copyright
|
disclaimer
|
privacy
|
contact
HOME
About
AusCERT
Membership
Contact Us
PKI Services
Training
Publications
Sec. Bulletins
Conferences
News & Media
Services
Web Log
Site Map
Site Help
Member login
Login »
Become a member »
Home
»
Security Bul...
»
Security Bul...
»
AusCERT Secu...
» ASB-2009.1173 - [Win][UNIX/Linux] PHP 5.2.x prior to...
ASB-2009.1173 - [Win][UNIX/Linux] PHP 5.2.x prior to 5.2.12: Multiple vulnerabilities
Date:
30 December 2009
References
:
ESB-2010.0031
ESB-2010.0182
ESB-2010.0183
ESB-2010.0189
ESB-2010.0282
ESB-2010.0548
ASB-2012.0151
Click here for printable version
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2009.1173 PHP 5.2.12: Multiple vulnerabilities 31 December 2009 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: PHP 5.2.x prior to 5.2.12 Operating System: Windows UNIX variants (UNIX, Linux, OSX) Impact/Access: Denial of Service -- Remote/Unauthenticated Cross-site Scripting -- Remote with User Interaction Reduced Security -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2009-4143 CVE-2009-4142 CVE-2009-4017 CVE-2009-3558 CVE-2009-3557 Member content until: Saturday, January 30 2010 OVERVIEW PHP 5.2.12 has been released correcting several security vulnerabilities. IMPACT The vendor has provided the following information regarding these vulnerabilities: * "Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak. (CVE-2009-3557, Rasmus)" [1] * "Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz Stachowiak. (CVE-2009-3558, Rasmus)" [1] * "Added "max_file_uploads" INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion, identified by Bogdan Calin. (CVE-2009-4017, Ilia)" [1] * "Added protection for $_SESSION from interrupt corruption and improved "session.save_path" check, identified by Stefan Esser. (CVE-2009-4143, Stas)" [1] * "Fixed bug #49785 (insufficient input string validation of htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot com)" [1] MITIGATION PHP v5.2x users can download the latest version from the vendor's website. [2] REFERENCES [1] PHP 5.2.12 Release Announcement http://www.php.net/releases/5_2_12.php [2] PHP 5.2.12 http://www.php.net/downloads.php AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iD8DBQFLPAOfNVH5XJJInbgRAqFwAJ4yp6hKzW92fmGXglYAZMj6v1bCywCfSJxB AjDC6AjA51wEIMcjYhu51Vg= =5rff -----END PGP SIGNATURE-----
Comments? Click here
http://www.auscert.org.au/render.html?cid=10415&it=12179