ISS X-Force Database: php-extcurl-extgd-bypass-security(22922): PHP ext/curl and ext/gd bypass security

PHP ext/curl and ext/gd bypass security

php-extcurl-extgd-bypass-security (22922)

Medium Risk

Description:

PHP could allow a remote attacker to bypass security. A remote attacker could exploit a vulnerability in ext/curl and ext/gd to bypass safe_mode and open_basedir protection.

Consequences:

Bypass Security

Remedy:

For PHP4:
Upgrade to the latest version of PHP (4.4.7 or later), available from the PHP Web site. See References.

For PHP5:
Upgrade to the latest version of PHP (5.2.3 or later), available from the PHP Web site. See References.

For Gentoo Linux:
Refer to Gentoo Linux Security Announcement GLSA 2005-11-08 for patch, upgrade, or suggested workaround information. See References.

For Ubuntu Linux:
Refer to USN-232-1 for patch, upgrade, or suggested workaround information. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

References:

Apple About Security Update 2006-001: About Security Update 2006-001.
PHP Web site: PHP.
BID-15411: PHP cURL and GD Multiple Safe_Mode and Open_Basedir Restriction Bypass Vulnerabilities
BID-15413: PHP Apache 2 Virtual() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability
BID-16907: Apple Mac OS X Security Update 2006-001 Multiple Vulnerabilities
CVE-2005-3391: Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to bypass safe_mode and open_basedir restrictions via unknown attack vectors in (1) ext/curl and (2) ext/gd.
CVE-2005-3392: Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives.
GLSA-200511-08: PHP: Multiple vulnerabilities
MDKSA-2006:035: Updated php packages fix vulnerability
MDKSA-2006:035-1: Updated php packages fix vulnerability
OpenPKG-SA-2005.027: PHP
OSVDB ID: 20897: PHP w/ Apache 2 virtual() Function Unspecified Restriction Bypass
OSVDB ID: 20898: PHP Unspecified curl / gd Restriction Bypass
SA17371: PHP Multiple Vulnerabilities
SA19064: Mac OS X Security Update Fixes Multiple Vulnerabilities
SA22691: HP System Management Homepage PHP Multiple Vulnerabilities
SUSE-SA:2005:069: php4php5: various security problems

Platforms Affected:

Apple Mac OS X 10.3.9
Apple Mac OS X 10.4.5
Apple Mac OS X Server 10.3.9
Apple Mac OS X Server 10.4.5
Canonical Ubuntu 4.10
Canonical Ubuntu 5.04
Canonical Ubuntu 5.10
Gentoo Linux
MandrakeSoft Mandrake Linux 10.1
MandrakeSoft Mandrake Linux 10.1 X86_64
MandrakeSoft Mandrake Linux LE2005
MandrakeSoft Mandrake Linux LE2005 X86_64
MandrakeSoft Mandrake Linux Corporate Server 3.0 X86_64
MandrakeSoft Mandrake Linux Corporate Server 3.0
MandrakeSoft Mandrake Multi Network Firewall 2.0
Novell UnitedLinux 1.0
OpenPKG OpenPKG 2.3
OpenPKG OpenPKG 2.4
OpenPKG OpenPKG 2.5
OpenPKG OpenPKG CURRENT
PHP PHP 4.0 RC1
PHP PHP 4.0 Beta4
PHP PHP 4.0 Beta3
PHP PHP 4.0 Beta2
PHP PHP 4.0 Beta1
PHP PHP 4.0 Beta 4 Patch1
PHP PHP 4.0 RC2
PHP PHP 4.0.0
PHP PHP 4.0.1
PHP PHP 4.0.2
PHP PHP 4.0.3
PHP PHP 4.0.4
PHP PHP 4.0.5
PHP PHP 4.0.6
PHP PHP 4.0.7
PHP PHP 4.1.0
PHP PHP 4.1.1
PHP PHP 4.1.2
PHP PHP 4.1.3
PHP PHP 4.2.0
PHP PHP 4.2.1
PHP PHP 4.2.2
PHP PHP 4.2.3
PHP PHP 4.2.4
PHP PHP 4.3.0
PHP PHP 4.3.1
PHP PHP 4.3.10
PHP PHP 4.3.11
PHP PHP 4.3.2
PHP PHP 4.3.3
PHP PHP 4.3.4
PHP PHP 4.3.5
PHP PHP 4.3.6
PHP PHP 4.3.7
PHP PHP 4.3.8
PHP PHP 4.3.9
PHP PHP 4.4.0
PHP PHP 5.0.0 RC3
PHP PHP 5.0.0 RC2
PHP PHP 5.0.0 RC1
PHP PHP 5.0.0 Beta4
PHP PHP 5.0.0 Beta2
PHP PHP 5.0.0 Beta1
PHP PHP 5.0.0
PHP PHP 5.0.0 Beta3
PHP PHP 5.0.1
PHP PHP 5.0.2
PHP PHP 5.0.3
PHP PHP 5.0.4
PHP PHP 5.0.5
SuSE Linux Enterprise Server 8
SUSE SuSE Linux 10.0
SUSE SuSE Linux 9.0
SUSE SuSE Linux 9.1
SUSE SuSE Linux 9.2
SUSE SuSE Linux 9.3
SuSE SuSE SLES 9
Turbolinux Turbolinux 10 Desktop
Turbolinux Turbolinux 10 F...
Turbolinux Turbolinux 10 Server
Turbolinux Turbolinux 10 Server x64 Ed
Turbolinux Turbolinux 7 Server
Turbolinux Turbolinux 8 Server
Turbolinux Turbolinux 8 Workstation
Turbolinux Turbolinux Home
Turbolinux Turbolinux Multimedia
Turbolinux Turbolinux Personal
Turbolinux Turbolinux Appliance Server 1.0 Hosting Ed
Turbolinux Turbolinux Appliance Server 1.0 Workgroup Ed
Turbolinux Turbolinux Appliance Server 2.0

Reported:

Oct 31, 2005

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page