English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.51106
Categoría:Red Hat Local Security Checks
Título:RedHat Security Advisory RHSA-2004:392
Resumen:NOSUMMARY
Descripción:Description:

The remote host is missing updates announced in
advisory RHSA-2004:392.

PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP server.

Stefan Esser discovered a flaw when memory_limit is enabled in versions of
PHP 4 before 4.3.8. If a remote attacker could force the PHP interpreter to
allocate more memory than the memory_limit setting before script execution
begins, then the attacker may be able to supply the contents of a PHP hash
table remotely. This hash table could then be used to execute arbitrary
code as the 'apache' user. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2004-0594 to this issue.

This issue has a higher risk when PHP is running on an instance of Apache
which is vulnerable to CVE-2004-0493. For Red Hat Enterprise Linux 3, this
Apache memory exhaustion issue was fixed by a previous update,
RHSA-2004:342. It may also be possible to exploit this issue if using a
non-default PHP configuration with the register_defaults setting is
changed to On. Red Hat does not believe that this flaw is exploitable in
the default configuration of Red Hat Enterprise Linux 3.

Stefan Esser discovered a flaw in the strip_tags function in versions of
PHP before 4.3.8. The strip_tags function is commonly used by PHP scripts
to prevent Cross-Site-Scripting attacks by removing HTML tags from
user-supplied form data. By embedding NUL bytes into form data, HTML tags
can in some cases be passed intact through the strip_tags function, which
may allow a Cross-Site-Scripting attack. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2004-0595 to
this issue.

All users of PHP are advised to upgrade to these updated packages, which
contain backported patches that address these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2004-392.html

Risk factor : High

CVSS Score:
6.8

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0594
BugTraq ID: 10725
http://www.securityfocus.com/bid/10725
Bugtraq: 20040713 Advisory 11/2004: PHP memory_limit remote vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=108981780109154&w=2
Bugtraq: 20040714 TSSA-2004-013 - php (Google Search)
http://marc.info/?l=bugtraq&m=108982983426031&w=2
Bugtraq: 20040722 [OpenPKG-SA-2004.034] OpenPKG Security Advisory (php) (Google Search)
http://marc.info/?l=bugtraq&m=109051444105182&w=2
Conectiva Linux advisory: CLA-2004:847
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000847
Debian Security Information: DSA-531 (Google Search)
http://www.debian.org/security/2004/dsa-531
Debian Security Information: DSA-669 (Google Search)
http://www.debian.org/security/2005/dsa-669
http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023908.html
http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml
HPdes Security Advisory: SSRT4777
http://marc.info/?l=bugtraq&m=109181600614477&w=2
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10896
http://www.redhat.com/support/errata/RHSA-2004-392.html
http://www.redhat.com/support/errata/RHSA-2004-395.html
http://www.redhat.com/support/errata/RHSA-2004-405.html
http://www.redhat.com/support/errata/RHSA-2005-816.html
SuSE Security Announcement: SUSE-SA:2004:021 (Google Search)
http://www.novell.com/linux/security/advisories/2004_21_php4.html
http://www.trustix.org/errata/2004/0039/
XForce ISS Database: php-memorylimit-code-execution(16693)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16693
Common Vulnerability Exposure (CVE) ID: CVE-2004-0595
BugTraq ID: 10724
http://www.securityfocus.com/bid/10724
http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10619
XForce ISS Database: php-strip-tag-bypass(16692)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16692
Common Vulnerability Exposure (CVE) ID: CVE-2004-0493
BugTraq ID: 10619
http://www.securityfocus.com/bid/10619
Bugtraq: 20040629 TSSA-2004-012 - apache (Google Search)
http://marc.info/?l=bugtraq&m=108853066800184&w=2
http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/023133.html
http://security.gentoo.org/glsa/glsa-200407-03.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2004:064
http://www.guninski.com/httpd1.html
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10605
http://www.redhat.com/support/errata/RHSA-2004-342.html
XForce ISS Database: apache-apgetmimeheaderscore-dos(16524)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16524
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.