模板
教程
环境
性能
功能
管理
PHPJPEG文件处理不正确远程任意指令执行漏洞
发布日期: 2004-12-16 更新日期: 2004-12-17 受影响系统: PHP PHP 5.0.2 PHP PHP 5.0.1 PHP PHP 5.0.0 PHP PHP 4.3.9 PHP PHP 4.3.6 描述: CVE(CAN) ID: _ blank> CAN-2004-1065 PHP是一种流行的WEB 服务 器端 编程 语言。 PHP在处理JPEG图象文件时存在
发布日期:2004-12-16更新日期:2004-12-17
受影响系统:
PHP PHP 5.0.2描述:
PHP PHP 5.0.1
PHP PHP 5.0.0
PHP PHP 4.3.9
PHP PHP 4.3.6
CVE(CAN) ID: _blank>CAN-2004-1065
PHP是一种流行的WEB服务器端编程语言。
PHP在处理JPEG图象文件时存在问题,远程攻击者可以利用这个漏洞以WEB进程权限在系统上执行任意指令。
问题存在于exif_read_data()函数中,通过发送包含超长"sectionname"数据的JPEG图象给支持图象上传的PHP应用程序,可导致发生缓冲区溢出,精心构建提交数据可能以WEB进程权限在系统上执行任意指令。
<*来源:Martin Pitt (martin.pitt@canonical.com)
链接:_blank>http://marc.theaimsgroup.com/?l=bugtraq&m=110322695529497&w=2
*>
建议:
厂商补丁:
PHP
---
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Source archives:
_4.3.8-3ubuntu7.1.diff.gz" target=_blank>http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.8-3ubuntu7.1.diff.gz
Size/MD5: 610651 e966340847246b2191f23982664390ed
_4.3.8-3ubuntu7.1.dsc" target=_blank>http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.8-3ubuntu7.1.dsc
Size/MD5: 1624 659779c771610d813c1f3a4aa580abc0
_4.3.8.orig.tar.gz" target=_blank>http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.8.orig.tar.gz
Size/MD5: 4832570 dd69f8c89281f088eadf4ade3dbd39ee
Architecture independent packages:
_4.3.8-3ubuntu7.1_all.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-dev_4.3.8-3ubuntu7.1_all.deb
Size/MD5: 331236 de01a589c82ee9b4ab0386287487bc20
_4.3.8-3ubuntu7.1_all.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-pear_4.3.8-3ubuntu7.1_all.deb
Size/MD5: 332374 a68bc6c786b9afde950254ede5b6e5f7
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
_4.3.8-3ubuntu7.1_amd64.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4_4.3.8-3ubuntu7.1_amd64.deb
Size/MD5: 1687074 691eee396077c870a30fb238d9191862
_4.3.8-3ubuntu7.1_amd64.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.8-3ubuntu7.1_amd64.deb
Size/MD5: 3195360 c809b2db355a7bc84dec07f253aa10cf
_4.3.8-3ubuntu7.1_amd64.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-curl_4.3.8-3ubuntu7.1_amd64.deb
Size/MD5: 17040 afc1817ea59b7b9ea456fc955594245b
_4.3.8-3ubuntu7.1_amd64.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-domxml_4.3.8-3ubuntu7.1_amd64.deb
Size/MD5: 40430 f75458e8clearcase/" target="_blank" >cceb8ee81c89bb96f78eedd0
_4.3.8-3ubuntu7.1_amd64.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-gd_4.3.8-3ubuntu7.1_amd64.deb
Size/MD5: 33494 a9855bcb2e9cd2af0ebcb557bb6d4380
_4.3.8-3ubuntu7.1_amd64.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-ldap_4.3.8-3ubuntu7.1_amd64.deb
Size/MD5: 21232 0698d1bc76347ba0cd982fc06f1bd0e8
_4.3.8-3ubuntu7.1_amd64.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mcal_4.3.8-3ubuntu7.1_amd64.deb
Size/MD5: 18404 50319c698a92bc02ba400f0576d85691
_4.3.8-3ubuntu7.1_amd64.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mhash_4.3.8-3ubuntu7.1_amd64.deb
Size/MD5: 7994 e195f98822655c7ca1cf144738502096
sql_4.3.8-3ubuntu7.1_amd64.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mysql_4.3.8-3ubuntu7.1_amd64.deb
Size/MD5: 23112 d8cc467306a90d6c85cb7b07ca3a7a31
_4.3.8-3ubuntu7.1_amd64.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-odbc_4.3.8-3ubuntu7.1_amd64.deb
Size/MD5: 28324 c265f308ebdc7166189771574aef4ca4
_4.3.8-3ubuntu7.1_amd64.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-recode_4.3.8-3ubuntu7.1_amd64.deb
Size/MD5: 7610 0044c60c1352ea2062305b9ad4e218f8
_4.3.8-3ubuntu7.1_amd64.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-snmp_4.3.8-3ubuntu7.1_amd64.deb
Size/MD5: 12968 18ef336bde0ab867e0e9ae1a9fef55b9
_4.3.8-3ubuntu7.1_amd64.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-sybase_4.3.8-3ubuntu7.1_amd64.deb
Size/MD5: 21508 1eaf9ea7357ea445a5836f2a9608560b
_4.3.8-3ubuntu7.1_amd64.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-xslt_4.3.8-3ubuntu7.1_amd64.deb
Size/MD5: 17244 b653332b01cdded019b98027e6271542
_4.3.8-3ubuntu7.1_amd64.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4_4.3.8-3ubuntu7.1_amd64.deb
Size/MD5: 1703068 5a046adb9b630c9ffd2240b8f707399e
i386 architecture (x86 compatible Intel/AMD)
_4.3.8-3ubuntu7.1_i386.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4_4.3.8-3ubuntu7.1_i386.deb
Size/MD5: 1629472 f3a06742df44f2d61525ff6ad10a2118
_4.3.8-3ubuntu7.1_i386.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.8-3ubuntu7.1_i386.deb
Size/MD5: 3042316 3e47ad3d3e214cab1864c7338d999bf7
_4.3.8-3ubuntu7.1_i386.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-curl_4.3.8-3ubuntu7.1_i386.deb
Size/MD5: 16596 e94769b268e370ce703a3034dca26a29
_4.3.8-3ubuntu7.1_i386.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-domxml_4.3.8-3ubuntu7.1_i386.deb
Size/MD5: 35556 2a0e1e904e6e94b77ff50e55519c2091
_4.3.8-3ubuntu7.1_i386.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-gd_4.3.8-3ubuntu7.1_i386.deb
Size/MD5: 31072 bfcb31da78652ef4a903fea15cde2f6f
_4.3.8-3ubuntu7.1_i386.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-ldap_4.3.8-3ubuntu7.1_i386.deb
Size/MD5: 19474 612fc6968c909cfe4d234c3785ddfe57
_4.3.8-3ubuntu7.1_i386.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mcal_4.3.8-3ubuntu7.1_i386.deb
Size/MD5: 17052 d555c32361241f8b077a2d48a7f2df75
_4.3.8-3ubuntu7.1_i386.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mhash_4.3.8-3ubuntu7.1_i386.deb
Size/MD5: 7736 e976e52ee818f267b19694b394296738
sql_4.3.8-3ubuntu7.1_i386.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mysql_4.3.8-3ubuntu7.1_i386.deb
Size/MD5: 20902 a10de406012b814358414c98c721e011
_4.3.8-3ubuntu7.1_i386.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-odbc_4.3.8-3ubuntu7.1_i386.deb
Size/MD5: 26062 df8df48148e63e3e77eb5559a9bf5bbc
_4.3.8-3ubuntu7.1_i386.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-recode_4.3.8-3ubuntu7.1_i386.deb
Size/MD5: 7374 14304803fd0c2363ebe2dbf4effc4aeb
_4.3.8-3ubuntu7.1_i386.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-snmp_4.3.8-3ubuntu7.1_i386.deb
Size/MD5: 12316 4147ba0de6f7fb75cc54f94a92a9158d
_4.3.8-3ubuntu7.1_i386.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-sybase_4.3.8-3ubuntu7.1_i386.deb
Size/MD5: 20010 ebb83d15f0dd57dfbc8c84d4714b8ef7
_4.3.8-3ubuntu7.1_i386.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-xslt_4.3.8-3ubuntu7.1_i386.deb
Size/MD5: 15878 4014ffe19c87776268de3446ba285e71
_4.3.8-3ubuntu7.1_i386.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4_4.3.8-3ubuntu7.1_i386.deb
Size/MD5: 1643914 68eea9ea59d35b35cb949a406de5c9b9
powerpc architecture (Apple Macintosh G3/G4/G5)
_4.3.8-3ubuntu7.1_powerpc.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4_4.3.8-3ubuntu7.1_powerpc.deb
Size/MD5: 1689302 807531344823fc9a286b5ae7511020fe
_4.3.8-3ubuntu7.1_powerpc.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.8-3ubuntu7.1_powerpc.deb
Size/MD5: 3202090 66d309045f186a07c886d061440d5e21
_4.3.8-3ubuntu7.1_powerpc.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-curl_4.3.8-3ubuntu7.1_powerpc.deb
Size/MD5: 18870 e8eb9726de46eb207ac41a992bf9a4c8
_4.3.8-3ubuntu7.1_powerpc.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-domxml_4.3.8-3ubuntu7.1_powerpc.deb
Size/MD5: 38284 0d3392f73734f400f1934f28f2252eaf
_4.3.8-3ubuntu7.1_powerpc.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-gd_4.3.8-3ubuntu7.1_powerpc.deb
Size/MD5: 34002 dbc5e62935b72f8fa6f7b80206ca66ae
_4.3.8-3ubuntu7.1_powerpc.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-ldap_4.3.8-3ubuntu7.1_powerpc.deb
Size/MD5: 21474 818192591970cbbfe93e5d30db622030
_4.3.8-3ubuntu7.1_powerpc.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mcal_4.3.8-3ubuntu7.1_powerpc.deb
Size/MD5: 19310 f5d749f3b0a1371d8f59e036bd9cb50d
_4.3.8-3ubuntu7.1_powerpc.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mhash_4.3.8-3ubuntu7.1_powerpc.deb
Size/MD5: 9314 165fec2b86b60d646d176df101116e2c
sql_4.3.8-3ubuntu7.1_powerpc.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mysql_4.3.8-3ubuntu7.1_powerpc.deb
Size/MD5: 22680 d2aebe8f3db956a56dc5d02c9821df77
_4.3.8-3ubuntu7.1_powerpc.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-odbc_4.3.8-3ubuntu7.1_powerpc.deb
Size/MD5: 28402 f4e126be6945934a6b9aa7c92b523087
_4.3.8-3ubuntu7.1_powerpc.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-recode_4.3.8-3ubuntu7.1_powerpc.deb
Size/MD5: 8994 3edf33dd1e41c0f0e438144039f009ea
_4.3.8-3ubuntu7.1_powerpc.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-snmp_4.3.8-3ubuntu7.1_powerpc.deb
Size/MD5: 14328 8d0b9fa752c930cbc77602b4869a22df
_4.3.8-3ubuntu7.1_powerpc.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-sybase_4.3.8-3ubuntu7.1_powerpc.deb
Size/MD5: 22194 df61118cb96d51d0c7ba65604a8ba92d
_4.3.8-3ubuntu7.1_powerpc.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-xslt_4.3.8-3ubuntu7.1_powerpc.deb
Size/MD5: 18058 eecac94a928382539ee0028e6cd80434
_4.3.8-3ubuntu7.1_powerpc.deb" target=_blank>http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4_4.3.8-3ubuntu7.1_powerpc.deb
Size/MD5: 1706958 da15f0cf0899b91fea48125d08dfc912
