--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2002-12
http://www/turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------
Php
Capture of the buffer overflow to the root authority
Release date : 2002-03-01
Object package : php-4.1.2-1
php-3.0.18-9jaJP
Problem
Unauthorized user can make optional execute command by using the file upload function of the PHP.
There is a possibility of capturing root authority.
Solution:
Please verify version and execute the command below.
Please update from php-4.1.2-1 and php-3.0.18-9jacJp version before.
# rpm -qa | grep php
When problem corresponds, please download the update package. Do the update by the using the command below.
Furthermore, please execute the package number which corresponds to your version number. Without starting a new paragraph, please enter the "\ " Bunchu sign.
# rpm -Fvh Package-1.0.0-1.i586.rpm \
Package-doc-1.0.0-1.i586.rpm \
Package-devel-1.0.0-1.i586.rpm
In the case where rpm command is executed, please enter as follows on the command line.
# rpm -Fvh package-1.0.0-1.i586.rpm package-doc-1.0.0-1.i586.rpm package-devel-1.0.0-1.i586.rpm
< Turbolinux 7 Server >
< Turbolinux 7 Workstation >
# rpm -Fvh php-4.1.2-1.i586.rpm \
php-imap-4.1.2-1.i586.rpm \
php-ldap-4.1.2-1.i586.rpm \
php-manual-4.1.2-1.i586.rpm \
php-mysql-4.1.2-1.i586.rpm \
php-pgsql-4.1.2-1.i586.rpm
< Turbolinux Server 6.5 >
< Turbolinux Advanced Server 6 >
< Turbolinux Server 6.1 >
# rpm -Fvh php-3.0.18-9jaJP.i386.rpm \
php-imap-3.0.18-9jaJP.i386.rpm \
php-ldap-3.0.18-9jaJP.i386.rpm \
php-manual-3.0.18-9jaJP.i386.rpm \
php-mysql-3.0.18-9jaJP.i386.rpm \
php-pgsql-3.0.18-9jaJP.i386.rpm \
cyrus-sasl-1.5.24-15.i386.rpm \
cyrus-sasl-devel-1.5.24-15.i386.rpm
* Through the note PHP, when the MycSql, the openldap and the postgresql are used, it may be necessary to execute an update.
Package updates:
http://www.turbolinux.co.jp/update/