漏洞信息详情
PHP file.c 安全绕过和信息泄露漏洞
- CNNVD编号:CNNVD-200604-121 <!--
- 危害等级: 低危-->
- 危害等级: 低危
- CVE编号: CVE-2006-1608
- 漏洞类型: 输入验证
- 发布时间: 2006-04-10
- 威胁类型: 本地
- 更新时间: 2006-04-10
- 厂 商: php
- 漏洞来源: Maksymilian Arciem...
-
漏洞简介
PHP 4.4.2和5.1.2中file.c中的copy函数允许本地用户借助于包含compress.zlib:// URI的源参数绕过安全模式并读取任意文件。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
S.u.S.E. Linux Professional 10.0
SuSE apache2-mod_php4-4.4.0-6.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/apache2-mod_php4 -4.4.0-6.10.i586.rpm
SuSE apache2-mod_php4-4.4.0-6.10.ppc.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/apache2-mod_php4- 4.4.0-6.10.ppc.rpm
SuSE apache2-mod_php4-4.4.0-6.10.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/apache2-mod_ph p4-4.4.0-6.10.x86_64.rpm
SuSE apache2-mod_php5-5.0.4-9.10.ppc.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/apache2-mod_php5- 5.0.4-9.10.ppc.rpm
SuSE apache2-mod_php5-5.0.4-9.10.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/apache2-mod_ph p5-5.0.4-9.10.x86_64.rpm
SuSE php4-32bit-4.4.0-6.10.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/php4-32bit-4.4 .0-6.10.x86_64.rpm
SuSE php4-4.4.0-6.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/php4-4.4.0-6.10. i586.rpm
SuSE php4-4.4.0-6.10.ppc.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/php4-4.4.0-6.10.p pc.rpm
SuSE php4-4.4.0-6.10.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/php4-4.4.0-6.1 0.x86_64.rpm
SuSE php4-exif-4.4.0-6.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/php4-exif-4.4.0- 6.10.i586.rpm
SuSE php4-exif-4.4.0-6.10.ppc.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/php4-exif-4.4.0-6 .10.ppc.rpm
SuSE php4-exif-4.4.0-6.10.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/php4-exif-4.4. 0-6.10.x86_64.rpm
SuSE php4-fastcgi-4.4.0-6.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/php4-fastcgi-4.4 .0-6.10.i586.rpm
SuSE php4-fastcgi-4.4.0-6.10.ppc.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/php4-fastcgi-4.4. 0-6.10.ppc.rpm
SuSE php4-fastcgi-4.4.0-6.10.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/php4-fastcgi-4 .4.0-6.10.x86_64.rpm
SuSE php4-mbstring-4.4.0-6.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/php4-mbstring-4. 4.0-6.10.i586.rpm
SuSE php4-mbstring-4.4.0-6.10.ppc.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/php4-mbstring-4.4 .0-6.10.ppc.rpm
SuSE php4-mbstring-4.4.0-6.10.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/php4-mbstring- 4.4.0-6.10.x86_64.rpm
SuSE php4-servlet-4.4.0-6.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/php4-servlet-4.4 .0-6.10.i586.rpm
SuSE php4-servlet-4.4.0-6.10.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/php4-servlet-4 .4.0-6.10.x86_64.rpm
SuSE php4-unixODBC-4.4.0-6.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/php4-unixODBC-4. 4.0-6.10.i586.rpm
SuSE php4-unixODBC-4.4.0-6.10.ppc.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/php4-unixODBC-4.4 .0-6.10.ppc.rpm
SuSE php4-unixODBC-4.4.0-6.10.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/php4-unixODBC- 4.4.0-6.10.x86_64.rpm
SuSE php5-5.0.4-9.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/php5-5.0.4-9.10. i586.rpm
SuSE php5-5.0.4-9.10.ppc.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/php5-5.0.4-9.10.p pc.rpm
SuSE php5-5.0.4-9.10.x86_64.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/php5-5.0.4-9.1 0.x86_64.rpm
SuSE php5-exif-5.0.4-9.10.i586.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/php5-exif-5.0.4- 9.10.i586.rpm
SuSE php5-exif-5.0.4-9.10.ppc.rpm
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/php5-exif-5.0.4-9
参考网址
来源: SREASONRES
名称: 20060408 copy() Safe Mode Bypass PHP 4.4.2 and 5.1.2
链接:http://securityreason.com/achievement_securityalert/37
来源: SECUNIA
名称: 19599
链接:http://secunia.com/advisories/19599
来源: XF
名称: php-copy-safemode-bypass(25706)
链接:http://xforce.iss.net/xforce/xfdb/25706
来源: UBUNTU
名称: USN-320-1
链接:http://www.ubuntu.com/usn/usn-320-1
来源: BID
名称: 17439
链接:http://www.securityfocus.com/bid/17439
来源: BUGTRAQ
名称: 20060723 Re: new shell bypass safe mode
链接:http://www.securityfocus.com/archive/1/archive/1/441210/100/0/threaded
来源: BUGTRAQ
名称: 20060718 new shell bypass safe mode
链接:http://www.securityfocus.com/archive/1/archive/1/440869/100/0/threaded
来源: BUGTRAQ
名称: 20060409 copy() Safe Mode Bypass PHP 4.4.2 and 5.1.2
链接:http://www.securityfocus.com/archive/1/archive/1/430461/100/0/threaded
来源: OSVDB
名称: 24487
链接:http://www.osvdb.org/24487
来源: MANDRIVA
名称: MDKSA-2006:074
链接:http://www.mandriva.com/security/advisories?name=MDKSA-2006:074
来源: VUPEN
名称: ADV-2006-1290
链接:http://www.frsirt.com/english/advisories/2006/1290
来源: us.php.net
链接:http://us.php.net/releases/5_1_3.php
来源: SECTRACK
名称: 1015882
链接:http://securitytracker.com/id?1015882
来源: SREASON
名称: 678
链接:http://securityreason.com/securityalert/678
来源: SECUNIA
名称: 21125
链接:http://secunia.com/advisories/21125
来源: SECUNIA
名称: 19775
链接:http://secunia.com/advisories/19775
来源: MANDRIVA
名称: MDKSA-2006:074
链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:074
受影响实体
- Php Php:4.0.4<!--2000-1-1-->
- Php Php:4.0.4:Patch1<!--2000-1-1-->
- Php Php:4.0.5<!--2000-1-1-->
- Php Php:4.0.6<!--2000-1-1-->
- Php Php:4.0.7<!--2000-1-1-->
补丁
暂无
还没有评论,来说两句吧...