Gentoo Linux PHP Security Advisory
Please support our Web Development advertiser: Programming Forums
May 27th, 2007, 6:50 pm
Gentoo has issued a security advisory with a high impact rating affecting users of PHP <5.2.2.
Several vulnerabilities have been found in PHP, not least a huge number discovered by Stefan Esser during the infamous Month Of PHP Bugs (MOPB) including integer overflows in wbmp.c from the GD library and in the substr_compare() PHP 5 function.
There have also been reports of a buffer overflow in the make_http_soap_request() and in the user_filter_factory_create() functions as well as a buffer overflow in the bundled XMLRPC library. If that weren’t enough, the session_regenerate_id() and the array_user_key_compare() functions contain a double-free vulnerability. Oh, and let’s not forget the implementation errors in the Zend engine, in the mb_parse_str(), the unserialize() and the mail() functions and other elements.
The fact that remote attackers therefore have the potential ability to exploit these vulnerabilities in PHP applications which could, of course, lead to arbitrary code execution. And Denial of Service attacks. And scripted content execution within the context of an exploited site. And information leaks due to the bypassing of security.
And the workaround is? Err, it is non-existent actually. If you are a PHP 5 user then you really should make sure you are using the latest available version.
Several vulnerabilities have been found in PHP, not least a huge number discovered by Stefan Esser during the infamous Month Of PHP Bugs (MOPB) including integer overflows in wbmp.c from the GD library and in the substr_compare() PHP 5 function.
There have also been reports of a buffer overflow in the make_http_soap_request() and in the user_filter_factory_create() functions as well as a buffer overflow in the bundled XMLRPC library. If that weren’t enough, the session_regenerate_id() and the array_user_key_compare() functions contain a double-free vulnerability. Oh, and let’s not forget the implementation errors in the Zend engine, in the mb_parse_str(), the unserialize() and the mail() functions and other elements.
The fact that remote attackers therefore have the potential ability to exploit these vulnerabilities in PHP applications which could, of course, lead to arbitrary code execution. And Denial of Service attacks. And scripted content execution within the context of an exploited site. And information leaks due to the bypassing of security.
And the workaround is? Err, it is non-existent actually. If you are a PHP 5 user then you really should make sure you are using the latest available version.
•
•
•
•
This blog entry was written by Bill Andad, staff writer aka newsguy. It has been filed under the Web Development category. It has received 4,590 views, 4 comment(s), and 19 linkbacks. It was promoted to featured news status May 27th, 2007.
newsguy | The News Guy | May 30th, 2007
peter_budo | Code tags enforcer | May 29th, 2007
•
•
•
•
>They could move over to ASP
microworld of microsoft??? you must by joking. For once it is damn slow, for two it crash often then windows and connection to db is awful. I don't know why all computing colleges actualy teach VB and related products
the Month of PHP Bugs can be found here http://www.php-security.org/
microworld of microsoft??? you must by joking. For once it is damn slow, for two it crash often then windows and connection to db is awful. I don't know why all computing colleges actualy teach VB and related products
the Month of PHP Bugs can be found here http://www.php-security.org/
John A | Vampirical Moderator | May 28th, 2007
•
•
•
•
Just curious, if this is a PHP flaw, then how come it is only affecting Gentoo? Or is Gentoo simply giving the warning on behalf of all PHP 5 users?
cutepinkbunnies | Junior Poster | May 28th, 2007
•
•
•
•
They could move over to ASP
Related Blog Entries
- Hotz does it again, iPhone 3GS is jailbroken!!! (20 Hours Ago)
- Michael Jackson sparks celebrity death hoax epidemic (3 Days Ago)
- Reading a 200 year old newspaper in the hot tub (5 Days Ago)
- Michael Jackson and web events (7 Days Ago)
- Find or dump a lover by email (8 Days Ago)
Related Forum Threads
- What's better? Windows 2000 Server or Linux Server? (Windows Servers and IIS)
- Want to learn linux for servers and security (Getting Started and Choosing a Distro)
- Linux server security guide (Network Security)
- How do I install Apache, MySQL, PHP on Linux? (PHP)
- Multiple vulnerabilities in PHP 4/5 (PHP)
- Zend PHP Certification (PHP)
- Windows vs Linux (IT Professionals' Lounge)
- Features in PHP 5 (PHP)


