Secunia - Stay Secure
Gartner
Home Corporate Website Jobs Updated Mailing Lists RSS Blog  Online Shop Advertise
Software Inspectors
  Scan Online
  Personal (PSI)
  Network (NSI 2.0)

Solutions For
  Security Professionals
  Security Vendors

Free Solutions For
  Open Communities
  Journalists & Media

Secunia Advisories
  Search
  Historic Advisories
  Listed By Product
  Listed By Vendor
  Statistics / Graphs
  Secunia Research
  Report Vulnerability
  About Advisories

Virus Information
  Chronological List
  Last 10 Virus Alerts
  About Virus Information

Secunia Customers
  Customer Area


Debian update for suphp Advisory Available in German 

Secunia Advisory: SA29872  
Release Date: 2008-04-18

Critical:
Less critical
Impact: Privilege escalation
Where: Local system
Solution Status: Vendor Patch

OS:Debian GNU/Linux 4.0
Debian GNU/Linux unstable alias sid


CVE reference:CVE-2008-1614 (Secunia mirror)
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS!


Description:
Debian has issued an update for suphp. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.

For more information:
SA29615

Solution:
Apply updated packages.

-- Debian 4.0 (stable) --

Source archives:

http://security.debian.org/pool/updates/main/s/suphp/suphp_0.6.2-1+etch0.diff.gz
Size/MD5 checksum: 84478 1a1eede94aac39e7e7a2b6113c1ecc92
http://security.debian.org/pool/updates/main/s/suphp/suphp_0.6.2.orig.tar.gz
Size/MD5 checksum: 372241 3ee72ad0198587b533045add6681c884
http://security.debian.org/pool/updates/main/s/suphp/suphp_0.6.2-1+etch0.dsc
Size/MD5 checksum: 790 3aa0720205a32221eb52a981ddcdfd89

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updat...che-mod-suphp_0.6.2-1+etch0_alpha.deb
Size/MD5 checksum: 15648 b8fadf36126f8f6a33630370260e277f
http://security.debian.org/pool/updat.../suphp-common_0.6.2-1+etch0_alpha.deb
Size/MD5 checksum: 93420 cffd9423e55b7f4b4ddc332b7f039045
http://security.debian.org/pool/updat...he2-mod-suphp_0.6.2-1+etch0_alpha.deb
Size/MD5 checksum: 17640 3dadfc97bba8c09fc415fd36f08e0d80

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updat...che-mod-suphp_0.6.2-1+etch0_amd64.deb
Size/MD5 checksum: 15330 4d08416e7e914acdb6f26249de4d8aa6
http://security.debian.org/pool/updat.../suphp-common_0.6.2-1+etch0_amd64.deb
Size/MD5 checksum: 83372 67e1aaacf2ab9fe93f3869465e0825c6
http://security.debian.org/pool/updat...he2-mod-suphp_0.6.2-1+etch0_amd64.deb
Size/MD5 checksum: 17214 580934d3a0ef003d62fe2baf2f0a58d8

arm architecture (ARM)

http://security.debian.org/pool/updat...hp/suphp-common_0.6.2-1+etch0_arm.deb
Size/MD5 checksum: 93974 4e5d85f6c81e3c838af9d394bb967d32
http://security.debian.org/pool/updat...ache2-mod-suphp_0.6.2-1+etch0_arm.deb
Size/MD5 checksum: 16518 c59d80322cd3eb62b8e39623a20a665c
http://security.debian.org/pool/updat...pache-mod-suphp_0.6.2-1+etch0_arm.deb
Size/MD5 checksum: 14792 dbe97d39a6bfa069b1704c11d7230cf7

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updat...p/suphp-common_0.6.2-1+etch0_hppa.deb
Size/MD5 checksum: 92534 f0e9f893e92cc4ee3540096d1b719c22
http://security.debian.org/pool/updat...ache-mod-suphp_0.6.2-1+etch0_hppa.deb
Size/MD5 checksum: 15940 79b30f1a14baf9feb9290513b16d079f
http://security.debian.org/pool/updat...che2-mod-suphp_0.6.2-1+etch0_hppa.deb
Size/MD5 checksum: 18070 b46a68761c0bafbc5b4e05d5500ded75

i386 architecture (Intel ia32)

http://security.debian.org/pool/updat...che2-mod-suphp_0.6.2-1+etch0_i386.deb
Size/MD5 checksum: 16834 7f11e90a62d921b5db283f3ade65d726
http://security.debian.org/pool/updat...ache-mod-suphp_0.6.2-1+etch0_i386.deb
Size/MD5 checksum: 15130 7728dd5ffa43ec81d94113b0511fa92b
http://security.debian.org/pool/updat...p/suphp-common_0.6.2-1+etch0_i386.deb
Size/MD5 checksum: 82364 8c7696c278a9c9693ed3c46be3c087c3

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updat...che2-mod-suphp_0.6.2-1+etch0_ia64.deb
Size/MD5 checksum: 19814 5aa2a4f35444853a9aed5e428ac707b7
http://security.debian.org/pool/updat...ache-mod-suphp_0.6.2-1+etch0_ia64.deb
Size/MD5 checksum: 17088 30455e4e07ccaea8f3fa246aaa4322eb
http://security.debian.org/pool/updat...p/suphp-common_0.6.2-1+etch0_ia64.deb
Size/MD5 checksum: 104372 84cd23d6177fb776f3b7816745c79532

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updat...p/suphp-common_0.6.2-1+etch0_mips.deb
Size/MD5 checksum: 79722 c6045f7f612218f2e3a31ef35d1bde66
http://security.debian.org/pool/updat...ache-mod-suphp_0.6.2-1+etch0_mips.deb
Size/MD5 checksum: 15060 dd6841e4b5f1d8d8ae8bf187808f6bf4
http://security.debian.org/pool/updat...che2-mod-suphp_0.6.2-1+etch0_mips.deb
Size/MD5 checksum: 16974 5a1c0ade8c20b703cdb654b84e6d4a2f

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updat...suphp-common_0.6.2-1+etch0_mipsel.deb
Size/MD5 checksum: 79196 b93468fa514e31688cd5bad1ea31879d
http://security.debian.org/pool/updat...e2-mod-suphp_0.6.2-1+etch0_mipsel.deb
Size/MD5 checksum: 16954 57f4652573880cc60e023a99a7c0cd7b
http://security.debian.org/pool/updat...he-mod-suphp_0.6.2-1+etch0_mipsel.deb
Size/MD5 checksum: 15056 6b0578906d3431a71fdd95b29a8208ca

powerpc architecture (PowerPC)

http://security.debian.org/pool/updat...e-mod-suphp_0.6.2-1+etch0_powerpc.deb
Size/MD5 checksum: 16586 f31ba2b8492ab15a36d04c57f124ba27
http://security.debian.org/pool/updat...2-mod-suphp_0.6.2-1+etch0_powerpc.deb
Size/MD5 checksum: 18462 5b6fa3933397f8156036e8cd05a2f23d
http://security.debian.org/pool/updat...uphp-common_0.6.2-1+etch0_powerpc.deb
Size/MD5 checksum: 80246 5947075d36dbbc22331745f24c2e22f4

s390 architecture (IBM S/390)

http://security.debian.org/pool/updat...p/suphp-common_0.6.2-1+etch0_s390.deb
Size/MD5 checksum: 72420 e12e97657ccd10331027e9f7276b4767
http://security.debian.org/pool/updat...ache-mod-suphp_0.6.2-1+etch0_s390.deb
Size/MD5 checksum: 15634 f62b4b178ee5b09476fdfc7ea19a02b2
http://security.debian.org/pool/updat...che2-mod-suphp_0.6.2-1+etch0_s390.deb
Size/MD5 checksum: 17578 a686adaadafa18f74d18b19434236cc5


-- Debian GNU/Linux unstable alias sid --

The vulnerabilities will reportedly be fixed soon.

Original Advisory:
http://www.us.debian.org/security/2008/dsa-1550

Other References:
SA29615:
http://secunia.com/advisories/29615/


Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

1204 Related Secunia Security Advisories, displaying 10

1. Debian update for clamav
2. Debian update for xulrunner
3. Debian update for ruby1.8
4. Debian update for iceweasel
5. Debian update for libgd2
6. Debian update for afuse
7. Debian update for gaim
8. Debian update for lighttpd
9. Debian update for iceweasel
10. Debian update for mysql-dfsg-5.0

Show all related advisories


Send Feedback to Secunia

If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.








Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Do you think it's important to read Setup/User Guides for applications for use within your network?


See Results   


Most Popular Advisories

1.
Linux Kernel LDT Buffer Size Handling Vulnerability
2.
OpenBSD BIND Query Port DNS Cache Poisoning
3.
Red Hat update for thunderbird
4.
Drupal Session Fixation Vulnerability
5.
Apple Safari Cross-Domain Cookie Injection Vulnerability
6.
IPCop update for perl
7.
Slackware update for dnsmasq
8.
Red Hat update for kernel
9.
Debian update for iceweasel
10.
Debian update for xulrunner





Vulnerability Management - Terms & Conditions - Copyright 2002-2008 Secunia - Compliance - Contact Secunia