Please support our Web Development advertiser: Programming Forums
May 27th, 2007, 6:50 pm
Gentoo has issued a security advisory with a high impact rating affecting users of PHP <5.2.2.
Several vulnerabilities have been found in PHP, not least a huge number discovered by Stefan Esser during the infamous Month Of PHP Bugs (MOPB) including integer overflows in wbmp.c from the GD library and in the substr_compare() PHP 5 function.
There have also been reports of a buffer overflow in the make_http_soap_request() and in the user_filter_factory_create() functions as well as a buffer overflow in the bundled XMLRPC library. If that weren’t enough, the session_regenerate_id() and the array_user_key_compare() functions contain a double-free vulnerability. Oh, and let’s not forget the implementation errors in the Zend engine, in the mb_parse_str(), the unserialize() and the mail() functions and other elements.
The fact that remote attackers therefore have the potential ability to exploit these vulnerabilities in PHP applications which could, of course, lead to arbitrary code execution. And Denial of Service attacks. And scripted content execution within the context of an exploited site. And information leaks due to the bypassing of security.
And the workaround is? Err, it is non-existent actually. If you are a PHP 5 user then you really should make sure you are using the latest available version.
Several vulnerabilities have been found in PHP, not least a huge number discovered by Stefan Esser during the infamous Month Of PHP Bugs (MOPB) including integer overflows in wbmp.c from the GD library and in the substr_compare() PHP 5 function.
There have also been reports of a buffer overflow in the make_http_soap_request() and in the user_filter_factory_create() functions as well as a buffer overflow in the bundled XMLRPC library. If that weren’t enough, the session_regenerate_id() and the array_user_key_compare() functions contain a double-free vulnerability. Oh, and let’s not forget the implementation errors in the Zend engine, in the mb_parse_str(), the unserialize() and the mail() functions and other elements.
The fact that remote attackers therefore have the potential ability to exploit these vulnerabilities in PHP applications which could, of course, lead to arbitrary code execution. And Denial of Service attacks. And scripted content execution within the context of an exploited site. And information leaks due to the bypassing of security.
And the workaround is? Err, it is non-existent actually. If you are a PHP 5 user then you really should make sure you are using the latest available version.
This blog entry was written by Bill Andad, staff writer aka newsguy. It has received 3,660 views, 4 comments, and 19 linkbacks. 5 voters have rated this entry an average of 4.6 out of 5 stars. It was promoted to featured status May 27th, 2007.
•
•
•
•
advice apple botnet browser business crime daniweb data dell desktop development encryption exploit fedora firefox forensic google government hacking hardware help ibm internet iphone linux malware microsoft mobile news novell open open source operating systems os phishing privacy red hat security software source spam trojan ubuntu unix virtualization virus vista vmware web windows
All Recent Tags Comments (Newest First)
newsguy | The News Guy | May 30th, 2007
peter_budo | Code tags enforcer | May 29th, 2007
•
•
•
•
>They could move over to ASP
microworld of microsoft??? you must by joking. For once it is damn slow, for two it crash often then windows and connection to db is awful. I don't know why all computing colleges actualy teach VB and related products
the Month of PHP Bugs can be found here http://www.php-security.org/
microworld of microsoft??? you must by joking. For once it is damn slow, for two it crash often then windows and connection to db is awful. I don't know why all computing colleges actualy teach VB and related products
the Month of PHP Bugs can be found here http://www.php-security.org/
John A | Vampirical Moderator | May 28th, 2007
•
•
•
•
Just curious, if this is a PHP flaw, then how come it is only affecting Gentoo? Or is Gentoo simply giving the warning on behalf of all PHP 5 users?
cutepinkbunnies | Junior Poster | May 28th, 2007
•
•
•
•
They could move over to ASP
Post Comment
•
•
•
•
Only community members can start a blog or comment on blog entries. You must register or log in to contribute.
•
•
•
•
•
•
•
•
DaniWeb Web Development Marketplace
Related Blog Entries
- Thunder Tables Kill Microsoft 40-bit Encryption (1 Day Ago)
- Elvis cloned! (10 Days Ago)
- Moles attack data (10 Days Ago)
- One small step for Google, one giant leap for Flash Designers! (13 Days Ago)
- Microsoft shows JQuery some love (13 Days Ago)
- Firefox 3.03 Released. (14 Days Ago)
- Firefox 3.0.3 on way real soon (16 Days Ago)
- Freelance website designer (17 Days Ago)
- Don't Like Political Ads? Write Your Own (19 Days Ago)
- World's First Android Powered Phone Revealed (19 Days Ago)
Related Forum Threads
- What's better? Windows 2000 Server or Linux Server? (Windows Servers and IIS)
- Want to learn linux for servers and security (Getting Started and Choosing a Distro)
- Linux server security guide (Network Security)
- How do I install Apache, MySQL, PHP on Linux? (PHP)
- Multiple vulnerabilities in PHP 4/5 (PHP)
- Zend PHP Certification (PHP)
- Windows vs Linux (Linux Users Lounge)
- Features in PHP 5 (PHP)
Featured Entry