<<< Date Index >>>     <<< Thread Index >>>

[PLSN-0001] - Multiple PHP vulnerabilities



---------------------------------------------------------------------------
Peachtree Linux Security Notice PLSN-0001
April 19, 2005

Remote code execution and remote DoS vulnerability in PHP
CAN-2005-0524, CAN-2005-0525, CAN-2005-1042, CAN-2005-1043
---------------------------------------------------------------------------

The following Peachtree Linux releases are affected:

   Peachtree Linux release 1 ("Atlanta")

Description:

   CAN-2005-0524:  The php_handle_iff function in image.c for PHP 4.2.2,
   4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function,
   allows remote attackers to cause a denial of service (infinite loop)
   via a -8 size value.

   CAN-2005-0525:  The php_next_marker function in image.c for PHP 4.2.2,
   4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function,
   allows remote attackers to cause a denial of service (infinite loop)
   via a JPEG image with an invalid marker value, which causes a negative
   length value to be passed to php_stream_seek.

   CAN-2005-1042:  Integer overflow in the exif_process_IFD_TAG function
   in exif.c in PHP before 4.3.11 may allow remote attackers to execute
   arbitrary code via an IFD tag that leads to a negative byte count.

   CAN-2005-1043:  exif.c in PHP before 4.3.11 allows remote attackers to
   cause a denial of service (memory consumption and crash) via an EXIF
   header with a large IFD nesting level, which causes significant stack
   recursion.

Packages:

   Download the updated php package for your release of Peachtree Linux
   and your host architecture.  The main updates site is:

      http://peachtree.burdell.org/updates/

   Updated packages available for Peachtree Linux release 1 ("Atlanta"):

      alpha
         db11a244e5085bcee51714d001b56df3  php-4.3.11.alpha.dist

      i386
         97720a9c42d89288945d8214e3e2336c  php-4.3.11.i686.dist

      ppc
         f2237e37682a905c432cb81d724f8dd6  php-4.3.11.ppc.dist

Solution:

   Download the appropriate package for your release of Peachtree Linux.
   Upgrade your system to the new package:

      distadd -u packagename

   Where packagename is the name of the package file from the list above.

   After installation of the new package, restart any services you have
   that are using PHP, such as Apache.

-- 
Peachtree Linux Security Team
http://peachtree.burdell.org/

Attachment: pgpqaV5cEFFDt.pgp
Description: PGP signature