English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 73247 CVE descriptions
and 39212 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.57515
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-362-1 (php5)
Summary:Ubuntu USN-362-1 (php5)
Description:
The remote host is missing an update to php5
announced via advisory USN-362-1.

A security issue affects the following Ubuntu releases:

Ubuntu 5.04
Ubuntu 5.10
Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The stripos() function did not check for invalidly long or empty
haystack strings. In an application that uses this function on
arbitrary untrusted data this could be exploited to crash the PHP
interpreter. (CVE-2006-4485)

An integer overflow was discovered in the PHP memory allocation
handling. On 64-bit platforms, the memory_limit setting was not
enforced correctly. A remote attacker could exploit this to cause a
Denial of Service attack through memory exhaustion. (CVE-2006-4486)

Maksymilian Arciemowicz discovered that security relevant
configuration options like open_basedir and safe_mode (which can be
configured in Apache's httpd.conf) could be bypassed and reset to
their default value in php.ini by using the ini_restore() function.
(CVE-2006-4625)

Stefan Esser discovered that the ecalloc() function in the Zend engine
did not check for integer overflows. This particularly affected the
unserialize() function. In applications which unserialize untrusted
user-defined data, this could be exploited to execute arbitrary code
with the application's privileges. (CVE-2006-4812)

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.04:
libapache2-mod-php4 4:4.3.10-10ubuntu4.8
php4-cgi 4:4.3.10-10ubuntu4.8
php4-cli 4:4.3.10-10ubuntu4.8

Ubuntu 5.10:
libapache2-mod-php5 5.0.5-2ubuntu1.5
php5-cgi 5.0.5-2ubuntu1.5
php5-cli 5.0.5-2ubuntu1.5

Ubuntu 6.06 LTS:
libapache2-mod-php5 5.1.2-1ubuntu3.3
php5-cgi 5.1.2-1ubuntu3.3
php5-cli 5.1.2-1ubuntu3.3

After a standard system upgrade you need to restart Apache with

sudo /etc/init.d/apache2 restart

to effect the necessary changes.
http://www.securityspace.com/smysecure/catid.html?in=USN-362-1

Risk factor : Critical
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-4485
http://www.mandriva.com/security/advisories?name=MDKSA-2006:162
RedHat Security Advisories: RHSA-2006:0688
http://rhn.redhat.com/errata/RHSA-2006-0688.html
http://www.ubuntu.com/usn/usn-362-1
BugTraq ID: 19582
http://www.securityfocus.com/bid/19582
http://www.vupen.com/english/advisories/2006/3318
http://securitytracker.com/id?1016984
http://secunia.com/advisories/21546
http://secunia.com/advisories/21842
http://secunia.com/advisories/22538
http://secunia.com/advisories/22331
Common Vulnerability Exposure (CVE) ID: CVE-2006-4486
Bugtraq: 20061005 rPSA-2006-0182-1 php php-mysql php-pgsql (Google Search)
http://www.securityfocus.com/archive/1/archive/1/447866/100/0/threaded
http://www.hardened-php.net/hphp/changelog.html#hardening_patch_0.4.14
Debian Security Information: DSA-1331 (Google Search)
http://www.debian.org/security/2007/dsa-1331
http://www.redhat.com/support/errata/RHSA-2006-0669.html
http://www.redhat.com/support/errata/RHSA-2006-0682.html
SGI Security Advisory: 20061001-01-P
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
SuSE Security Announcement: SUSE-SA:2006:052 (Google Search)
http://www.novell.com/linux/security/advisories/2006_52_php.html
TurboLinux Advisory: TLSA-2006-38
http://www.turbolinux.com/security/2006/TLSA-2006-38.txt
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11086
http://secunia.com/advisories/22004
http://secunia.com/advisories/22069
http://secunia.com/advisories/22225
http://secunia.com/advisories/22440
http://secunia.com/advisories/22487
http://secunia.com/advisories/25945
Common Vulnerability Exposure (CVE) ID: CVE-2006-4625
http://securityreason.com/achievement_securityalert/42
Bugtraq: 20060913 Re: PHP 5.1.6 / 4.4.4 Critical php_admin* bypass by ini_restore() (Google Search)
http://www.securityfocus.com/archive/1/archive/1/445712/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/445882/100/0/threaded
HPdes Security Advisory: HPSBMA02215
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506
HPdes Security Advisory: SSRT071423
HPdes Security Advisory: HPSBTU02232
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137
HPdes Security Advisory: SSRT071429
http://www.mandriva.com/security/advisories?name=MDKSA-2006:185
http://www.securityfocus.com/archive/1/archive/1/448953/100/0/threaded
SuSE Security Announcement: SUSE-SA:2006:059 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2006-Oct/0002.html
BugTraq ID: 19933
http://www.securityfocus.com/bid/19933
http://www.vupen.com/english/advisories/2007/1991
http://www.vupen.com/english/advisories/2007/2374
http://secunia.com/advisories/22282
http://secunia.com/advisories/22338
http://secunia.com/advisories/22424
http://secunia.com/advisories/25423
http://secunia.com/advisories/25850
http://securityreason.com/securityalert/1519
XForce ISS Database: php-inirestore-security-bypass(28853)
http://xforce.iss.net/xforce/xfdb/28853
Common Vulnerability Exposure (CVE) ID: CVE-2006-4812
Bugtraq: 20061009 Advisory 09/2006: PHP unserialize() Array Creation Integer Overflow (Google Search)
http://www.securityfocus.com/archive/1/archive/1/448014/100/0/threaded
http://www.hardened-php.net/advisory_092006.133.html
http://www.gentoo.org/security/en/glsa/glsa-200610-14.xml
RedHat Security Advisories: RHSA-2006:0708
http://rhn.redhat.com/errata/RHSA-2006-0708.html
http://www.trustix.org/errata/2006/0055
BugTraq ID: 20349
http://www.securityfocus.com/bid/20349
http://www.vupen.com/english/advisories/2006/3922
http://secunia.com/advisories/22280
http://secunia.com/advisories/22281
http://secunia.com/advisories/22533
http://secunia.com/advisories/22650
http://secunia.com/advisories/22300
http://securityreason.com/securityalert/1691
XForce ISS Database: php-ecalloc-integer-overflow(29362)
http://xforce.iss.net/xforce/xfdb/29362
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 39212 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.