
http://www.apple.com/support/downloads/securityupdate2005001macosx1037client.html
Mac OS X 10.3.7 Server
http://www.apple.com/support/downloads/securityupdate2005001macosx1037server.html

Red Hat Linux
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)
https://rhn.redhat.com/

Hewlett-Packard
System Management Homepage v2.1.2.127 / Windows
http://h18023.www1.hp.com/support/files/server/us/download/23023.html
System Management Homepage v2.1.2.127 / Linux
http://h18023.www1.hp.com/support/files/server/us/download/23233.html

Identificadores estándar

Propiedad Valor
CVE CAN-2004-1018
CAN-2004-1019
CAN-2004-1020
CAN-2004-1063
CAN-2004-1064
CAN-2004-1065
BID NULL

Recursos adicionales

PHP 4.3.10 Release Announcement
http://www.php.net/release_4_3_10.php

Fedora Update Notification: FEDORA-2004-567
http://www.redhat.com/archives/fedora-announce-list/2004-December/msg00092.html

Fedora Update Notification: FEDORA-2004-568
http://www.redhat.com/archives/fedora-announce-list/2004-December/msg00091.html

Mandrakesoft Security Advisories (MDKSA-2004:151)
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:151

Red Hat Security Advisory RHSA-2004:687-05
http://rhn.redhat.com/errata/RHSA-2004-687.html

SUSE Security Announcement SUSE-SA:2005:002
http://www.novell.com/linux/security/advisories/2005_02_php4_mod_php4.html

Red Hat Linux Security Advisory RHSA-2005:031-08
https://rhn.redhat.com/errata/RHSA-2005-031.html

Security Update 2005-001 for Mac OS X
http://docs.info.apple.com/article.html?artnum=300770

Red Hat Security Advisory RHSA-2005:032-06
https://rhn.redhat.com/errata/RHSA-2005-032.html

HP Security Bulletin (HPSBMA01212)
http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA01212

Histórico de versiones

Versión Comentario Fecha
1.0 Aviso emitido. Exploit público disponible. 2004-12-20
1.1 Avisos emitidos por Fedora Linux (FEDORA-2004-567, FEDORA-2004-568), Mandrake Linux (MDKSA-2004:151) y Red Hat Linux (RHSA-2004:687-05) 2004-12-23
1.2 Aviso emitido por SUSE Linux (SUSE-SA:2005:002) 2005-01-18
1.3 Nuevos parches emitidos por Red Hat Linux (RHSA-2005:031-08) 2005-01-21
1.4 Aviso emitido por Apple (2005-001) 2005-01-26
1.5 Aviso emitido por Red Hat (RHSA-2005:032-06) 2005-02-16
1.6 Aviso emitido por Hewlett-Packard (HPSBMA01212) 2005-08-11
1.7 Aviso actualizado por Hewlett-Packard (HPSBMA01212) 2005-09-26
Volver

Este sitio web utiliza cookies propias y de terceros para el correcto funcionamiento y visualización del sitio web por parte del usuario, así como la recogida de estadísticas. Si continúa navegando, consideramos que acepta su uso. Puede cambiar la configuración u obtener más información. Modificar configuración