English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 143769 CVE descriptions
and 71225 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2005-1
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date : 13 Jan 2005
 Last revised           : 18 Jan 2005

 Package : php

 Summary : Multiple vulnerabilities in php

 More information :
    PHP is an HTML-embedded scripting language.

    Buffer overflow vulnerabilities have been discovered in the nserialize
    and exif_read_data functions of PHP.

 Impact :
    The vulnerabilities can allow remote attackers to cause a denial of
    service and possibly execute arbitrary code.

 Affected Products :
    - Turbolinux Appliance Server 1.0 Hosting Edition
    - Turbolinux Appliance Server 1.0 Workgroup Edition
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux 8 Server
    - Turbolinux 8 Workstation

 Solution :
    Please use the turbopkg (zabom) tool to apply the update. 
 ---------------------------------------------
 [Turbolinux 10 Server, Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home]
 # zabom -u php4 php4-gd php4-imap php4-ldap php4-manual php4-ming php4-mysql php4-pgsql

 [other]
 # turbopkg
 or
 # zabom update php php-gd php-imap php-ldap php-manual php-ming php-mysql php-pgsql
 ---------------------------------------------


 <Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size : MD5

   php-4.2.3-24.src.rpm
      3596640 30bdfb5d2c55eec5106ff59ea1ed053f

   Binary Packages
   Size : MD5

   php-4.2.3-24.i586.rpm
      1631642 f7b1c4e6505b18e6302cf8723099d82b
   php-gd-4.2.3-24.i586.rpm
        31116 14390a13948465df32dce3293995449d
   php-imap-4.2.3-24.i586.rpm
         9122 354796fffaaa00db06db56a061611a92
   php-ldap-4.2.3-24.i586.rpm
        24566 1752fe7b625ea370802ccb912377454a
   php-manual-4.2.3-24.i586.rpm
       341617 ea1b20aebf16adbf862845d293a4396e
   php-ming-4.2.3-24.i586.rpm
        33131 2b57605f99663d55e783bc73810b3a4b
   php-mysql-4.2.3-24.i586.rpm
        90722 160875a6850baabf0e6f44b34c46e3df
   php-pgsql-4.2.3-24.i586.rpm
        35385 1c5a48da5535e53aa0a61c1210dc43f8

 <Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size : MD5

   php-4.2.3-24.src.rpm
      3596640 f62c4643517c49baa509f070255edbed

   Binary Packages
   Size : MD5

   php-4.2.3-24.i586.rpm
      1631890 141244c5f35e08904ddc98299652d481
   php-gd-4.2.3-24.i586.rpm
        31262 b5deb7893138ea5671bbaf86b04146e7
   php-imap-4.2.3-24.i586.rpm
         9272 9ff99104ec06e8175a57a764e7740cc3
   php-ldap-4.2.3-24.i586.rpm
        24726 c29a4f23304092842090dc397682689b
   php-manual-4.2.3-24.i586.rpm
       341774 7a607418edc2a1253db197aa73244424
   php-ming-4.2.3-24.i586.rpm
        33297 9b0d2051cb517651df3c9bf8078399ba
   php-mysql-4.2.3-24.i586.rpm
        90921 4d5fbf7744d86ae782f4afe37eb3a348
   php-pgsql-4.2.3-24.i586.rpm
        35500 d6c61f4f28eb3c861229508f64fd57eb

 <Turbolinux 10 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/php4-4.3.8-11.src.rpm
     12304115 3cec9c192cb53ab27459a9862efc5d9d

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/php4-4.3.8-11.i586.rpm
      5137588 13f6d61aefd07e7674a174e73f95dac1
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/php4-debug-4.3.8-11.i586.rpm
      6519408 77094cb1256cc9f9b72fa95ffa557961
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/php4-gd-4.3.8-11.i586.rpm
        44804 2e5dbdf7a3cd6c4d9d335b9d0454690f
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/php4-imap-4.3.8-11.i586.rpm
        10763 981373ebead5f89c3ad21849ab64bb9a
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/php4-ldap-4.3.8-11.i586.rpm
        34436 65670f263735f2645c4126b19a8913ff
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/php4-manual-4.3.8-11.i586.rpm
      7502182 65dbe4e60bda685fce0d3ad2f1551457
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/php4-ming-4.3.8-11.i586.rpm
        45536 98ed5c3c7b22d2496e953d8d074de558
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/php4-mysql-4.3.8-11.i586.rpm
       119870 c8c8bf249d106d78a5be7358ff247cf4
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/php4-pgsql-4.3.8-11.i586.rpm
        68887 8a51ec5a9cd5833c4ae9c43d629ea252

 <Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/php4-4.3.3-7.src.rpm
      4179207 9407355f70cbc4c14ea9bfdfac154015

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-4.3.3-7.i586.rpm
      2735662 f4dd577a3b8bc5c33cc73cc015cb6584
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-gd-4.3.3-7.i586.rpm
        30563 85965bd7a78ad8bf30eb7a9aed065e1f
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-imap-4.3.3-7.i586.rpm
         9256 e41b9edacac390204979dc7e1f9f2d61
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-ldap-4.3.3-7.i586.rpm
        23627 0abf252cbe840e040f8ece116631ffd5
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-manual-4.3.3-7.i586.rpm
       341639 ee222270c41de1653554112bb302ce73
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-ming-4.3.3-7.i586.rpm
        30139 cb32cd256566b288640628ca38278dac
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-mysql-4.3.3-7.i586.rpm
        81109 3f36b87058d8378e6c584920835703ee
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-pgsql-4.3.3-7.i586.rpm
        47675 60777bad904b8014043c8287d3e00e4e

 <Turbolinux 8 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/php-4.2.3-24.src.rpm
      3596640 4f2aea3ebf6ff00dc2f9ef2185c629e7

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-4.2.3-24.i586.rpm
      1632058 776e270a3567b5c2d186544cfd495a6c
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-gd-4.2.3-24.i586.rpm
        31216 87fbf08da30e4ae58ba7fa46aefecc8b
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-imap-4.2.3-24.i586.rpm
         9235 d8cf0364ce2faf7b1f26c356629b3acd
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-ldap-4.2.3-24.i586.rpm
        24685 ac6bfe61cadcb49519415c7f6a09f0fd
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-manual-4.2.3-24.i586.rpm
       341741 3b83b1f9ef2d4ac998cf456a78b7182f
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-ming-4.2.3-24.i586.rpm
        33237 9e8f23b30be928c175d72e4bb7407f4f
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-mysql-4.2.3-24.i586.rpm
        90789 c10689afe393966cae1fd43911c2f0fd
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-pgsql-4.2.3-24.i586.rpm
        35467 ef15fd420e89ab8d8284534b4da8dcc1

 <Turbolinux 8 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/php-4.2.3-24.src.rpm
      3596640 c49321398dcc7f999d5ec7c459f12954

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/php-4.2.3-24.i586.rpm
      1632174 465f0707e702870b8c68fd69f38cf3bc
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/php-gd-4.2.3-24.i586.rpm
        31232 d65bfbd198da2fa27adb30da07b46cdd
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/php-imap-4.2.3-24.i586.rpm
         9234 2751549b7027dd2c5b09a759778d3793
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/php-ldap-4.2.3-24.i586.rpm
        24679 895f5387463625de0a5aca57e02de557
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/php-manual-4.2.3-24.i586.rpm
       341765 12d2bd9bf6ca4848b3c41a5f1539ea74
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/php-ming-4.2.3-24.i586.rpm
        33223 1174db9d2d84427a41e67957e4fdea6b
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/php-mysql-4.2.3-24.i586.rpm
        90840 c4a492770d25472acce0c41f95e75a1f
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/php-pgsql-4.2.3-24.i586.rpm
        35512 9dd622d90b73e1f5fbe979870eaa2172

 <Turbolinux 7 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/php-4.2.3-24.src.rpm
      3596640 a8c3b99e7674f8a2fe119b427a02e939

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/php-4.2.3-24.i586.rpm
      1603262 5586a4dde1f5acb861d9982a2a057630
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/php-imap-4.2.3-24.i586.rpm
         9236 07b780d86295569b599a6c7467480ad8
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/php-ldap-4.2.3-24.i586.rpm
        24242 3b1e22d2a11d793f1911da084d6d19b3
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/php-manual-4.2.3-24.i586.rpm
       341734 8390e86c4174e52bf7fa69f8b7b693db
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/php-mysql-4.2.3-24.i586.rpm
        86660 a12aa6e7ef466d734331faa0cf6dd42d
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/php-pgsql-4.2.3-24.i586.rpm
        35327 1411e61b2aad435eb13207ee2dc3407e

 <Turbolinux 7 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/php-4.2.3-24.src.rpm
      3596640 7f85391671841ef657f3128d924c6c76

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/php-4.2.3-24.i586.rpm
      1602364 9eed8b51ca59989eda6728813717be33
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/php-imap-4.2.3-24.i586.rpm
         9237 1742ab7b7814a3cd61597a32a0c6ebe6
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/php-ldap-4.2.3-24.i586.rpm
        24250 223cca0fe750193ba65849379753daaf
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/php-manual-4.2.3-24.i586.rpm
       341732 9cc93603cb0f12480198bfdcf7a4da57
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/php-mysql-4.2.3-24.i586.rpm
        86625 70e412ef96b3e804de8ee34c1a39aa33
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/php-pgsql-4.2.3-24.i586.rpm
        34982 64b4fc35c3e1a456862c5ef26d541432


 Notice:
    After performing the update, it is necessary to restart the httpd daemon.
    To do this, run the following command as user root.
 ---------------------------------------------
 # /etc/init.d/httpd restart
 or
 # /etc/rc.d/init.d/httpd restart
 ---------------------------------------------

 References:

 CVE
   [CAN-2004-1019]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1019
   [CAN-2004-1065]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1065

 --------------------------------------------------------------------------
 Revision History
    13 Jan 2005 Initial release
    18 Jan 2005 Added Appliance Server 1.0 Hosting Edition, Appliance Server 1.0 Workgroup Edition
 --------------------------------------------------------------------------

 Copyright(C) 2005 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFB7KuWK0LzjOqIJMwRAo3FAJ9HWvFaUwhkduws9R8ksb3uM9GvIwCeKSLT
3KxM53BHCaMQEDYbOesEZjw=
=dynY
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.