PHP Shared Memory Module Offset Memory Corruption Vulnerability

PHP Shared Memory Module Offset Memory Corruption Vulnerability

Solution:
It is reported that this vulnerability is addressed in PHP 5.0.3 and 4.3.10. This is not confirmed.

Ubuntu Linux has released advisory USN-66-1 to address this, and other issues. Please see the referenced advisory for further information.

Apple Computers has released advisory APPLE-SA-2005-01-25 along with a security update dealing with this and other issues. Please see the referenced advisory for more information.

Apple Computers has released Mac OS X version 10.3.8 dealing with this issue. This upgrade includes the security patches shipped with the referenced security update.

Apple Mac OS X 10.2.8

Apple Security Update 2005-001 (Mac OS X 10.2.8 Client) 1.0
http://www.apple.com/support/downloads/securityupdate2005001macosx1028 client.html

Apple Mac OS X Server 10.2.8

Apple Security Update 2005-001 (Mac OS X 10.2.8 Server) 1.0
http://www.apple.com/support/downloads/securityupdate2005001macosx1028 server.html

Apple Mac OS X Server 10.3.7

Apple Security Update 2005-001 (Mac OS X 10.3.7 Server) 1.0
http://www.apple.com/support/downloads/securityupdate2005001macosx1037 server.html

Apple Mac OS X 10.3.8 upgrade
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=05368&plat form=osx&method=sa/MacOSXUpdate10.3.8.dmg

Apple Mac OS X 10.3.7

Apple Security Update 2005-001 (Mac OS X 10.3.7 Client) 1.0
http://www.apple.com/support/downloads/securityupdate2005001macosx1037 client.html

Apple Mac OS X 10.3.8 upgrade
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=05368&plat form=osx&method=sa/MacOSXUpdate10.3.8.dmg

PHP PHP 4.3.8

Ubuntu libapache2-mod-php4_4.3.8-3ubuntu7.3_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4 _4.3.8-3ubuntu7.3_amd64.deb

Ubuntu libapache2-mod-php4_4.3.8-3ubuntu7.3_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4 _4.3.8-3ubuntu7.3_i386.deb

Ubuntu libapache2-mod-php4_4.3.8-3ubuntu7.3_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4 _4.3.8-3ubuntu7.3_powerpc.deb

Ubuntu php4-cgi_4.3.8-3ubuntu7.3_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.8-3ubu ntu7.3_amd64.deb

Ubuntu php4-cgi_4.3.8-3ubuntu7.3_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.8-3ubu ntu7.3_i386.deb

Ubuntu php4-cgi_4.3.8-3ubuntu7.3_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.8-3ubu ntu7.3_powerpc.deb

Ubuntu php4-curl_4.3.8-3ubuntu7.3_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-curl_4.3.8 -3ubuntu7.3_amd64.deb

Ubuntu php4-curl_4.3.8-3ubuntu7.3_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-curl_4.3.8 -3ubuntu7.3_i386.deb

Ubuntu php4-curl_4.3.8-3ubuntu7.3_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-curl_4.3.8 -3ubuntu7.3_powerpc.deb

Ubuntu php4-dev_4.3.8-3ubuntu7.3_all.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-dev_4.3.8-3ubu ntu7.3_all.deb

Ubuntu php4-domxml_4.3.8-3ubuntu7.3_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-domxml_4.3 .8-3ubuntu7.3_amd64.deb

Ubuntu php4-domxml_4.3.8-3ubuntu7.3_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-domxml_4.3 .8-3ubuntu7.3_i386.deb

Ubuntu php4-domxml_4.3.8-3ubuntu7.3_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-domxml_4.3 .8-3ubuntu7.3_powerpc.deb

Ubuntu php4-gd_4.3.8-3ubuntu7.3_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-gd_4.3.8-3 ubuntu7.3_amd64.deb

Ubuntu php4-gd_4.3.8-3ubuntu7.3_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-gd_4.3.8-3 ubuntu7.3_i386.deb

Ubuntu php4-gd_4.3.8-3ubuntu7.3_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-gd_4.3.8-3 ubuntu7.3_powerpc.deb

Ubuntu php4-ldap_4.3.8-3ubuntu7.3_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-ldap_4.3.8 -3ubuntu7.3_amd64.deb

Ubuntu php4-ldap_4.3.8-3ubuntu7.3_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-ldap_4.3.8 -3ubuntu7.3_i386.deb

Ubuntu php4-ldap_4.3.8-3ubuntu7.3_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-ldap_4.3.8 -3ubuntu7.3_powerpc.deb

Ubuntu php4-mcal_4.3.8-3ubuntu7.3_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mcal_4.3.8 -3ubuntu7.3_amd64.deb

Ubuntu php4-mcal_4.3.8-3ubuntu7.3_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mcal_4.3.8 -3ubuntu7.3_i386.deb

Ubuntu php4-mcal_4.3.8-3ubuntu7.3_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mcal_4.3.8 -3ubuntu7.3_powerpc.deb

Ubuntu php4-mhash_4.3.8-3ubuntu7.3_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mhash_4.3. 8-3ubuntu7.3_amd64.deb

Ubuntu php4-mhash_4.3.8-3ubuntu7.3_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mhash_4.3. 8-3ubuntu7.3_i386.deb

Ubuntu php4-mhash_4.3.8-3ubuntu7.3_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mhash_4.3. 8-3ubuntu7.3_powerpc.deb

Ubuntu php4-mysql_4.3.8-3ubuntu7.3_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mysql_4.3. 8-3ubuntu7.3_amd64.deb

Ubuntu php4-mysql_4.3.8-3ubuntu7.3_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mysql_4.3. 8-3ubuntu7.3_i386.deb

Ubuntu php4-mysql_4.3.8-3ubuntu7.3_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mysql_4.3. 8-3ubuntu7.3_powerpc.deb

Ubuntu php4-odbc_4.3.8-3ubuntu7.3_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-odbc_4.3.8 -3ubuntu7.3_amd64.deb

Ubuntu php4-odbc_4.3.8-3ubuntu7.3_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-odbc_4.3.8 -3ubuntu7.3_i386.deb

Ubuntu php4-odbc_4.3.8-3ubuntu7.3_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-odbc_4.3.8 -3ubuntu7.3_powerpc.deb

Ubuntu php4-pear_4.3.8-3ubuntu7.3_all.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-pear_4.3.8 -3ubuntu7.3_all.deb

Ubuntu php4-recode_4.3.8-3ubuntu7.3_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-recode_4.3 .8-3ubuntu7.3_amd64.deb

Ubuntu php4-recode_4.3.8-3ubuntu7.3_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-recode_4.3 .8-3ubuntu7.3_i386.deb

Ubuntu php4-recode_4.3.8-3ubuntu7.3_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-recode_4.3 .8-3ubuntu7.3_powerpc.deb

Ubuntu php4-snmp_4.3.8-3ubuntu7.3_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-snmp_4.3.8 -3ubuntu7.3_amd64.deb

Ubuntu php4-snmp_4.3.8-3ubuntu7.3_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-snmp_4.3.8 -3ubuntu7.3_i386.deb

Ubuntu php4-snmp_4.3.8-3ubuntu7.3_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-snmp_4.3.8 -3ubuntu7.3_powerpc.deb

Ubuntu php4-sybase_4.3.8-3ubuntu7.3_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-sybase_4.3 .8-3ubuntu7.3_amd64.deb

Ubuntu php4-sybase_4.3.8-3ubuntu7.3_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-sybase_4.3 .8-3ubuntu7.3_i386.deb

Ubuntu php4-sybase_4.3.8-3ubuntu7.3_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-sybase_4.3 .8-3ubuntu7.3_powerpc.deb

Ubuntu php4-xslt_4.3.8-3ubuntu7.3_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-xslt_4.3.8 -3ubuntu7.3_amd64.deb

Ubuntu php4-xslt_4.3.8-3ubuntu7.3_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-xslt_4.3.8 -3ubuntu7.3_i386.deb

Ubuntu php4-xslt_4.3.8-3ubuntu7.3_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-xslt_4.3.8 -3ubuntu7.3_powerpc.deb

Ubuntu php4_4.3.8-3ubuntu7.3_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4_4.3.8-3ubu ntu7.3_amd64.deb

Ubuntu php4_4.3.8-3ubuntu7.3_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4_4.3.8-3ubu ntu7.3_i386.deb

Ubuntu php4_4.3.8-3ubuntu7.3_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4_4.3.8-3ubu ntu7.3_powerpc.deb