php4: broken boundary check

To: Debian Bug Tracking System <submit@bugs.debian.org>
Cc: security@debian.org, debian-security@lists.debian.org
Subject: php4: broken boundary check
From: Noel Koethe <noel@debian.org>
Date: Wed, 27 Feb 2002 15:58:33 +0100
Message-id: <[🔎] 20020227145833.D40D47BE4E@debian>

Package: php4
Version: N/A; reported 2002-02-27
Severity: grave
Tags: security
Justification: user security hole

http://security.e-matters.de/advisories/012002.html

"...
Unfourtunately there are several flaws in the php_mime_split function
that could be used by an attacker to execute arbitrary code.
...

Vendor Response

Because I am part of the php developer team there is not much I can
write here...

27 February 2002 An updated version of php and the patch for these
vulnerabilites are now available at: http://www.php.net/downloads.php
   
Recommendation

     If you are running PHP 4.0.3 or above one way to workaround these
     bugs is to disable the fileupload support within your php.ini
     (file_uploads = Off) If you are running php as module keep in mind
     to restart the webserver. Anyway you should better install the
     fixed or a properly patched version to be safe.
..."

Debian stable  php4 4.0.3pl1-0potato2:
"PHP 4.0.2-4.0.5
- 2 broken boundary checks (one very easy and one hard to exploit)"

Debian testing/unstable   php4 4:4.1.1-1   php4 4:4.1.1-2.1
"PHP 4.0.7RC3-4.1.1
- broken boundary check (hard to exploit)"

-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux debian 2.4.16-pre1 #2 Sun Nov 25 21:33:40 CET 2001 i686
Locale: LANG=de_DE.ISO-8859-1, LC_CTYPE=en_US

Reply to:

Prev by Date: An PHP exploit with Potato?
Next by Date: log analyze applications
Previous by thread: An PHP exploit with Potato?
Next by thread: log analyze applications
Index(es):
- Date
- Thread