French Security Incident Response Team

FrSIRT   

      

   français French  anglais English

 
Vulnerability Notification Service
 FrSIRT Partner Program
 14-Day Free Trial
Contact FrSIRT Sales Dept.
 

Security Advisories
Linux Security Advisories
Virus and Threats Advisories
Latest Security News
Latest Zero Day Threats
Advisories and vulnerabilities by Vendor
Advisories and vulnerabilities by Keyword
 

Report a security incident
Report a new vulnerability
Security Mailinglist
 

Our Company
FrSIRT in the News
Advertise on FrSIRT.COM
Security Researchers and Exploit Writers Jobs
Contact Us

Fedora Security Update Fixes PHP Multiple Buffer and Integer Overflow Issues

Title : Fedora Security Update Fixes PHP Multiple Buffer and Integer Overflow Issues
Advisory ID : FrSIRT/ADV-2006-4114
CVE ID : CVE-2006-4020 - CVE-2006-4482 - CVE-2006-4484 - CVE-2006-4485 - CVE-2006-4486 - CVE-2006-4812
Rated as : High Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-10-20

Advisory Details
 
  Description
  Affected Products
  Solution
  References
Technical Description    Receive FrSIRT alerts in a Text format  Receive FrSIRT alerts in a PDF format  Receive FrSIRT alerts in an XML format  Receive FrSIRT notifications by SMS 

Fedora has released updated packages to address multiple vulnerabilities identified in PHP [...]

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

13fc60651e178a51e7e97e55ffadf5785f76c03e SRPMS/php-5.1.6-1.1.src.rpm
13fc60651e178a51e7e97e55ffadf5785f76c03e noarch/php-5.1.6-1.1.src.rpm
0d685c075c7e513039bb7b35051da50327d5cd00 ppc/php-snmp-5.1.6-1.1.ppc.rpm
3dacacbd3eb2471868a0fe776d8abf0a8e0839fd ppc/php-dba-5.1.6-1.1.ppc.rpm
2bfb6427b079ae2be0eaeb027a6fb296943df568 ppc/php-mbstring-5.1.6-1.1.ppc.rpm
44dd62d94c39673c98f3c6544cccfbf534985f3d ppc/debug/php-debuginfo-5.1.6-1.1.ppc.rpm
3f20b94956791d29fd94277ca5dde034ff97e04d ppc/php-imap-5.1.6-1.1.ppc.rpm
b1d6528869911f81c592ac2cb71f41b14a4675db ppc/php-soap-5.1.6-1.1.ppc.rpm
348b106ca7f07538911caad5cc57a22d1f37b60f ppc/php-ldap-5.1.6-1.1.ppc.rpm
31904cf8883e658b93594d18811f7af03a815211 ppc/php-bcmath-5.1.6-1.1.ppc.rpm
e7e71fbfb897d19e5fc9f308b21f372f2abdc258 ppc/php-pdo-5.1.6-1.1.ppc.rpm
404a2b9cf082ad9ddb4769ee30709074f53428b5 ppc/php-xml-5.1.6-1.1.ppc.rpm
313134eb2ecc595b66367552937973c10920232d ppc/php-mysql-5.1.6-1.1.ppc.rpm
10f25653ca562459919330a5171cbc7c745dfb58 ppc/php-pgsql-5.1.6-1.1.ppc.rpm
c23e6156efc6e88d81895162669d1aadc5527d4e ppc/php-5.1.6-1.1.ppc.rpm
37bfdb533f6dc8617bbd293f2395c00a52eae617 ppc/php-odbc-5.1.6-1.1.ppc.rpm
c15e39d550e4e359e38b25df1489d12cad50c7b3 ppc/php-devel-5.1.6-1.1.ppc.rpm
b66a3b9c04aa296ed6f68b0e44318515cdc3c026 ppc/php-xmlrpc-5.1.6-1.1.ppc.rpm
c4292cd4ca2379631ec9f15697ad352a6e73a26e ppc/php-gd-5.1.6-1.1.ppc.rpm
7308bd5ed6589ff0f12d9ca72b3bc17777874880 ppc/php-ncurses-5.1.6-1.1.ppc.rpm
a6ec713d6124abfe85bc8f8e7dc9d0b044132fcc x86_64/php-snmp-5.1.6-1.1.x86_64.rpm
84ce1d94c33b6880f2eeaa50c989a04e65c6d28f x86_64/php-mbstring-5.1.6-1.1.x86_64.rpm
839378390c0734e2bd8ec023f9ddfe47c0ae4a1e x86_64/php-ncurses-5.1.6-1.1.x86_64.rpm
b079f58af07aebe15e2ff841c58d456fedede52f x86_64/php-ldap-5.1.6-1.1.x86_64.rpm
2f8f430318fd002243e0d66bd9b4fb4888486033 x86_64/php-xmlrpc-5.1.6-1.1.x86_64.rpm
68d3ca9aca152959d8b6fc242d2a8d313364bd48 x86_64/php-pdo-5.1.6-1.1.x86_64.rpm
d561df35f6c6572c2dd0619fa60efdf529dcff29 x86_64/debug/php-debuginfo-5.1.6-1.1.x86_64.rpm
b2ecf8efb3f404dfe745d3e9873242852c26f1ab x86_64/php-xml-5.1.6-1.1.x86_64.rpm
f297526a59bc06cfa8590e76ed0be42be0ec55ac x86_64/php-soap-5.1.6-1.1.x86_64.rpm
2941a1954f0ad6ac63a6b6b7db1e117dd7fc4db3 x86_64/php-devel-5.1.6-1.1.x86_64.rpm
ebf541ea89c6cfae93594d318e76ec48ba1e4676 x86_64/php-dba-5.1.6-1.1.x86_64.rpm
21960ae83bb8decc97401b4c6c5eff810757297e x86_64/php-imap-5.1.6-1.1.x86_64.rpm
eafb75fb91affca000aa8474efc3aedcc5f03657 x86_64/php-mysql-5.1.6-1.1.x86_64.rpm
676cfd92a2066cdb967532e60fcf8903e1ae03a0 x86_64/php-pgsql-5.1.6-1.1.x86_64.rpm
46c1a6405fd48915008a3fcaf14d67dcc1b25748 x86_64/php-gd-5.1.6-1.1.x86_64.rpm
751036f7dc5a71a29e9ea7f78dc6f5529d19962f x86_64/php-bcmath-5.1.6-1.1.x86_64.rpm
d5a4a3a6e96bf6012c0d1ba438858cda945fa30f x86_64/php-5.1.6-1.1.x86_64.rpm
dd0ba65370922dabb887558bb5f7f69edd2732c5 x86_64/php-odbc-5.1.6-1.1.x86_64.rpm
b17224f335eb83a4276fccb9ca20036e38b98667 i386/php-mysql-5.1.6-1.1.i386.rpm
1a7ee1cbed413ddf98ee6a0262d882404b16e0f1 i386/php-imap-5.1.6-1.1.i386.rpm
a572b5928202f6ee2de7d5b560e6abdb7003f5d0 i386/php-odbc-5.1.6-1.1.i386.rpm
bbabfd14ab057d72f58fd413ee18aae11cf3d3ec i386/php-snmp-5.1.6-1.1.i386.rpm
13dd3b66241d654e6c058b12bff9c811ee5ad07c i386/php-ncurses-5.1.6-1.1.i386.rpm
e6e66d7a4e5e7fc9e4f8e2bfbb72bcabfcfd14cc i386/debug/php-debuginfo-5.1.6-1.1.i386.rpm
cfd924614f1c40cb9cb76da70fdd3194daa83c62 i386/php-ldap-5.1.6-1.1.i386.rpm
bc964b29264c55cf71d409ee510f83361bc73fb1 i386/php-gd-5.1.6-1.1.i386.rpm
57e747b6924369db458da513ea00a37d498f15b7 i386/php-xmlrpc-5.1.6-1.1.i386.rpm
5e08478719478e6df8d7a4c0e03a350f69877492 i386/php-pgsql-5.1.6-1.1.i386.rpm
9541bd7c90f0e778323b35d9bc7fdfa8e47f4145 i386/php-devel-5.1.6-1.1.i386.rpm
160e1f3701282c7214427619f53e069220ff6ed9 i386/php-dba-5.1.6-1.1.i386.rpm
df1d85e3f44c9c5ee379dff721f97d3e7f4ea96d i386/php-bcmath-5.1.6-1.1.i386.rpm
c530aa19057632d0af8268be5ef7f7a493909c69 i386/php-soap-5.1.6-1.1.i386.rpm
41848c143630406eb9b4306736777865818ed2d0 i386/php-mbstring-5.1.6-1.1.i386.rpm
464224391eb1bfd05216c6038f5e94f1ba833b87 i386/php-5.1.6-1.1.i386.rpm
8fb20ec167af6531aa4a59015b2396394562e11d i386/php-pdo-5.1.6-1.1.i386.rpm
c9cfbc5cbd13e01f334c0345aea6795dc7fddcbd i386/php-xml-5.1.6-1.1.i386.rpm

ChangeLog

2006-10-20 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.
 
 

Search
      

Mailinglist
    
 

Mozilla Firefox for Mac OS X GIF Rendering Code Execution Vulnerability

Mozilla Products Remote Code Execution and Security Bypass Issues

Mozilla Products Code Execution and Injection Vulnerabilities

Mozilla JavaScript Garbage Collector Code Execution Vulnerability

Mozilla Thunderbird Code Execution and Cross Site Scripting Issues

Mozilla Firefox and SeaMonkey Multiple Remote Code Execution Issues

Mozilla Thunderbird Multiple Security Bypass and Code Execution Issues

Microsoft Visual Studio "Msmask32" Code Execution Vulnerability

Microsoft PowerPoint Command Execution Vulnerabilities (MS08-051)

Microsoft Windows Messenger Data Disclosure (MS08-050)

Microsoft Windows Event System Code Execution (MS08-049)

Microsoft Outlook and Mail Security Bypass Vulnerability (MS08-048)

Microsoft Windows IPsec Policy Data Disclosure Vulnerability (MS08-047)

Microsoft Windows MSCMS Code Execution Vulnerability (MS08-046)

Sun Solaris Covert Channel Local Security Bypass Vulnerability

Sun Solaris NFS RPC Zone Denial of Service Vulnerability

Sun Solaris NFS Kernel Module Local Denial of Service Vulnerability

Sun Solaris NFSv4 Client Kernel Module Denial of Service Vulnerability

Sun Java System Portal Server Cross Site Scripting Vulnerability

Sun rdesktop Code Execution and Denial of Service

Sun Java System Web Proxy Server Denial of Service Vulnerability

Copyright 2003-2008 © FrSIRT.COM - Privacy Policy