English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 148472 CVE descriptions
and 72306 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2007-20
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 21 Mar 2007
 Last revised: 21 Mar 2007

 Package: php

 Summary: Multiple vulnerabilities in php

 More information:
    PHP is an HTML-embedded scripting language.

    Multiple vulnerabilities (buffer overflows, buffer underflow, format string) exist in php.
    
 Impact:
    These vulnerabilities may allow remote attackers to execute arbitrary
    code via a crafted data.

 Affected Products:
    - Turbolinux Appliance Server 2.0
    - Turbolinux 10 Server x64 Edition
    - Turbolinux Appliance Server 1.0 Hosting Edition
    - Turbolinux Appliance Server 1.0 Workgroup Edition
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux Multimedia
    - Turbolinux Personal
    - Turbolinux 8 Server


 <Turbolinux Appliance Server 2.0>

   Source Packages
   Size: MD5

   php4-4.3.11-11.src.rpm
     12525849 481f3ad79fbefe99d8950d70f2eb4253

   Binary Packages
   Size: MD5

   php4-4.3.11-11.i586.rpm
      5364652 7a4e4f281b15dc9483ca164c14c375f5
   php4-gd-4.3.11-11.i586.rpm
        47578 4c31be58f4d953a6551dbb24da677a47
   php4-imap-4.3.11-11.i586.rpm
        12981 928cc78a6b9e584abf33ddfc845c8756
   php4-ldap-4.3.11-11.i586.rpm
        36321 c1515211690f846dcef93f6add604636
   php4-manual-4.3.11-11.i586.rpm
      7504299 145684e50dee85dacc0959cdc5604832
   php4-ming-4.3.11-11.i586.rpm
        47765 c1c0043ae751481ae1029be6a413db43
   php4-mysql-4.3.11-11.i586.rpm
       123697 d3227626177d7ae728f584d7d56d70e9
   php4-pgsql-4.3.11-11.i586.rpm
        72997 d57f3ba5e4ce43db981128da43c993b5

 <Turbolinux 10 Server x64 Edition>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/php4-4.3.9-16.src.rpm
     12372588 cb9ec9b99863b8097cbb2af49562869e

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-4.3.9-16.x86_64.rpm
      5476647 15da7d87e5094daf00d6ed8a77592d81
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-debug-4.3.9-16.x86_64.rpm
      6577187 8ff20f7bb50dafc19ededf4f8b999e1b
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-gd-4.3.9-16.x86_64.rpm
        51198 652092001da05edd88dae8aaee269ee5
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-imap-4.3.9-16.x86_64.rpm
        11541 075f0c85f6bbc04050e5441966041e8c
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-ldap-4.3.9-16.x86_64.rpm
        39394 6e30c84e4f528464e84d209ddce023c5
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-manual-4.3.9-16.x86_64.rpm
      7502694 f7664cc735a32a8d0c17784fed888a68
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-ming-4.3.9-16.x86_64.rpm
        51491 b6e883a6082285df939ed9704f5c9912
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-mysql-4.3.9-16.x86_64.rpm
       134761 48a373efeab694adf41a2c78c9079e3f
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-pgsql-4.3.9-16.x86_64.rpm
        76419 2a27c8305e0b329ad326b8a6554ebc2b

 <Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size: MD5

   php-4.2.3-37.src.rpm
      3614949 5e9147d6c855bb38513fed323ff72a8a

   Binary Packages
   Size: MD5

   php-4.2.3-37.i586.rpm
      1634551 b584773bf1f7f16235a792e0f818e22f
   php-gd-4.2.3-37.i586.rpm
        32412 c63b7b6e9660c0a56eeac43f05b54ac4
   php-imap-4.2.3-37.i586.rpm
        10245 1fb3184b9c595e71e8ad2b154a45f3a9
   php-ldap-4.2.3-37.i586.rpm
        25705 ff8b212f062f735fd30c1c5b38278f41
   php-manual-4.2.3-37.i586.rpm
       342802 83ebd1482f5224dd587ebd2bd9334db0
   php-ming-4.2.3-37.i586.rpm
        34308 0404c54f8a85dfd09880fa9e43405c01
   php-mysql-4.2.3-37.i586.rpm
        91885 7893697860c8e0ee20cd2b5972e9ce76
   php-pgsql-4.2.3-37.i586.rpm
        36522 9e5e56f5e7180c24f5c0657c157ea306

 <Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size: MD5

   php-4.2.3-37.src.rpm
      3614949 b0dbd9f515727719d637b251fa663a82

   Binary Packages
   Size: MD5

   php-4.2.3-37.i586.rpm
      1634840 41aed00b9c09122c85be13d5c6bcbbc0
   php-gd-4.2.3-37.i586.rpm
        32565 30bb532494d9fe94b566f4b144bdc5db
   php-imap-4.2.3-37.i586.rpm
        10394 eb07f27762424bbfcc5d2c3e55d0be0c
   php-ldap-4.2.3-37.i586.rpm
        25816 81b281209b8d6aa65c7f8edcaf1604a3
   php-manual-4.2.3-37.i586.rpm
       342713 6a038838de960d48f21146da4671faa5
   php-ming-4.2.3-37.i586.rpm
        34439 1ce21be7e7a0c9c3fbff96b4cc4e852d
   php-mysql-4.2.3-37.i586.rpm
        92049 3ae9d9c79c640ebda6c2a6762489eee8
   php-pgsql-4.2.3-37.i586.rpm
        36706 bfb6b5997a0150dca76439e28ad21979

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/php4-4.3.11-11.src.rpm
     12525849 481f3ad79fbefe99d8950d70f2eb4253

   Binary Packages
   Size: MD5

   php4-4.3.11-11.i586.rpm
      5364652 7a4e4f281b15dc9483ca164c14c375f5
   php4-debug-4.3.11-11.i586.rpm
      6443500 36db9e9e221ff6553c99beaace8eef6a
   php4-gd-4.3.11-11.i586.rpm
        47578 4c31be58f4d953a6551dbb24da677a47
   php4-imap-4.3.11-11.i586.rpm
        12981 928cc78a6b9e584abf33ddfc845c8756
   php4-ldap-4.3.11-11.i586.rpm
        36321 c1515211690f846dcef93f6add604636
   php4-manual-4.3.11-11.i586.rpm
      7504299 145684e50dee85dacc0959cdc5604832
   php4-ming-4.3.11-11.i586.rpm
        47765 c1c0043ae751481ae1029be6a413db43
   php4-mysql-4.3.11-11.i586.rpm
       123697 d3227626177d7ae728f584d7d56d70e9
   php4-pgsql-4.3.11-11.i586.rpm
        72997 d57f3ba5e4ce43db981128da43c993b5

 <Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/php4-4.3.3-22.src.rpm
      4200342 40f81767987c7f81ed8b2cd87854f4ae

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-4.3.3-22.i586.rpm
      3408894 d65981528e37195c3cf4814546c22d0e
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-gd-4.3.3-22.i586.rpm
        32124 3ee9e0a51a719aa6f3f73b290062131b
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-imap-4.3.3-22.i586.rpm
        10668 2a1f5b437d9699167fb6636733397673
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-ldap-4.3.3-22.i586.rpm
        25048 83505b8396568ead78305c2b9bd30d20
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-manual-4.3.3-22.i586.rpm
       343121 e53e05535389cf87b9cd6808e40c82e8
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-ming-4.3.3-22.i586.rpm
        31537 ed3e373be6c3ff5714a9b2bef8da9e96
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-mysql-4.3.3-22.i586.rpm
        82534 e0b3badaa2c22f6c638942319bde393f
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-pgsql-4.3.3-22.i586.rpm
        49067 10b95e63795e3b1f6c2e37f3ef9549c7

 <Turbolinux 8 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/php-4.2.3-37.src.rpm
      3614949 9552f55e14dd0d783d721d1625a31892

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-4.2.3-37.i586.rpm
      1634351 8d666c3a320bfc19134c2b52c0f6daea
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-gd-4.2.3-37.i586.rpm
        32527 4b0130ffbeebd3d581dc1799258d303b
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-imap-4.2.3-37.i586.rpm
        10391 8e4701603ec3c678cbed55611154bd3f
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-ldap-4.2.3-37.i586.rpm
        25846 928d0f305026340255184c7856fd15a1
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-manual-4.2.3-37.i586.rpm
       342906 43efbfa72575149872e1365dc1f5a9bf
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-ming-4.2.3-37.i586.rpm
        34415 b5c9acb896428376c50cbbb3c1b0e549
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-mysql-4.2.3-37.i586.rpm
        91988 5876add31ede439f5affaffa6b5ff0c5
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-pgsql-4.2.3-37.i586.rpm
        36624 fdde3d263ee861191cbfe02ba9de7692

 
 References:

 CVE
   [CVE-2007-0906]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906
   [CVE-2007-0907]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907
   [CVE-2007-0908]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908
   [CVE-2007-0909]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909
   [CVE-2007-0910]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910
   [CVE-2007-0988]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0988

 --------------------------------------------------------------------------
 Revision History
    21 Mar 2007 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2007 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGALE7K0LzjOqIJMwRAqzkAKCP2PqBvZoCjOaCU8/+SdOXx+KL+QCfbUqr
YYazmukbvHoWiWz4K/s8RPE=
=xEuV
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.