Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

PHP 5.1 update with several security fixes

Published: 2005-11-25
Last Updated: 2005-11-25 20:02:35 UTC
by Adrien de Beaupre (Version: 1)
0 comment(s)
Summary of security fixes:

Fixed a Cross Site Scripting (XSS) vulnerability in phpinfo().
Fixed multiple safe_mode/open_basedir bypass vulnerabilities in ext/curl and ext/gd .
Fixed a possible $GLOBALS overwrite problem in file upload handling.
Fixed a problem when a request was terminated due to memory_limit constraints during certain parse_str() calls.
Fixed an issue with trailing slashes in allowed basedirs.
Fixed an issue with calling virtual() on Apache 2.
Updated to the latest pcrelib to fix a possible integer overflow vulnerability announced in CAN-2005-2491.
Possible header injection in mb_send_mail() function via the To address, the first parameter of the function.

Announcement here

Thanks to Juha-matti!

Cheers,
Adrien



Keywords:
0 comment(s)
Diary Archives