Re: PHP4 vulnerabilities

To: Allard Hoeve <allard@byte.nl>
Cc: debian-security@lists.debian.org
Subject: Re: PHP4 vulnerabilities
From: Florian Weimer <fw@deneb.enyo.de>
Date: Sun, 10 Sep 2006 20:37:17 +0200
Message-id: <[🔎] 87bqpn1sbm.fsf@mid.deneb.enyo.de>
In-reply-to: <Pine.LNX.4.62.0604121318570.5846@passoa.internal> (Allard Hoeve's message of "Wed, 12 Apr 2006 13:22:48 +0200 (CEST)")
References: <Pine.LNX.4.62.0604121318570.5846@passoa.internal>

* Allard Hoeve:

> Dear debian-security,
>
> Please take note of bugs:
>
> - #361853: [CVE-2006-0996] phpinfo() Cross Site Scripting
> - #361855: [CVE-2006-1494] tempnam() open_basedir bypass
> - #361856: [CVE-2006-1608] copy() Safe Mode Bypass
>
> All of which seem to affect sarge.

phpinfo should be disabled on production servers.  IIRC, it's even
documented in the manual.

The other two bugs can only be exploited by malicious PHP scripts.  By
design, mod_php4 cannot defend against such scripts, so these bugs
have very, very low priority.

Reply to:

Prev by Date: Re: PHP4 vulnerabilities
Next by Date: Re: PHP4 vulnerabilities
Previous by thread: Re: PHP4 vulnerabilities
Next by thread: Fabien Trauchessec est absent(e).
Index(es):
- Date
- Thread