Secunia Security Advisory - Mandriva has issued an update for php. This fixes some vulnerabilities, which potentially can be exploited by malicious, local users to bypass certain security restrictions or by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
f38af0717a04f4ce93a1dced67e2e6122d5f1a915875a9389612b1ce8294e900
----------------------------------------------------------------------
Hardcore Disassembler / Reverse Engineer Wanted!
Want to work with IDA and BinDiff?
Want to write PoC's and Exploits?
Your nationality is not important.
We will get you a work permit, find an apartment, and offer a
relocation compensation package.
http://secunia.com/hardcore_disassembler_and_reverse_engineer/
----------------------------------------------------------------------
TITLE:
Mandriva update for php
SECUNIA ADVISORY ID:
SA21050
VERIFY ADVISORY:
http://secunia.com/advisories/21050/
CRITICAL:
Moderately critical
IMPACT:
Security Bypass, DoS, System access
WHERE:
>From remote
OPERATING SYSTEM:
Mandriva Linux 2006
http://secunia.com/product/9020/
DESCRIPTION:
Mandriva has issued an update for php. This fixes some
vulnerabilities, which potentially can be exploited by malicious,
local users to bypass certain security restrictions or by malicious
people to cause a DoS (Denial of Service) or compromise a vulnerable
system.
For more information:
SA12996
SA13179
SA18694
SA19803
SA19927
SA20337
SA20500
SA20818
SOLUTION:
Apply updated packages.
Mandrivalinux 2006
ac3a35ac0db18fe07aed82c55bc9495c
2006.0/RPMS/libphp5_common5-5.0.4-9.12.20060mdk.i586.rpm
eddf792e9ac30c60ba29967469c94721
2006.0/RPMS/php-cgi-5.0.4-9.12.20060mdk.i586.rpm
7ad40230e703fb0dbddb9b6b864305de
2006.0/RPMS/php-cli-5.0.4-9.12.20060mdk.i586.rpm
847ea3aa279af20470a4e4fc0ccefc7f
2006.0/RPMS/php-curl-5.0.4-1.3.20060mdk.i586.rpm
e81718f6e31cb7aced9d2ff7462c0b80
2006.0/RPMS/php-devel-5.0.4-9.12.20060mdk.i586.rpm
188757b3e34afb445a288f4156232b77
2006.0/RPMS/php-fcgi-5.0.4-9.12.20060mdk.i586.rpm
b8487a338e7c0be6baf08f3231169574
2006.0/RPMS/php-imap-5.0.4-2.3.20060mdk.i586.rpm
cdda5acab01891036e955b4b89509552
2006.0/SRPMS/php-5.0.4-9.12.20060mdk.src.rpm
6f59b73dc4ad989fc1cf82981a78447b
2006.0/SRPMS/php-curl-5.0.4-1.3.20060mdk.src.rpm
1ca1cd0433f93e7a5338d265e5fe31a1
2006.0/SRPMS/php-imap-5.0.4-2.3.20060mdk.src.rpm
Mandrivalinux 2006/X86_64
91133e3df28354e321a52b868605f5b4
x86_64/2006.0/RPMS/lib64php5_common5-5.0.4-9.12.20060mdk.x86_64.rpm
348350bfa9bb17ac01b574d1ce53e212
x86_64/2006.0/RPMS/php-cgi-5.0.4-9.12.20060mdk.x86_64.rpm
c33ab51b3b82a33140625c1dda6ed397
x86_64/2006.0/RPMS/php-cli-5.0.4-9.12.20060mdk.x86_64.rpm
070e8e1f3d4a5035cd2ca7b4b9dc6f61
x86_64/2006.0/RPMS/php-curl-5.0.4-1.3.20060mdk.x86_64.rpm
d1cae6289e3625693902b52730dbf95f
x86_64/2006.0/RPMS/php-devel-5.0.4-9.12.20060mdk.x86_64.rpm
e8ae1224fab30562d7d66c981893897c
x86_64/2006.0/RPMS/php-fcgi-5.0.4-9.12.20060mdk.x86_64.rpm
991c3a4f7cb708aa3c2f9ef4b525017e
x86_64/2006.0/RPMS/php-imap-5.0.4-2.3.20060mdk.x86_64.rpm
cdda5acab01891036e955b4b89509552
x86_64/2006.0/SRPMS/php-5.0.4-9.12.20060mdk.src.rpm
6f59b73dc4ad989fc1cf82981a78447b
x86_64/2006.0/SRPMS/php-curl-5.0.4-1.3.20060mdk.src.rpm
1ca1cd0433f93e7a5338d265e5fe31a1
x86_64/2006.0/SRPMS/php-imap-5.0.4-2.3.20060mdk.src.rpm
ORIGINAL ADVISORY:
http://www.mandriva.com/security/advisories?name=MDKSA-2006:122
OTHER REFERENCES:
SA12996:
http://secunia.com/advisories/12996/
SA13179:
http://secunia.com/advisories/13179/
SA18694:
http://secunia.com/advisories/18694/
SA19803:
http://secunia.com/advisories/19803/
SA19927:
http://secunia.com/advisories/19927/
SA20337:
http://secunia.com/advisories/20337/
SA20500:
http://secunia.com/advisories/20500/
SA20818:
http://secunia.com/advisories/20818/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------