-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDKSA-2007:103 http://www.mandriva.com/security/ _______________________________________________________________________ Package : php4 Date : May 10, 2007 Affected: Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0 _______________________________________________________________________ Problem Description: A heap buffer overflow flaw was found in the xmlrpc extension for PHP. A script that implements an XML-RPC server using this extension could allow a remote attacker to execute arbitrary code as the apache user. This flaw does not, however, affect PHP applications using the pure-PHP XML_RPC class provided via PEAR (CVE-2007-1864). A flaw was found in the ftp extension for PHP. A script using this extension to provide access to a private FTP server and which passed untrusted script input directly to any function provided by this extension could allow a remote attacker to send arbitrary FTP commands to the server (CVE-2007-2509). Updated packages have been patched to prevent this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2509 _______________________________________________________________________ Updated Packages: Corporate 3.0: 166f0495b9bd984fc4b887a8920fe111 corporate/3.0/i586/libphp_common432-4.3.4-4.26.C30mdk.i586.rpm eba86c8d3254e046b3d065f4db7c0714 corporate/3.0/i586/php-cgi-4.3.4-4.26.C30mdk.i586.rpm 44248cbc77edc7772b36c1d95d78f7f4 corporate/3.0/i586/php-cli-4.3.4-4.26.C30mdk.i586.rpm 6c9425c5cdbd25d6ee6bdab6a102f96d corporate/3.0/i586/php-xmlrpc-4.3.4-1.1.C30mdk.i586.rpm bb4d89124e91f1aa872ad7f960210937 corporate/3.0/i586/php432-devel-4.3.4-4.26.C30mdk.i586.rpm 7964e9c606307c9af6c1a51160d41caa corporate/3.0/SRPMS/php-4.3.4-4.26.C30mdk.src.rpm 0e31d73b03b41014917630a78edd4055 corporate/3.0/SRPMS/php-xmlrpc-4.3.4-1.1.C30mdk.src.rpm Corporate 3.0/X86_64: de5cd7123835dbe8d58d519661621b92 corporate/3.0/x86_64/lib64php_common432-4.3.4-4.26.C30mdk.x86_64.rpm bc7a35cb5360cf4a301a2f514ff1002d corporate/3.0/x86_64/php-cgi-4.3.4-4.26.C30mdk.x86_64.rpm 6fe331363e03e221bbbe8ddac95b24b7 corporate/3.0/x86_64/php-cli-4.3.4-4.26.C30mdk.x86_64.rpm d27234ec751507f56297eb7ad00246b2 corporate/3.0/x86_64/php-xmlrpc-4.3.4-1.1.C30mdk.x86_64.rpm b3717d84991db4ad6bc162b5713421a4 corporate/3.0/x86_64/php432-devel-4.3.4-4.26.C30mdk.x86_64.rpm 7964e9c606307c9af6c1a51160d41caa corporate/3.0/SRPMS/php-4.3.4-4.26.C30mdk.src.rpm 0e31d73b03b41014917630a78edd4055 corporate/3.0/SRPMS/php-xmlrpc-4.3.4-1.1.C30mdk.src.rpm Corporate 4.0: 21652b2fb396cce7991e6929bf4b7d87 corporate/4.0/i586/libphp4_common4-4.4.4-1.6.20060mlcs4.i586.rpm d93cc1f82bb7cea14228feeaf097d5ec corporate/4.0/i586/php4-cgi-4.4.4-1.6.20060mlcs4.i586.rpm 130c70025d28c6a5cdb4e198a0b3ae4f corporate/4.0/i586/php4-cli-4.4.4-1.6.20060mlcs4.i586.rpm 2892ae379e430c22a48724e46e1e74be corporate/4.0/i586/php4-devel-4.4.4-1.6.20060mlcs4.i586.rpm dcd1d9a26a05d0c2ec2f44f7312966cd corporate/4.0/i586/php4-xmlrpc-4.4.4-1.1.20060mlcs4.i586.rpm a30f364c6dcf21387dc2ccbe759053ee corporate/4.0/SRPMS/php4-4.4.4-1.6.20060mlcs4.src.rpm b4e817698d4ea91c75cb1c0709b9ca5e corporate/4.0/SRPMS/php4-xmlrpc-4.4.4-1.1.20060mlcs4.src.rpm Corporate 4.0/X86_64: 5e357a0f8a1c458b708904417ad1a758 corporate/4.0/x86_64/lib64php4_common4-4.4.4-1.6.20060mlcs4.x86_64.rpm 3256c4130a3f0004027ee817cb85902e corporate/4.0/x86_64/php4-cgi-4.4.4-1.6.20060mlcs4.x86_64.rpm a29fe77e87c30df6f910340923d6c21c corporate/4.0/x86_64/php4-cli-4.4.4-1.6.20060mlcs4.x86_64.rpm d14a7f38f36e4331107215a8f45d1b67 corporate/4.0/x86_64/php4-devel-4.4.4-1.6.20060mlcs4.x86_64.rpm ad13c17cc2de7783913e77114361e639 corporate/4.0/x86_64/php4-xmlrpc-4.4.4-1.1.20060mlcs4.x86_64.rpm a30f364c6dcf21387dc2ccbe759053ee corporate/4.0/SRPMS/php4-4.4.4-1.6.20060mlcs4.src.rpm b4e817698d4ea91c75cb1c0709b9ca5e corporate/4.0/SRPMS/php4-xmlrpc-4.4.4-1.1.20060mlcs4.src.rpm Multi Network Firewall 2.0: 35dd2191d078e31f6c6da7b2025413bb mnf/2.0/i586/libphp_common432-4.3.4-4.26.M20mdk.i586.rpm a7f9e65aa53dfb437255840c0f98122d mnf/2.0/i586/php-cgi-4.3.4-4.26.M20mdk.i586.rpm e9337d663c42d7532ccaaa60905ee00d mnf/2.0/i586/php-cli-4.3.4-4.26.M20mdk.i586.rpm 74078881402c3e5066572779b8c49a66 mnf/2.0/i586/php432-devel-4.3.4-4.26.M20mdk.i586.rpm 738549167401da8b180447dfa41aa190 mnf/2.0/SRPMS/php-4.3.4-4.26.M20mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFGQ6VOmqjQ0CJFipgRAi0RAKCMX27lifC1pamWKEGupKY6PwDrTwCdFvw0 ygQSiiQBRJslN2sUeIGuVE0= =DbpV -----END PGP SIGNATURE-----