PHP wordwrap() Heap Corruption Vulnerability

PHP wordwrap() Heap Corruption Vulnerability

Solution:
Gentoo Linux has released an advisory. Users who have installed dev-php/php-4.2.3 and/or dev-php/mod_php-4.2.3 or earlier are advised to update
their systems by issuing the following commands

emerge rsync
emerge php
emerge clean

and/or

emerge mod_php
emerge clean

SCO has released security advisory CSSA-2003-SCO.28 with fixes and specific resolution steps. The advisory addresses this issue in OpenServer 5.0.5 through 5.0.7.

The vendor has confirmed that this issue exists and has released an updated version of PHP. Users are advised to upgrade as soon as possible.

PHP PHP 4.1.2

PHP PHP 4.3.0
http://www.php.net/downloads.php

PHP PHP 4.2 .0

PHP PHP 4.3.0
http://www.php.net/downloads.php

PHP PHP 4.2.1

PHP PHP 4.3.0
http://www.php.net/downloads.php

PHP PHP 4.2.2

PHP PHP 4.3.0
http://www.php.net/downloads.php

RedHat php-4.2.2-8.0.7.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/php-4.2.2-8.0.7.i386.rpm

RedHat php-devel-4.2.2-8.0.7.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/php-devel-4.2.2-8.0.7.i386.rpm

RedHat php-imap-4.2.2-8.0.7.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/php-imap-4.2.2-8.0.7.i386.rpm

RedHat php-ldap-4.2.2-8.0.7.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/php-ldap-4.2.2-8.0.7.i386.rpm

RedHat php-manual-4.2.2-8.0.7.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/php-manual-4.2.2-8.0.7.i386.rp m

RedHat php-mysql-4.2.2-8.0.7.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/php-mysql-4.2.2-8.0.7.i386.rpm

RedHat php-odbc-4.2.2-8.0.7.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/php-odbc-4.2.2-8.0.7.i386.rpm

RedHat php-pgsql-4.2.2-8.0.7.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/php-pgsql-4.2.2-8.0.7.i386.rpm

RedHat php-snmp-4.2.2-8.0.7.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/php-snmp-4.2.2-8.0.7.i386.rpm

S.u.S.E. mod_php4-4.2.2-168.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-4.2.2-16 8.i586.patch.rpm

S.u.S.E. mod_php4-4.2.2-168.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-4.2.2-16 8.i586.rpm

S.u.S.E. mod_php4-aolserver-4.2.2-168.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-aolserve r-4.2.2-168.i586.patch.rpm

S.u.S.E. mod_php4-aolserver-4.2.2-168.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-aolserve r-4.2.2-168.i586.rpm

S.u.S.E. mod_php4-core-4.2.2-168.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-core-4.2 .2-168.i586.patch.rpm

S.u.S.E. mod_php4-core-4.2.2-168.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-core-4.2 .2-168.i586.rpm

S.u.S.E. mod_php4-devel-4.2.2-168.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-devel-4. 2.2-168.i586.patch.rpm

S.u.S.E. mod_php4-devel-4.2.2-168.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-devel-4. 2.2-168.i586.rpm

S.u.S.E. mod_php4-servlet-4.2.2-168.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-servlet- 4.2.2-168.i586.patch.rpm

S.u.S.E. mod_php4-servlet-4.2.2-168.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-servlet- 4.2.2-168.i586.rpm

PHP PHP 4.2.3

EnGarde Secure Linux mod_php-4.2.3-1.0.22.i386.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/mod_php-4.2.3-1. 0.22.i386.rpm

EnGarde Secure Linux mod_php-4.2.3-1.0.22.i686.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/mod_php-4.2.3-1. 0.22.i686.rpm

EnGarde Secure Linux php-4.2.3-1.0.22.i386.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/php-4.2.3-1.0.22 .i386.rpm

EnGarde Secure Linux php-4.2.3-1.0.22.i686.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/php-4.2.3-1.0.22 .i686.rpm

Mandrake php-4.2.3-1.1mdk.i586.rpm
Mandrake Linux 9.0.
http://www.mandrakesecure.net/en/ftp.php

Mandrake php-4.2.3-1.1mdk.src.rpm
Mandrake Linux 9.0.
http://www.mandrakesecure.net/en/ftp.php

Mandrake php-common-4.2.3-1.1mdk.i586.rpm
Mandrake Linux 9.0.
http://www.mandrakesecure.net/en/ftp.php

Mandrake php-devel-4.2.3-1.1mdk.i586.rpm
Mandrake Linux 9.0.
http://www.mandrakesecure.net/en/ftp.php

Mandrake php-pear-4.2.3-1.1mdk.i586.rpm
Mandrake Linux 9.0.
http://www.mandrakesecure.net/en/ftp.php

PHP PHP 4.3.0
http://www.php.net/downloads.php