| VID |
22270 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Web server is running a version of PHP 4.3 which is older or equal to 4.3.7.
PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. PHP 4.3.x up to 4.3.7, and 5.x up to 5.0.0RC3 contain two vulnerabilities as follows:
1. It could allow a remote attacker to inject arbitrary script tags in Microsoft Internet Explorer and Safari Web browsers, caused by improper handling of HTML tags within the strip_tag function. An attacker could exploit this vulnerability to launch further attacks against a vulnerable system, such as cross-site scripting attacks.
2. Under certain conditions such as when register_globals is enabled, it could allow a remote attacker to execute arbitrary code on the server. If memory_limit support is enabled, a remote attacker could send a specially-crafted request to invoke the memory_limit request termination where there is an unsafe interruption to execute arbitrary code on the PHP server.
* References:
http://lists.netsys.com/pipermail/full-disclosure/2004-July/023908.html
http://security.e-matters.de/advisories/122004.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0576.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0577.html
http://www.osvdb.org/displayvuln.php?osvdb_id=7870
http://www.osvdb.org/displayvuln.php?osvdb_id=7871
* Platforms Affected:
Microsoft Internet Explorer
Safari Web browser
PHP 4.3.7 and earlier
PHP5 5.0.0RC3 and earlier
Microsoft Windows Any version
Unix Any version
Linux Any version |
| Recommendation |
For PHP4:
Upgrade to the latest version of PHP4 (4.3.8 or later), available from the PHP Web site at http://www.php.net
For PHP5:
Upgrade to the latest version of PHP5 (5.0.0 dated 13-Jul-2004 or later), available from the PHP Web site at http://www.php.net
For Mandrake Linux:
Upgrade to the latest php package, as listed in MandrakeSoft Security Advisory MDKSA-2004:068 at http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068
For Gentoo Linux:
Upgrade to the latest version of php (4.3.8 or later), as listed in Gentoo Linux Security Advisory GLSA 200407-13 at http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml
For other distributions:
Contact your vendor for upgrade or patch information. |
| Related URL |
CVE-2004-0594,CVE-2004-0595 (CVE) |
| Related URL |
10724,10725 (SecurityFocus) |
| Related URL |
16693,16692 (ISS) |
|
