---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation compensation package. http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: Mandriva update for php SECUNIA ADVISORY ID: SA21608 VERIFY ADVISORY: http://secunia.com/advisories/21608/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: Local system OPERATING SYSTEM: Mandriva Linux 2006 http://secunia.com/product/9020/ DESCRIPTION: Mandriva has issued an update for php. This fixes a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions. For more information: SA21403 SOLUTION: Apply updated packages. Mandrivalinux 2006 c4156de63b5b04c72129e275184c8589 2006.0/RPMS/libphp5_common5-5.0.4-9.13.20060mdk.i586.rpm d8a272fb6115fcb185bf273307cfa945 2006.0/RPMS/php-cgi-5.0.4-9.13.20060mdk.i586.rpm 1cdca894d3ec7810c031329bf9b022b5 2006.0/RPMS/php-cli-5.0.4-9.13.20060mdk.i586.rpm 5729200eecf5a7e8e7113f4b43116723 2006.0/RPMS/php-devel-5.0.4-9.13.20060mdk.i586.rpm 8fa33cfb6ccdd669f27ba1686db24fcd 2006.0/RPMS/php-fcgi-5.0.4-9.13.20060mdk.i586.rpm 60462a513b931f23a15d7b4e6af9af90 2006.0/SRPMS/php-5.0.4-9.13.20060mdk.src.rpm Mandrivalinux 2006/X86_64 a05922ab7f687dbe9cd74b5546e2ec4f x86_64/2006.0/RPMS/lib64php5_common5-5.0.4-9.13.20060mdk.x86_64.rpm 00599ac74cb16ef47988addae1a01e94 x86_64/2006.0/RPMS/php-cgi-5.0.4-9.13.20060mdk.x86_64.rpm 0b4ff38a92b2ddf41a25abe1155b6bb8 x86_64/2006.0/RPMS/php-cli-5.0.4-9.13.20060mdk.x86_64.rpm 39eda4d79d65a2ce4f0f9b8d2f66414d x86_64/2006.0/RPMS/php-devel-5.0.4-9.13.20060mdk.x86_64.rpm be71b05ae1fdb0a38bd5a5831cdb7b2f x86_64/2006.0/RPMS/php-fcgi-5.0.4-9.13.20060mdk.x86_64.rpm 60462a513b931f23a15d7b4e6af9af90 x86_64/2006.0/SRPMS/php-5.0.4-9.13.20060mdk.src.rpm ORIGINAL ADVISORY: http://www.mandriva.com/security/advisories?name=MDKSA-2006:144 OTHER REFERENCES: SA21403: http://secunia.com/advisories/21403/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------