FreeBSD : php -- multiple vulnerabilities (71d903fc-602d-11dc-898c-001921ab2fa4)

high Nessus Plugin ID 26038

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The PHP development team reports :

Security Enhancements and Fixes in PHP 5.2.4 :

- Fixed a floating point exception inside wordwrap() (Reported by Mattias Bengtsson)

- Fixed several integer overflows inside the GD extension (Reported by Mattias Bengtsson)

- Fixed size calculation in chunk_split() (Reported by Gerhard Wagner)

- Fixed integer overflow in str[c]spn(). (Reported by Mattias Bengtsson)

- Fixed money_format() not to accept multiple %i or %n tokens.
(Reported by Stanislav Malyshev)

- Fixed zend_alter_ini_entry() memory_limit interruption vulnerability. (Reported by Stefan Esser)

- Fixed INFILE LOCAL option handling with MySQL extensions not to be allowed when open_basedir or safe_mode is active. (Reported by Mattias Bengtsson)

- Fixed session.save_path and error_log values to be checked against open_basedir and safe_mode (CVE-2007-3378) (Reported by Maksymilian Arciemowicz)

- Fixed a possible invalid read in glob() win32 implementation (CVE-2007-3806) (Reported by shinnai)

- Fixed a possible buffer overflow in php_openssl_make_REQ (Reported by zatanzlatan at hotbrev dot com)

- Fixed an open_basedir bypass inside glob() function (Reported by dr at peytz dot dk)

- Fixed a possible open_basedir bypass inside session extension when the session file is a symlink (Reported by c dot i dot morris at durham dot ac dot uk)

- Improved fix for MOPB-03-2007.

- Corrected fix for CVE-2007-2872.

Solution

Update the affected packages.

See Also

http://www.php.net/releases/4_4_8.php

http://www.php.net/releases/5_2_4.php

http://www.nessus.org/u?faf67901

Plugin Details

Severity: High

ID: 26038

File Name: freebsd_pkg_71d903fc602d11dc898c001921ab2fa4.nasl

Version: 1.19

Type: local

Published: 9/14/2007

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:php4, p-cpe:/a:freebsd:freebsd:php5, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 9/11/2007

Vulnerability Publication Date: 8/30/2007

Reference Information

CVE: CVE-2007-2872, CVE-2007-3378, CVE-2007-3806, CVE-2007-3996, CVE-2007-3997, CVE-2007-3998, CVE-2007-4652, CVE-2007-4657, CVE-2007-4658, CVE-2007-4659, CVE-2007-4660, CVE-2007-4661, CVE-2007-4662, CVE-2007-4663, CVE-2007-4670

CWE: 119, 189, 20, 22, 264, 362, 399

Secunia: 26642