Paketname
mod_php3
Datum
2000-10-12
Advisory ID
MDKSA-2000:062
Betroffene Versionen
6.1 i586 , 7.0 i586 , 7.1 i586

Problembeschreibung

PHP version 3 which ships with Linux-Mandrake are vulnerable to format string attacks due to logging functions that make improper use of the syslog() and vsnprintf() functions. This renders PHP3-enabled servers vulnerable to compromise by remote attackers. This attack is only effective on PHP installations that log errors and warnings while those servers that do not are not affected. By default, Linux-Mandrake systems do not have logging enabled.

Aktualisierte Pakete

6.1 i586

 f6a3ad2ebaabb246faf2cb588ca52a32  6.1/RPMS/mod_php3-3.0.17-1mdk.i586.rpm
d1abf69f21b7ade7104bbb0a5aff5f8a  6.1/RPMS/mod_php3-imap-3.0.17-1mdk.i586.rpm
193cd2456804fca4cae2bdc75940b20e  6.1/RPMS/mod_php3-manual-3.0.17-1mdk.i586.rpm
64525426f348e6371ec5fd77813536eb  6.1/RPMS/mod_php3-pgsql-3.0.17-1mdk.i586.rpm
13067d04977583cbb96357c7a525cc7a  6.1/SRPMS/mod_php3-3.0.17-1mdk.src.rpm

7.0 i586

 bebdd9728efada190087b69b08ab9a41  7.0/RPMS/mod_php3-3.0.17-1mdk.i586.rpm
d97c701354c0378f9e9fe05efa230124  7.0/RPMS/mod_php3-imap-3.0.17-1mdk.i586.rpm
52d5eee8efce364280825a04ad77e106  7.0/RPMS/mod_php3-manual-3.0.17-1mdk.i586.rpm
a575a90a31ba94553fa6e8129d6286c5  7.0/RPMS/mod_php3-pgsql-3.0.17-1mdk.i586.rpm
13067d04977583cbb96357c7a525cc7a  7.0/SRPMS/mod_php3-3.0.17-1mdk.src.rpm

7.1 i586

 958dc14b1e9ecb6ed7c0f73378f4e75a  7.1/RPMS/mod_php3-3.0.17-2mdk.i586.rpm
6fb6a9e855d5664f4f0809d76953e358  7.1/RPMS/mod_php3-imap-3.0.17-2mdk.i586.rpm
46a3a0e3781144d60c9e52ab70a81961  7.1/RPMS/mod_php3-ldap-3.0.17-2mdk.i586.rpm
1255e6890b97fd0b6d88754726678c1b  7.1/RPMS/mod_php3-manual-3.0.17-2mdk.i586.rpm
3e28adeb63c703c3523dad36f8153db3  7.1/RPMS/mod_php3-mysql-3.0.17-2mdk.i586.rpm
6d5f08b077effc1925c21f91867d94f4  7.1/RPMS/mod_php3-pgsql-3.0.17-2mdk.i586.rpm
79e805805fbdc9b890c45b40ecb6dd04  7.1/SRPMS/mod_php3-3.0.17-2mdk.src.rpm