---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: PHP Multiple Vulnerabilities SECUNIA ADVISORY ID: SA24089 VERIFY ADVISORY: http://secunia.com/advisories/24089/ CRITICAL: Moderately critical IMPACT: Unknown, Security Bypass, Exposure of sensitive information WHERE: >From remote SOFTWARE: PHP 5.1.x http://secunia.com/product/6796/ PHP 5.2.x http://secunia.com/product/13446/ DESCRIPTION: Several vulnerabilities have been reported in PHP. Some have unknown impacts, while others can be exploited to disclose potentially sensitive information or bypass certain security restrictions. 1) The "safe_mode" and "open_basedir" protection mechanisms can be bypassed via the session extension. 2) Unspecified overflows can be exploited to cause a stack corruption in the session extension. 3) Stack overflows exist in the "zip", "imap", and "sqlite" extensions. 4) A boundary error within the stream filters can be exploited to cause a buffer overflow. 5) An unspecified overflow exist in the "str_replace()" function. 6) An unspecified error in the wddx extension can be exploited to disclose potentially sensitive information. 7) An format string error exists in the *print() functions on 64-bit systems. 8) Boundary errors exist within the "mail()" and the "ibase_add_user()", "ibase_delete_user()", and "ibase_modify_user()" and can be exploited to cause buffer overflows. 9) An format string error exists in the odbc_result_all() function. Other issues which may be security related have also been reported. NOTE: Some issues can be triggered remotely under certain circumstances. SOLUTION: Update to version 5.2.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.php.net/releases/5_2_1.php ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------