php vulnerabilities

To: debian-security@lists.debian.org
Subject: php vulnerabilities
From: saravanan G <gsaravanan@adventnet.com>
Date: Tue, 21 Dec 2004 11:57:29 +0530
Message-id: <[🔎] 41C7C251.6090208@adventnet.com>
Reply-to: gsaravanan@adventnet.com
In-reply-to: <m1CgLjh-000on6C@finlandia.Infodrom.North.DE>
References: <m1CgLjh-000on6C@finlandia.Infodrom.North.DE>

Hai ,

I am using php4:4.1.2-7.0.1 on my debian woody. I have read thatthere are some vulnerabilities in php <= 4.3.9 as follows


[01 - pack() - integer overflow leading to heap bufferoverflow ]
[02 - unpack() - integer overflow leading to heap info leak ]
[03 - safe_mode_exec_dir bypass in multithreaded PHP ]
[04 - safe_mode bypass through path truncation ]
[05 - path truncation in realpath() ]
[06 - unserialize() - wrong handling of negative references ]
[07 - unserialize() - wrong handling of references to freed data ]


Source url : http://www.hardened-php.net/advisories/012004.txt

How do I secure my php in debian woody?

Please advice me

Sarav

Reply to:

Follow-Ups:
- Re: php vulnerabilities
  - From: saravanan ganapathy <sarav_gsa@yahoo.com>
- Re: php vulnerabilities
  - From: Adrian Minta <gygy@rdslink.ro>

Prev by Date: Re: php vulnerability
Next by Date: Re: php vulnerability
Previous by thread: Re: php vulnerability
Next by thread: Re: php vulnerabilities
Index(es):
- Date
- Thread