----------------------------------------------------------------------

Want a new IT Security job?

Vacant positions at Secunia:
http://secunia.com/secunia_vacancies/

----------------------------------------------------------------------

TITLE:
Mandrake update for php

SECUNIA ADVISORY ID:
SA14988

VERIFY ADVISORY:
http://secunia.com/advisories/14988/

CRITICAL:
Highly critical

IMPACT:
DoS, System access

WHERE:
>From remote

OPERATING SYSTEM:
Mandrakelinux 10.1
http://secunia.com/product/4198/
Mandrakelinux 10.0
http://secunia.com/product/3918/
Mandrake Corporate Server 2.x
http://secunia.com/product/1222/

DESCRIPTION:
MandrakeSoft has issued an update for php. This fixes some
vulnerabilities, which can be exploited by malicious people to cause
a DoS (Denial of Service) and potentially compromise a vulnerable
system.

For more information:
SA14792

SOLUTION:
Apply updated packages.

Mandrakelinux 10.0:
f7d974aa23e07a33ffc28d24d57ae6d1
10.0/RPMS/libphp_common432-4.3.4-4.5.100mdk.i586.rpm
345a78284dee2a035f627e348e73923b
10.0/RPMS/php-cgi-4.3.4-4.5.100mdk.i586.rpm
14a9a57cb05438a2b95ac47fa68755be
10.0/RPMS/php-cli-4.3.4-4.5.100mdk.i586.rpm
1d43beb4125253db8a9bdaaffec6abce
10.0/RPMS/php432-devel-4.3.4-4.5.100mdk.i586.rpm
44a1aa8be7f1f56120568028d3cce0a0
10.0/SRPMS/php-4.3.4-4.5.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
9651a95c09fef8db80f8d0455f1d4aae
amd64/10.0/RPMS/lib64php_common432-4.3.4-4.5.100mdk.amd64.rpm
d883ef32f7f60531cf2be850d5e9dcba
amd64/10.0/RPMS/php-cgi-4.3.4-4.5.100mdk.amd64.rpm
21f487c746312c589115e12b9ed0d13e
amd64/10.0/RPMS/php-cli-4.3.4-4.5.100mdk.amd64.rpm
0a9e996779cc13cfa458c39aa6bf6472
amd64/10.0/RPMS/php432-devel-4.3.4-4.5.100mdk.amd64.rpm
44a1aa8be7f1f56120568028d3cce0a0
amd64/10.0/SRPMS/php-4.3.4-4.5.100mdk.src.rpm

Mandrakelinux 10.1:
f75cb008b1eafcce1167f487fd0742ef
10.1/RPMS/libphp_common432-4.3.8-3.3.101mdk.i586.rpm
6522017c3e097f22a37f293d765f4141
10.1/RPMS/php-cgi-4.3.8-3.3.101mdk.i586.rpm
4ba9ade6db11e4035f73ede36e361ad7
10.1/RPMS/php-cli-4.3.8-3.3.101mdk.i586.rpm
63d4d58bbc3a01b89c688660be399af0
10.1/RPMS/php432-devel-4.3.8-3.3.101mdk.i586.rpm
f4fe82b93cf84987b0787e297d5189de
10.1/SRPMS/php-4.3.8-3.3.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
fb08286032f45020ecd96e07b0da51af
x86_64/10.1/RPMS/lib64php_common432-4.3.8-3.3.101mdk.x86_64.rpm
e1ae8214e11a7e62e987cde10e53c609
x86_64/10.1/RPMS/php-cgi-4.3.8-3.3.101mdk.x86_64.rpm
44c080a9d90e282da95b5d809e90df52
x86_64/10.1/RPMS/php-cli-4.3.8-3.3.101mdk.x86_64.rpm
d23e51652be1cb62f4704a5c4fe4a7a9
x86_64/10.1/RPMS/php432-devel-4.3.8-3.3.101mdk.x86_64.rpm
f4fe82b93cf84987b0787e297d5189de
x86_64/10.1/SRPMS/php-4.3.8-3.3.101mdk.src.rpm

Corporate Server 2.1:
f418349daa18087f1b2bd2d06d07a7d7
corporate/2.1/RPMS/php-4.2.3-4.4.C21mdk.i586.rpm
f55f290333af492f34104d1821ece93d
corporate/2.1/RPMS/php-common-4.2.3-4.4.C21mdk.i586.rpm
ff25be7d53aa1f8efa1ac7ea06935c60
corporate/2.1/RPMS/php-devel-4.2.3-4.4.C21mdk.i586.rpm
38a6771932090c0b49a495caa244047f
corporate/2.1/RPMS/php-pear-4.2.3-4.4.C21mdk.i586.rpm
57a79e60657b372524d7b8af3535cfe6
corporate/2.1/SRPMS/php-4.2.3-4.4.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
0459cb20800a58b6ee41fc6ac2dc55b2
x86_64/corporate/2.1/RPMS/php-4.2.3-4.4.C21mdk.x86_64.rpm
462186f5005cafbfe66dd99cb9110e30
x86_64/corporate/2.1/RPMS/php-common-4.2.3-4.4.C21mdk.x86_64.rpm
5f6c49093da250595d27917455fff5bd
x86_64/corporate/2.1/RPMS/php-devel-4.2.3-4.4.C21mdk.x86_64.rpm
5fb114b6761fcd231cbbbfde6e41252d
x86_64/corporate/2.1/RPMS/php-pear-4.2.3-4.4.C21mdk.x86_64.rpm
57a79e60657b372524d7b8af3535cfe6
x86_64/corporate/2.1/SRPMS/php-4.2.3-4.4.C21mdk.src.rpm

ORIGINAL ADVISORY:
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:072

OTHER REFERENCES:
SA14792:
http://secunia.com/advisories/14792/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------