Vulnerability IntelligenceVulnerability ScanningBlog - new entryCorporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Intelligence > Secunia Advisories > Mandriva update for php
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About
 
Mandriva update for php
Secunia Advisory: SA18697
Advisory Toolbox:
Issue ticket
Save in to-do list
Mark as handled
Exploit information
Download as PDF
Review actions
Add comment
Release Date: 2006-02-02
Popularity: 6,637 views

Critical:
Less critical
Impact: Cross Site Scripting
Where: From remote
Solution Status: Vendor Patch

OS:Mandrake Corporate Server 2.x
Mandrakelinux 10.1
Subscribe: Instant alerts on relevant vulnerabilities

CVE reference:CVE-2006-0207
CVE-2006-0208
Description:
Mandriva has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious people to conduct HTTP response splitting attacks and potentially to conduct cross-site scripting attacks.

For more information:
SA18431

Solution:
Apply updated packages.

Mandrakelinux 10.1:

df01c3861affe2f3e1c889018bb2bdbf 10.1/RPMS/libphp_common432-4.3.8-3.7.101mdk.i586.rpm
f9df1052bc1f6ce85a3bbb5ec544b077 10.1/RPMS/php432-devel-4.3.8-3.7.101mdk.i586.rpm
3be049c85f40f7051f3cf1e44b165485 10.1/RPMS/php-cgi-4.3.8-3.7.101mdk.i586.rpm
de903ca3c9126f451f48d71e30042066 10.1/RPMS/php-cli-4.3.8-3.7.101mdk.i586.rpm
d697297c4330d93379848b2f3ea5b59c 10.1/SRPMS/php-4.3.8-3.7.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:

c9123a9203fd795b7445c2d54b2e0e65 x86_64/10.1/RPMS/lib64php_common432-4.3.8-3.7.101mdk.x86_64.rpm
a8ec659d640715f2cbe8ec5b93868de2 x86_64/10.1/RPMS/php432-devel-4.3.8-3.7.101mdk.x86_64.rpm
76ff7da663400e000c148d5562540097 x86_64/10.1/RPMS/php-cgi-4.3.8-3.7.101mdk.x86_64.rpm
d4c84cc9cf9325560e641f20040579ee x86_64/10.1/RPMS/php-cli-4.3.8-3.7.101mdk.x86_64.rpm
d697297c4330d93379848b2f3ea5b59c x86_64/10.1/SRPMS/php-4.3.8-3.7.101mdk.src.rpm

Corporate Server 2.1:

09f5076909971d5604836d7b9ea9fd45 corporate/2.1/RPMS/php-4.2.3-4.7.C21mdk.i586.rpm
8c035441a66315b1eff8b17312c3a930 corporate/2.1/RPMS/php-common-4.2.3-4.7.C21mdk.i586.rpm
c6f1fd24fe3e8f1ab43dcac22606486f corporate/2.1/RPMS/php-devel-4.2.3-4.7.C21mdk.i586.rpm
86819061809b349bd18566a406273570 corporate/2.1/RPMS/php-pear-4.2.3-4.7.C21mdk.i586.rpm
7dd951360a264bf5866d065a00d5238f corporate/2.1/SRPMS/php-4.2.3-4.7.C21mdk.src.rpm

Corporate Server 2.1/X86_64:

37b27434d1c44f27d8c277ae564b936e x86_64/corporate/2.1/RPMS/php-4.2.3-4.7.C21mdk.x86_64.rpm
6136563a8257ef44180ca6b4401901f6 x86_64/corporate/2.1/RPMS/php-common-4.2.3-4.7.C21mdk.x86_64.rpm
bbdb1dbdda2d70b035ef466443bfc422 x86_64/corporate/2.1/RPMS/php-devel-4.2.3-4.7.C21mdk.x86_64.rpm
5d44bf1bfea2cf67b4d8e89199163451 x86_64/corporate/2.1/RPMS/php-pear-4.2.3-4.7.C21mdk.x86_64.rpm
7dd951360a264bf5866d065a00d5238f x86_64/corporate/2.1/SRPMS/php-4.2.3-4.7.C21mdk.src.rpm

Original Advisory:
http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:028

Other References:
SA18431:
http://secunia.com/advisories/18431/

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

Today
New advisories: 4
New vulnerabilities: 5
Updated advisories: 8

Moderately // 25 views
phpAdultSite CMS SQL Injection And Cross-Site Scripting
Moderately // 31 views
Simple Machines Forum Password Reset Vulnerability
Moderately // 21 views
Gentoo update for courier-authlib
Less // 56 views
Linux Kernel "listxattr" Memory Corruption and CHRP Denial of Service

5th Sep, 2008
New advisories: 14
New vulnerabilities: 18
Updated advisories: 22

Less // 398 views
Netgear WN802T Wireless Access Point Two Vulnerabilities
Less // 313 views
Fedora update for xastir
Less // 396 views
XASTIR Insecure Temporary Files
Less // 331 views
Fedora update for samba
Less // 327 views
Fedora update for bitlbee
Less // 786 views
3Com Wireless 8760 Access Point HTTP Request Processing Denial of Service

Solutions | More...  

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. Linux Kernel "listxattr" Memory Corruption and CHRP Denial of Service // 49 views
2. VLC Media Player Multiple Vulnerabilities // 43 views
3. Trend Micro Products Web Management Authentication Bypass // 40 views
4. Adobe Flash Player Multiple Vulnerabilities // 39 views
5. Opera Multiple Vulnerabilities // 29 views
6. Apple QuickTime Multiple Vulnerabilities // 28 views
7. Microsoft Word Malformed Object Pointer Vulnerability // 27 views
8. Subdreamer Light Global Variables SQL Injection Vulnerability // 27 views
9. phpBB Avatar Script Insertion Vulnerability // 25 views
10. Microsoft Office Two Code Execution Vulnerabilities // 22 views



Contact | Terms & Conditions | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2008