PHP HTMLEntities HTMLSpecialChars Buffer Overflow Vulnerabilities
BID:20879
Info
PHP HTMLEntities HTMLSpecialChars Buffer Overflow Vulnerabilities
| Bugtraq ID: | 20879 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2006-5465 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 02 2006 12:00AM |
| Updated: | Jun 30 2014 02:37PM |
| Credit: | Stefan Esser is credited with the discovery of these vulnerabilities. |
| Vulnerable: |
Ubuntu Ubuntu Linux 5.10 sparc Ubuntu Ubuntu Linux 5.10 powerpc Ubuntu Ubuntu Linux 5.10 i386 Ubuntu Ubuntu Linux 5.10 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 Turbolinux Turbolinux Server 10.0 x86 Turbolinux Turbolinux Server 10.0 Turbolinux Turbolinux Server 8.0 Turbolinux Turbolinux 10 F... TurboLinux Personal TurboLinux Multimedia Turbolinux Home Turbolinux Appliance Server Workgroup Edition 1.0 Turbolinux Appliance Server Hosting Edition 1.0 Turbolinux Appliance Server 1.0 Workgroup Edition Turbolinux Appliance Server 1.0 Hosting Edition Turbolinux Appliance Server 2.0 Trustix Secure Linux 3.0 Trustix Secure Linux 2.2 Trustix Operating System Enterprise Server 2.0 Symantec Veritas NetBackup PureDisk Remote Office Edition 6.0 Slackware Linux 10.2 Slackware Linux 11.0 SGI ProPack 3.0 SP6 rPath rPath Linux 1 RedHat Stronghold for Enterprise Linux 0 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux WS 2.1 IA64 RedHat Enterprise Linux WS 2.1 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux ES 2.1 IA64 RedHat Enterprise Linux ES 2.1 RedHat Desktop 4.0 RedHat Desktop 3.0 RedHat Advanced Workstation for the Itanium Processor 2.1 IA64 RedHat Advanced Workstation for the Itanium Processor 2.1 Red Hat Enterprise Linux AS 4 Red Hat Enterprise Linux AS 3 Red Hat Enterprise Linux AS 2.1 IA64 Red Hat Enterprise Linux AS 2.1 PHP PHP 5.1.6 PHP PHP 5.1.5 PHP PHP 5.1.4 PHP PHP 5.1.3 -RC1 PHP PHP 5.1.3 PHP PHP 5.1.2 PHP PHP 5.1.1 PHP PHP 5.1 PHP PHP 5.0.5 PHP PHP 5.0.4 PHP PHP 5.0.3 PHP PHP 5.0.2 PHP PHP 5.0.1 PHP PHP 5.0 candidate 3 PHP PHP 5.0 candidate 2 PHP PHP 5.0 candidate 1 PHP PHP 5.0 .0 OpenPKG OpenPKG Stable OpenPKG OpenPKG E1.0-Solid OpenPKG OpenPKG Current OpenPKG OpenPKG 2-Stable-20061018 Mandriva Linux Mandrake 2006.0 x86_64 Mandriva Linux Mandrake 2006.0 Mandriva Linux Mandrake 2007.0 x86_64 Mandriva Linux Mandrake 2007.0 MandrakeSoft Multi Network Firewall 2.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0 Gentoo Linux Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1 Cisco Unified Application Environment 2.3 Cisco Network Analysis Module 3.1 patch 2 Cisco Network Analysis Module 0 Cisco Hosting Solution Engine 1105 1.7.3 Cisco Hosting Solution Engine 1105 1.7.2 Cisco Hosting Solution Engine 1105 1.7.1 Cisco Hosting Solution Engine 1105 1.7 Cisco Hosting Solution Engine 1.3 Cisco Hosting Solution Engine 1.0 Cisco CiscoWorks Wireless LAN Solution Engine Express 0 Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) 0 Cisco Catalyst 7600 3.1 (1a)WS-X6380-NAM Cisco Catalyst 7600 3.1 (1a)WS-SVC-NAM-2 Cisco Catalyst 7600 3.1 (1a)WS-SVC-NAM-1 Cisco Catalyst 7600 2.2 (1a)WS-SVC-NAM-2 Cisco Catalyst 7600 2.2 (1a)WS-SVC-NAM-1 Cisco Catalyst 7600 2.1 (2)WS-X6380-NAM Cisco Catalyst 6500 3.1 (1a)WS-X6380-NAM Cisco Catalyst 6500 3.1 (1a)WS-SVC-NAM-2 Cisco Catalyst 6500 3.1 (1a)WS-SVC-NAM-1 Cisco Catalyst 6500 2.2 (1a)WS-SVC-NAM-2 Cisco Catalyst 6500 2.2 (1a)WS-SVC-NAM-1 Cisco Catalyst 6500 2.1 (2)WS-X6380-NAM Cisco Catalyst 6000 3.1 (1a)WS-X6380-NAM Cisco Catalyst 6000 3.1 (1a)WS-SVC-NAM-2 Cisco Catalyst 6000 3.1 (1a)WS-SVC-NAM-1 Cisco Catalyst 6000 2.2 (1a)WS-SVC-NAM-2 Cisco Catalyst 6000 2.2 (1a)WS-SVC-NAM-1 Cisco Catalyst 6000 2.1 (2)WS-X6380-NAM Avaya S8710 R2.0.1 Avaya S8710 R2.0.0 Avaya S8710 CM 3.1 Avaya S8700 R2.0.1 Avaya S8700 R2.0.0 Avaya S8700 CM 3.1 Avaya S8500 R2.0.1 Avaya S8500 R2.0.0 Avaya S8500 CM 3.1 Avaya S8500 0 Avaya S8300 R2.0.1 Avaya S8300 R2.0.0 Avaya S8300 CM 3.1 Avaya S8300 0 Avaya Messaging Storage Server MM3.0 Avaya Messaging Storage Server 2.0 Avaya Messaging Storage Server 1.0 Avaya Messaging Storage Server Avaya Message Networking Avaya Intuity LX Avaya Converged Communications Server 2.0 Apple Mac OS X Server 10.4.8 Apple Mac OS X Server 10.3.9 Apple Mac OS X 10.4.8 Apple Mac OS X 10.3.9 |
| Not Vulnerable: |
Symantec Veritas NetBackup PureDisk Remote Office Edition 6.1 PHP PHP 5.2 Cisco Unified Application Environment 2.4 |
Discussion
PHP HTMLEntities HTMLSpecialChars Buffer Overflow Vulnerabilities
PHP is prone to multiple buffer-overflow vulnerabilities because it fails to effectively bounds-check user-supplied input before copying it to an insufficiently sized buffer.
An attacker could exploit these issues to have arbitrary code execute in the context of an affected webserver. This may lead to the compromise of the webserver. Failed exploit attempts could cause denial-of-service conditions, denying access to legitimate users.
Only limited information is available regarding these issues. This BID will be updated as more information becomes available.
PHP 5 is vulnerable to these issues.
NOTE: The affected functions are employed by a large number of popular PHP libraries. As a result, there are many PHP applications affected by this issue.
PHP is prone to multiple buffer-overflow vulnerabilities because it fails to effectively bounds-check user-supplied input before copying it to an insufficiently sized buffer.
An attacker could exploit these issues to have arbitrary code execute in the context of an affected webserver. This may lead to the compromise of the webserver. Failed exploit attempts could cause denial-of-service conditions, denying access to legitimate users.
Only limited information is available regarding these issues. This BID will be updated as more information becomes available.
PHP 5 is vulnerable to these issues.
NOTE: The affected functions are employed by a large number of popular PHP libraries. As a result, there are many PHP applications affected by this issue.
Exploit / POC
PHP HTMLEntities HTMLSpecialChars Buffer Overflow Vulnerabilities
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: mailto:[email protected].
The following exploit demonstrates this issue by crashing the application:
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: mailto:[email protected].
The following exploit demonstrates this issue by crashing the application:
Solution / Fix
PHP HTMLEntities HTMLSpecialChars Buffer Overflow Vulnerabilities
Solution:
PHP version 5.2 is available to address this issue.
Please see the references for more information.
Trustix Secure Linux 3.0
PHP PHP 5.0 .0
PHP PHP 5.0 candidate 1
PHP PHP 5.0.1
PHP PHP 5.0.2
PHP PHP 5.0.4
PHP PHP 5.1
PHP PHP 5.1.1
PHP PHP 5.1.3 -RC1
PHP PHP 5.1.4
PHP PHP 5.1.5
PHP PHP 5.1.6
Solution:
PHP version 5.2 is available to address this issue.
Please see the references for more information.
Trustix Secure Linux 3.0
-
Trustix ldapclients-common-183-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix mutt-1.4.2.1-10tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix pam_ldap-183-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-calendar-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-cli-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-curl-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-dba-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-devel-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-exif-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-fcgi-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-gd-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-imap-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-imap-5.2.0-1tr.i586.rpmphp-imap-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-ldap-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-mcrypt-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-mhash-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-mysql-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-mysqli-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-openssl-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-pdo-mysql-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-pdo-sqlite-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-pgsql-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-pspell-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-snmp-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-sqlite-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-xslt-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates -
Trustix php-zlib-5.2.0-1tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates
PHP PHP 5.0 .0
-
PHP php-5.2.0.tar.bz2
http://www.php.net/get/php-5.2.0.tar.bz2/from/a/mirror
PHP PHP 5.0 candidate 1
-
PHP php-5.2.0.tar.bz2
http://www.php.net/get/php-5.2.0.tar.bz2/from/a/mirror
PHP PHP 5.0.1
-
PHP php-5.2.0.tar.bz2
http://www.php.net/get/php-5.2.0.tar.bz2/from/a/mirror
PHP PHP 5.0.2
-
PHP php-5.2.0.tar.bz2
http://www.php.net/get/php-5.2.0.tar.bz2/from/a/mirror
PHP PHP 5.0.4
-
Mandriva lib64php5_common5-5.0.4-9.17.20060mdk.x86_64.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download -
Mandriva libphp5_common5-5.0.4-9.17.20060mdk.i586.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download -
Mandriva php-5.0.4-9.17.20060mdk.src.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download -
Mandriva php-cgi-5.0.4-9.17.20060mdk.i586.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download -
Mandriva php-cgi-5.0.4-9.17.20060mdk.x86_64.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download -
Mandriva php-cli-5.0.4-9.17.20060mdk.i586.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download -
Mandriva php-cli-5.0.4-9.17.20060mdk.x86_64.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download -
Mandriva php-devel-5.0.4-9.17.20060mdk.i586.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download -
Mandriva php-devel-5.0.4-9.17.20060mdk.x86_64.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download -
Mandriva php-fcgi-5.0.4-9.17.20060mdk.i586.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download -
Mandriva php-fcgi-5.0.4-9.17.20060mdk.x86_64.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download -
PHP php-5.2.0.tar.bz2
http://www.php.net/get/php-5.2.0.tar.bz2/from/a/mirror
PHP PHP 5.1
-
PHP php-5.2.0.tar.bz2
http://www.php.net/get/php-5.2.0.tar.bz2/from/a/mirror
PHP PHP 5.1.1
-
PHP php-5.2.0.tar.bz2
http://www.php.net/get/php-5.2.0.tar.bz2/from/a/mirror
PHP PHP 5.1.3 -RC1
-
PHP php-5.2.0.tar.bz2
http://www.php.net/get/php-5.2.0.tar.bz2/from/a/mirror
PHP PHP 5.1.4
-
PHP php-5.2.0.tar.bz2
http://www.php.net/get/php-5.2.0.tar.bz2/from/a/mirror
PHP PHP 5.1.5
-
PHP php-5.2.0.tar.bz2
http://www.php.net/get/php-5.2.0.tar.bz2/from/a/mirror
PHP PHP 5.1.6
-
Mandriva lib64php4_common4-4.4.4-1.2.20060mlcs4.x86_64.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva lib64php5_common5-5.1.6-1.2.20060mlcs4.x86_64.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva lib64php5_common5-5.1.6-1.3mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva libphp4_common4-4.4.4-1.2.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva libphp5_common5-5.1.6-1.2.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva libphp5_common5-5.1.6-1.3mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva php-5.1.6-1.2.20060mlcs4.src.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva php-5.1.6-1.3mdv2007.0.src.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva php-cgi-5.1.6-1.2.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva php-cgi-5.1.6-1.2.20060mlcs4.x86_64.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva php-cgi-5.1.6-1.3mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva php-cgi-5.1.6-1.3mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva php-cli-5.1.6-1.2.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva php-cli-5.1.6-1.2.20060mlcs4.x86_64.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva php-cli-5.1.6-1.3mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva php-cli-5.1.6-1.3mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva php-devel-5.1.6-1.2.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva php-devel-5.1.6-1.2.20060mlcs4.x86_64.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva php-devel-5.1.6-1.3mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva php-devel-5.1.6-1.3mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva php-fcgi-5.1.6-1.2.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva php-fcgi-5.1.6-1.2.20060mlcs4.x86_64.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva php-fcgi-5.1.6-1.3mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva php-fcgi-5.1.6-1.3mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva php4-4.4.4-1.2.20060mlcs4.src.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva php4-cgi-4.4.4-1.2.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva php4-cgi-4.4.4-1.2.20060mlcs4.x86_64.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva php4-cli-4.4.4-1.2.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva php4-cli-4.4.4-1.2.20060mlcs4.x86_64.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva php4-devel-4.4.4-1.2.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
Mandriva php4-devel-4.4.4-1.2.20060mlcs4.x86_64.rpm
Corporate 4.0:
http://www.mandriva.com/en/download -
PHP php-5.2.0.tar.bz2
http://www.php.net/get/php-5.2.0.tar.bz2/from/a/mirror -
Ubuntu libapache2-mod-php5_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/libapache2-mod-php5 _5.1.6-1ubuntu2.1_amd64.deb -
Ubuntu libapache2-mod-php5_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/libapache2-mod-php5 _5.1.6-1ubuntu2.1_i386.deb -
Ubuntu libapache2-mod-php5_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/libapache2-mod-php5 _5.1.6-1ubuntu2.1_powerpc.deb -
Ubuntu libapache2-mod-php5_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/libapache2-mod-php5 _5.1.6-1ubuntu2.1_sparc.deb -
Ubuntu php-pear_5.1.6-1ubuntu2.1_all.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php-pear_5.1.6-1ubu ntu2.1_all.deb -
Ubuntu php5-cgi_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cgi_5.1.6-1ubu ntu2.1_amd64.deb -
Ubuntu php5-cgi_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cgi_5.1.6-1ubu ntu2.1_i386.deb -
Ubuntu php5-cgi_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cgi_5.1.6-1ubu ntu2.1_powerpc.deb -
Ubuntu php5-cgi_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cgi_5.1.6-1ubu ntu2.1_sparc.deb -
Ubuntu php5-cli_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cli_5.1.6-1ubu ntu2.1_amd64.deb -
Ubuntu php5-cli_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cli_5.1.6-1ubu ntu2.1_i386.deb -
Ubuntu php5-cli_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cli_5.1.6-1ubu ntu2.1_powerpc.deb -
Ubuntu php5-cli_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-cli_5.1.6-1ubu ntu2.1_sparc.deb -
Ubuntu php5-common_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-common_5.1.6-1 ubuntu2.1_amd64.deb -
Ubuntu php5-common_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-common_5.1.6-1 ubuntu2.1_i386.deb -
Ubuntu php5-common_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-common_5.1.6-1 ubuntu2.1_powerpc.deb -
Ubuntu php5-common_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-common_5.1.6-1 ubuntu2.1_sparc.deb -
Ubuntu php5-curl_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-curl_5.1.6-1ub untu2.1_amd64.deb -
Ubuntu php5-curl_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-curl_5.1.6-1ub untu2.1_i386.deb -
Ubuntu php5-curl_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-curl_5.1.6-1ub untu2.1_powerpc.deb -
Ubuntu php5-curl_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-curl_5.1.6-1ub untu2.1_sparc.deb -
Ubuntu php5-dev_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dev_5.1.6-1ubu ntu2.1_amd64.deb -
Ubuntu php5-dev_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dev_5.1.6-1ubu ntu2.1_i386.deb -
Ubuntu php5-dev_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dev_5.1.6-1ubu ntu2.1_powerpc.deb -
Ubuntu php5-dev_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-dev_5.1.6-1ubu ntu2.1_sparc.deb -
Ubuntu php5-gd_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gd_5.1.6-1ubun tu2.1_amd64.deb -
Ubuntu php5-gd_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gd_5.1.6-1ubun tu2.1_i386.deb -
Ubuntu php5-gd_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gd_5.1.6-1ubun tu2.1_powerpc.deb -
Ubuntu php5-gd_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-gd_5.1.6-1ubun tu2.1_sparc.deb -
Ubuntu php5-ldap_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-ldap_5.1.6-1ub untu2.1_amd64.deb -
Ubuntu php5-ldap_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-ldap_5.1.6-1ub untu2.1_i386.deb -
Ubuntu php5-ldap_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-ldap_5.1.6-1ub untu2.1_powerpc.deb -
Ubuntu php5-ldap_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-ldap_5.1.6-1ub untu2.1_sparc.deb -
Ubuntu php5-mhash_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mhash_5.1.6-1u buntu2.1_amd64.deb -
Ubuntu php5-mhash_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mhash_5.1.6-1u buntu2.1_i386.deb -
Ubuntu php5-mhash_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mhash_5.1.6-1u buntu2.1_powerpc.deb -
Ubuntu php5-mhash_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mhash_5.1.6-1u buntu2.1_sparc.deb -
Ubuntu php5-mysql_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysql_5.1.6-1u buntu2.1_amd64.deb -
Ubuntu php5-mysql_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysql_5.1.6-1u buntu2.1_i386.deb -
Ubuntu php5-mysql_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysql_5.1.6-1u buntu2.1_powerpc.deb -
Ubuntu php5-mysql_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysql_5.1.6-1u buntu2.1_sparc.deb -
Ubuntu php5-mysqli_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysqli_5.1.6-1 ubuntu2.1_amd64.deb -
Ubuntu php5-mysqli_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysqli_5.1.6-1 ubuntu2.1_i386.deb -
Ubuntu php5-mysqli_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysqli_5.1.6-1 ubuntu2.1_powerpc.deb -
Ubuntu php5-mysqli_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-mysqli_5.1.6-1 ubuntu2.1_sparc.deb -
Ubuntu php5-odbc_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-odbc_5.1.6-1ub untu2.1_amd64.deb -
Ubuntu php5-odbc_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-odbc_5.1.6-1ub untu2.1_i386.deb -
Ubuntu php5-odbc_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-odbc_5.1.6-1ub untu2.1_powerpc.deb -
Ubuntu php5-odbc_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-odbc_5.1.6-1ub untu2.1_sparc.deb -
Ubuntu php5-pgsql_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pgsql_5.1.6-1u buntu2.1_amd64.deb -
Ubuntu php5-pgsql_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pgsql_5.1.6-1u buntu2.1_i386.deb -
Ubuntu php5-pgsql_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pgsql_5.1.6-1u buntu2.1_powerpc.deb -
Ubuntu php5-pgsql_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-pgsql_5.1.6-1u buntu2.1_sparc.deb -
Ubuntu php5-recode_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-recode_5.1.6-1 ubuntu2.1_amd64.deb -
Ubuntu php5-recode_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-recode_5.1.6-1 ubuntu2.1_i386.deb -
Ubuntu php5-recode_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-recode_5.1.6-1 ubuntu2.1_powerpc.deb -
Ubuntu php5-recode_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-recode_5.1.6-1 ubuntu2.1_sparc.deb -
Ubuntu php5-snmp_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-snmp_5.1.6-1ub untu2.1_amd64.deb -
Ubuntu php5-snmp_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-snmp_5.1.6-1ub untu2.1_i386.deb -
Ubuntu php5-snmp_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-snmp_5.1.6-1ub untu2.1_powerpc.deb -
Ubuntu php5-snmp_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-snmp_5.1.6-1ub untu2.1_sparc.deb -
Ubuntu php5-sqlite_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sqlite_5.1.6-1 ubuntu2.1_amd64.deb -
Ubuntu php5-sqlite_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sqlite_5.1.6-1 ubuntu2.1_i386.deb -
Ubuntu php5-sqlite_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sqlite_5.1.6-1 ubuntu2.1_powerpc.deb -
Ubuntu php5-sqlite_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sqlite_5.1.6-1 ubuntu2.1_sparc.deb -
Ubuntu php5-sybase_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sybase_5.1.6-1 ubuntu2.1_amd64.deb -
Ubuntu php5-sybase_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sybase_5.1.6-1 ubuntu2.1_i386.deb -
Ubuntu php5-sybase_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sybase_5.1.6-1 ubuntu2.1_powerpc.deb -
Ubuntu php5-sybase_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-sybase_5.1.6-1 ubuntu2.1_sparc.deb -
Ubuntu php5-xmlrpc_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xmlrpc_5.1.6-1 ubuntu2.1_amd64.deb -
Ubuntu php5-xmlrpc_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xmlrpc_5.1.6-1 ubuntu2.1_i386.deb -
Ubuntu php5-xmlrpc_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xmlrpc_5.1.6-1 ubuntu2.1_powerpc.deb -
Ubuntu php5-xmlrpc_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xmlrpc_5.1.6-1 ubuntu2.1_sparc.deb -
Ubuntu php5-xsl_5.1.6-1ubuntu2.1_amd64.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xsl_5.1.6-1ubu ntu2.1_amd64.deb -
Ubuntu php5-xsl_5.1.6-1ubuntu2.1_i386.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xsl_5.1.6-1ubu ntu2.1_i386.deb -
Ubuntu php5-xsl_5.1.6-1ubuntu2.1_powerpc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xsl_5.1.6-1ubu ntu2.1_powerpc.deb -
Ubuntu php5-xsl_5.1.6-1ubuntu2.1_sparc.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5-xsl_5.1.6-1ubu ntu2.1_sparc.deb -
Ubuntu php5_5.1.6-1ubuntu2.1_all.deb
Ubuntu 6.10:
http://security.ubuntu.com/ubuntu/pool/main/p/php5/php5_5.1.6-1ubuntu2 .1_all.deb
References
PHP HTMLEntities HTMLSpecialChars Buffer Overflow Vulnerabilities
References:
References:
- ASA-2006-245 - php security update (RHSA-2006-0730) (Avaya)
- Cisco Applied Intelligence Response: Identifying and Mitigating Exploitation of (Cisco)
- PHP 5.2.0 Release Announcement (PHP)
- PHP Homepage (PHP Group)
- RHSA-2006:0730-6 - php security update (RedHat)
- SYM06-023: Symantec NetBackup PureDisk: PHP update to Address Reported Security (Symantec)
- Advisory 13/2006: PHP HTML Entity Encoder Heap Overflow Vulnerability (Stefan Esser)
- Cisco Security Response: PHP HTML Entity Encoder Heap Overflow Vulnerability in (Cisco)
- cvs: php-src(PHP_5_2) /ext/standard html.c (Ilia Alshanetsky)
- RHSA-2006:0736-4 - php security update for Stronghold (RedHat)