PHP PHP_Variables Remote Memory Disclosure Vulnerability

Solution:
The vendor has released an upgrade dealing with this issue.

Gentoo Linux has released an advisory (GLSA 200410-04) and an updated eBuild to address this vulnerability. Gentoo users are advised to run the following commands to apply the updates:
emerge sync

emerge -pv ">=dev-php/php-4.3.9"
emerge ">=dev-php/php-4.3.9"

emerge -pv ">=dev-php/mod_php-4.3.9"
emerge ">=dev-php/mod_php-4.3.9"

emerge -pv ">=dev-php/php-cgi-4.3.9"
emerge ">=dev-php/php-cgi-4.3.9"

Red Hat has released Red Hat Enterprise Linux advisory RHSA-2004:687-05 to address various issues in PHP. Please see the advisory in Web references for more information.

Fedora has released advisories FEDORA-2004-567 and FEDORA-2004-568 to address various PHP issues in Fedora Core 2 and Fedora Core 3. Please see the referenced advisories for more information.

SGI has released advisory 20050101-01-U to address various issues in SGI Advanced Linux Environment 3. This advisory includes updated SGI ProPack 3 Service Pack 3 packages. Please see the referenced advisory for more information.

Fedora has released Fedora Legacy advisory FLSA:2344 to address various issues in Red Hat Linux 7.3, Red Hat Linux 9.0 and Fedora Core 1 for the i386 architecture. Please see the referenced advisory for more information.


SGI ProPack 3.0

PHP PHP 4.0 0

PHP PHP 4.0.1

PHP PHP 4.0.2

PHP PHP 4.0.3

PHP PHP 4.0.4

PHP PHP 4.0.5

PHP PHP 4.0.6

PHP PHP 4.0.7

PHP PHP 4.1 .0

PHP PHP 4.1.1

PHP PHP 4.1.2

PHP PHP 4.2 .0

PHP PHP 4.2.1

PHP PHP 4.2.2

PHP PHP 4.2.3

PHP PHP 4.3

PHP PHP 4.3.1

PHP PHP 4.3.2

PHP PHP 4.3.3

PHP PHP 4.3.4

PHP PHP 4.3.5

PHP PHP 4.3.6

PHP PHP 4.3.7

PHP PHP 4.3.8

PHP PHP 5.0 .0

PHP PHP 5.0.1


 

Privacy Statement
Copyright 2010, SecurityFocus