Debian: DSA-2399-1 Critical: PHP Several Remote Threats Resolved
debian
January 31, 2012
Several vulnerabilities have been discovered in PHP, the web scripting language
Topics Covered
Summary
CVE-2011-1938
The UNIX socket handling allowed attackers to trigger a buffer overflow
via a long path name.
CVE-2011-2483
The crypt_blowfish function did not properly handle 8-bit characters,
which made it easier for attackers to determine a cleartext password
by using knowledge of a password hash.
CVE-2011-4566
When used on 32 bit platforms, the exif extension could be used to
trigger an integer overflow in the exif_process_IFD_TAG function
when processing a JPEG file.
CVE-2011-4885
It was possible to trigger hash collisions predictably when parsing
form parameters, which allows remote attackers to cause a denial of
service by sending many crafted parameters.
CVE-2012-0057
When applying a crafted XSLT transform, an attacker could write files
to arbitrary places in the filesystem.
NOTE: the fix for CVE-2011-2483 required changing the behaviour of this
function: it is now incompatible with some old (wrongly) generated hashes
for passwords containing 8-bit characters. See the pa...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: php5
CVE ID: CVE-2011-1938 CVE-2011-2483 CVE-2011-4566 CVE-2011-4885
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!