Vulnerability IntelligenceVulnerability ScanningBlogCorporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Intelligence > Secunia Advisories > Fedora update for php
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About
 
Fedora update for php
Secunia Advisory: SA15945
Advisory Toolbox:
Issue ticket
Save in to-do list
Mark as handled
Exploit information
Download as PDF
Review actions
Add comment
Release Date: 2005-07-06
Popularity: 6,782 views

Critical:
Highly critical
Impact: Privilege escalation
System access
Where: From remote
Solution Status: Vendor Patch

OS:Fedora Core 3
Fedora Core 4
Subscribe: Instant alerts on relevant vulnerabilities

CVE reference:CVE-2005-1751
CVE-2005-1921
Description:
Fedora has issued an update for php. This fixes two vulnerabilities, which potentially can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges and by malicious people to compromise a vulnerable system.

For more information:
SA15496
SA15861

Solution:
Apply updated packages.

Fedora Core 3:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

a174c30ad5e96498a5e93233ee6385ea SRPMS/php-4.3.11-2.6.src.rpm
a2984b641de63888c6622e9d5e6c131e x86_64/php-4.3.11-2.6.x86_64.rpm
43fcc397d921a0830faf56b971ddd31f x86_64/php-devel-4.3.11-2.6.x86_64.rpm
a98ee7857361a00bb7253af012bcf8ca x86_64/php-pear-4.3.11-2.6.x86_64.rpm
af006624ac19d143821e8589ea1ab41b x86_64/php-imap-4.3.11-2.6.x86_64.rpm
e911a6bc8509791fdb3beb6ec57f9a4f x86_64/php-ldap-4.3.11-2.6.x86_64.rpm
0667770fe1a20ab4377b0f270e86dd24 x86_64/php-mysql-4.3.11-2.6.x86_64.rpm
f9d2a8cf407875991ca3d353bcb7f17c x86_64/php-pgsql-4.3.11-2.6.x86_64.rpm
2d47fd7f1ba7e2a3932917ee4bf9c39d x86_64/php-odbc-4.3.11-2.6.x86_64.rpm
dff854303417c33939adf56b2ff52dd6 x86_64/php-snmp-4.3.11-2.6.x86_64.rpm
830d9e2d023bf789774fb610db5c10ea x86_64/php-domxml-4.3.11-2.6.x86_64.rpm
9c074857fe9a4db0b2cad3e3220a7fa0 x86_64/php-xmlrpc-4.3.11-2.6.x86_64.rpm
8cc21c37e3f46c3091c31d0111043a2f x86_64/php-mbstring-4.3.11-2.6.x86_64.rpm
387e8fbeb1e0ddaba3ed8c9f6c531509 x86_64/php-ncurses-4.3.11-2.6.x86_64.rpm
887ae796ffa6aa12bbc4e7ef227af209 x86_64/php-gd-4.3.11-2.6.x86_64.rpm
1957e6d2ae92be01f79b395736a6bd73 x86_64/debug/php-debuginfo-4.3.11-2.6.x86_64.rpm
093db5829c89aba8af79bcce88d83e2e i386/php-4.3.11-2.6.i386.rpm
9314db2476cbd4840286b0092d603621 i386/php-devel-4.3.11-2.6.i386.rpm
259afaa2af03ea7d879c6a448c3ad70a i386/php-pear-4.3.11-2.6.i386.rpm
aaa0e93451abb3794624520ed7400ace i386/php-imap-4.3.11-2.6.i386.rpm
490d0f1c9b71176e238faa096793bdd4 i386/php-ldap-4.3.11-2.6.i386.rpm
6b773958ade696a8e9b18a3b519c443b i386/php-mysql-4.3.11-2.6.i386.rpm
259498bb42fc271c651d72a4871b9b31 i386/php-pgsql-4.3.11-2.6.i386.rpm
ad1c1a842709494b098979c9f2aa33a7 i386/php-odbc-4.3.11-2.6.i386.rpm
5bdd86ed53246118645d599c07e7909c i386/php-snmp-4.3.11-2.6.i386.rpm
af8af25e3e0319db1c9a325f85112b77 i386/php-domxml-4.3.11-2.6.i386.rpm
bb551acb1b2421ce2d4ac6e7d2cc676b i386/php-xmlrpc-4.3.11-2.6.i386.rpm
4a7ecf8772101604df11e2276b7c9ae2 i386/php-mbstring-4.3.11-2.6.i386.rpm
81fa3c7e75d7e304f6d6a85ca3059630 i386/php-ncurses-4.3.11-2.6.i386.rpm
c76642b88ae71ae50e805af6dfc2d6fe i386/php-gd-4.3.11-2.6.i386.rpm
f3f076e25a64669d98d73965acd66181 i386/debug/php-debuginfo-4.3.11-2.6.i386.rpm

Fedora Core 4:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

0c6522a88226f54f5e5b7de87fbc0c11 SRPMS/php-5.0.4-10.3.src.rpm
bfaea50f076c4e099c268da5e7620f4b ppc/php-5.0.4-10.3.ppc.rpm
8a07fa05c8405b8e57d132b6ea1f35b1 ppc/php-devel-5.0.4-10.3.ppc.rpm
565d15f4846387a847f8ec46b5c0b396 ppc/php-pear-5.0.4-10.3.ppc.rpm
dbec56b97f22708db35526087110f421 ppc/php-imap-5.0.4-10.3.ppc.rpm
3ae7074cf4ab82f5c8204f72b126dde0 ppc/php-ldap-5.0.4-10.3.ppc.rpm
51836fcd1e96516e78a4e1d109733674 ppc/php-mysql-5.0.4-10.3.ppc.rpm
ea5e7470d83768e1ac5c68796b5b84f3 ppc/php-pgsql-5.0.4-10.3.ppc.rpm
d56a9554078b3b24840025487aa9dfed ppc/php-odbc-5.0.4-10.3.ppc.rpm
5c785d8775d0a627ea2ba976245824e4 ppc/php-soap-5.0.4-10.3.ppc.rpm
bffafd1150b30fde9993f928d4a2d7c0 ppc/php-snmp-5.0.4-10.3.ppc.rpm
784f81cc2692689a585c1fc370a2f17d ppc/php-xml-5.0.4-10.3.ppc.rpm
57bee6798a5722698e33d03132f56583 ppc/php-xmlrpc-5.0.4-10.3.ppc.rpm
b0f76a1c4b916b21f47264f5f87c52bb ppc/php-mbstring-5.0.4-10.3.ppc.rpm
579b1ed7ce37a414adb620cbae082dd1 ppc/php-ncurses-5.0.4-10.3.ppc.rpm
64bef62199d03684373798f4f9c10e06 ppc/php-gd-5.0.4-10.3.ppc.rpm
f1efef76a385b5a0dd021a893a8bae82 ppc/php-bcmath-5.0.4-10.3.ppc.rpm
478a276f46917bb4d6dcea26d9fa661c ppc/php-dba-5.0.4-10.3.ppc.rpm
322bc6293f6c8deb9221241c18c93c82 ppc/debug/php-debuginfo-5.0.4-10.3.ppc.rpm
8efec10a38d939add4eb3c3282e15a61 x86_64/php-5.0.4-10.3.x86_64.rpm
d673f5d0bbed054802b976c7f64325f2 x86_64/php-devel-5.0.4-10.3.x86_64.rpm
5d45dc58614ff16f725e975e20d9405e x86_64/php-pear-5.0.4-10.3.x86_64.rpm
aada20087705846a32f51eb479a340e4 x86_64/php-imap-5.0.4-10.3.x86_64.rpm
9c38732c237643b6ab15d9eb8ac38690 x86_64/php-ldap-5.0.4-10.3.x86_64.rpm
2509b955a13e7d4dc5b601b4378eb73e x86_64/php-mysql-5.0.4-10.3.x86_64.rpm
7733267f9c4aee9145b1150ad066c15b x86_64/php-pgsql-5.0.4-10.3.x86_64.rpm
69e34aadb84a83984f4f1e5f8f0351f1 x86_64/php-odbc-5.0.4-10.3.x86_64.rpm
421f3f0e308ac094dfdd3e9e33f5a2ab x86_64/php-soap-5.0.4-10.3.x86_64.rpm
c392b1c9377612dfacbb739b091e802d x86_64/php-snmp-5.0.4-10.3.x86_64.rpm
7ff88a5d7a91e4d5038257deadae3b0f x86_64/php-xml-5.0.4-10.3.x86_64.rpm
f9d2c7f91395ab69be20f1872fc97842 x86_64/php-xmlrpc-5.0.4-10.3.x86_64.rpm
16a3f115bfaa44ac7d5ff92e9146253b x86_64/php-mbstring-5.0.4-10.3.x86_64.rpm
44826fa9acef498c42eb49f1e51f87d7 x86_64/php-ncurses-5.0.4-10.3.x86_64.rpm
5c2556e825a490c2db2f555dc4d016b9 x86_64/php-gd-5.0.4-10.3.x86_64.rpm
21568c6ad605a84b1a240f414b7166be x86_64/php-bcmath-5.0.4-10.3.x86_64.rpm
cdc560b1d7c7237dc918764c1370f08e x86_64/php-dba-5.0.4-10.3.x86_64.rpm
233dc431c4fccc4adbb0797007b1a78a x86_64/debug/php-debuginfo-5.0.4-10.3.x86_64.rpm
8e745631a8ac72c8beb28707dda1b407 i386/php-5.0.4-10.3.i386.rpm
fdfd59d4504f9ac5c52a251dad404a8b i386/php-devel-5.0.4-10.3.i386.rpm
90bddaf9f48d94e584c35a82c7fe89fe i386/php-pear-5.0.4-10.3.i386.rpm
4fcbed04dfe357a9b2c4a5fb85058304 i386/php-imap-5.0.4-10.3.i386.rpm
dea52cc729d8f224e0ea17bf219f320b i386/php-ldap-5.0.4-10.3.i386.rpm
e6ee42402a1cbd8a01a58b84e790efb3 i386/php-mysql-5.0.4-10.3.i386.rpm
8d562d334790734b3a7fda48d43c3cb9 i386/php-pgsql-5.0.4-10.3.i386.rpm
24a01a9e32073783a56cf487228ab9be i386/php-odbc-5.0.4-10.3.i386.rpm
7308e2120909b36d3d7e98bcc0ee0400 i386/php-soap-5.0.4-10.3.i386.rpm
438b9b67b75e0ff9a3d797d091be3670 i386/php-snmp-5.0.4-10.3.i386.rpm
483af673a9d33df179dcfca20eb94e73 i386/php-xml-5.0.4-10.3.i386.rpm
2ee878c5bca760a4f3ed01549657ec74 i386/php-xmlrpc-5.0.4-10.3.i386.rpm
a7b3d134abda5a134de5fb8b86558086 i386/php-mbstring-5.0.4-10.3.i386.rpm
4ccd1e7dd776cc5a13f9b4071755a36c i386/php-ncurses-5.0.4-10.3.i386.rpm
c447d59cec28198b72e63de1d34416d0 i386/php-gd-5.0.4-10.3.i386.rpm
d411c4ed89ada9f064fe43e793df09f7 i386/php-bcmath-5.0.4-10.3.i386.rpm
50c8efd1eba45c3cdecf6f94429816f1 i386/php-dba-5.0.4-10.3.i386.rpm
6cc243c39853ec33401b5fb772378c98 i386/debug/php-debuginfo-5.0.4-10.3.i386.rpm

Other References:
SA15496:
http://secunia.com/advisories/15496/

SA15861:
http://secunia.com/advisories/15861/

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

5th Sep, 2008
New advisories: 14
New vulnerabilities: 18
Updated advisories: 22

Less // 269 views
Netgear WN802T Wireless Access Point Two Vulnerabilities
Less // 215 views
Fedora update for xastir
Less // 274 views
XASTIR Insecure Temporary Files
Less // 221 views
Fedora update for samba
Less // 229 views
Fedora update for bitlbee
Less // 614 views
3Com Wireless 8760 Access Point HTTP Request Processing Denial of Service
Moderately // 505 views
CS-Cart "cs_cookies" SQL Injection Vulnerability
Less // 589 views
Drupal Content Construction Kit Script Insertion Vulnerabilities
Less // 584 views
HP OpenView Select Identity Connectors Information Disclosure
Moderately // 468 views
rPath update for libtiff

Solutions | More...  

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. Microsoft Office Two Code Execution Vulnerabilities // 21 views
2. Microsoft Word Malformed Object Pointer Vulnerability // 16 views
3. phpBB Multiple Vulnerabilities // 12 views
4. Drupal Content Construction Kit Script Insertion Vulnerabilities // 12 views
5. phpBB "gen_rand_string()" Predictable RNG Weakness // 12 views
6. Apple QuickTime Multiple Vulnerabilities // 11 views
7. 3Com Wireless 8760 Access Point HTTP Request Processing Denial of Service // 10 views
8. XASTIR Insecure Temporary Files // 10 views
9. phpBB reveals user IPs // 10 views
10. Microsoft Office Excel Multiple Vulnerabilities // 10 views



Contact | Terms & Conditions | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2008