[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

php4: broken boundary check

Package: php4
Version: N/A; reported 2002-02-27
Severity: grave
Tags: security
Justification: user security hole


Unfourtunately there are several flaws in the php_mime_split function
that could be used by an attacker to execute arbitrary code.

Vendor Response

Because I am part of the php developer team there is not much I can
write here...

27 February 2002 An updated version of php and the patch for these
vulnerabilites are now available at: http://www.php.net/downloads.php

     If you are running PHP 4.0.3 or above one way to workaround these
     bugs is to disable the fileupload support within your php.ini
     (file_uploads = Off) If you are running php as module keep in mind
     to restart the webserver. Anyway you should better install the
     fixed or a properly patched version to be safe.

Debian stable  php4 4.0.3pl1-0potato2:
"PHP 4.0.2-4.0.5
- 2 broken boundary checks (one very easy and one hard to exploit)"

Debian testing/unstable   php4 4:4.1.1-1   php4 4:4.1.1-2.1
"PHP 4.0.7RC3-4.1.1
- broken boundary check (hard to exploit)"

-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux debian 2.4.16-pre1 #2 Sun Nov 25 21:33:40 CET 2001 i686
Locale: LANG=de_DE.ISO-8859-1, LC_CTYPE=en_US

Reply to: