Skip to navigation

Security Advisory Updated PHP packages are available [updated 2002-Mar-11]

Advisory: RHSA-2002:035-18
Type: Security Advisory
Severity: N/A
Issued on: 2002-02-27
Last updated on: 2002-03-21
Affected Products: Red Hat Linux 6.2
Red Hat Linux 7.0
Red Hat Linux 7.1
Red Hat Linux 7.2
CVEs (cve.mitre.org): CVE-2001-1247
CVE-2002-0081

Details

Updated PHP packages are available to fix vulnerabilities in the functions
that parse multipart MIME data, which are used when uploading files
through forms.

This revised advisory contains updated packages for Red Hat Linux 7, 7.1,
and 7.2.

PHP is an HTML-embeddable scripting language. A number of flaws have been
found in the way PHP handles multipart/form-data POST requests. Each of
these flaws could allow an attacker to execute arbitrary code on the remote
system.

PHP 3.10-3.18 contains a broken boundary check (hard to exploit) and an
arbitrary heap overflow (easy to exploit). These versions of PHP were
shipped with Red Hat Linux 6.2.

PHP 4.0.1-4.0.3pl1 contains a broken boundary check (hard to exploit) and a
heap-off-by-one (easy to exploit). These versions of PHP were shipped with
Red Hat Linux 7.0.

PHP 4.0.2-4.0.5 contains two broken boundary checks (one very easy and one
hard to exploit). These versions of PHP were shipped with Red Hat Linux
7.1 and as erratas to 7.0.

PHP 4.0.6-4.0.7RC2 contains a broken boundary check (very easy to exploit).
These versions of PHP were shipped with Red Hat Linux 7.2

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2002-0081 to this issue.

If you are running PHP 4.0.3 or above, one way to work around these bugs is
to disable the fileupload support within your php.ini file (by setting
file_uploads = Off).

All users of PHP are advised to immediately upgrade to these errata
packages which close these vulnerabilities.

A previous version of this erratum included a version of the MySQL
extension which was compiled with an incorrect default pathname for the
socket used to connect to database servers residing on the local host.

This setting corresponds to the mysql.default_socket setting in the
/etc/php.ini file, and can also be corrected there.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains
the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

After applying these updates you will need to restart your web server if it
was running before the update was applied.

Updated packages

Red Hat Linux 6.2

SRPMS:
ftp://updates.redhat.com/rhn/repository/NULL/php/3.0.18-8/SRPMS/php-3.0.18-8.src.rpm
Missing file
    MD5: f07b6317aee9ade09625a8166641edc7
 
Alpha:
ftp://updates.redhat.com/rhn/repository/NULL/php/3.0.18-8/alpha/php-3.0.18-8.alpha.rpm
Missing file
    MD5: c56a2c896756ce982e14b329ee122c97
ftp://updates.redhat.com/rhn/repository/NULL/php-imap/3.0.18-8/alpha/php-imap-3.0.18-8.alpha.rpm
Missing file
    MD5: 1a14f54cf642e41b6474f7bd8d89b4b7
ftp://updates.redhat.com/rhn/repository/NULL/php-ldap/3.0.18-8/alpha/php-ldap-3.0.18-8.alpha.rpm
Missing file
    MD5: 90244d18f76ce2f254e946edcb28e4b9
ftp://updates.redhat.com/rhn/repository/NULL/php-manual/3.0.18-8/alpha/php-manual-3.0.18-8.alpha.rpm
Missing file
    MD5: 7b05bacc07896a17866cbe73b9c37eba
ftp://updates.redhat.com/rhn/repository/NULL/php-pgsql/3.0.18-8/alpha/php-pgsql-3.0.18-8.alpha.rpm
Missing file
    MD5: 1266ab137b0fb24e7447683e9100c501
 
IA-32:
ftp://updates.redhat.com/rhn/repository/NULL/php/3.0.18-8/i386/php-3.0.18-8.i386.rpm
Missing file
    MD5: f4219464571e14737e1e5e3d414ae5d2
ftp://updates.redhat.com/rhn/repository/NULL/php-imap/3.0.18-8/i386/php-imap-3.0.18-8.i386.rpm
Missing file
    MD5: 9e4250f304c8832a0d0e99d98109f59c
ftp://updates.redhat.com/rhn/repository/NULL/php-ldap/3.0.18-8/i386/php-ldap-3.0.18-8.i386.rpm
Missing file
    MD5: 31630b40f901d1617cfe0fce4a2e14df
ftp://updates.redhat.com/rhn/repository/NULL/php-manual/3.0.18-8/i386/php-manual-3.0.18-8.i386.rpm
Missing file
    MD5: 78ade58fa6517548264f21996bf799a3
ftp://updates.redhat.com/rhn/repository/NULL/php-pgsql/3.0.18-8/i386/php-pgsql-3.0.18-8.i386.rpm
Missing file
    MD5: c4985d7263824fd4c837f997605afff2
 
Sparc:
ftp://updates.redhat.com/rhn/repository/NULL/php/3.0.18-8/sparc/php-3.0.18-8.sparc.rpm
Missing file
    MD5: 08e4722c97645d8bde860ff0b9dbb48c
ftp://updates.redhat.com/rhn/repository/NULL/php-imap/3.0.18-8/sparc/php-imap-3.0.18-8.sparc.rpm
Missing file
    MD5: 17d9aaac1927e3dd631dfd26fd75e25e
ftp://updates.redhat.com/rhn/repository/NULL/php-ldap/3.0.18-8/sparc/php-ldap-3.0.18-8.sparc.rpm
Missing file
    MD5: 4f9a316f188315dddc6d2d7b3f643abc
ftp://updates.redhat.com/rhn/repository/NULL/php-manual/3.0.18-8/sparc/php-manual-3.0.18-8.sparc.rpm
Missing file
    MD5: f7783e877972c2cd4a8c91574fef4655
ftp://updates.redhat.com/rhn/repository/NULL/php-pgsql/3.0.18-8/sparc/php-pgsql-3.0.18-8.sparc.rpm
Missing file
    MD5: b2ac8533b51b8a63db12cee2e334bc70
 
Red Hat Linux 7.0

SRPMS:
php-4.0.6-13.src.rpm
File outdated by:  RHSA-2002:213
    MD5: bb29d69be271e9392ac5d7927bb5898b
 
Alpha:
php-4.0.6-13.alpha.rpm
File outdated by:  RHSA-2002:213
    MD5: 0b712264f703cbeb1ec8bfd4aef472fc
php-devel-4.0.6-13.alpha.rpm
File outdated by:  RHSA-2002:213
    MD5: 6ad1e3760f43c0bc6565aeb0e3e893c4
php-imap-4.0.6-13.alpha.rpm
File outdated by:  RHSA-2002:213
    MD5: a591f97833ef17101dcdf4d3a83afca8
php-ldap-4.0.6-13.alpha.rpm
File outdated by:  RHSA-2002:213
    MD5: 71c2a9c5ac2110886a40fc95531bbc9b
php-manual-4.0.6-13.alpha.rpm
File outdated by:  RHSA-2002:213
    MD5: 0340411a93de40a1adf9399cf4250f98
php-mysql-4.0.6-13.alpha.rpm
File outdated by:  RHSA-2002:213
    MD5: a867a755350bdb973ca9bb6715d8ee02
php-odbc-4.0.6-13.alpha.rpm
File outdated by:  RHSA-2002:213
    MD5: 85f509ab6df2eeff3598ee83a00a4894
php-pgsql-4.0.6-13.alpha.rpm
File outdated by:  RHSA-2002:213
    MD5: 00181ed29d93b2b58b0b80898c15b4db
 
IA-32:
php-4.0.6-13.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: af89043ea355c15f56b956851d0aa4d5
php-devel-4.0.6-13.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: df120a36632bfefed5e8214c103153c8
php-imap-4.0.6-13.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: 954c496e71a391754431e604fea27d3a
php-ldap-4.0.6-13.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: fe6a47d82357ff4b2f2ecb3c4b5b9263
php-manual-4.0.6-13.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: 6494c2fe238beb90e8f5d374bef78b82
php-mysql-4.0.6-13.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: c9756317b0164b5a9eb4e598233f6603
php-odbc-4.0.6-13.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: 0d219a74f9a603faa6bec0d6cae404ff
php-pgsql-4.0.6-13.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: b31f9833aa9de5fb146bd7b0d83d3447
 
Red Hat Linux 7.1

SRPMS:
php-4.0.6-14.src.rpm
File outdated by:  RHSA-2002:213
    MD5: 744b77f8a3cc55a27d4d60ab7981c535
 
Alpha:
php-4.0.6-14.alpha.rpm
File outdated by:  RHSA-2002:213
    MD5: c050178fb44e084ff22c5df45313e4c5
php-devel-4.0.6-14.alpha.rpm
File outdated by:  RHSA-2002:213
    MD5: 20aec96fa6f11d258e7341364c7267fe
php-imap-4.0.6-14.alpha.rpm
File outdated by:  RHSA-2002:213
    MD5: 0efbcddd0fece2113f11b4d73ed8fe7d
php-ldap-4.0.6-14.alpha.rpm
File outdated by:  RHSA-2002:213
    MD5: 4c312b08af6779ec7d232f6d5ee48110
php-manual-4.0.6-14.alpha.rpm
File outdated by:  RHSA-2002:213
    MD5: 46847ebec323ce1eee75f94a5e211ff9
php-mysql-4.0.6-14.alpha.rpm
File outdated by:  RHSA-2002:213
    MD5: 59ef323131bed33623b9e1fba289ed2f
php-odbc-4.0.6-14.alpha.rpm
File outdated by:  RHSA-2002:213
    MD5: 9fbcb899edc3541018ec122c40576ff5
php-pgsql-4.0.6-14.alpha.rpm
File outdated by:  RHSA-2002:213
    MD5: e278989038dc0f87936569846aa293fc
 
IA-32:
php-4.0.6-14.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: dc1140d7f7b18781d672e309dd7ca04b
php-devel-4.0.6-14.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: fa4b579888995b6573e7a73804158f96
php-imap-4.0.6-14.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: 1263d98ba75ec5ca1e65d48bd368379d
php-ldap-4.0.6-14.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: 74efc20c094b707be855dabaf2add1f4
php-manual-4.0.6-14.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: cbc44ab6b2fc44a02494bf2471919961
php-mysql-4.0.6-14.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: 5d495b80a74f66322a47fd944966f279
php-odbc-4.0.6-14.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: b354335acc5b940d2f0e738fc4787be6
php-pgsql-4.0.6-14.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: d077d9fa21dadb3c057678230b3074c0
 
IA-64:
php-4.0.6-14.ia64.rpm
File outdated by:  RHSA-2002:213
    MD5: 3228e983d9ddc1d489a842530b89d243
php-devel-4.0.6-14.ia64.rpm
File outdated by:  RHSA-2002:213
    MD5: 4833f11cffa29e2ddb875363e5b3f251
php-imap-4.0.6-14.ia64.rpm
File outdated by:  RHSA-2002:213
    MD5: 47b48d59b575a9b575d611e0f172b7aa
php-ldap-4.0.6-14.ia64.rpm
File outdated by:  RHSA-2002:213
    MD5: e4332a1b20a06ed9fb8f81fde2cc804b
php-manual-4.0.6-14.ia64.rpm
File outdated by:  RHSA-2002:213
    MD5: 6f7f723ee3f53ffca3f3d5ff45019b79
php-mysql-4.0.6-14.ia64.rpm
File outdated by:  RHSA-2002:213
    MD5: 3724f9d8d8f4d220346863a88de13d76
php-odbc-4.0.6-14.ia64.rpm
File outdated by:  RHSA-2002:213
    MD5: 4b8f83a823e31ed823a3140a760483ff
php-pgsql-4.0.6-14.ia64.rpm
File outdated by:  RHSA-2002:213
    MD5: 3f3331675054fddb9da31bf86b0c5547
 
Red Hat Linux 7.2

SRPMS:
php-4.0.6-15.src.rpm
File outdated by:  RHSA-2002:213
    MD5: 66ecdcea3196a94160ce6cdbc2ddc4d6
 
IA-32:
php-4.0.6-15.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: 39ba1ae47d084733ed62d13bdc2c94c7
php-devel-4.0.6-15.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: 78b159fdd343e51f94999702535b0ea7
php-imap-4.0.6-15.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: ee99d2eef98e265a3bbf8f8a7560aae2
php-ldap-4.0.6-15.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: 71e442a419d01253b28e153bb8c0e14d
php-manual-4.0.6-15.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: dfe7acedf564e7870ec6ae2a5ba35cea
php-mysql-4.0.6-15.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: 79c7dd197bd32308cd6fde471ab6ecf9
php-odbc-4.0.6-15.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: 6f361675b3abdf2a0217e1060102b4d3
php-pgsql-4.0.6-15.i386.rpm
File outdated by:  RHSA-2002:213
    MD5: d4fed68c16d30a4bc8a810ffa1e38f47
 
IA-64:
php-4.0.6-15.ia64.rpm
File outdated by:  RHSA-2002:213
    MD5: f4576c3f1337e53762cb5faa3f6c1d50
php-devel-4.0.6-15.ia64.rpm
File outdated by:  RHSA-2002:213
    MD5: 206f11bcc8a84d18b742f3e1200bf284
php-imap-4.0.6-15.ia64.rpm
File outdated by:  RHSA-2002:213
    MD5: 68320556a17082261578fca3b7b8cb83
php-ldap-4.0.6-15.ia64.rpm
File outdated by:  RHSA-2002:213
    MD5: dfe2bf8b9ed61589e43acf87d4d37c22
php-manual-4.0.6-15.ia64.rpm
File outdated by:  RHSA-2002:213
    MD5: bf8af9aa9891e0491bd5e4e3d22ae821
php-mysql-4.0.6-15.ia64.rpm
File outdated by:  RHSA-2002:213
    MD5: 971ba2e0d2fdec91d80bb7337a7f7b9f
php-odbc-4.0.6-15.ia64.rpm
File outdated by:  RHSA-2002:213
    MD5: d6f5e5077ba72d94a21479923382cfe4
php-pgsql-4.0.6-15.ia64.rpm
File outdated by:  RHSA-2002:213
    MD5: 9141daf011bb0bd53543214cb438bbc8
 

References


Keywords

exploit, MIME, mulitpart, PHP, remote


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/