exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2009-246

Mandriva Linux Security Advisory 2009-246
Posted Sep 26, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-246 - The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates. Unspecified vulnerability in PHP before 5.2.11 has unknown impact and attack vectors related to missing sanity checks around exif processing. Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect sanity check for the color index. This update provides a solution to these vulnerabilities.

tags | advisory, denial of service, spoof, php, vulnerability
systems | linux, mandriva
advisories | CVE-2008-7068, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293
SHA-256 | a7888af91f0c4d772efd71a91fd56e1c64e3be7dc6c2d0e953cc04cb1993cd51
Download | Favorite | View

Mandriva Linux Security Advisory 2009-246

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:246
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : php
 Date    : September 25, 2009
 Affected: Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities was discovered and corrected in php:
 
 The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent
 attackers to cause a denial of service (file truncation) via a key with
 the NULL byte.  NOTE: this might only be a vulnerability in limited
 circumstances in which the attacker can modify or add database entries
 but does not have permissions to truncate the file (CVE-2008-7068).
 
 The php_openssl_apply_verification_policy function in PHP before
 5.2.11 does not properly perform certificate validation, which has
 unknown impact and attack vectors, probably related to an ability to
 spoof certificates (CVE-2009-3291).
 
 Unspecified vulnerability in PHP before 5.2.11 has unknown impact
 and attack vectors related to missing sanity checks around exif
 processing. (CVE-2009-3292)
 
 Unspecified vulnerability in the imagecolortransparent function in
 PHP before 5.2.11 has unknown impact and attack vectors related to
 an incorrect sanity check for the color index. (CVE-2009-3293)
 
 This update provides a solution to these vulnerabilities.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7068
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3291
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3292
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3293
 _______________________________________________________________________

 Updated Packages:

 Corporate 3.0:
 4a02595b5eea0b6875698b3171c6de18  corporate/3.0/i586/libphp_common432-4.3.4-4.30.C30mdk.i586.rpm
 1d5d7040ec73f39c49be4cfb6424ccb1  corporate/3.0/i586/php432-devel-4.3.4-4.30.C30mdk.i586.rpm
 223f27eb0ba733c0898589f2bd9f939d  corporate/3.0/i586/php-cgi-4.3.4-4.30.C30mdk.i586.rpm
 f97c40bcbbff8baf4858b2021399f681  corporate/3.0/i586/php-cli-4.3.4-4.30.C30mdk.i586.rpm
 ce14b49faa8a0e0e1f30446a9fd697dd  corporate/3.0/i586/php-dba_bundle-4.3.4-1.1.C30mdk.i586.rpm
 6dba56cf1716e33d1c672806b83a5c56  corporate/3.0/i586/php-gd-4.3.4-1.8.C30mdk.i586.rpm 
 6729a16844799b099c84a2ba1396dd47  corporate/3.0/SRPMS/php-4.3.4-4.30.C30mdk.src.rpm
 512d01dbfe8ef3037ec2045746342840  corporate/3.0/SRPMS/php-dba_bundle-4.3.4-1.1.C30mdk.src.rpm
 2d58a96f81c208cad9b65189156f92e0  corporate/3.0/SRPMS/php-gd-4.3.4-1.8.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 a655f05bb696767a5c696b2b1e19b2af  corporate/3.0/x86_64/lib64php_common432-4.3.4-4.30.C30mdk.x86_64.rpm
 3314420b910822f2f44f096d57ae26ad  corporate/3.0/x86_64/php432-devel-4.3.4-4.30.C30mdk.x86_64.rpm
 49183f06afa423ba77d25f22cd14e665  corporate/3.0/x86_64/php-cgi-4.3.4-4.30.C30mdk.x86_64.rpm
 7dd4d4d1f55102dc65f9a307cc2a567e  corporate/3.0/x86_64/php-cli-4.3.4-4.30.C30mdk.x86_64.rpm
 1383e2f9be11322cc66888d426e626cb  corporate/3.0/x86_64/php-dba_bundle-4.3.4-1.1.C30mdk.x86_64.rpm
 ee5a8f85e1746fd01fb98f8ae045bbff  corporate/3.0/x86_64/php-gd-4.3.4-1.8.C30mdk.x86_64.rpm 
 6729a16844799b099c84a2ba1396dd47  corporate/3.0/SRPMS/php-4.3.4-4.30.C30mdk.src.rpm
 512d01dbfe8ef3037ec2045746342840  corporate/3.0/SRPMS/php-dba_bundle-4.3.4-1.1.C30mdk.src.rpm
 2d58a96f81c208cad9b65189156f92e0  corporate/3.0/SRPMS/php-gd-4.3.4-1.8.C30mdk.src.rpm

 Corporate 4.0:
 45f2d838136d3294f4e7596a1408dffb  corporate/4.0/i586/libphp4_common4-4.4.4-1.12.20060mlcs4.i586.rpm
 c463bf145de6bf1c1db9617a24c5990b  corporate/4.0/i586/libphp5_common5-5.1.6-1.14.20060mlcs4.i586.rpm
 914be4bcb8007085dce3aad3199886a8  corporate/4.0/i586/php4-cgi-4.4.4-1.12.20060mlcs4.i586.rpm
 a79f33c63c659b8e19e3b53a3082586f  corporate/4.0/i586/php4-cli-4.4.4-1.12.20060mlcs4.i586.rpm
 1e0b3de1715819c4edb48335e88ca651  corporate/4.0/i586/php4-dba_bundle-4.4.4-1.1.20060mlcs4.i586.rpm
 b6b729eafe1d4baa6112831a64a3b360  corporate/4.0/i586/php4-devel-4.4.4-1.12.20060mlcs4.i586.rpm
 6b0b011b252fb1ceb8f441767d27f184  corporate/4.0/i586/php4-exif-4.4.4-1.2.20060mlcs4.i586.rpm
 4b46d5f0527c24e44a9dbab9f5513a65  corporate/4.0/i586/php-cgi-5.1.6-1.14.20060mlcs4.i586.rpm
 6984850d55cb492e6f0ee2d4f7655286  corporate/4.0/i586/php-cli-5.1.6-1.14.20060mlcs4.i586.rpm
 683507d8d6498eb22acd4bf67c08f3e1  corporate/4.0/i586/php-dba-5.1.6-1.1.20060mlcs4.i586.rpm
 0b9fe463ab494e9421f96d6124276fa6  corporate/4.0/i586/php-devel-5.1.6-1.14.20060mlcs4.i586.rpm
 00ba586a8ac5786de8c2196ab85d8cec  corporate/4.0/i586/php-exif-5.1.6-1.2.20060mlcs4.i586.rpm
 5b0686519a27b7faa3ba549fbc6ddce4  corporate/4.0/i586/php-fcgi-5.1.6-1.14.20060mlcs4.i586.rpm
 92c4a3461f37546cec2e0d203ee55c5f  corporate/4.0/i586/php-gd-5.1.6-1.1.20060mlcs4.i586.rpm 
 000d8f8c7c014e06dc26aa0cb579c5d8  corporate/4.0/SRPMS/php4-4.4.4-1.12.20060mlcs4.src.rpm
 26fb6c37afef6a5fcd5208bad2ebc553  corporate/4.0/SRPMS/php4-dba_bundle-4.4.4-1.1.20060mlcs4.src.rpm
 1dd0142cab4710111ea4ba356632e4f4  corporate/4.0/SRPMS/php4-exif-4.4.4-1.2.20060mlcs4.src.rpm
 800e3ef31cb6a98c3c7391b53c100d1a  corporate/4.0/SRPMS/php-5.1.6-1.14.20060mlcs4.src.rpm
 6e0180221caaa5f8fbaf72f269b0c1ff  corporate/4.0/SRPMS/php-dba-5.1.6-1.1.20060mlcs4.src.rpm
 3f84b5d0bd2e3ae9d8a6cc61ee842eba  corporate/4.0/SRPMS/php-exif-5.1.6-1.2.20060mlcs4.src.rpm
 fbc401dc2fbf97e849568d42f3a0907d  corporate/4.0/SRPMS/php-gd-5.1.6-1.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 f4673f56052dc7eba2ef99ec1a087b90  corporate/4.0/x86_64/lib64php4_common4-4.4.4-1.12.20060mlcs4.x86_64.rpm
 a1d13abd89f308b9acd14d642fcdd4f2  corporate/4.0/x86_64/lib64php5_common5-5.1.6-1.14.20060mlcs4.x86_64.rpm
 95d1663b8cb815525ae40f3a1ef60cae  corporate/4.0/x86_64/php4-cgi-4.4.4-1.12.20060mlcs4.x86_64.rpm
 bd86092a42f161beaf8a29b8e5f7531e  corporate/4.0/x86_64/php4-cli-4.4.4-1.12.20060mlcs4.x86_64.rpm
 67bc38c3e38ef6541828706179a13f1e  corporate/4.0/x86_64/php4-dba_bundle-4.4.4-1.1.20060mlcs4.x86_64.rpm
 f4d2a49b4abefbc5d517aae7630345f9  corporate/4.0/x86_64/php4-devel-4.4.4-1.12.20060mlcs4.x86_64.rpm
 547ed3d3a4cee4dc66da158241316b80  corporate/4.0/x86_64/php4-exif-4.4.4-1.2.20060mlcs4.x86_64.rpm
 391646867948bc40505a7346b3214e1b  corporate/4.0/x86_64/php-cgi-5.1.6-1.14.20060mlcs4.x86_64.rpm
 a201cd45b38486f398081a1d16ac7d72  corporate/4.0/x86_64/php-cli-5.1.6-1.14.20060mlcs4.x86_64.rpm
 a67a0a8ba90e41f18fd36bc1f05e3311  corporate/4.0/x86_64/php-dba-5.1.6-1.1.20060mlcs4.x86_64.rpm
 a636fea041109d1d28c7323d4075179e  corporate/4.0/x86_64/php-devel-5.1.6-1.14.20060mlcs4.x86_64.rpm
 c02a5dda722f0d6fa7144feb8ba1ce50  corporate/4.0/x86_64/php-exif-5.1.6-1.2.20060mlcs4.x86_64.rpm
 e50415f8780f27db1b68a10a6d372a6f  corporate/4.0/x86_64/php-fcgi-5.1.6-1.14.20060mlcs4.x86_64.rpm
 91fabbd879295321a4573cff179fec16  corporate/4.0/x86_64/php-gd-5.1.6-1.1.20060mlcs4.x86_64.rpm 
 000d8f8c7c014e06dc26aa0cb579c5d8  corporate/4.0/SRPMS/php4-4.4.4-1.12.20060mlcs4.src.rpm
 26fb6c37afef6a5fcd5208bad2ebc553  corporate/4.0/SRPMS/php4-dba_bundle-4.4.4-1.1.20060mlcs4.src.rpm
 1dd0142cab4710111ea4ba356632e4f4  corporate/4.0/SRPMS/php4-exif-4.4.4-1.2.20060mlcs4.src.rpm
 800e3ef31cb6a98c3c7391b53c100d1a  corporate/4.0/SRPMS/php-5.1.6-1.14.20060mlcs4.src.rpm
 6e0180221caaa5f8fbaf72f269b0c1ff  corporate/4.0/SRPMS/php-dba-5.1.6-1.1.20060mlcs4.src.rpm
 3f84b5d0bd2e3ae9d8a6cc61ee842eba  corporate/4.0/SRPMS/php-exif-5.1.6-1.2.20060mlcs4.src.rpm
 fbc401dc2fbf97e849568d42f3a0907d  corporate/4.0/SRPMS/php-gd-5.1.6-1.1.20060mlcs4.src.rpm

 Multi Network Firewall 2.0:
 b4c61a34209cb2665757431b76c29618  mnf/2.0/i586/libphp_common432-4.3.4-4.30.C30mdk.i586.rpm
 6a46ca28a0edfa8d4de397ea468c6b7e  mnf/2.0/i586/php432-devel-4.3.4-4.30.C30mdk.i586.rpm
 aeedd733f5d44af49cf0fbd5260833c4  mnf/2.0/i586/php-cgi-4.3.4-4.30.C30mdk.i586.rpm
 5fba6d630664beaaebf243da3fb4d287  mnf/2.0/i586/php-cli-4.3.4-4.30.C30mdk.i586.rpm
 d18c9980d35f042f8aaf663fe2e2942d  mnf/2.0/i586/php-gd-4.3.4-1.8.C30mdk.i586.rpm 
 0dd3ff93902b0f993a5e767cc50e017b  mnf/2.0/SRPMS/php-4.3.4-4.30.C30mdk.src.rpm
 a86659f66c2327f54c921ffccfc589cd  mnf/2.0/SRPMS/php-gd-4.3.4-1.8.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKvOH8mqjQ0CJFipgRApIHAKDVI9Jw2rVhzWDAy60BrWFosZuCowCgpWhL
xPcS4xN6XLqETihUeqBrkFo=
=D0DO
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    8 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    11 Files
  • 23
    Apr 23rd
    68 Files
  • 24
    Apr 24th
    23 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close