[security-alerts] FW: [SA21546] PHP Multiple Vulnerabilities

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

> 
> TITLE:
> PHP Multiple Vulnerabilities
> 
> SECUNIA ADVISORY ID:
> SA21546
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/21546/
> 
> CRITICAL:
> Less critical
> 
> IMPACT:
> Unknown, Security Bypass
> 
> WHERE:
> Local system
> 
> SOFTWARE:
> PHP 4.4.x
> http://secunia.com/product/5768/
> PHP 5.1.x
> http://secunia.com/product/6796/
> 
> DESCRIPTION:
> Some vulnerabilities have been reported in PHP, where some have
> unknown impacts, and others can be exploited by malicious, local
> users to bypass certain security restrictions.
> 
> 1) Missing safe_mode and open_basedir verification exists in the
> "file_exists()", "imap_open()", and "imap_reopen()" functions.
> 
> 2) Some unspecified boundary errors exists in the "str_repeat()" and
> "wordwrap()" functions on 64-bit systems.
> 
> 3) The open_basedir and safe_mode protection mechanisms can be
> bypassed via the cURL extension and the realpath cache.
> 
> 4) An unspecified boundary error exists in the GD extension when
> handling malformed GIF images.
> 
> 5) A boundary error in the "stripos()" function can be exploited to
> cause an out-of-bounds memory read.
> 
> 6) Incorrect memory_limit restrictions exists on 64-bit systems.
> 
> Other issues which may be security related have also been reported.
> 
> SOLUTION:
> Update to version 4.4.4 or 5.1.5.
> http://www.php.net/downloads.php
> 
> PROVIDED AND/OR DISCOVERED BY:
> Reported by the vendor.
> 
> ORIGINAL ADVISORY:
> http://www.php.net/release_4_4_4.php
> http://www.php.net/release_5_1_5.php
>