Executive Summary
Summary | |
---|---|
Title | Fixed php4 packages for USN-99-1 |
Informations | |||
---|---|---|---|
Name | USN-99-2 | First vendor Publication | 2005-03-24 |
Vendor | Ubuntu | Last vendor Modification | 2005-03-24 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: libapache2-mod-php4 php4-cgi The problem can be corrected by upgrading the affected package to version 4:4.3.8-3ubuntu7.6. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: USN-99-1 fixed a safe mode bypass which allowed malicious PHP scripts to circumvent path restrictions by creating a specially crafted directory whose length exceeded the capacity of the realpath() function (CAN-2004-1064). However, this caused severe regressions, some applications like SquirrelMail and Gallery did not work any more, and the package 'php4-pear' was empty. The current version repairs this. In addition this update fixes a crash of the PHP interpreter if curl_init() was called with a non-string argument. Please note that this is not security relevant since this condition usually cannot be triggered externally. |
Original Source
Url : http://www.ubuntu.com/usn/USN-99-2 |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
12413 | PHP realpath() Truncation Arbitrary File Inclusion PHP contains a flaw that may allow an attacker to bypass security restrictions. The issue is due to PHP truncating the file path before passing it to the realpath function. This may allow an attacker to bypass safe mode restrictions. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-99-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-99-2.nasl - Type : ACT_GATHER_INFO |
2005-04-19 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-072.nasl - Type : ACT_GATHER_INFO |
2005-01-26 | Name : The remote host is missing a Mac OS X update that fixes a security issue. File : macosx_SecUpd2005-001.nasl - Type : ACT_GATHER_INFO |
2004-12-19 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200412-14.nasl - Type : ACT_GATHER_INFO |
2004-12-19 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-151.nasl - Type : ACT_GATHER_INFO |
2004-12-15 | Name : The remote web server uses a version of PHP that is potentially affected by m... File : php45_multiple_flaws.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:07:05 |
|
2013-05-11 12:26:23 |
|