---

tinysofa Enterprise Server Advisory: php


tinysofa Security Advisory #2004-013

Package name: php
Summary: Multiple Security Fixes
Advisory ID: TSSA-2004-013
Date: 2004-07-14
Affected versions: tinysofa enterprise server 1.0 tinysofa
enterprise server 2.0-pre[1-3]


Security Fixes

Description

php:

  • PHP [0] is a widely-used general-purpose scripting language
    that is especially suited for Web development and can be embedded
    into HTML.

[Issue #1]
During a reaudit of the memory_limit problem it was discovered that
it is possible for a remote attacker to trigger the memory_limit
request termination in places where an interruption is unsafe. This
can be abused to execute arbitrary code on remote PHP servers.

This problem has been assigned the name CAN-2004-0594 [1] by the
Common Vulnerabilities and Exposures (CVE) project, and was first
reported by Stefan Esser [2] of e-matters GmbH.

[Issue #2]
During an audit of the PHP source code a binary safety problem in
the handling of allowed tags within PHP’s strip_tags() function was
discovered. This problem may allow injection of malicious
Javascript in the Internet Explorer and Safari browsers.

This problem has been assigned the name CAN-2004-0595 [3] by the
Common Vulnerabilities and Exposures (CVE) project, and was first
reported by Stefan Esser [4] of e-matters GmbH.

References

[0] http://www.php.org/
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCAN-2004-0594

[2] http://security.e-matters.de/advisories/112004.html

[3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCAN-2004-0595

[4] http://security.e-matters.de/advisories/122004.html

Recommended Action

We recommend that all systems with these packages installed be
upgraded. Please note that if you do not need the functionality
provided by this package, you may want to remove it from your
system.

Location

All tinysofa updates are available from
<URI:http://http.tinysofa.org/pub/tinysofa/updates/>

<URI:ftp://ftp.tinysofa.org/pub/tinysofa/updates/>

Automatic Updates

Users of the SWUP tool can enjoy having updates automatically
installed using ‘swup –upgrade’.

Users of the APT tool may use the ‘apt-get update’ command,
followed by an ‘apt-get upgrade’ command.

Questions?

Check out our mailing lists:
<URI:http://www.tinysofa.org/support/>

Verification

This advisory issigned with the tinysofa security sign key.
This key is available from:
<URI:http://pgp.mit.edu:11371/pks/lookup?op=3Dget&search=3D0xAEDCBB4B>

All tinysofa packages are signed with the tinysofa stable sign
key.
This key is available from:
<URI:http://pgp.mit.edu:11371/pks/lookup?op=3Dget&search=3D0x0F1240A2>

The advisory is available from the tinysofa errata database
at
<URI:http://www.tinysofa.org/support/errata/>

or directly at
<URI:http://www.tinysofa.org/support/errata/2004/013.html>

MD5sums Of The Packages

[server-1.0]

e1ffce3acc558c7e5269fd637b38d085 mod_php4-4.3.8-1ts.i586.rpm
c02a8166b6d89269fa2c8d02589b3690
mod_php4-cli-4.3.8-1ts.i586.rpm
909156cf09c5489c7e0042d5c21d0bf7
mod_php4-devel-4.3.8-1ts.i586.rpm
e7c08ddfb7137d7aeb30290f24675d50
mod_php4-domxml-4.3.8-1ts.i586.rpm
ee1c25883b22f549b6a8e0996d3be18c
mod_php4-exif-4.3.8-1ts.i586.rpm
2c5e9012c4d9868f041049269009485c mod_php4-gd-4.3.8-1ts.i586.rpm
348a60d1b953c62eadfb7d866697f18e
mod_php4-imap-4.3.8-1ts.i586.rpm
6e950a881ec0e15f6ceedf0250cbc820
mod_php4-ldap-4.3.8-1ts.i586.rpm
89ce47c168e4de0be68ad1b59ce6df33
mod_php4-mysql-4.3.8-1ts.i586.rpm
e982347926de5e427af28a97b6659a72
mod_php4-pgsql-4.3.8-1ts.i586.rpm
69f18f4ee8639f422c02e3db0c77796b
mod_php4-sysv-4.3.8-1ts.i586.rpm
6484043213a52fe8dd26ef0ab9868ade
mod_php4-test-4.3.8-1ts.i586.rpm

[server-2.0]

26f4138ba3d6b5f4f23290be8643a6df php-4.3.8-1ts.i386.rpm
a6e96cda8777dac2a1f536ece6cf0c85 php-devel-4.3.8-1ts.i386.rpm
10859240ea4aae5b79317d0eb4db6d2e php-domxml-4.3.8-1ts.i386.rpm
853644f7e40e3b71b2ed2f78c591d653 php-gd-4.3.8-1ts.i386.rpm
7e54e37375696909678e10c152b459e2 php-imap-4.3.8-1ts.i386.rpm
ac80ece11dfea8e9cae08d8cbf6c4fb6 php-ldap-4.3.8-1ts.i386.rpm
aee6a93771032b191d7e9369db6d45cd
php-mbstring-4.3.8-1ts.i386.rpm
f7d361ea347b3d2e8b1723ec8e051614 php-mssql-4.3.8-1ts.i386.rpm
ad23fa72f9ca067b7e033e782c4913cb php-mysql-4.3.8-1ts.i386.rpm
70afbec8a0969160f22dd5847f54f2dc php-ncurses-4.3.8-1ts.i386.rpm
4ab163aa1df09619936f8a8930b7973c php-odbc-4.3.8-1ts.i386.rpm
a6196a1d96643ae90b00e0c27255dbbf php-openssl-4.3.8-1ts.i386.rpm
a88dab2943a986b0b44683ff8bb15750 php-pear-4.3.8-1ts.i386.rpm
78c60456204e51183cb58511861a0268 php-pgsql-4.3.8-1ts.i386.rpm
f5d1edd1859eba41fe9bd735b8fee856 php-snmp-4.3.8-1ts.i386.rpm
1a0a1039daa8b21d28bc398c8167ed59 php-xmlrpc-4.3.8-1ts.i386.rpm


tinysofa Security Team <security at tinysofa dot org>

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis