Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2007-29
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 17 May 2007
 Last revised: 18 May 2007

 Package: php

 Summary: Multiple vulnerabilities in php

 More information:
    PHP is an HTML-embedded scripting language.

    Multiple vulnerabilities (Integer overflows, Double free, CRLF injection) exist in php.
    
 Impact:
    These vulnerabilities may allow remote attackers to execute arbitrary
    code or to cause a denial of service via a crafted data.

 Affected Products:
    - Turbolinux Appliance Server 2.0
    - Turbolinux 10 Server x64 Edition
    - Turbolinux Appliance Server 1.0 Hosting Edition
    - Turbolinux Appliance Server 1.0 Workgroup Edition
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux Multimedia
    - Turbolinux Personal
    - Turbolinux 8 Server


 <Turbolinux Appliance Server 2.0>

   Source Packages
   Size: MD5

   php4-4.3.11-13.src.rpm
     12528945 ae909f92694249ffc4dcf6f75f404b48

   Binary Packages
   Size: MD5

   php4-4.3.11-13.i586.rpm
      5366643 f18f1da53a374fdda9c181f0b1681410
   php4-gd-4.3.11-13.i586.rpm
        49860 23d208e8daf522bd06af48bc8eb083c6
   php4-imap-4.3.11-13.i586.rpm
        13225 cf3edac0e4fb4117c16e93b7c70990f0
   php4-ldap-4.3.11-13.i586.rpm
        36597 1d63b5472b5acac288d061a477de7cc6
   php4-manual-4.3.11-13.i586.rpm
      7504804 a8655d6d46b8fdbd914461d7bd630e41
   php4-ming-4.3.11-13.i586.rpm
        48005 5ee960c545e73ac885149bbc41cf6abd
   php4-mysql-4.3.11-13.i586.rpm
       123957 5d393328e4576a464461462d318d1594
   php4-pgsql-4.3.11-13.i586.rpm
        73171 d44831cb9de9026fd5e4368665b9efad

 <Turbolinux 10 Server x64 Edition>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/php4-4.3.9-17.src.rpm
     12375088 759068322c3571fbf74a36575c45c2d2

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-4.3.9-17.x86_64.rpm
      5477131 9b833ad344272539ca63705f41602c6c
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-debug-4.3.9-17.x86_64.rpm
      6583195 19ea7b98da9f2739ad45660365f96d57
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-gd-4.3.9-17.x86_64.rpm
        53832 917071d829e1ad5052b9844d16b7efef
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-imap-4.3.9-17.x86_64.rpm
        11721 4347e32510f316e3b0aa3c7917728a8e
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-ldap-4.3.9-17.x86_64.rpm
        39572 fcbd6fb2c2dcb5455f81fe26ed5aede8
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-manual-4.3.9-17.x86_64.rpm
      7502935 9e214248458a89439903d4e7d0be7462
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-ming-4.3.9-17.x86_64.rpm
        51685 a7fa3e5db8be87525f30f81bfa6f659f
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-mysql-4.3.9-17.x86_64.rpm
       134959 fe81cf6de6c43fce12578bce70dc2df6
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/php4-pgsql-4.3.9-17.x86_64.rpm
        76599 42249c7262ed6c75751acc6ee12fa592

 <Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size: MD5

   php-4.2.3-38.src.rpm
      3616310 96bbe0aa0fe1a666b7c470b45fe66fae

   Binary Packages
   Size: MD5

   php-4.2.3-38.i586.rpm
      1634856 cc6c961af2421912a7c7073882c12844
   php-gd-4.2.3-38.i586.rpm
        32594 b8418cde5613edb64c426d6ea61821b5
   php-imap-4.2.3-38.i586.rpm
        10414 5c49021377ddd93eb6355b7f8c87ba9c
   php-ldap-4.2.3-38.i586.rpm
        25847 02a18cd8ca3c50f640540c8f05c6265c
   php-manual-4.2.3-38.i586.rpm
       342919 b6be87034532354a2cf2ad79b3652547
   php-ming-4.2.3-38.i586.rpm
        34484 298e442114093b563a77649c61c578f2
   php-mysql-4.2.3-38.i586.rpm
        92057 642a8000006b43fddbf99ab509ce88bc
   php-pgsql-4.2.3-38.i586.rpm
        36679 dbbd8fc2d887bfac61ed817d775e6151

 <Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size: MD5

   php-4.2.3-38.src.rpm
      3616310 7e4943f6e0aaf52f9d16ba260af38ffa

   Binary Packages
   Size: MD5

   php-4.2.3-38.i586.rpm
      1635222 27942a654634fa1afac466cc2481abbd
   php-gd-4.2.3-38.i586.rpm
        32731 a8b3fbfa72e108f653dc507293690a23
   php-imap-4.2.3-38.i586.rpm
        10556 b499e055278eabd290807b91a6d0a898
   php-ldap-4.2.3-38.i586.rpm
        26007 8931c1d1f38eb6fade3232396c97fa44
   php-manual-4.2.3-38.i586.rpm
       343092 75c9856d46015f0e80b18fe85fa7765d
   php-ming-4.2.3-38.i586.rpm
        34611 53fc968b05cd38582d12bd06bae0c190
   php-mysql-4.2.3-38.i586.rpm
        92192 8d9777de836836c071b70a29165c95cd
   php-pgsql-4.2.3-38.i586.rpm
        36844 c5f409802e6daf0b23e6fb5bf5532ed2

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/php4-4.3.11-13.src.rpm
     12528945 ae909f92694249ffc4dcf6f75f404b48

   Binary Packages
   Size: MD5

   php4-4.3.11-13.i586.rpm
      5366643 f18f1da53a374fdda9c181f0b1681410
   php4-debug-4.3.11-13.i586.rpm
      6453300 7035a715e76c697c2dc98b7907fc446d
   php4-gd-4.3.11-13.i586.rpm
        49860 23d208e8daf522bd06af48bc8eb083c6
   php4-imap-4.3.11-13.i586.rpm
        13225 cf3edac0e4fb4117c16e93b7c70990f0
   php4-ldap-4.3.11-13.i586.rpm
        36597 1d63b5472b5acac288d061a477de7cc6
   php4-manual-4.3.11-13.i586.rpm
      7504804 a8655d6d46b8fdbd914461d7bd630e41
   php4-ming-4.3.11-13.i586.rpm
        48005 5ee960c545e73ac885149bbc41cf6abd
   php4-mysql-4.3.11-13.i586.rpm
       123957 5d393328e4576a464461462d318d1594
   php4-pgsql-4.3.11-13.i586.rpm
        73171 d44831cb9de9026fd5e4368665b9efad

 <Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/php4-4.3.3-23.src.rpm
      4203158 2262da0279620a6bb1ed64cef72e283e

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-4.3.3-23.i586.rpm
      3410158 98479e15d023eedfb294d435c915a3eb
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-gd-4.3.3-23.i586.rpm
        33458 98be1a503b594eb6f7bd8c5c4654aa3b
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-imap-4.3.3-23.i586.rpm
        10851 b2c88251e0f8a8f90fe75324d5a3448b
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-ldap-4.3.3-23.i586.rpm
        25230 63d96d99e0f4682b89cc1ba26d36d036
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-manual-4.3.3-23.i586.rpm
       343337 08e51dbd128ee6dbdd843963609323dd
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-ming-4.3.3-23.i586.rpm
        31743 33cb7e727358c0dd64f82f79b3e9163f
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-mysql-4.3.3-23.i586.rpm
        82751 28a48bc48c56dc4b6902c86c8a282b66
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/php4-pgsql-4.3.3-23.i586.rpm
        49267 ca3128c6e089628fa7df549f96de69e6

 <Turbolinux 8 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/php-4.2.3-38.src.rpm
      3616310 c219e2ef4024cd6bf8e5811be4db045f

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-4.2.3-38.i586.rpm
      1635116 630841574c7a610b4f08d609cee8223b
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-gd-4.2.3-38.i586.rpm
        32629 04d11ea71043f76e5f72dcc6ea5985c0
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-imap-4.2.3-38.i586.rpm
        10510 e5af06d905353155979a585867546bb2
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-ldap-4.2.3-38.i586.rpm
        25928 64a01e5cd5332cff20228300e30e2c60
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-manual-4.2.3-38.i586.rpm
       343018 71313599a55b4c07a5d14fc79b94ceab
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-ming-4.2.3-38.i586.rpm
        34527 4c3dcd4db790dada50fac446da30d809
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-mysql-4.2.3-38.i586.rpm
        92101 cfbe8b5ec3e7815c2f9925a05820c861
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/php-pgsql-4.2.3-38.i586.rpm
        36755 0f0204fe7b75331c044fccc142e22eef

 
 References:

 CVE
   [CVE-2007-1001]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001
   [CVE-2007-1285]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1285
   [CVE-2007-1286]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1286
   [CVE-2007-1583]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1583
   [CVE-2007-1711]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1711
   [CVE-2007-1718]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1718

 --------------------------------------------------------------------------
 Revision History
    17 May 2007 Initial release
    18 May 2007 Typo php-4.2.3-37 -> php-4.2.3-38
 --------------------------------------------------------------------------

 Copyright(C) 2007 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFGTR97K0LzjOqIJMwRAkExAJ43aFn7eFt+fqzjfzCPTCAIpMn8kQCfXkKW
RDpEm69LtyuE+xYMb6RLEDc=
=8hNM
-----END PGP SIGNATURE-----




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.