|Category:||Ubuntu Local Security Checks|
|Title:||Ubuntu 4.10 USN-66-1 (php4)|
|Summary:||Ubuntu 4.10 USN-66-1 (php4)|
The remote host is missing an update to php4
announced via advisory USN-66-1.
FraMe from kernelpanik.org reported that the cURL module does not
respect open_basedir restrictions. As a result, scripts which used
cURL to open files with an user-specified path could read arbitrary
local files outside of the open_basedir directory.
Stefano Di Paola discovered a vulnerability in PHP's shmop_write()
function. Its 'offset' parameter was not checked for negative values,
which allowed an attacker to write arbitrary data to arbitrary memory
locations. A script which passed unchecked parameters to
shmop_write() could possibly be exploited to execute arbitrary code
with the privileges of the web server and to bypass safe mode
The following packages are affected:
The problem can be corrected by upgrading the affected package to
version 4:4.3.8-3ubuntu7.3. In general, a standard system upgrade is
sufficient to effect the necessary changes.
Risk factor : High
|Copyright||Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com|
|This is only one of 40037 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.