__________________________________________________________ The U.S. Department of Energy Computer Incident Advisory Capability ___ __ __ _ ___ / | /_\ / \___ __|__ / \ \___ __________________________________________________________ INFORMATION BULLETIN PHP PEAR XML-RPC Server Package Vulnerability [Red Hat Security Advisory RHSA-2005:748-05] August 19, 2005 21:00 GMT Number P-282 [REVISED 2 Sept 2005] [REVISED 09 Sep 2005] [REVISED 04 Oct 2005] ______________________________________________________________________________ PROBLEM: A bug was discovered in the PEAR XML-RPC Server package included in PHP. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. PLATFORM: Red Hat Desktop (v. 3 and v. 4) Red Hat Enterprise Linux AS, ES, WS (v. 3 and v. 4) Debian GNU/Linux 3.1 alias sarge SGI ProPack 3 Service Pack 6 for SGI Altix family of systems DAMAGE: If a PHP script is used which implements an XML-RPC Server using the PEAR XML-RPC package, then it is possible for a remote attacker to construct an XML-RPC request which can cause PHP to execute arbitrary PHP commands as the 'apache' user. SOLUTION: Apply the security updates. ______________________________________________________________________________ VULNERABILITY The risk is LOW. It is possible for a remote attacker to ASSESSMENT: execute arbitrary files. (When using the default SELinux "targeted" policy on Red Hat Enterprise Linux 4, the impact of this issue is reduced since the scripts executed by PHP are constrained within the httpd_sys_script_t security context.) ______________________________________________________________________________ LINKS: CIAC BULLETIN: http://www.ciac.org/ciac/bulletins/p-282.shtml ORIGINAL BULLETIN: https://rhn.redhat.com/errata/RHSA-2005-748.html ADDITIONAL LINKS: Debian Security Advisory DSA-798-1 http://www.debian.org/security/2005/dsa-800 SGI Security Advisory Number 2005090101-U ftp://patches.sgi.com/support/free/security/advisories/ 20050901-01-U.asc Debian Security Advisory DSA-840-1 http://www.debian.org/security/2005/dsa-840 CVE/CAN: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name= CAN-2005-2498 ______________________________________________________________________________ REVISION HISTORY: 09/02/2005 - revised to add a link to Debian Security Advisory DSA-798-1 for Debian GNU/Linux 3.1 alias sarge. 09/09/2005 - added link to SGI Security Advisory 20050901-01-U that provides patches in SGI ProPack 3 Service Pack 6. 10/04/2005 - added a link to Debian Security Advisory DSA-840 that provides updated drupal packages addressing this vulnerability. [***** Start Red Hat Security Advisory RHSA-2005:748-05 *****] Important: php security update Advisory: RHSA-2005:748-05 Type: Security Advisory Issued on: 2005-08-19 Last updated on: 2005-08-19 Affected Products: Red Hat Desktop (v. 3) Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 3) Red Hat Enterprise Linux WS (v. 4) CVEs (cve.mitre.org): CAN-2005-2498 Details Updated PHP packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A bug was discovered in the PEAR XML-RPC Server package included in PHP. If a PHP script is used which implements an XML-RPC Server using the PEAR XML-RPC package, then it is possible for a remote attacker to construct an XML-RPC request which can cause PHP to execute arbitrary PHP commands as the 'apache' user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2498 to this issue. When using the default SELinux "targeted" policy on Red Hat Enterprise Linux 4, the impact of this issue is reduced since the scripts executed by PHP are constrained within the httpd_sys_script_t security context. Users of PHP should upgrade to these updated packages, which contain backported fixes for these issues. Solution Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. Updated packages Red Hat Desktop (v. 3) SRPMS: php-4.3.2-25.ent.src.rpm 04d580976153ca074a872fc0f4e46b0c IA-32: php-4.3.2-25.ent.i386.rpm fed51b67a5d48a8522bc8d8148a2bfee php-devel-4.3.2-25.ent.i386.rpm 15cd9ab7e1ef1c95c6ecd8e1f8cbae46 php-imap-4.3.2-25.ent.i386.rpm 6163adee50194e74e37fa24c17e5bfa8 php-ldap-4.3.2-25.ent.i386.rpm 7c5d52e3aed50297dbd5d5a75f94ba41 php-mysql-4.3.2-25.ent.i386.rpm aaa8a6a7d4b023c04073b7cae2bf58f6 php-odbc-4.3.2-25.ent.i386.rpm 1e7de237085d4f881c41de6a98b51157 php-pgsql-4.3.2-25.ent.i386.rpm c044ec476bf4d3b45892da90d62a3f1a x86_64: php-4.3.2-25.ent.x86_64.rpm b7de30bf4d9789c9e74a7a47a2450591 php-devel-4.3.2-25.ent.x86_64.rpm e4bfa968ea149b4438ec2c5acf0b7241 php-imap-4.3.2-25.ent.x86_64.rpm 7c5e7a65cb3cad8a0a8c5fb404e96448 php-ldap-4.3.2-25.ent.x86_64.rpm 89180e6c640883a91a646891e394b57f php-mysql-4.3.2-25.ent.x86_64.rpm f3b6592a91c9dda2e96c8b7f737fb595 php-odbc-4.3.2-25.ent.x86_64.rpm 2aa2463b9ddd90200ecce28cf9509d0a php-pgsql-4.3.2-25.ent.x86_64.rpm 2ad89b967736ac5cb3916216cc448cd6 Red Hat Desktop (v. 4) SRPMS: php-4.3.9-3.8.src.rpm c42be2ce45b0347e36124fe7a4fb5924 IA-32: php-4.3.9-3.8.i386.rpm 26900c293a14aec11b98f5470c339275 php-devel-4.3.9-3.8.i386.rpm f6327a1bcee45695f1615a48f4dd3608 php-domxml-4.3.9-3.8.i386.rpm 5fb7b2579224bddee01be068ea34d64f php-gd-4.3.9-3.8.i386.rpm fe7ed9022e75667cf57d7e8863b5e05b php-imap-4.3.9-3.8.i386.rpm a3cbdfcbf5f2dbba9f60ff6d61ac58c8 php-ldap-4.3.9-3.8.i386.rpm 167a9f3d83dd454a6abbb3132ccbff53 php-mbstring-4.3.9-3.8.i386.rpm 01c11bd52d1d51d1f6550a9464c76fd5 php-mysql-4.3.9-3.8.i386.rpm 991eb09293d6100356d4bc3f3c54976d php-ncurses-4.3.9-3.8.i386.rpm 207176609633419e6b3964adc5bfd620 php-odbc-4.3.9-3.8.i386.rpm 875a5d7dd417e01453c9d66a45a06e8e php-pear-4.3.9-3.8.i386.rpm b1c9a565e056e223c6f00e13bac9df68 php-pgsql-4.3.9-3.8.i386.rpm dd7a8b3ba60dc7a720f1d48c5471a6b3 php-snmp-4.3.9-3.8.i386.rpm 1db2702320f71c20c7ecfebaec1277b5 php-xmlrpc-4.3.9-3.8.i386.rpm 207cd0c9311cf50db0360f31821cf019 x86_64: php-4.3.9-3.8.x86_64.rpm 745cfb9496358bde45c201dcd0fe4c90 php-devel-4.3.9-3.8.x86_64.rpm 4aa30d7eda48f1c8cdc6ce5afcf966df php-domxml-4.3.9-3.8.x86_64.rpm 319c16cb8d5c49eb22ac35c96c4ca88f php-gd-4.3.9-3.8.x86_64.rpm b6da99b5bd00ccd411a880bfd41eaffe php-imap-4.3.9-3.8.x86_64.rpm 95597dc53ed20dd035f868d3df3381b3 php-ldap-4.3.9-3.8.x86_64.rpm 7542e656c771567c10b01d414e1ad608 php-mbstring-4.3.9-3.8.x86_64.rpm 48884af41341ffaaa417298c9bee56b3 php-mysql-4.3.9-3.8.x86_64.rpm 890e6b5bc9cf6df4d583a3826b68c83a php-ncurses-4.3.9-3.8.x86_64.rpm 2e441ee60fb1abd2797c713de8510326 php-odbc-4.3.9-3.8.x86_64.rpm cc2986371ebc3600f1facd5738eef5ca php-pear-4.3.9-3.8.x86_64.rpm 10d45ce3202aefec649a89a417b51cda php-pgsql-4.3.9-3.8.x86_64.rpm ef1c012749995b02d39cfe617b55ca7d php-snmp-4.3.9-3.8.x86_64.rpm 4bdfd3d0d24ecee14d5635e55a833ca1 php-xmlrpc-4.3.9-3.8.x86_64.rpm 9ba9283f2dc4a2b86c48eb835e54e88f Red Hat Enterprise Linux AS (v. 3) SRPMS: php-4.3.2-25.ent.src.rpm 04d580976153ca074a872fc0f4e46b0c IA-32: php-4.3.2-25.ent.i386.rpm fed51b67a5d48a8522bc8d8148a2bfee php-devel-4.3.2-25.ent.i386.rpm 15cd9ab7e1ef1c95c6ecd8e1f8cbae46 php-imap-4.3.2-25.ent.i386.rpm 6163adee50194e74e37fa24c17e5bfa8 php-ldap-4.3.2-25.ent.i386.rpm 7c5d52e3aed50297dbd5d5a75f94ba41 php-mysql-4.3.2-25.ent.i386.rpm aaa8a6a7d4b023c04073b7cae2bf58f6 php-odbc-4.3.2-25.ent.i386.rpm 1e7de237085d4f881c41de6a98b51157 php-pgsql-4.3.2-25.ent.i386.rpm c044ec476bf4d3b45892da90d62a3f1a IA-64: php-4.3.2-25.ent.ia64.rpm 9a4dbeb30cc5405a7a48e1bc02f363ea php-devel-4.3.2-25.ent.ia64.rpm 853345e24ec67719dc509a8efac7fc1f php-imap-4.3.2-25.ent.ia64.rpm 55611e3eb2ad4386eaf9f2aeefbae207 php-ldap-4.3.2-25.ent.ia64.rpm 0b5e1dfb9ff9299cd0b9d27bfdba8c09 php-mysql-4.3.2-25.ent.ia64.rpm f734685a65e4224edc92cc64ac5e995e php-odbc-4.3.2-25.ent.ia64.rpm 21c6e481bcece62c684f5cc7dcddb8f9 php-pgsql-4.3.2-25.ent.ia64.rpm d1cad3dac8d7f922990853ff48478f97 PPC: php-4.3.2-25.ent.ppc.rpm 7eca26595c589909d14f1304ba2ee375 php-devel-4.3.2-25.ent.ppc.rpm 580e11d514426001888b1330cb1e1cce php-imap-4.3.2-25.ent.ppc.rpm 8bd6ff8a589e48582b1ad2ab3d0b3d55 php-ldap-4.3.2-25.ent.ppc.rpm 447160dea22d85fd27e7a58fcf3958b9 php-mysql-4.3.2-25.ent.ppc.rpm c3690c46988ded0628a05b970efbbe74 php-odbc-4.3.2-25.ent.ppc.rpm 1c993e2d91f8885b747fada9911d43f2 php-pgsql-4.3.2-25.ent.ppc.rpm 9d90e82de707dda53eaab3ce775da349 s390: php-4.3.2-25.ent.s390.rpm a5689c1761a08e33c0c28e0aec878d69 php-devel-4.3.2-25.ent.s390.rpm a8762e56d83756f462b13f5d5a2303e7 php-imap-4.3.2-25.ent.s390.rpm 546936bc35e28275086aa5461e7fe8fe php-ldap-4.3.2-25.ent.s390.rpm 4b7239fe911530391679eb68e5348ceb php-mysql-4.3.2-25.ent.s390.rpm e6e9819c2421ac68fb27a33de1a9ea4a php-odbc-4.3.2-25.ent.s390.rpm c06f394b3c9410342623ef004658d923 php-pgsql-4.3.2-25.ent.s390.rpm a49b311fd89c0c92d85e87ba064d24cb s390x: php-4.3.2-25.ent.s390x.rpm f249944850b28f3c11318e8c19d1ace9 php-devel-4.3.2-25.ent.s390x.rpm 60f7b03fe3e933319a24b0670a56b1bc php-imap-4.3.2-25.ent.s390x.rpm c7036910984bd31a3d60c51427e39747 php-ldap-4.3.2-25.ent.s390x.rpm 6dad978fbd65a0b008401d8a0e421f7d php-mysql-4.3.2-25.ent.s390x.rpm 930d2e0c4aa0d09c2756a3e6760e00d3 php-odbc-4.3.2-25.ent.s390x.rpm 5f231e51c0de5c41419d49723ad3e46f php-pgsql-4.3.2-25.ent.s390x.rpm b3750b470d85481353c41428b83277d2 x86_64: php-4.3.2-25.ent.x86_64.rpm b7de30bf4d9789c9e74a7a47a2450591 php-devel-4.3.2-25.ent.x86_64.rpm e4bfa968ea149b4438ec2c5acf0b7241 php-imap-4.3.2-25.ent.x86_64.rpm 7c5e7a65cb3cad8a0a8c5fb404e96448 php-ldap-4.3.2-25.ent.x86_64.rpm 89180e6c640883a91a646891e394b57f php-mysql-4.3.2-25.ent.x86_64.rpm f3b6592a91c9dda2e96c8b7f737fb595 php-odbc-4.3.2-25.ent.x86_64.rpm 2aa2463b9ddd90200ecce28cf9509d0a php-pgsql-4.3.2-25.ent.x86_64.rpm 2ad89b967736ac5cb3916216cc448cd6 Red Hat Enterprise Linux AS (v. 4) SRPMS: php-4.3.9-3.8.src.rpm c42be2ce45b0347e36124fe7a4fb5924 IA-32: php-4.3.9-3.8.i386.rpm 26900c293a14aec11b98f5470c339275 php-devel-4.3.9-3.8.i386.rpm f6327a1bcee45695f1615a48f4dd3608 php-domxml-4.3.9-3.8.i386.rpm 5fb7b2579224bddee01be068ea34d64f php-gd-4.3.9-3.8.i386.rpm fe7ed9022e75667cf57d7e8863b5e05b php-imap-4.3.9-3.8.i386.rpm a3cbdfcbf5f2dbba9f60ff6d61ac58c8 php-ldap-4.3.9-3.8.i386.rpm 167a9f3d83dd454a6abbb3132ccbff53 php-mbstring-4.3.9-3.8.i386.rpm 01c11bd52d1d51d1f6550a9464c76fd5 php-mysql-4.3.9-3.8.i386.rpm 991eb09293d6100356d4bc3f3c54976d php-ncurses-4.3.9-3.8.i386.rpm 207176609633419e6b3964adc5bfd620 php-odbc-4.3.9-3.8.i386.rpm 875a5d7dd417e01453c9d66a45a06e8e php-pear-4.3.9-3.8.i386.rpm b1c9a565e056e223c6f00e13bac9df68 php-pgsql-4.3.9-3.8.i386.rpm dd7a8b3ba60dc7a720f1d48c5471a6b3 php-snmp-4.3.9-3.8.i386.rpm 1db2702320f71c20c7ecfebaec1277b5 php-xmlrpc-4.3.9-3.8.i386.rpm 207cd0c9311cf50db0360f31821cf019 IA-64: php-4.3.9-3.8.ia64.rpm 31fb5e5a7900f6d18f92c09f5b53af90 php-devel-4.3.9-3.8.ia64.rpm 13f62dcaeb16dc91b4443c9d4e523b84 php-domxml-4.3.9-3.8.ia64.rpm 6756575f3575d16a6f43a07be9909779 php-gd-4.3.9-3.8.ia64.rpm 950bb064c3c71440f7f90c07ae84889e php-imap-4.3.9-3.8.ia64.rpm e720736aa9bbe451e325ed700b84a9a0 php-ldap-4.3.9-3.8.ia64.rpm dfb52afcdceddfeb9ae1e688add1eb8d php-mbstring-4.3.9-3.8.ia64.rpm ea84d79e2c9f9b5f52238bf5b01fdaf3 php-mysql-4.3.9-3.8.ia64.rpm 0df8783bc4adb9c3a74f59da40744d41 php-ncurses-4.3.9-3.8.ia64.rpm 0a36c7e443e76c389814bb284fbf5ded php-odbc-4.3.9-3.8.ia64.rpm 181dda661bd4150366ec8fc5e1315b49 php-pear-4.3.9-3.8.ia64.rpm 0020e01ff72c0c0f999f962d0bae513b php-pgsql-4.3.9-3.8.ia64.rpm b45d0b44eb5b343d3a4cd600b5754611 php-snmp-4.3.9-3.8.ia64.rpm d6d4ccc44ee12736ee65780ddaffdae5 php-xmlrpc-4.3.9-3.8.ia64.rpm b71a96ce00186e024fb0ead2a8f4e100 PPC: php-4.3.9-3.8.ppc.rpm bd34db8f23114905bcc56376ce1fd0b7 php-devel-4.3.9-3.8.ppc.rpm fa58e7518f05706a98b35745c1d4b913 php-domxml-4.3.9-3.8.ppc.rpm 48ce6b37b6ad12be24d4f84e9e67452b php-gd-4.3.9-3.8.ppc.rpm 5b066afed81a791aace7cdcbb6a90947 php-imap-4.3.9-3.8.ppc.rpm fd84f47ef66dc4ff55464eae3df2efc4 php-ldap-4.3.9-3.8.ppc.rpm b48ca33c593124d6c8c59008041b79cb php-mbstring-4.3.9-3.8.ppc.rpm 82e4b5e99580c7d308b4ecea56df6738 php-mysql-4.3.9-3.8.ppc.rpm 552a51dbe98d0f4ae22228ae1f13e19a php-ncurses-4.3.9-3.8.ppc.rpm 550ebfa0b4d3d9684d2523b50603f881 php-odbc-4.3.9-3.8.ppc.rpm 1196dc21d9ee440787f679876ed440b2 php-pear-4.3.9-3.8.ppc.rpm ba14e117c2754801a06870022468d207 php-pgsql-4.3.9-3.8.ppc.rpm 2183466fbf6bc9fcf5b5e7725fc5cb5a php-snmp-4.3.9-3.8.ppc.rpm dbab2c19b448606ac1ef87af64c8dd35 php-xmlrpc-4.3.9-3.8.ppc.rpm 77dac822b135a91c931390e365a3a3c0 s390: php-4.3.9-3.8.s390.rpm d180410bf180e90c8a40be0fdc80ff29 php-devel-4.3.9-3.8.s390.rpm cfb3f3e2546aa13a9623a6012a08995e php-domxml-4.3.9-3.8.s390.rpm 71abbaefd50c44f73f0df6881fe69e5e php-gd-4.3.9-3.8.s390.rpm 37fc36bd054c106e5303873c326401ef php-imap-4.3.9-3.8.s390.rpm 1c630c18aff48f8219c9e0f4f096df3c php-ldap-4.3.9-3.8.s390.rpm 1c8bf3ba6fce68d3983a0ac3565f6023 php-mbstring-4.3.9-3.8.s390.rpm cc5051676df9580ed8a861aad3c8c8d8 php-mysql-4.3.9-3.8.s390.rpm b7314f018786de79b4399646b54b5403 php-ncurses-4.3.9-3.8.s390.rpm 387f8205ec3cb69519d5d4de63446c90 php-odbc-4.3.9-3.8.s390.rpm e0ac0c167353567c5cca3b036f343064 php-pear-4.3.9-3.8.s390.rpm 90a71adefa907cb35419d4cf923868e0 php-pgsql-4.3.9-3.8.s390.rpm d35ddfb3cd210c006f3d1df6d5d61c02 php-snmp-4.3.9-3.8.s390.rpm 01757c42045de567d808402c7d8f737c php-xmlrpc-4.3.9-3.8.s390.rpm c94551d25c1934782cdd7ed662ab1fea s390x: php-4.3.9-3.8.s390x.rpm 61f9ac19c4ba7716404b48de56373521 php-devel-4.3.9-3.8.s390x.rpm deb89d9fb54a82fb915ca021a54e2e68 php-domxml-4.3.9-3.8.s390x.rpm a28bbddd28f97d0da1580df4d374d447 php-gd-4.3.9-3.8.s390x.rpm fc4bc891dfb91e5082c4cbb0dda02314 php-imap-4.3.9-3.8.s390x.rpm 887c4678d7966f6035e90737fda4afd1 php-ldap-4.3.9-3.8.s390x.rpm 003e92e07d789c19d902f8301b628178 php-mbstring-4.3.9-3.8.s390x.rpm fd0ee023262407e6e1cd629e74217e63 php-mysql-4.3.9-3.8.s390x.rpm 9859ebd83766c0a6c7b1d9d6177c410a php-ncurses-4.3.9-3.8.s390x.rpm bdcd50dafb2b4ca148072ee1695fd1bb php-odbc-4.3.9-3.8.s390x.rpm fba112c1ea14563d92343c2f2bb86d14 php-pear-4.3.9-3.8.s390x.rpm c1279024b71f8bbaac74a3950447699d php-pgsql-4.3.9-3.8.s390x.rpm fc44cb66d82b6d8c81caa37eb2cb1ea5 php-snmp-4.3.9-3.8.s390x.rpm d5ed53874ff1be6a2d84d8cd1a14876a php-xmlrpc-4.3.9-3.8.s390x.rpm 25f1527864ffeee21dc3f665c5576f2e x86_64: php-4.3.9-3.8.x86_64.rpm 745cfb9496358bde45c201dcd0fe4c90 php-devel-4.3.9-3.8.x86_64.rpm 4aa30d7eda48f1c8cdc6ce5afcf966df php-domxml-4.3.9-3.8.x86_64.rpm 319c16cb8d5c49eb22ac35c96c4ca88f php-gd-4.3.9-3.8.x86_64.rpm b6da99b5bd00ccd411a880bfd41eaffe php-imap-4.3.9-3.8.x86_64.rpm 95597dc53ed20dd035f868d3df3381b3 php-ldap-4.3.9-3.8.x86_64.rpm 7542e656c771567c10b01d414e1ad608 php-mbstring-4.3.9-3.8.x86_64.rpm 48884af41341ffaaa417298c9bee56b3 php-mysql-4.3.9-3.8.x86_64.rpm 890e6b5bc9cf6df4d583a3826b68c83a php-ncurses-4.3.9-3.8.x86_64.rpm 2e441ee60fb1abd2797c713de8510326 php-odbc-4.3.9-3.8.x86_64.rpm cc2986371ebc3600f1facd5738eef5ca php-pear-4.3.9-3.8.x86_64.rpm 10d45ce3202aefec649a89a417b51cda php-pgsql-4.3.9-3.8.x86_64.rpm ef1c012749995b02d39cfe617b55ca7d php-snmp-4.3.9-3.8.x86_64.rpm 4bdfd3d0d24ecee14d5635e55a833ca1 php-xmlrpc-4.3.9-3.8.x86_64.rpm 9ba9283f2dc4a2b86c48eb835e54e88f Red Hat Enterprise Linux ES (v. 3) SRPMS: php-4.3.2-25.ent.src.rpm 04d580976153ca074a872fc0f4e46b0c IA-32: php-4.3.2-25.ent.i386.rpm fed51b67a5d48a8522bc8d8148a2bfee php-devel-4.3.2-25.ent.i386.rpm 15cd9ab7e1ef1c95c6ecd8e1f8cbae46 php-imap-4.3.2-25.ent.i386.rpm 6163adee50194e74e37fa24c17e5bfa8 php-ldap-4.3.2-25.ent.i386.rpm 7c5d52e3aed50297dbd5d5a75f94ba41 php-mysql-4.3.2-25.ent.i386.rpm aaa8a6a7d4b023c04073b7cae2bf58f6 php-odbc-4.3.2-25.ent.i386.rpm 1e7de237085d4f881c41de6a98b51157 php-pgsql-4.3.2-25.ent.i386.rpm c044ec476bf4d3b45892da90d62a3f1a IA-64: php-4.3.2-25.ent.ia64.rpm 9a4dbeb30cc5405a7a48e1bc02f363ea php-devel-4.3.2-25.ent.ia64.rpm 853345e24ec67719dc509a8efac7fc1f php-imap-4.3.2-25.ent.ia64.rpm 55611e3eb2ad4386eaf9f2aeefbae207 php-ldap-4.3.2-25.ent.ia64.rpm 0b5e1dfb9ff9299cd0b9d27bfdba8c09 php-mysql-4.3.2-25.ent.ia64.rpm f734685a65e4224edc92cc64ac5e995e php-odbc-4.3.2-25.ent.ia64.rpm 21c6e481bcece62c684f5cc7dcddb8f9 php-pgsql-4.3.2-25.ent.ia64.rpm d1cad3dac8d7f922990853ff48478f97 x86_64: php-4.3.2-25.ent.x86_64.rpm b7de30bf4d9789c9e74a7a47a2450591 php-devel-4.3.2-25.ent.x86_64.rpm e4bfa968ea149b4438ec2c5acf0b7241 php-imap-4.3.2-25.ent.x86_64.rpm 7c5e7a65cb3cad8a0a8c5fb404e96448 php-ldap-4.3.2-25.ent.x86_64.rpm 89180e6c640883a91a646891e394b57f php-mysql-4.3.2-25.ent.x86_64.rpm f3b6592a91c9dda2e96c8b7f737fb595 php-odbc-4.3.2-25.ent.x86_64.rpm 2aa2463b9ddd90200ecce28cf9509d0a php-pgsql-4.3.2-25.ent.x86_64.rpm 2ad89b967736ac5cb3916216cc448cd6 Red Hat Enterprise Linux ES (v. 4) SRPMS: php-4.3.9-3.8.src.rpm c42be2ce45b0347e36124fe7a4fb5924 IA-32: php-4.3.9-3.8.i386.rpm 26900c293a14aec11b98f5470c339275 php-devel-4.3.9-3.8.i386.rpm f6327a1bcee45695f1615a48f4dd3608 php-domxml-4.3.9-3.8.i386.rpm 5fb7b2579224bddee01be068ea34d64f php-gd-4.3.9-3.8.i386.rpm fe7ed9022e75667cf57d7e8863b5e05b php-imap-4.3.9-3.8.i386.rpm a3cbdfcbf5f2dbba9f60ff6d61ac58c8 php-ldap-4.3.9-3.8.i386.rpm 167a9f3d83dd454a6abbb3132ccbff53 php-mbstring-4.3.9-3.8.i386.rpm 01c11bd52d1d51d1f6550a9464c76fd5 php-mysql-4.3.9-3.8.i386.rpm 991eb09293d6100356d4bc3f3c54976d php-ncurses-4.3.9-3.8.i386.rpm 207176609633419e6b3964adc5bfd620 php-odbc-4.3.9-3.8.i386.rpm 875a5d7dd417e01453c9d66a45a06e8e php-pear-4.3.9-3.8.i386.rpm b1c9a565e056e223c6f00e13bac9df68 php-pgsql-4.3.9-3.8.i386.rpm dd7a8b3ba60dc7a720f1d48c5471a6b3 php-snmp-4.3.9-3.8.i386.rpm 1db2702320f71c20c7ecfebaec1277b5 php-xmlrpc-4.3.9-3.8.i386.rpm 207cd0c9311cf50db0360f31821cf019 IA-64: php-4.3.9-3.8.ia64.rpm 31fb5e5a7900f6d18f92c09f5b53af90 php-devel-4.3.9-3.8.ia64.rpm 13f62dcaeb16dc91b4443c9d4e523b84 php-domxml-4.3.9-3.8.ia64.rpm 6756575f3575d16a6f43a07be9909779 php-gd-4.3.9-3.8.ia64.rpm 950bb064c3c71440f7f90c07ae84889e php-imap-4.3.9-3.8.ia64.rpm e720736aa9bbe451e325ed700b84a9a0 php-ldap-4.3.9-3.8.ia64.rpm dfb52afcdceddfeb9ae1e688add1eb8d php-mbstring-4.3.9-3.8.ia64.rpm ea84d79e2c9f9b5f52238bf5b01fdaf3 php-mysql-4.3.9-3.8.ia64.rpm 0df8783bc4adb9c3a74f59da40744d41 php-ncurses-4.3.9-3.8.ia64.rpm 0a36c7e443e76c389814bb284fbf5ded php-odbc-4.3.9-3.8.ia64.rpm 181dda661bd4150366ec8fc5e1315b49 php-pear-4.3.9-3.8.ia64.rpm 0020e01ff72c0c0f999f962d0bae513b php-pgsql-4.3.9-3.8.ia64.rpm b45d0b44eb5b343d3a4cd600b5754611 php-snmp-4.3.9-3.8.ia64.rpm d6d4ccc44ee12736ee65780ddaffdae5 php-xmlrpc-4.3.9-3.8.ia64.rpm b71a96ce00186e024fb0ead2a8f4e100 x86_64: php-4.3.9-3.8.x86_64.rpm 745cfb9496358bde45c201dcd0fe4c90 php-devel-4.3.9-3.8.x86_64.rpm 4aa30d7eda48f1c8cdc6ce5afcf966df php-domxml-4.3.9-3.8.x86_64.rpm 319c16cb8d5c49eb22ac35c96c4ca88f php-gd-4.3.9-3.8.x86_64.rpm b6da99b5bd00ccd411a880bfd41eaffe php-imap-4.3.9-3.8.x86_64.rpm 95597dc53ed20dd035f868d3df3381b3 php-ldap-4.3.9-3.8.x86_64.rpm 7542e656c771567c10b01d414e1ad608 php-mbstring-4.3.9-3.8.x86_64.rpm 48884af41341ffaaa417298c9bee56b3 php-mysql-4.3.9-3.8.x86_64.rpm 890e6b5bc9cf6df4d583a3826b68c83a php-ncurses-4.3.9-3.8.x86_64.rpm 2e441ee60fb1abd2797c713de8510326 php-odbc-4.3.9-3.8.x86_64.rpm cc2986371ebc3600f1facd5738eef5ca php-pear-4.3.9-3.8.x86_64.rpm 10d45ce3202aefec649a89a417b51cda php-pgsql-4.3.9-3.8.x86_64.rpm ef1c012749995b02d39cfe617b55ca7d php-snmp-4.3.9-3.8.x86_64.rpm 4bdfd3d0d24ecee14d5635e55a833ca1 php-xmlrpc-4.3.9-3.8.x86_64.rpm 9ba9283f2dc4a2b86c48eb835e54e88f Red Hat Enterprise Linux WS (v. 3) SRPMS: php-4.3.2-25.ent.src.rpm 04d580976153ca074a872fc0f4e46b0c IA-32: php-4.3.2-25.ent.i386.rpm fed51b67a5d48a8522bc8d8148a2bfee php-devel-4.3.2-25.ent.i386.rpm 15cd9ab7e1ef1c95c6ecd8e1f8cbae46 php-imap-4.3.2-25.ent.i386.rpm 6163adee50194e74e37fa24c17e5bfa8 php-ldap-4.3.2-25.ent.i386.rpm 7c5d52e3aed50297dbd5d5a75f94ba41 php-mysql-4.3.2-25.ent.i386.rpm aaa8a6a7d4b023c04073b7cae2bf58f6 php-odbc-4.3.2-25.ent.i386.rpm 1e7de237085d4f881c41de6a98b51157 php-pgsql-4.3.2-25.ent.i386.rpm c044ec476bf4d3b45892da90d62a3f1a IA-64: php-4.3.2-25.ent.ia64.rpm 9a4dbeb30cc5405a7a48e1bc02f363ea php-devel-4.3.2-25.ent.ia64.rpm 853345e24ec67719dc509a8efac7fc1f php-imap-4.3.2-25.ent.ia64.rpm 55611e3eb2ad4386eaf9f2aeefbae207 php-ldap-4.3.2-25.ent.ia64.rpm 0b5e1dfb9ff9299cd0b9d27bfdba8c09 php-mysql-4.3.2-25.ent.ia64.rpm f734685a65e4224edc92cc64ac5e995e php-odbc-4.3.2-25.ent.ia64.rpm 21c6e481bcece62c684f5cc7dcddb8f9 php-pgsql-4.3.2-25.ent.ia64.rpm d1cad3dac8d7f922990853ff48478f97 x86_64: php-4.3.2-25.ent.x86_64.rpm b7de30bf4d9789c9e74a7a47a2450591 php-devel-4.3.2-25.ent.x86_64.rpm e4bfa968ea149b4438ec2c5acf0b7241 php-imap-4.3.2-25.ent.x86_64.rpm 7c5e7a65cb3cad8a0a8c5fb404e96448 php-ldap-4.3.2-25.ent.x86_64.rpm 89180e6c640883a91a646891e394b57f php-mysql-4.3.2-25.ent.x86_64.rpm f3b6592a91c9dda2e96c8b7f737fb595 php-odbc-4.3.2-25.ent.x86_64.rpm 2aa2463b9ddd90200ecce28cf9509d0a php-pgsql-4.3.2-25.ent.x86_64.rpm 2ad89b967736ac5cb3916216cc448cd6 Red Hat Enterprise Linux WS (v. 4) SRPMS: php-4.3.9-3.8.src.rpm c42be2ce45b0347e36124fe7a4fb5924 IA-32: php-4.3.9-3.8.i386.rpm 26900c293a14aec11b98f5470c339275 php-devel-4.3.9-3.8.i386.rpm f6327a1bcee45695f1615a48f4dd3608 php-domxml-4.3.9-3.8.i386.rpm 5fb7b2579224bddee01be068ea34d64f php-gd-4.3.9-3.8.i386.rpm fe7ed9022e75667cf57d7e8863b5e05b php-imap-4.3.9-3.8.i386.rpm a3cbdfcbf5f2dbba9f60ff6d61ac58c8 php-ldap-4.3.9-3.8.i386.rpm 167a9f3d83dd454a6abbb3132ccbff53 php-mbstring-4.3.9-3.8.i386.rpm 01c11bd52d1d51d1f6550a9464c76fd5 php-mysql-4.3.9-3.8.i386.rpm 991eb09293d6100356d4bc3f3c54976d php-ncurses-4.3.9-3.8.i386.rpm 207176609633419e6b3964adc5bfd620 php-odbc-4.3.9-3.8.i386.rpm 875a5d7dd417e01453c9d66a45a06e8e php-pear-4.3.9-3.8.i386.rpm b1c9a565e056e223c6f00e13bac9df68 php-pgsql-4.3.9-3.8.i386.rpm dd7a8b3ba60dc7a720f1d48c5471a6b3 php-snmp-4.3.9-3.8.i386.rpm 1db2702320f71c20c7ecfebaec1277b5 php-xmlrpc-4.3.9-3.8.i386.rpm 207cd0c9311cf50db0360f31821cf019 IA-64: php-4.3.9-3.8.ia64.rpm 31fb5e5a7900f6d18f92c09f5b53af90 php-devel-4.3.9-3.8.ia64.rpm 13f62dcaeb16dc91b4443c9d4e523b84 php-domxml-4.3.9-3.8.ia64.rpm 6756575f3575d16a6f43a07be9909779 php-gd-4.3.9-3.8.ia64.rpm 950bb064c3c71440f7f90c07ae84889e php-imap-4.3.9-3.8.ia64.rpm e720736aa9bbe451e325ed700b84a9a0 php-ldap-4.3.9-3.8.ia64.rpm dfb52afcdceddfeb9ae1e688add1eb8d php-mbstring-4.3.9-3.8.ia64.rpm ea84d79e2c9f9b5f52238bf5b01fdaf3 php-mysql-4.3.9-3.8.ia64.rpm 0df8783bc4adb9c3a74f59da40744d41 php-ncurses-4.3.9-3.8.ia64.rpm 0a36c7e443e76c389814bb284fbf5ded php-odbc-4.3.9-3.8.ia64.rpm 181dda661bd4150366ec8fc5e1315b49 php-pear-4.3.9-3.8.ia64.rpm 0020e01ff72c0c0f999f962d0bae513b php-pgsql-4.3.9-3.8.ia64.rpm b45d0b44eb5b343d3a4cd600b5754611 php-snmp-4.3.9-3.8.ia64.rpm d6d4ccc44ee12736ee65780ddaffdae5 php-xmlrpc-4.3.9-3.8.ia64.rpm b71a96ce00186e024fb0ead2a8f4e100 x86_64: php-4.3.9-3.8.x86_64.rpm 745cfb9496358bde45c201dcd0fe4c90 php-devel-4.3.9-3.8.x86_64.rpm 4aa30d7eda48f1c8cdc6ce5afcf966df php-domxml-4.3.9-3.8.x86_64.rpm 319c16cb8d5c49eb22ac35c96c4ca88f php-gd-4.3.9-3.8.x86_64.rpm b6da99b5bd00ccd411a880bfd41eaffe php-imap-4.3.9-3.8.x86_64.rpm 95597dc53ed20dd035f868d3df3381b3 php-ldap-4.3.9-3.8.x86_64.rpm 7542e656c771567c10b01d414e1ad608 php-mbstring-4.3.9-3.8.x86_64.rpm 48884af41341ffaaa417298c9bee56b3 php-mysql-4.3.9-3.8.x86_64.rpm 890e6b5bc9cf6df4d583a3826b68c83a php-ncurses-4.3.9-3.8.x86_64.rpm 2e441ee60fb1abd2797c713de8510326 php-odbc-4.3.9-3.8.x86_64.rpm cc2986371ebc3600f1facd5738eef5ca php-pear-4.3.9-3.8.x86_64.rpm 10d45ce3202aefec649a89a417b51cda php-pgsql-4.3.9-3.8.x86_64.rpm ef1c012749995b02d39cfe617b55ca7d php-snmp-4.3.9-3.8.x86_64.rpm 4bdfd3d0d24ecee14d5635e55a833ca1 php-xmlrpc-4.3.9-3.8.x86_64.rpm 9ba9283f2dc4a2b86c48eb835e54e88f (The unlinked packages above are only available from the Red Hat Network) Bugs fixed (see bugzilla for more information) 165846 - CAN-2005-2498 PHP PEAR:XMLRPC eval code injection References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2498 These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from: https://www.redhat.com/security/team/key/#package The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/ [***** End Red Hat Security Advisory RHSA-2005:748-05 *****] _______________________________________________________________________________ CIAC wishes to acknowledge the contributions of Red Hat for the information contained in this bulletin. _______________________________________________________________________________ CIAC, the Computer Incident Advisory Capability, is the computer security incident response team for the U.S. Department of Energy (DOE) and the emergency backup response team for the National Institutes of Health (NIH). CIAC is located at the Lawrence Livermore National Laboratory in Livermore, California. CIAC is also a founding member of FIRST, the Forum of Incident Response and Security Teams, a global organization established to foster cooperation and coordination among computer security teams worldwide. CIAC services are available to DOE, DOE contractors, and the NIH. CIAC can be contacted at: Voice: +1 925-422-8193 (7x24) FAX: +1 925-423-8002 STU-III: +1 925-423-2604 E-mail: ciac@ciac.org Previous CIAC notices, anti-virus software, and other information are available from the CIAC Computer Security Archive. World Wide Web: http://www.ciac.org/ Anonymous FTP: ftp.ciac.org PLEASE NOTE: Many users outside of the DOE, ESnet, and NIH computing communities receive CIAC bulletins. If you are not part of these communities, please contact your agency's response team to report incidents. Your agency's team will coordinate with CIAC. The Forum of Incident Response and Security Teams (FIRST) is a world-wide organization. A list of FIRST member organizations and their constituencies can be obtained via WWW at http://www.first.org/. This document was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor the University of California nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the United States Government or the University of California. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or the University of California, and shall not be used for advertising or product endorsement purposes. LAST 10 CIAC BULLETINS ISSUED (Previous bulletins available from CIAC) P-272: Security Vulnerabilities in HP Tru64 UNIX IPSEC Tunnel ESP Mode P-273: Updated Solaris 8 Patches for Apache Security Vulnerabilities P-274: Spoofing vulnerability in arrayd authentication P-275: Adobe Acrobat and Reader Plug-in Buffer Overflow P-276: Apple Security Update 2005-007 P-277: HP-UX Ignite-UX Remote Unauthorized Access P-278: clamav -- integer overflows P-279: Cisco Clean Access Vulnerability P-280: Security Vulnerability in The "printd" Daemon P-281: Security Vulnerabilities in the Sun StorEdge Enterprise Backup Software