---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation compensation package. http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: Mandriva update for php SECUNIA ADVISORY ID: SA21050 VERIFY ADVISORY: http://secunia.com/advisories/21050/ CRITICAL: Moderately critical IMPACT: Security Bypass, DoS, System access WHERE: >From remote OPERATING SYSTEM: Mandriva Linux 2006 http://secunia.com/product/9020/ DESCRIPTION: Mandriva has issued an update for php. This fixes some vulnerabilities, which potentially can be exploited by malicious, local users to bypass certain security restrictions or by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. For more information: SA12996 SA13179 SA18694 SA19803 SA19927 SA20337 SA20500 SA20818 SOLUTION: Apply updated packages. Mandrivalinux 2006 ac3a35ac0db18fe07aed82c55bc9495c 2006.0/RPMS/libphp5_common5-5.0.4-9.12.20060mdk.i586.rpm eddf792e9ac30c60ba29967469c94721 2006.0/RPMS/php-cgi-5.0.4-9.12.20060mdk.i586.rpm 7ad40230e703fb0dbddb9b6b864305de 2006.0/RPMS/php-cli-5.0.4-9.12.20060mdk.i586.rpm 847ea3aa279af20470a4e4fc0ccefc7f 2006.0/RPMS/php-curl-5.0.4-1.3.20060mdk.i586.rpm e81718f6e31cb7aced9d2ff7462c0b80 2006.0/RPMS/php-devel-5.0.4-9.12.20060mdk.i586.rpm 188757b3e34afb445a288f4156232b77 2006.0/RPMS/php-fcgi-5.0.4-9.12.20060mdk.i586.rpm b8487a338e7c0be6baf08f3231169574 2006.0/RPMS/php-imap-5.0.4-2.3.20060mdk.i586.rpm cdda5acab01891036e955b4b89509552 2006.0/SRPMS/php-5.0.4-9.12.20060mdk.src.rpm 6f59b73dc4ad989fc1cf82981a78447b 2006.0/SRPMS/php-curl-5.0.4-1.3.20060mdk.src.rpm 1ca1cd0433f93e7a5338d265e5fe31a1 2006.0/SRPMS/php-imap-5.0.4-2.3.20060mdk.src.rpm Mandrivalinux 2006/X86_64 91133e3df28354e321a52b868605f5b4 x86_64/2006.0/RPMS/lib64php5_common5-5.0.4-9.12.20060mdk.x86_64.rpm 348350bfa9bb17ac01b574d1ce53e212 x86_64/2006.0/RPMS/php-cgi-5.0.4-9.12.20060mdk.x86_64.rpm c33ab51b3b82a33140625c1dda6ed397 x86_64/2006.0/RPMS/php-cli-5.0.4-9.12.20060mdk.x86_64.rpm 070e8e1f3d4a5035cd2ca7b4b9dc6f61 x86_64/2006.0/RPMS/php-curl-5.0.4-1.3.20060mdk.x86_64.rpm d1cae6289e3625693902b52730dbf95f x86_64/2006.0/RPMS/php-devel-5.0.4-9.12.20060mdk.x86_64.rpm e8ae1224fab30562d7d66c981893897c x86_64/2006.0/RPMS/php-fcgi-5.0.4-9.12.20060mdk.x86_64.rpm 991c3a4f7cb708aa3c2f9ef4b525017e x86_64/2006.0/RPMS/php-imap-5.0.4-2.3.20060mdk.x86_64.rpm cdda5acab01891036e955b4b89509552 x86_64/2006.0/SRPMS/php-5.0.4-9.12.20060mdk.src.rpm 6f59b73dc4ad989fc1cf82981a78447b x86_64/2006.0/SRPMS/php-curl-5.0.4-1.3.20060mdk.src.rpm 1ca1cd0433f93e7a5338d265e5fe31a1 x86_64/2006.0/SRPMS/php-imap-5.0.4-2.3.20060mdk.src.rpm ORIGINAL ADVISORY: http://www.mandriva.com/security/advisories?name=MDKSA-2006:122 OTHER REFERENCES: SA12996: http://secunia.com/advisories/12996/ SA13179: http://secunia.com/advisories/13179/ SA18694: http://secunia.com/advisories/18694/ SA19803: http://secunia.com/advisories/19803/ SA19927: http://secunia.com/advisories/19927/ SA20337: http://secunia.com/advisories/20337/ SA20500: http://secunia.com/advisories/20500/ SA20818: http://secunia.com/advisories/20818/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------