Author: neilm Date: 2005-09-09 22:53:14 +0000 (Fri, 09 Sep 2005) New Revision: 1890 Added: data/DTSA/advs/16-php4.adv Log: PHP .adv Added: data/DTSA/advs/16-php4.adv ==================================================================--- data/DTSA/advs/16-php4.adv 2005-09-09 22:01:18 UTC (rev 1889) +++ data/DTSA/advs/16-php4.adv 2005-09-09 22:53:14 UTC (rev 1890) @@ -0,0 +1,35 @@ +source: php4 +date: September 10th, 2005 +author: Neil McGovern +vuln-type: several vulnerabilities +problem-scope: remote/local +debian-specifc: no +cve: CAN-2005-1751 CAN-2005-1921 CAN-2005-2498 +vendor-advisory: +testing-fix: 4.3.10-16etch1 +sid-fix: 4.4.0-2 +upgrade: apt-get upgrade + +Several security related problems have been found in PHP4, the +server-side, HTML-embedded scripting language. The Common +Vulnerabilities and Exposures project identifies the following +problems: + +CAN-2005-1751 + + Eric Romang discovered insecure temporary files in the shtool + utility shipped with PHP that can exploited by a local attacker to + overwrite arbitrary files. Only this vulnerability affects + packages in oldstable. + +CAN-2005-1921 + + GulfTech has discovered that PEAR XML_RPC is vulnerable to a + remote PHP code execution vulnerability that may allow an attacker + to compromise a vulnerable server. + +CAN-2005-2498 + + Stefan Esser discovered another vulnerability in the XML-RPC + libraries that allows injection of arbitrary PHP code into eval() + statements.