From security@peachtree.burdell.org Thu Apr 21 17:35:28 2005 From: Peachtree Linux Security Team To: bugtraq@securityfocus.com Date: Thu, 21 Apr 2005 10:12:06 -0400 Subject: [PLSN-0001] - Multiple PHP vulnerabilities --------------------------------------------------------------------------- Peachtree Linux Security Notice PLSN-0001 April 19, 2005 Remote code execution and remote DoS vulnerability in PHP CAN-2005-0524, CAN-2005-0525, CAN-2005-1042, CAN-2005-1043 --------------------------------------------------------------------------- The following Peachtree Linux releases are affected: Peachtree Linux release 1 ("Atlanta") Description: CAN-2005-0524: The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value. CAN-2005-0525: The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length value to be passed to php_stream_seek. CAN-2005-1042: Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count. CAN-2005-1043: exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. Packages: Download the updated php package for your release of Peachtree Linux and your host architecture. The main updates site is: http://peachtree.burdell.org/updates/ Updated packages available for Peachtree Linux release 1 ("Atlanta"): alpha db11a244e5085bcee51714d001b56df3 php-4.3.11.alpha.dist i386 97720a9c42d89288945d8214e3e2336c php-4.3.11.i686.dist ppc f2237e37682a905c432cb81d724f8dd6 php-4.3.11.ppc.dist Solution: Download the appropriate package for your release of Peachtree Linux. Upgrade your system to the new package: distadd -u packagename Where packagename is the name of the package file from the list above. After installation of the new package, restart any services you have that are using PHP, such as Apache. -- Peachtree Linux Security Team http://peachtree.burdell.org/ [ Part 2, Application/PGP-SIGNATURE 196bytes. ] [ Unable to print this part. ]