Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2011.0066 PHP 5.3.7 released correcting various vulnerabilities 19 August 2011 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: PHP 5.3.6 and prior Operating System: Windows UNIX variants (UNIX, Linux, OSX) Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Create Arbitrary Files -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2011-2483 CVE-2011-2202 CVE-2011-1938 CVE-2011-1148 Member content until: Sunday, September 18 2011 OVERVIEW Version 5.3.7 of PHP has been released correcting several security flaws. IMPACT * CVE-2011-2483 - "Updated crypt_blowfish to 1.2" [1]. This vulnerability mishandled 8-bit characters which could allow different passwords to generate the same hash. * CVE-2011-2202 - "File path injection vulnerability in RFC1867 File upload filename" [2] * CVE-2011-1938 - "Fixed stack buffer overflow in socket_connect()" [2] * CVE-2011-1148 - "use-after-free in substr_replace()" [2] * NO CVE AVAILABLE - "Fixed crash in error_log()" [2] * NO CVE AVAILABLE - "Fixed buffer overflow on overlog salt in crypt()" [2] MITIGATION Install the latest version of PHP which at the time of writing is 5.3.7. If no update is yet available for your distribution you can disable the specific functions affected by adding them to the "disable_functions" directive in php.ini. REFERENCES [1] PHP 5 Changelog http://www.php.net/ChangeLog-5.php#5.3.7 [2] News Archive 2011 http://www.php.net/archive/2011.php#id2011-08-18-1 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBTk223e4yVqjM2NGpAQJL3hAAlEtQbtOf/vbvkq6YJPRjhhfVG9AGcOXR XeuLsOoQzkNP6MVsSSBYZosenn0qSAt8rFD5LxeqshIpiWRj0o1Bb0xbAHJPtPMm ay3F810yysAPhAnG72dWccOpBOk7LnLxKvgPreCb8UGYlWLGUBXgUmVDNYKf0Tsg N1E3nbBRKt/8w8pHYZjM2UH5z4JRTKhkSgeBYSsDXFrEj/6SZnPHZq1LLex5rh7d kqcjk2NE2lo7H2Z779tCsYFP6SWi1jCCa5tGPhfWz98B2ngrM8Ss6S2XK2eA8z16 bU00ZU73XeXYsgEHbs+fCFLdelaU2t3l/7hpMWbAEN0Nmzzdo77336fIXPiWaTJq l4nT0Hkv2aIs7Usfmh7CKCGBkbli5PXxbiiNl2dP+ObNvK/HAgrsWtgdYm/cYRNg HILaoSO5PbXu1XaRNokFRU097VFhqPu2VcQ6oQBK3P6ajQjjcI2MFPgDDiGYaIjn 5E9jhrg1C2nGNEvCzf1/2PuSTkLoCGrFiC82lvnffunEpkBHt5iWSQmMuwoBsbty XxMd/y6r9k+xkxUN4NnULrdsq5RSmBZWaEZsyjVqe5DgZsE8UJmD1FS3sq3Gn4uq KDy4RF3MxJgPOAPhnWP3mIgiJ/z0+/zD+m4di690oTBAcltchvtIuQZUCNzq6MXO G6Ibrv+AjvU= =B0o8 -----END PGP SIGNATURE-----