Red Hat Local Security Checks : RedHat Security Advisory RHSA-2002:129

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.51245

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2002:129

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2002:129.

PHP versions earlier than 4.1.0 contain a vulnerability that could allow
arbitrary commands to be executed.

[updated 22 Aug 2002]
The initial set of errata packages contained an incorrect set of
dependencies. This meant that a number of packages would need to be
installed before php that were not essential to the operation of php.
Updated errata packages are included with this advisory that have corrected
dependencies.

PHP is an HTML-embedded scripting language commonly used with Apache. PHP
versions 4.0.5 through 4.1.0 in safe mode do not properly cleanse the 5th
parameter to the mail() function. This vulnerability allows local users and
possibly remote attackers to execute arbitrary commands via shell
metacharacters.

Red Hat Linux Advanced Server version 2.1 shipped with PHP 4.0.6.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2001-1246 to this issue.

All users of PHP should upgrade to these errata packages containing PHP
4.1.2, which is not vulnerable to this issue.

Note:

This PHP errata enforces memory limits on the size of the PHP process to
prevent a badly generated script from becoming a possible source for a
denial of service attack. The default process size is 8Mb though you can
adjust this as you deem necessary thought the php.ini directive
memory_limit. For example, to change the process memory limit to 4MB, add
the following:

memory_limit 4194304

Important Installation Note:

There are special instructions you should follow regarding your
/etc/php.ini configuration file in the 'Solution' section below.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2002-129.html

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: BugTraq ID: 2954
Common Vulnerability Exposure (CVE) ID: CVE-2001-1246
http://www.securityfocus.com/bid/2954
Bugtraq: 20010630 php breaks safe mode (Google Search)
http://online.securityfocus.com/archive/1/194425
http://www.redhat.com/support/errata/RHSA-2002-102.html
http://www.redhat.com/support/errata/RHSA-2002-129.html
http://www.redhat.com/support/errata/RHSA-2003-159.html
http://www.iss.net/security_center/static/6787.php

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.51245
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2002:129
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2002:129. PHP versions earlier than 4.1.0 contain a vulnerability that could allow arbitrary commands to be executed. [updated 22 Aug 2002] The initial set of errata packages contained an incorrect set of dependencies. This meant that a number of packages would need to be installed before php that were not essential to the operation of php. Updated errata packages are included with this advisory that have corrected dependencies. PHP is an HTML-embedded scripting language commonly used with Apache. PHP versions 4.0.5 through 4.1.0 in safe mode do not properly cleanse the 5th parameter to the mail() function. This vulnerability allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters. Red Hat Linux Advanced Server version 2.1 shipped with PHP 4.0.6. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2001-1246 to this issue. All users of PHP should upgrade to these errata packages containing PHP 4.1.2, which is not vulnerable to this issue. Note: This PHP errata enforces memory limits on the size of the PHP process to prevent a badly generated script from becoming a possible source for a denial of service attack. The default process size is 8Mb though you can adjust this as you deem necessary thought the php.ini directive memory_limit. For example, to change the process memory limit to 4MB, add the following: memory_limit 4194304 Important Installation Note: There are special instructions you should follow regarding your /etc/php.ini configuration file in the 'Solution' section below. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2002-129.html Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	BugTraq ID: 2954 Common Vulnerability Exposure (CVE) ID: CVE-2001-1246 http://www.securityfocus.com/bid/2954 Bugtraq: 20010630 php breaks safe mode (Google Search) http://online.securityfocus.com/archive/1/194425 http://www.redhat.com/support/errata/RHSA-2002-102.html http://www.redhat.com/support/errata/RHSA-2002-129.html http://www.redhat.com/support/errata/RHSA-2003-159.html http://www.iss.net/security_center/static/6787.php
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com