Mandriva update for php - Secunia Advisories - Vulnerability Intelligence

Secunia Advisories

Advisories

Advisories by Product

Advisories by Vendor

Business Solutions Restricted

Partner Solutions Restricted

About

Mandriva update for php
Secunia Advisory:	SA24022	Advisory Toolbox: Issue ticket Save in to-do list Mark as handled Exploit information Download as PDF Review actions Add comment
Release Date:	2007-02-07
Popularity:	5,103 views

Critical:	Less critical
Impact:	DoS
Where:	From remote
Solution Status:	Vendor Patch

OS:	Mandriva Linux 2006 Mandriva Linux 2007.0

Subscribe:	Instant alerts on relevant vulnerabilities

CVE reference:	CVE-2006-6383 CVE-2007-0455

Description: Mandriva has issued an update for php. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to the use of a vulnerable version of the GD library. For more information: SA23916 This also fixes "safe_mode" and "open_basedir" bypass issues. Solution: Apply updated packages. Mandriva Linux 2006 f4975722488c515d7701f3f2475c45c1 2006.0/i586/libphp5_common5-5.0.4-9.18.20060mdk.i586.rpm df6d91c7fb6deadd6447c68d41a7a57f 2006.0/i586/php-cgi-5.0.4-9.18.20060mdk.i586.rpm 861b613a3caa594e9d18de2f66711c1c 2006.0/i586/php-cli-5.0.4-9.18.20060mdk.i586.rpm aa74ed178e6523b28d6f0ee1cfb2b9a6 2006.0/i586/php-devel-5.0.4-9.18.20060mdk.i586.rpm cdc33f50531e2815c3f39a2f12eca69d 2006.0/i586/php-fcgi-5.0.4-9.18.20060mdk.i586.rpm 0df45677da595137066ec38171463402 2006.0/i586/php-gd-5.0.4-2.1.20060mdk.i586.rpm 09416e0ce824f667f9f247950e3f6b87 2006.0/SRPMS/php-5.0.4-9.18.20060mdk.src.rpm 9caab8fb262742b7fdc8e2787db26e49 2006.0/SRPMS/php-gd-5.0.4-2.1.20060mdk.src.rpm Mandriva Linux 2006/X86_64 94d70f0d65bebd9b8b235ec523bef3c4 2006.0/x86_64/lib64php5_common5-5.0.4-9.18.20060mdk.x86_64.rpm 3e145f94684bd8aaae230b181a3bab18 2006.0/x86_64/php-cgi-5.0.4-9.18.20060mdk.x86_64.rpm 5a460212062d85cc35c52c6c42e3babc 2006.0/x86_64/php-cli-5.0.4-9.18.20060mdk.x86_64.rpm a31b6a63963f4486ee7839e449fb60ef 2006.0/x86_64/php-devel-5.0.4-9.18.20060mdk.x86_64.rpm 6c0ae39e3a6b8cb07a44271e5b128e2f 2006.0/x86_64/php-fcgi-5.0.4-9.18.20060mdk.x86_64.rpm 228bb108271c28550034b39b9f6cafee 2006.0/x86_64/php-gd-5.0.4-2.1.20060mdk.x86_64.rpm 09416e0ce824f667f9f247950e3f6b87 2006.0/SRPMS/php-5.0.4-9.18.20060mdk.src.rpm 9caab8fb262742b7fdc8e2787db26e49 2006.0/SRPMS/php-gd-5.0.4-2.1.20060mdk.src.rpm Mandriva Linux 2007 c8879f538ab9a93f1999c9dc8aa2f6c7 2007.0/i586/libphp5_common5-5.1.6-1.4mdv2007.0.i586.rpm e8c050d86574fb1d2a52a5b3ec85a255 2007.0/i586/php-cgi-5.1.6-1.4mdv2007.0.i586.rpm 92391d48bd18ab9e20e64039a4a9f2ff 2007.0/i586/php-cli-5.1.6-1.4mdv2007.0.i586.rpm d7b3ddc58da98113342434d45e04c3a8 2007.0/i586/php-devel-5.1.6-1.4mdv2007.0.i586.rpm a5dd9b692fbd9c41be42fa2d59539c1d 2007.0/i586/php-fcgi-5.1.6-1.4mdv2007.0.i586.rpm a2d2a3091d51ffc74793760ed31a1faa 2007.0/i586/php-gd-5.1.6-1.1mdv2007.0.i586.rpm 719976944ad1da508b9dd10eb1068e41 2007.0/SRPMS/php-5.1.6-1.4mdv2007.0.src.rpm af2f0370851c3d3729b89586d9eded8e 2007.0/SRPMS/php-gd-5.1.6-1.1mdv2007.0.src.rpm Mandriva Linux 2007/X86_64 5bf3650bbe564873a14ea8b6bf3ade06 2007.0/x86_64/lib64php5_common5-5.1.6-1.4mdv2007.0.x86_64.rpm 34ed4aa6be49dcb88f7bbc0a5c2e8690 2007.0/x86_64/php-cgi-5.1.6-1.4mdv2007.0.x86_64.rpm 608fc651103e04774dd99542ac9c24e3 2007.0/x86_64/php-cli-5.1.6-1.4mdv2007.0.x86_64.rpm ade70a35519251e33fece3b184a5e42c 2007.0/x86_64/php-devel-5.1.6-1.4mdv2007.0.x86_64.rpm 32a0cd75a40a80b04d4f62e7a5695cf6 2007.0/x86_64/php-fcgi-5.1.6-1.4mdv2007.0.x86_64.rpm b65ee3000cc55d6835bde68de1285708 2007.0/x86_64/php-gd-5.1.6-1.1mdv2007.0.x86_64.rpm 719976944ad1da508b9dd10eb1068e41 2007.0/SRPMS/php-5.1.6-1.4mdv2007.0.src.rpm af2f0370851c3d3729b89586d9eded8e 2007.0/SRPMS/php-gd-5.1.6-1.1mdv2007.0.src.rpm Original Advisory: http://www.mandriva.com/security/advisories?name=MDKSA-2007:038 Other References: SA23916: http://secunia.com/advisories/23916/

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released. Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

Today

New advisories:	6
New vulnerabilities:	18
Updated advisories:	9

Less // 87 views

CuteNews Cross-Site Scripting and PHP Code Execution Vulnerabilities

Highly // 98 views

XOOPS "mydirname" PHP Code Injection Vulnerability

Less // 161 views

Red Hat update for kernel

Less // 152 views

Ubuntu update for bind9

Less // 146 views

Ubuntu update for ntp

Less // 149 views

Red Hat update for bind

8th Jan, 2009

New advisories:	24
New vulnerabilities:	99
Updated advisories:	26

Moderately // 395 views

Drupal Project Module File Upload and Cross-Site Scripting

Less // 389 views

SmbFTPD Long Command Processing Vulnerability

Less // 424 views

Drupal Project Issue Tracking Module Multiple Vulnerabilities

Less // 377 views

PHP-Fusion Members CV Module "sortby" SQL Injection Vulnerability

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.