RHEL 4 : php (RHSA-2005:032)

This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated php packages that fix various security issues are now
available for Red Hat Enterprise Linux 4.

This update has been rated as having important security impact by the
Red Hat Security Response Team.

PHP is an HTML-embedded scripting language commonly used with the
Apache HTTP Web server.

Flaws including possible information disclosure, double free, and
negative reference index array underflow were found in the
deserialization code of PHP. PHP applications may use the unserialize
function on untrusted user data, which could allow a remote attacker
to gain access to memory or potentially execute arbitrary code. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-1019 to this issue.

A flaw in the exif extension of PHP was found which lead to a stack
overflow. An attacker could create a carefully crafted image file in
such a way which, if parsed by a PHP script using the exif extension,
could cause a crash or potentially execute arbitrary code. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2004-1065 to this issue.

Flaws were found in shmop_write, pack, and unpack PHP functions. These
functions are not normally passed user-supplied data, so would require
a malicious PHP script to be exploited. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2004-1018
to this issue.

Users of PHP should upgrade to these updated packages, which contain
fixes for these issues.

See also :

https://www.redhat.com/security/data/cve/CVE-2004-1018.html
https://www.redhat.com/security/data/cve/CVE-2004-1019.html
https://www.redhat.com/security/data/cve/CVE-2004-1065.html
http://www.php.net/release_4_3_10.php
http://rhn.redhat.com/errata/RHSA-2005-032.html

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: Red Hat Local Security Checks

Nessus Plugin ID: 17166 ()

Bugtraq ID:

CVE ID: CVE-2004-1018
CVE-2004-1019
CVE-2004-1065