Mandrake Linux Security Advisory : php (MDKSA-2005:152)
High Nessus Plugin ID 19908
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionInteger overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.
The php packages, as shipped, were built using a private copy of pcre.
The updated packages have been rebuilt against the system pcre libs to correct this problem.
SolutionUpdate the affected packages.