GLSA-200410-04 : PHP: Memory disclosure and arbitrary location file upload

NASLDB: GLSA-200410-04 : PHP: Memory disclosure and arbitrary location file upload

General

ID: 15429
Name: GLSA-200410-04 : PHP: Memory disclosure and arbitrary location file upload

Summary: Checks for updated package(s) in /var/db/pkg

Credits: –

Classification

Risk: –

CVSS: –
CVSS Base Vector: –
CVSS Temporal Vector: –

Port: 0
Family: Gentoo Local Security Checks
Type: Local

Description

The remote host is affected by the vulnerability described in GLSA-200410-04
(PHP: Memory disclosure and arbitrary location file upload)

Stefano Di Paola discovered two bugs in PHP. The first is a parse error in
php_variables.c that could allow a remote attacker to view the contents of
the target machine’s memory. Additionally, an array processing error in the
SAPI_POST_HANDLER_FUNC() function inside rfc1867.c could lead to the
$_FILES array being overwritten.

Impact :

A remote attacker could exploit the first vulnerability to view memory
contents. On a server with a script that provides file uploads, an attacker
could exploit the second vulnerability to upload files to an arbitrary
location. On systems where the HTTP server is allowed to write in a
HTTP-accessible location, this could lead to remote execution of arbitrary
commands with the rights of the HTTP server.

Workaround :

There is no known workaround at this time.

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: –
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: 2004/09/15
Patch Release: 2004/10/06
Plugin Release: 2004/10/06

Plugin

Version: 1.10
Filename: gentoo_GLSA-200410-04.nasl
Filesize: 4549 bytes
MD5 Hash: 920e262468841c8b7be52b1fe18cc2e1

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list
Dependencies: "ssh_get_info.nasl"

Letzte Plugins

Letzte Plugins

scip AG