Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2006.0831 -- [RedHat] Important: php security update 13 November 2006 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: PHP Publisher: Red Hat Operating System: Red Hat Enterprise Linux AS/ES 4 Impact: Execute Arbitrary Code/Commands Access: Remote/Unauthenticated CVE Names: CVE-2006-5465 Ref: ESB-2006.0812 ESB-2006.0813 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2006-0731.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: php security update Advisory ID: RHSA-2006:0731-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0731.html Issue date: 2006-11-10 Updated on: 2006-11-10 Product: Red Hat Application Stack CVE Names: CVE-2006-5465 - - --------------------------------------------------------------------- 1. Summary: Updated PHP packages that fix a security issue are now available for the Red Hat Application Stack. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64 Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64 3. Problem description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. The Hardened-PHP Project discovered an overflow in the PHP htmlentities() and htmlspecialchars() routines. If a PHP script used the vulnerable functions to parse UTF-8 data, a remote attacker sending a carefully crafted request could trigger the overflow and potentially execute arbitrary code as the 'apache' user. (CVE-2006-5465) Users of PHP should upgrade to these updated packages which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 213644 - CVE-2006-5465 PHP buffer overflow 6. RPMs required: Red Hat Application Stack v1 for Enterprise Linux AS (v.4): SRPMS: ftp://updates.redhat.com/4AS-RHWAS/en/os/SRPMS/php-5.1.4-1.el4s1.5.src.rpm 9161a1d8e9bce699d4bd831b9b0ca06f php-5.1.4-1.el4s1.5.src.rpm i386: 83947aee60a8d3ee50e440de5ab47fd0 php-5.1.4-1.el4s1.5.i386.rpm 13ae4bedc7e1687f5b6e49cfa778268c php-bcmath-5.1.4-1.el4s1.5.i386.rpm 0acb5aeb696fae4b66613b0069498b43 php-dba-5.1.4-1.el4s1.5.i386.rpm baf8296a4ef6ca6bd58fa435b610ad38 php-debuginfo-5.1.4-1.el4s1.5.i386.rpm 50e3d2f7054f9c06c1ed189859a263c7 php-devel-5.1.4-1.el4s1.5.i386.rpm f28e19c9cf8f2862a5e7b5473646ad4c php-gd-5.1.4-1.el4s1.5.i386.rpm bbfb6117572d65c5ddef5867a1ba2602 php-imap-5.1.4-1.el4s1.5.i386.rpm e630f9ec2a88f94de7cffedbb69dc13f php-ldap-5.1.4-1.el4s1.5.i386.rpm 86628677256e0dcf96d5e5f1b6782e4b php-mbstring-5.1.4-1.el4s1.5.i386.rpm 0fe958c2a351bb83a612e62ec233adc4 php-mysql-5.1.4-1.el4s1.5.i386.rpm bf4c8581463c09a64e95aa9fb1bc7541 php-ncurses-5.1.4-1.el4s1.5.i386.rpm a3f61f9b1a3aaa1ae45a17609e3a883d php-odbc-5.1.4-1.el4s1.5.i386.rpm 2776adfdc5b395a055e8c678cba4fc6e php-pdo-5.1.4-1.el4s1.5.i386.rpm 2fae4d10a2a18db6e1b30d7eb3cae8ad php-pgsql-5.1.4-1.el4s1.5.i386.rpm d784de802fe900fe0f03cf7bfe2432a5 php-snmp-5.1.4-1.el4s1.5.i386.rpm 5b97be5e2b5de8ed19950e284a0410d0 php-soap-5.1.4-1.el4s1.5.i386.rpm f1bbc1d5bdc903b9d469ee1fc9993954 php-xml-5.1.4-1.el4s1.5.i386.rpm ec864278247fe343b014e736b92fe393 php-xmlrpc-5.1.4-1.el4s1.5.i386.rpm x86_64: 6db081a10dfa5af39e2f2f150b3c91b7 php-5.1.4-1.el4s1.5.x86_64.rpm 0f847444a2c2b9e2efa63b6430a2d1a2 php-bcmath-5.1.4-1.el4s1.5.x86_64.rpm 913527609e55127c5a62fa74ae7a055a php-dba-5.1.4-1.el4s1.5.x86_64.rpm 6715be4d78de845a1c901d33d2a64a31 php-debuginfo-5.1.4-1.el4s1.5.x86_64.rpm f7e197b2b1507513b0d2fe10f9222749 php-devel-5.1.4-1.el4s1.5.x86_64.rpm c0214169b8fbd802ab60d69ad7e8cdbf php-gd-5.1.4-1.el4s1.5.x86_64.rpm 0073cb2971941a6f48b1d6d2ff9d8463 php-imap-5.1.4-1.el4s1.5.x86_64.rpm 32139845801f794850ef3f9d5168e14c php-ldap-5.1.4-1.el4s1.5.x86_64.rpm 88a355fa5d7cab6dd63e16014d2667b9 php-mbstring-5.1.4-1.el4s1.5.x86_64.rpm 6dd28379b47bf167b72c6d266fdd9ad7 php-mysql-5.1.4-1.el4s1.5.x86_64.rpm 14c241ac5172c06eb6e61103932a3e2e php-ncurses-5.1.4-1.el4s1.5.x86_64.rpm c3a70245150763eb9244a19206f6cbe5 php-odbc-5.1.4-1.el4s1.5.x86_64.rpm a8616a5c2c84273ba6932aa8b93d5d72 php-pdo-5.1.4-1.el4s1.5.x86_64.rpm be110a73781f9d4856d020d9e2c84415 php-pgsql-5.1.4-1.el4s1.5.x86_64.rpm 4a6ad0570e308e421351af1cb55ac3a3 php-snmp-5.1.4-1.el4s1.5.x86_64.rpm ab3ec9bf114ad466aeffb5be74f59bc5 php-soap-5.1.4-1.el4s1.5.x86_64.rpm 4453298b314c8bc9cfc8840f25037ac7 php-xml-5.1.4-1.el4s1.5.x86_64.rpm a4cc0023fa194029b7fc57f295419b3b php-xmlrpc-5.1.4-1.el4s1.5.x86_64.rpm Red Hat Application Stack v1 for Enterprise Linux ES (v.4): SRPMS: ftp://updates.redhat.com/4ES-RHWAS/en/os/SRPMS/php-5.1.4-1.el4s1.5.src.rpm 9161a1d8e9bce699d4bd831b9b0ca06f php-5.1.4-1.el4s1.5.src.rpm i386: 83947aee60a8d3ee50e440de5ab47fd0 php-5.1.4-1.el4s1.5.i386.rpm 13ae4bedc7e1687f5b6e49cfa778268c php-bcmath-5.1.4-1.el4s1.5.i386.rpm 0acb5aeb696fae4b66613b0069498b43 php-dba-5.1.4-1.el4s1.5.i386.rpm baf8296a4ef6ca6bd58fa435b610ad38 php-debuginfo-5.1.4-1.el4s1.5.i386.rpm 50e3d2f7054f9c06c1ed189859a263c7 php-devel-5.1.4-1.el4s1.5.i386.rpm f28e19c9cf8f2862a5e7b5473646ad4c php-gd-5.1.4-1.el4s1.5.i386.rpm bbfb6117572d65c5ddef5867a1ba2602 php-imap-5.1.4-1.el4s1.5.i386.rpm e630f9ec2a88f94de7cffedbb69dc13f php-ldap-5.1.4-1.el4s1.5.i386.rpm 86628677256e0dcf96d5e5f1b6782e4b php-mbstring-5.1.4-1.el4s1.5.i386.rpm 0fe958c2a351bb83a612e62ec233adc4 php-mysql-5.1.4-1.el4s1.5.i386.rpm bf4c8581463c09a64e95aa9fb1bc7541 php-ncurses-5.1.4-1.el4s1.5.i386.rpm a3f61f9b1a3aaa1ae45a17609e3a883d php-odbc-5.1.4-1.el4s1.5.i386.rpm 2776adfdc5b395a055e8c678cba4fc6e php-pdo-5.1.4-1.el4s1.5.i386.rpm 2fae4d10a2a18db6e1b30d7eb3cae8ad php-pgsql-5.1.4-1.el4s1.5.i386.rpm d784de802fe900fe0f03cf7bfe2432a5 php-snmp-5.1.4-1.el4s1.5.i386.rpm 5b97be5e2b5de8ed19950e284a0410d0 php-soap-5.1.4-1.el4s1.5.i386.rpm f1bbc1d5bdc903b9d469ee1fc9993954 php-xml-5.1.4-1.el4s1.5.i386.rpm ec864278247fe343b014e736b92fe393 php-xmlrpc-5.1.4-1.el4s1.5.i386.rpm x86_64: 6db081a10dfa5af39e2f2f150b3c91b7 php-5.1.4-1.el4s1.5.x86_64.rpm 0f847444a2c2b9e2efa63b6430a2d1a2 php-bcmath-5.1.4-1.el4s1.5.x86_64.rpm 913527609e55127c5a62fa74ae7a055a php-dba-5.1.4-1.el4s1.5.x86_64.rpm 6715be4d78de845a1c901d33d2a64a31 php-debuginfo-5.1.4-1.el4s1.5.x86_64.rpm f7e197b2b1507513b0d2fe10f9222749 php-devel-5.1.4-1.el4s1.5.x86_64.rpm c0214169b8fbd802ab60d69ad7e8cdbf php-gd-5.1.4-1.el4s1.5.x86_64.rpm 0073cb2971941a6f48b1d6d2ff9d8463 php-imap-5.1.4-1.el4s1.5.x86_64.rpm 32139845801f794850ef3f9d5168e14c php-ldap-5.1.4-1.el4s1.5.x86_64.rpm 88a355fa5d7cab6dd63e16014d2667b9 php-mbstring-5.1.4-1.el4s1.5.x86_64.rpm 6dd28379b47bf167b72c6d266fdd9ad7 php-mysql-5.1.4-1.el4s1.5.x86_64.rpm 14c241ac5172c06eb6e61103932a3e2e php-ncurses-5.1.4-1.el4s1.5.x86_64.rpm c3a70245150763eb9244a19206f6cbe5 php-odbc-5.1.4-1.el4s1.5.x86_64.rpm a8616a5c2c84273ba6932aa8b93d5d72 php-pdo-5.1.4-1.el4s1.5.x86_64.rpm be110a73781f9d4856d020d9e2c84415 php-pgsql-5.1.4-1.el4s1.5.x86_64.rpm 4a6ad0570e308e421351af1cb55ac3a3 php-snmp-5.1.4-1.el4s1.5.x86_64.rpm ab3ec9bf114ad466aeffb5be74f59bc5 php-soap-5.1.4-1.el4s1.5.x86_64.rpm 4453298b314c8bc9cfc8840f25037ac7 php-xml-5.1.4-1.el4s1.5.x86_64.rpm a4cc0023fa194029b7fc57f295419b3b php-xmlrpc-5.1.4-1.el4s1.5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465 http://www.hardened-php.net/advisory_132006.138.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFFVEHpXlSAg2UNWIIRApwlAJkBQS+/krcnKQUca2fm9j5b526VFgCfeAEu nGnQVWdWKo5miIgKowRcKFc= =Whe1 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBRVfSHih9+71yA2DNAQJTLAP/eDbgZzmRpW8JlNW4Js3lKcusEHpi+WrZ Om2fUc2WywiWmzBPz+HZ+2aHyPNvq/o6Mz2y7C7/XtgazwMa95ecrS5FiLyPU2J4 XPOf9A9N8zTr5JnoNBbfRVXsvd3CjKyoJy7RlDoba/Iu3qRldor4182XXKc3demc I+/71UQSpgs= =d7WG -----END PGP SIGNATURE-----