---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. Join the FREE BETA test of the Network Software Inspector (NSI)! http://secunia.com/network_software_inspector/ The NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. ---------------------------------------------------------------------- TITLE: Mandriva update for php SECUNIA ADVISORY ID: SA25191 VERIFY ADVISORY: http://secunia.com/advisories/25191/ CRITICAL: Highly critical IMPACT: Unknown, Security Bypass, System access WHERE: >From remote OPERATING SYSTEM: Mandriva Linux 2007 http://secunia.com/product/12165/ DESCRIPTION: Mandriva has issued an update for php. This fixes some vulnerabilities, where one has an unknown impact and the others can be exploited by malicious users to bypass certain security restrictions and potentially by malicious people to compromise a vulnerable system. For more information: SA25123 SOLUTION: Apply updated packages. Mandriva Linux 2007 9e0a7c06446b813079775e0b21113c35 2007.0/i586/libphp5_common5-5.1.6-1.8mdv2007.0.i586.rpm a9fbb8f3a69749c14794f25ed9c4fb4a 2007.0/i586/php-cgi-5.1.6-1.8mdv2007.0.i586.rpm 343800759b3f2c748e902b578c983b31 2007.0/i586/php-cli-5.1.6-1.8mdv2007.0.i586.rpm f144fe50b14fe959782ee648bc5ac9c3 2007.0/i586/php-devel-5.1.6-1.8mdv2007.0.i586.rpm 1ab27ba607339b5da160f4222e4785f2 2007.0/i586/php-fcgi-5.1.6-1.8mdv2007.0.i586.rpm fe0bb39c1ab53cf83b39c58714247b3f 2007.0/i586/php-ftp-5.1.6-1.1mdv2007.0.i586.rpm 930f34d92678a52b2ce6e83cb28a693f 2007.0/i586/php-soap-5.1.6-1.1mdv2007.0.i586.rpm 4469d5f7cdec688feba83a30698a7e9a 2007.0/i586/php-xmlrpc-5.1.6-1.1mdv2007.0.i586.rpm d7102292c93885b089d35caaff6005b7 2007.0/SRPMS/php-5.1.6-1.8mdv2007.0.src.rpm 239e5928d8a53c749c128e8ddc75746f 2007.0/SRPMS/php-ftp-5.1.6-1.1mdv2007.0.src.rpm ef26d693f275ba3755dcebd89f2f0d54 2007.0/SRPMS/php-soap-5.1.6-1.1mdv2007.0.src.rpm 51fdcfb1821296eb9b69cefd136faf5e 2007.0/SRPMS/php-xmlrpc-5.1.6-1.1mdv2007.0.src.rpm Mandriva Linux 2007/X86_64 4d514769b03d199a1f96982e6d2887e2 2007.0/x86_64/lib64php5_common5-5.1.6-1.8mdv2007.0.x86_64.rpm dcb785c5dc18be7817c3c6e5c22c4156 2007.0/x86_64/php-cgi-5.1.6-1.8mdv2007.0.x86_64.rpm c9d3851f0b201e1ac248fc448b507a70 2007.0/x86_64/php-cli-5.1.6-1.8mdv2007.0.x86_64.rpm c56837be9c8e4850bc15082c2ea6b7f6 2007.0/x86_64/php-devel-5.1.6-1.8mdv2007.0.x86_64.rpm 50c8b6228670b93318e4db01f464f327 2007.0/x86_64/php-fcgi-5.1.6-1.8mdv2007.0.x86_64.rpm e8878dab282186a60846fa79c6a7ff12 2007.0/x86_64/php-ftp-5.1.6-1.1mdv2007.0.x86_64.rpm 0c700664f8b9eabb6889247f63b8a2ff 2007.0/x86_64/php-soap-5.1.6-1.1mdv2007.0.x86_64.rpm d8159dcb23ebd35ec65e9988c51e8077 2007.0/x86_64/php-xmlrpc-5.1.6-1.1mdv2007.0.x86_64.rpm d7102292c93885b089d35caaff6005b7 2007.0/SRPMS/php-5.1.6-1.8mdv2007.0.src.rpm 239e5928d8a53c749c128e8ddc75746f 2007.0/SRPMS/php-ftp-5.1.6-1.1mdv2007.0.src.rpm ef26d693f275ba3755dcebd89f2f0d54 2007.0/SRPMS/php-soap-5.1.6-1.1mdv2007.0.src.rpm 51fdcfb1821296eb9b69cefd136faf5e 2007.0/SRPMS/php-xmlrpc-5.1.6-1.1mdv2007.0.src.rpm ORIGINAL ADVISORY: http://www.mandriva.com/security/advisories?name=MDKSA-2007:102 OTHER REFERENCES: SA25123: http://secunia.com/advisories/25123/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------