[RHSA-2002:102-26] New PHP packages fix vulnerability in safemode
Date: Tue, 20 Aug 2002 11:23 -0400
From: [email protected]
To: [email protected], [email protected]
Subject: [RHSA-2002:102-26] New PHP packages fix vulnerability in safemode
---------------------------------------------------------------------
Red Hat, Inc. Red Hat Security Advisory
Synopsis: New PHP packages fix vulnerability in safemode
Advisory ID: RHSA-2002:102-26
Issue date: 2002-05-27
Updated on: 2002-08-19
Product: Red Hat Linux
Ключевые слова: , , , , , , , , , mail, PHP, safemode, 5th, parameter, (найти похожие документы)
Cross references:=20=20
Obsoletes: RHSA-2002:035
CVE Names: CAN-2001-1246
---------------------------------------------------------------------
1. Topic:
PHP versions earlier than 4.1.0 contain a vulnerability that could allow
arbitrary commands to be executed.
2. Relevant releases/architectures:
Red Hat Linux 7.0 - alpha, i386
Red Hat Linux 7.1 - alpha, i386, ia64
Red Hat Linux 7.2 - i386, ia64
Red Hat Linux 7.3 - i386
3. Problem description:
PHP is an HTML-embedded scripting language commonly used with Apache. PHP
versions 4.0.5 through 4.1.0 in safe mode do not properly cleanse
the 5th parameter to the mail() function. This vulnerability allows local
users and possibly remote attackers to execute arbitrary commands via shell
metacharacters.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2001-1246 to this issue.
Red Hat Linux version 7.2 shipped with PHP 4.0.6 by default, which is
vulnerable to this issue.
Versions of Red Hat Linux before 7.2 shipped with an earlier version of PHP
not vulnerable to this issue. However, if the the most recent errata
(RHSA-2002:035) was applied to these systems, then they *are* vulnerable
and should be upgraded.
It is highly recommended that all users of PHP upgrade to these errata
packages, which are not vulnerable to this issue.
Please Note:
This PHP errata enforces memory limits on the size of the PHP process to
prevent a badly generated script from becoming a possible source for a
denial of service attack. The default process size is 8Mb though you can
adjust this as you deem necessary thought the php.ini directive
memory_limit. For example, to change the process memory limit to 4MB, add
the following:
memory_limit 4194304
Important Note:
There are special instructions you should follow regarding your
/etc/php.ini configuration file in the <b>Solution</b> section below.
4. Solution:
Please note that the /etc/php.ini configuration file is not replaced or
overwritten. You should carefully review your configuration file and adapt
it to your server or service functions.
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains
the
desired RPMs.
Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
5. RPMs required:
Red Hat Linux 7.0:
SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/php-4.1.2-7.0.3.src.rpm
alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/php-4.1.2-7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-manual-4.1.2-7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-odbc-4.1.2-7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-imap-4.1.2-7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-mysql-4.1.2-7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-devel-4.1.2-7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-snmp-4.1.2-7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-ldap-4.1.2-7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-pgsql-4.1.2-7.0.3.alpha.rpm
i386:
ftp://updates.redhat.com/7.0/en/os/i386/php-4.1.2-7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-manual-4.1.2-7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-odbc-4.1.2-7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-imap-4.1.2-7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-mysql-4.1.2-7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-devel-4.1.2-7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-snmp-4.1.2-7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-ldap-4.1.2-7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-pgsql-4.1.2-7.0.3.i386.rpm
Red Hat Linux 7.1:
SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/php-4.1.2-7.1.3.src.rpm
alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/php-4.1.2-7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-manual-4.1.2-7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-odbc-4.1.2-7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-imap-4.1.2-7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-mysql-4.1.2-7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-devel-4.1.2-7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-snmp-4.1.2-7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-ldap-4.1.2-7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-pgsql-4.1.2-7.1.3.alpha.rpm
i386:
ftp://updates.redhat.com/7.1/en/os/i386/php-4.1.2-7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-manual-4.1.2-7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-odbc-4.1.2-7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-imap-4.1.2-7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-mysql-4.1.2-7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-devel-4.1.2-7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-snmp-4.1.2-7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-ldap-4.1.2-7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-pgsql-4.1.2-7.1.3.i386.rpm
ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/php-4.1.2-7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-manual-4.1.2-7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-odbc-4.1.2-7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-imap-4.1.2-7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-mysql-4.1.2-7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-devel-4.1.2-7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-snmp-4.1.2-7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-ldap-4.1.2-7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-pgsql-4.1.2-7.1.3.ia64.rpm
Red Hat Linux 7.2:
SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/php-4.1.2-7.2.3.src.rpm
i386:
ftp://updates.redhat.com/7.2/en/os/i386/php-4.1.2-7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-manual-4.1.2-7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-odbc-4.1.2-7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-imap-4.1.2-7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-mysql-4.1.2-7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-devel-4.1.2-7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-snmp-4.1.2-7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-ldap-4.1.2-7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-pgsql-4.1.2-7.2.3.i386.rpm
ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/php-4.1.2-7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-manual-4.1.2-7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-odbc-4.1.2-7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-imap-4.1.2-7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-mysql-4.1.2-7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-devel-4.1.2-7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-snmp-4.1.2-7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-ldap-4.1.2-7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-pgsql-4.1.2-7.2.3.ia64.rpm
Red Hat Linux 7.3:
SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/php-4.1.2-7.3.3.src.rpm
i386:
ftp://updates.redhat.com/7.3/en/os/i386/php-4.1.2-7.3.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/php-manual-4.1.2-7.3.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/php-odbc-4.1.2-7.3.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/php-imap-4.1.2-7.3.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/php-mysql-4.1.2-7.3.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/php-devel-4.1.2-7.3.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/php-snmp-4.1.2-7.3.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/php-ldap-4.1.2-7.3.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/php-pgsql-4.1.2-7.3.3.i386.rpm
6. Verification:
MD5 sum Package Name
--------------------------------------------------------------------------
a2ee962d03d4a66d8b4f064aa7bc4596 7.0/en/os/SRPMS/php-4.1.2-7.0.3.src.rpm
750e7b91eb1b948c1ada6b6e14745019 7.0/en/os/alpha/php-4.1.2-7.0.3.alpha.rpm
7e8630c06b5387206308b2d58d3d2e27 7.0/en/os/alpha/php-devel-4.1.2-7.0.3.alph=
a.rpm
e99a263708ed7344d6b0dca89a7bedd7 7.0/en/os/alpha/php-imap-4.1.2-7.0.3.alpha=
.rpm
f9383dea9e04cb29329d40703e83dc9d 7.0/en/os/alpha/php-ldap-4.1.2-7.0.3.alpha=
.rpm
37f80225c1bc981140ff08b675333f44 7.0/en/os/alpha/php-manual-4.1.2-7.0.3.alp=
ha.rpm
322b0acb43409534b969741d1059158f 7.0/en/os/alpha/php-mysql-4.1.2-7.0.3.alph=
a.rpm
244f984a506cb4e4ba8ede42d52890ad 7.0/en/os/alpha/php-odbc-4.1.2-7.0.3.alpha=
.rpm
5cd223c968ba2dd19e6851ab2b650edd 7.0/en/os/alpha/php-pgsql-4.1.2-7.0.3.alph=
a.rpm
ee25efa287c33c897141564a21ce3f25 7.0/en/os/alpha/php-snmp-4.1.2-7.0.3.alpha=
.rpm
df35c9aeaf9c254b0489d173ecc7d248 7.0/en/os/i386/php-4.1.2-7.0.3.i386.rpm
e7a51b96b17f65471d7e900af418405b 7.0/en/os/i386/php-devel-4.1.2-7.0.3.i386.=
rpm
b30b20df764294804528efad22a9a232 7.0/en/os/i386/php-imap-4.1.2-7.0.3.i386.r=
pm
524665531d576c6e8dbe4ca0588138a0 7.0/en/os/i386/php-ldap-4.1.2-7.0.3.i386.r=
pm
6e7c5348752eff801507a5474bc523f8 7.0/en/os/i386/php-manual-4.1.2-7.0.3.i386=
.rpm
9ffd7688ed63a65dc2ba45a39775dfac 7.0/en/os/i386/php-mysql-4.1.2-7.0.3.i386.=
rpm
97270c6acfb9a7b81b2640fc233d2a80 7.0/en/os/i386/php-odbc-4.1.2-7.0.3.i386.r=
pm
42760e93ad046f1d355a48b0d65d5506 7.0/en/os/i386/php-pgsql-4.1.2-7.0.3.i386.=
rpm
8775b297d5b31e0637ba408ffbc35fcf 7.0/en/os/i386/php-snmp-4.1.2-7.0.3.i386.r=
pm
22eb1586d39c15f391289576cc86df48 7.1/en/os/SRPMS/php-4.1.2-7.1.3.src.rpm
a21ba4abbf2316c753f8e52e6e47f002 7.1/en/os/alpha/php-4.1.2-7.1.3.alpha.rpm
059fafb0eced5dfe9cecf9150f8ecdff 7.1/en/os/alpha/php-devel-4.1.2-7.1.3.alph=
a.rpm
e912f96d952301e59ee292e6a09c5d17 7.1/en/os/alpha/php-imap-4.1.2-7.1.3.alpha=
.rpm
3d01db9cd6c18387fc86bad872f19996 7.1/en/os/alpha/php-ldap-4.1.2-7.1.3.alpha=
.rpm
b02be8a598b1e35847a5717691cfd4eb 7.1/en/os/alpha/php-manual-4.1.2-7.1.3.alp=
ha.rpm
509faf7624f199aa0998608a01067d11 7.1/en/os/alpha/php-mysql-4.1.2-7.1.3.alph=
a.rpm
89bc30f6f02235261235758419615d85 7.1/en/os/alpha/php-odbc-4.1.2-7.1.3.alpha=
.rpm
7c88ce1fb8060de300ea6575324b9964 7.1/en/os/alpha/php-pgsql-4.1.2-7.1.3.alph=
a.rpm
f1a0ef5807f55c6df45002feff5be0aa 7.1/en/os/alpha/php-snmp-4.1.2-7.1.3.alpha=
.rpm
0e91ea0f81ad8f2e3c14d9599efc864b 7.1/en/os/i386/php-4.1.2-7.1.3.i386.rpm
c8f574834d7acbda486119f52ee0b0d7 7.1/en/os/i386/php-devel-4.1.2-7.1.3.i386.=
rpm
beaa1ce1217afc83cdeebfba9163c7c1 7.1/en/os/i386/php-imap-4.1.2-7.1.3.i386.r=
pm
41fcabdc59a3f417623dc9c963a6b45d 7.1/en/os/i386/php-ldap-4.1.2-7.1.3.i386.r=
pm
9dfb36f4ded01b1d94387a1ac9f87a76 7.1/en/os/i386/php-manual-4.1.2-7.1.3.i386=
.rpm
60e4469799954c8a36632fc2e753de11 7.1/en/os/i386/php-mysql-4.1.2-7.1.3.i386.=
rpm
b74c269986aaa4ba4f3f149efbc611da 7.1/en/os/i386/php-odbc-4.1.2-7.1.3.i386.r=
pm
a043736dd3ae42823bc1e608c50aee97 7.1/en/os/i386/php-pgsql-4.1.2-7.1.3.i386.=
rpm
6a12c67b6f383d498eef598b193775ad 7.1/en/os/i386/php-snmp-4.1.2-7.1.3.i386.r=
pm
87ad9a08a1fd3a835581c266639d0d87 7.1/en/os/ia64/php-4.1.2-7.1.3.ia64.rpm
e74adc2cfeefeb9522244410bac2db38 7.1/en/os/ia64/php-devel-4.1.2-7.1.3.ia64.=
rpm
ff472ad79eca51960a3b0286e5bdf48d 7.1/en/os/ia64/php-imap-4.1.2-7.1.3.ia64.r=
pm
009f887ea1e3168e031605055c73e44e 7.1/en/os/ia64/php-ldap-4.1.2-7.1.3.ia64.r=
pm
da6c1c091989de604f316c48a4c4b757 7.1/en/os/ia64/php-manual-4.1.2-7.1.3.ia64=
.rpm
c11d30cd25d2565ba941857e3a60a7a2 7.1/en/os/ia64/php-mysql-4.1.2-7.1.3.ia64.=
rpm
166f9ac22b4faf7e4aab0495d1a1467c 7.1/en/os/ia64/php-odbc-4.1.2-7.1.3.ia64.r=
pm
ce1c8f7f04c6d150c20210d2071a88b6 7.1/en/os/ia64/php-pgsql-4.1.2-7.1.3.ia64.=
rpm
ff02ebff8b568a476e7d2469a5db901a 7.1/en/os/ia64/php-snmp-4.1.2-7.1.3.ia64.r=
pm
17767caa1c540ae7467032b507dc537b 7.2/en/os/SRPMS/php-4.1.2-7.2.3.src.rpm
5ee69c9773909727327b52ac257f9c7f 7.2/en/os/i386/php-4.1.2-7.2.3.i386.rpm
7660b8e758d56a6b176ecfc9b511e0f1 7.2/en/os/i386/php-devel-4.1.2-7.2.3.i386.=
rpm
0fcdfc60bdb7984f676f1f1433307f02 7.2/en/os/i386/php-imap-4.1.2-7.2.3.i386.r=
pm
422f4977bf916c14ade9b1f508279f5a 7.2/en/os/i386/php-ldap-4.1.2-7.2.3.i386.r=
pm
69f78016ffdbde0b250548d04653a78e 7.2/en/os/i386/php-manual-4.1.2-7.2.3.i386=
.rpm
d50c9c8054bb98eb18b2233392c7791f 7.2/en/os/i386/php-mysql-4.1.2-7.2.3.i386.=
rpm
c9a434dec3de1aa47a43f8fe1977eab1 7.2/en/os/i386/php-odbc-4.1.2-7.2.3.i386.r=
pm
8a9781796430c4c11b490e8bfe9aa1d1 7.2/en/os/i386/php-pgsql-4.1.2-7.2.3.i386.=
rpm
f5feae57a884690a8c20098938371af8 7.2/en/os/i386/php-snmp-4.1.2-7.2.3.i386.r=
pm
716e0dd9ea1049c4c38957120d41aaf5 7.2/en/os/ia64/php-4.1.2-7.2.3.ia64.rpm
42702bc5eef0a42b2be3b6562ff48a73 7.2/en/os/ia64/php-devel-4.1.2-7.2.3.ia64.=
rpm
a9bf2a4cca701b9fe83c5f6e9e9ae4e2 7.2/en/os/ia64/php-imap-4.1.2-7.2.3.ia64.r=
pm
18ae95909ca09ec897e313828b9d3eb8 7.2/en/os/ia64/php-ldap-4.1.2-7.2.3.ia64.r=
pm
6223f95f7279913fde43c992fe17301a 7.2/en/os/ia64/php-manual-4.1.2-7.2.3.ia64=
.rpm
649c0fa4c72ac1bb9e08c935dba3ce7d 7.2/en/os/ia64/php-mysql-4.1.2-7.2.3.ia64.=
rpm
0ce6494f01975351bd926beec07c3a7f 7.2/en/os/ia64/php-odbc-4.1.2-7.2.3.ia64.r=
pm
7fd8108c6fa9f553516dfb4c6d857cf0 7.2/en/os/ia64/php-pgsql-4.1.2-7.2.3.ia64.=
rpm
53377d928d58310481097ae001689da8 7.2/en/os/ia64/php-snmp-4.1.2-7.2.3.ia64.r=
pm
91f6379bc8ada6024971b80c6d553cca 7.3/en/os/SRPMS/php-4.1.2-7.3.3.src.rpm
236c34f6696dfce574270e05f53d863b 7.3/en/os/i386/php-4.1.2-7.3.3.i386.rpm
b1d20691d59cd9cef8b0e6671099c216 7.3/en/os/i386/php-devel-4.1.2-7.3.3.i386.=
rpm
34e57c7bc9ea368f9d4e32a1e2d1e908 7.3/en/os/i386/php-imap-4.1.2-7.3.3.i386.r=
pm
1fdc4d0de35fc93e66ec6601b8b32b03 7.3/en/os/i386/php-ldap-4.1.2-7.3.3.i386.r=
pm
02d02c10053f3738e13180520af22b1c 7.3/en/os/i386/php-manual-4.1.2-7.3.3.i386=
.rpm
98e8d5b9458d5dc26d57c5216e7d0877 7.3/en/os/i386/php-mysql-4.1.2-7.3.3.i386.=
rpm
9fb7dc54903aae71b907b4f86544e80e 7.3/en/os/i386/php-odbc-4.1.2-7.3.3.i386.r=
pm
c664feafa07b2b1f754e0cc37bcc0eeb 7.3/en/os/i386/php-pgsql-4.1.2-7.3.3.i386.=
rpm
c1de92828fedb0e88ed73a6ba4c94303 7.3/en/os/i386/php-snmp-4.1.2-7.3.3.i386.r=
pm
These packages are GPG signed by Red Hat, Inc. for security. Our key
is available at:
http://www.redhat.com/about/contact/pgpkey.html
You can verify each package with the following command:
rpm --checksig <filename>
If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
rpm --checksig --nogpg <filename>
7. References:
http://online.securityfocus.com/archive/1/194425
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCAN-2001-1246
Copyright(c) 2000, 2001, 2002 Red Hat, Inc.