PHP Group PHP Multiple Unspecified Vulnerabilities
BID:13143
Info
PHP Group PHP Multiple Unspecified Vulnerabilities
| Bugtraq ID: | 13143 |
| Class: | Unknown |
| CVE: | |
| Remote: | No |
| Local: | No |
| Published: | Apr 13 2005 12:00AM |
| Updated: | Aug 24 2006 06:34PM |
| Credit: | Discovery is credited to David Litchfield of NGSSoftware. |
| Vulnerable: |
PHP PHP 5.0.3 PHP PHP 4.3.10 |
| Not Vulnerable: | |
Discussion
PHP Group PHP Multiple Unspecified Vulnerabilities
PHP is prone to multiple unspecified vulnerabilities.
PHP 5.0.3 and 4.3.10 are reported to be vulnerable. Earlier versions may also be affected.
PHP is prone to multiple unspecified vulnerabilities.
PHP 5.0.3 and 4.3.10 are reported to be vulnerable. Earlier versions may also be affected.
Exploit / POC
PHP Group PHP Multiple Unspecified Vulnerabilities
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
PHP Group PHP Multiple Unspecified Vulnerabilities
Solution:
Conectiva has released an advisory (CLSA-2005:955) and fixes to address these and other issues. Please see the referenced advisory for further information regarding obtaining and applying appropriate updates.
The discoverer of these issues has reported that they have been addressed in a
patch. This has not yet been confirmed by Symantec.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
PHP PHP 4.3.10
PHP PHP 5.0.3
Solution:
Conectiva has released an advisory (CLSA-2005:955) and fixes to address these and other issues. Please see the referenced advisory for further information regarding obtaining and applying appropriate updates.
The discoverer of these issues has reported that they have been addressed in a
patch. This has not yet been confirmed by Symantec.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
PHP PHP 4.3.10
-
PHP Group PHP 4.3.11
http://ca.php.net/get/php-4.3.11.tar.gz/from/a/mirror
PHP PHP 5.0.3
-
PHP Group PHP 5.0.4
www.php.net/distributions/php-5.0.4.tar.gz
References
PHP Group PHP Multiple Unspecified Vulnerabilities
References:
References:
- CLSA-2005:955 : Fixes for multiple php4 vulnerabilities (Conectiva)
- PHP 4 ChangeLog - Version 4.3.11 (PHP Group)
- PHP 5 ChangeLog - Version 5.0.4 (PHP Group)
- PHP Homepage (PHP Group)