OpenPKG Security Advisory
OpenPKG-SA-2003.010
Publisher Name: OpenPKG GmbH Publisher Home: http://openpkg.com/ Advisory Id (public): OpenPKG-SA-2003.010 Advisory Type: OpenPKG Security Advisory (SA) Advisory Directory: http://openpkg.com/go/OpenPKG-SA Advisory Document: http://openpkg.com/go/OpenPKG-SA-2003.010 Advisory Published: 2010-09-03 23:48 UTC Issue Id (internal): OpenPKG-SI-20030218.02 Issue First Created: 2003-02-18 Issue Last Modified: 2006-11-29 Issue Revision: 07
Subject Name: PHP Subject Summary: Personal HomePage (PHP) Subject Home: http://www.php.net/ Subject Versions: * <= 4.3.0 Vulnerability Id: none Vulnerability Scope: global (not OpenPKG specific) Attack Feasibility: run-time Attack Vector: remote network Attack Impact: exposure of sensitive information, arbitrary code execution Description: Kosmas Skiadopoulos discovered a serious security vulnerability [0] in the CGI SAPI of PHP version 4.3.0. PHP [1] contains code for preventing direct access to the CGI binary with configure option "--enable-force-cgi-redirect" and php.ini option "cgi.force_redirect". In PHP 4.3.0 there is a bug which renders these options useless. Please note that this bug does NOT affect any of the other SAPI modules such as the Apache or ISAPI modules. Anyone with access to websites hosted on a web server which employs the CGI module may exploit this vulnerability to gain access to any file readable by the user under which the webserver runs. A remote attacker could also trick PHP into executing arbitrary PHP code if attacker is able to inject the code into files accessible by the CGI. This could be for example the web server access-logs. References: [0] http://www.php.net/release_4_3_1.php [1] http://www.php.net/ [2] http://www.openpkg.org/tutorial.html#regular-source [3] http://www.openpkg.org/tutorial.html#regular-binary [4] ftp://ftp.openpkg.org/release/1.2/UPD/php-4.3.0-1.2.1.src.rpm [5] ftp://ftp.openpkg.org/release/1.2/UPD/apache-1.3.27-1.2.1.src.rpm [6] ftp://ftp.openpkg.org/release/1.2/UPD/ [7] http://www.openpkg.org/security.html#signature
Primary Package Name: php Primary Package Home: http://openpkg.org/go/package/php Affected Distribution: Affected Branch: Affected Package: OpenPKG Community 1.1-SOLID n/a OpenPKG Community 1.1-SOLID n/a OpenPKG Community 1.2-SOLID apache-1.3.27-1.2.0 OpenPKG Community 1.2-SOLID php-4.3.0-1.2.0 OpenPKG Community CURRENT apache-1.3.27-20030212 OpenPKG Community CURRENT php-4.3.0-20030115 Corrected Distribution: Corrected Branch: Corrected Package: OpenPKG Community 1.1-SOLID n/a OpenPKG Community 1.1-SOLID n/a OpenPKG Community 1.2-SOLID apache-1.3.27-1.2.1 OpenPKG Community 1.2-SOLID php-4.3.0-1.2.1 OpenPKG Community CURRENT apache-1.3.27-20030218 OpenPKG Community CURRENT php-4.3.1-20030218
