php4: broken boundary check
Package: php4
Version: N/A; reported 2002-02-27
Severity: grave
Tags: security
Justification: user security hole
http://security.e-matters.de/advisories/012002.html
"...
Unfourtunately there are several flaws in the php_mime_split function
that could be used by an attacker to execute arbitrary code.
...
Vendor Response
Because I am part of the php developer team there is not much I can
write here...
27 February 2002 An updated version of php and the patch for these
vulnerabilites are now available at: http://www.php.net/downloads.php
Recommendation
If you are running PHP 4.0.3 or above one way to workaround these
bugs is to disable the fileupload support within your php.ini
(file_uploads = Off) If you are running php as module keep in mind
to restart the webserver. Anyway you should better install the
fixed or a properly patched version to be safe.
..."
Debian stable php4 4.0.3pl1-0potato2:
"PHP 4.0.2-4.0.5
- 2 broken boundary checks (one very easy and one hard to exploit)"
Debian testing/unstable php4 4:4.1.1-1 php4 4:4.1.1-2.1
"PHP 4.0.7RC3-4.1.1
- broken boundary check (hard to exploit)"
-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux debian 2.4.16-pre1 #2 Sun Nov 25 21:33:40 CET 2001 i686
Locale: LANG=de_DE.ISO-8859-1, LC_CTYPE=en_US
Reply to: