Signup / Login	Home  ·  Web Links  ·  Reviews  ·  Your Account  ·  Submit News  ·  Top List  ·

Main Menu · Home · Reviews · Meeting Info · Mailing List Archive · FAQ · Topics · Web Links · Get Linux! · Special Offers/Discounts · Our Sponsors · Linux@Home · Linux@Business · Linux@School  Please support:  A proud member of:

Vulnerability in PHP versions 4.2.0 and 4.2.1 Posted by admin on Monday, July 22, 2002 - 09:00 PM admin writes "The PHP Group has learned of a serious security vulnerability in PHP versions 4.2.0 and 4.2.1. An intruder may be able to execute arbitrary code with the privileges of the web server. This vulnerability may be exploited to compromise the web server and, under certain conditions, to gain privileged access. PHP contains code for intelligently parsing the headers of HTTP POST requests. The code is used to differentiate between variables and files sent by the user agent in a "multipart/form-data" request. This parser has insufficient input checking, leading to the vulnerability. The vulnerability is exploitable by anyone who can send HTTP POST requests to an affected web server. Both local and remote users, even from behind firewalls, may be able to gain privileged access. * Impact * Both local and remote users may exploit this vulnerability to compromise the web server and, under certain conditions, to gain privileged access. So far only the IA32 platform has been verified to be safe from the execution of arbitrary code. The vulnerability can still be used on IA32 to crash PHP and, in most cases, the web server. * Solution * The PHP Group has released a new PHP version, 4.2.2, which incorporates a fix for the vulnerability. All users of affected PHP versions are encouraged to upgrade to this latest version. The downloads web site at http://www.uk2.php.net/downloads.php has the new 4.2.2 source tarballs, Windows binaries and source patches from 4.2.0 and 4.2.1 available for download. * Workaround * If the PHP applications on an affected web server do not rely on HTTP POST input from user agents, it is often possible to deny POST requests on the web server. In the Apache web server, for example, this is possible with the following code included in the main configuration file or a top-level .htaccess file: <Limit POST> Order deny,allow Deny from all </Limit> Note that an existing configuration and/or .htaccess file may have parameters contradicting the example given above. * Credits * The PHP Group would like to thank Stefan Esser of e-matters GmbH for discovering this vulnerability. e-matters GmbH has also released an independent advisory, describing the vulnerability in more detail. If you wish to download the latest PHP, please use the UK mirror at http://uk2.php.net." Note: If you wish to download the latest PHP, please use the UK mirror at http://uk2.php.net.    Related links · More about PHP Scripting Language · News by admin Most read story in PHP Scripting Language: Vulnerability in PHP versions 4.2.0 and 4.2.1 Vulnerability in PHP versions 4.2.0 and 4.2.1 | Login/Create an account | 0 Comments Threshold -1 0 1 2 3 4 5 No comments Nested Flat Thread Oldest first Newest first Highest scores first Comments are owned by the poster. We aren't responsible for their content.

Home  ·  Web Links  ·  Reviews  ·  Your Account  ·  Submit News  ·  Top List  ·

All logos and trademarks in this site are property of their respective owner. The comments are property of their posters. Site and most content created and maintained by David Johnson. Theme by Dezina.com.