GLSA-200410-04 : PHP: Memory disclosure and arbitrary location file upload

Medium Nessus Plugin ID 15429


The remote Gentoo host is missing one or more security-related patches.


The remote host is affected by the vulnerability described in GLSA-200410-04 (PHP: Memory disclosure and arbitrary location file upload)

Stefano Di Paola discovered two bugs in PHP. The first is a parse error in php_variables.c that could allow a remote attacker to view the contents of the target machine's memory. Additionally, an array processing error in the SAPI_POST_HANDLER_FUNC() function inside rfc1867.c could lead to the $_FILES array being overwritten.
Impact :

A remote attacker could exploit the first vulnerability to view memory contents. On a server with a script that provides file uploads, an attacker could exploit the second vulnerability to upload files to an arbitrary location. On systems where the HTTP server is allowed to write in a HTTP-accessible location, this could lead to remote execution of arbitrary commands with the rights of the HTTP server.
Workaround :

There is no known workaround at this time.


All PHP, mod_php and php-cgi users should upgrade to the latest stable version:
# emerge sync # emerge -pv '>=dev-php/php-4.3.9' # emerge '>=dev-php/php-4.3.9' # emerge -pv '>=dev-php/mod_php-4.3.9' # emerge '>=dev-php/mod_php-4.3.9' # emerge -pv '>=dev-php/php-cgi-4.3.9' # emerge '>=dev-php/php-cgi-4.3.9'

See Also

Plugin Details

Severity: Medium

ID: 15429

File Name: gentoo_GLSA-200410-04.nasl

Version: $Revision: 1.12 $

Type: local

Published: 2004/10/06

Modified: 2015/04/13

Dependencies: 12634

Risk Information

Risk Factor: Medium

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:mod_php, p-cpe:/a:gentoo:linux:php, p-cpe:/a:gentoo:linux:php-cgi, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Patch Publication Date: 2004/10/06

Vulnerability Publication Date: 2004/09/15

Reference Information

OSVDB: 10005

GLSA: 200410-04