Gentoo Archives: gentoo-announce

From: Daniel Ahlberg <aliz@g.o>
To: gentoo-announce@g.o
Subject: GLSA: mod_php php (200306-02)
Date: Sun, 08 Jun 2003 19:58:47
Message-Id: 20030608174758.A43DD33701@mail1.tamperd.net
1 -----BEGIN PGP SIGNED MESSAGE-----
2 Hash: SHA1
3
4 - - - ---------------------------------------------------------------------
5 GENTOO LINUX SECURITY ANNOUNCEMENT 200306-02
6 - - - ---------------------------------------------------------------------
7
8 PACKAGE : mod_php php
9 SUMMARY : integer overflow
10 DATE : 2003-06-08 17:47 UTC
11 EXPLOIT : local
12 VERSIONS AFFECTED : <mod_php-4.3.2 <php-4.3.2
13 FIXED VERSION : >=mod_php-4.3.2 >=mod_php-4.3.2
14 CVE :
15
16 - - - ---------------------------------------------------------------------
17
18 - From advisories:
19
20 "In PHP emalloc() function implements the error safe wrapper around malloc().
21 Unfortunately this function suffers from an integer overflow and
22 considering the fact that emalloc() is used in many places around PHP
23 source code, it may lead to many serious security issues."
24
25 "The function str_repeat(string input, int multiplier) returns input
26 repeated multiplier times.
27
28 The implementation of this function suffers from a simple integer overflow
29 caused by a very long second argument and could allow a local/remote
30 attacker in the worst case to gain control over the web server."
31
32 "The function array_pad(array input, int pad_size, mixed pad_value) returns
33 a copy of the input padded to size specified by pad_size with pad_value.
34
35 Unfortunately the implementation of this function suffers from an integer
36 overflow caused by a very long second argument and could allow a local/remote
37 attacker in the worst case to gain control over the web server."
38
39 Read the full advisories at:
40 http://marc.theaimsgroup.com/?l=bugtraq&m=104860818613543&w=2
41 http://marc.theaimsgroup.com/?l=bugtraq&m=104931355406416&w=2
42 http://marc.theaimsgroup.com/?l=bugtraq&m=104931384806788&w=2
43
44 SOLUTION
45
46 It is recommended that all Gentoo Linux users who are running
47 dev-php/mod_php and/or dev-php/php upgrade
48 to mod_php-4.3.2 and/or php-4.3.2 as follows
49
50 emerge sync
51 emerge mod_php
52 and/or
53 emerge php
54 emerge clean
55
56 - - - ---------------------------------------------------------------------
57 aliz@g.o - GnuPG key is available at http://cvs.gentoo.org/~aliz
58 robbat2@g.o
59 - - - ---------------------------------------------------------------------
60 -----BEGIN PGP SIGNATURE-----
61 Version: GnuPG v1.2.2 (GNU/Linux)
62
63 iD8DBQE+43bNfT7nyhUpoZMRAhEcAKCBxIy4lbfBLaoc3CWX9ajm3EDlHACfZnrn
64 fjz8XYCFTqNuSS1wG/h+vL4=
65 =5bRE
66 -----END PGP SIGNATURE-----