Synopsis
The remote CentOS host is missing one or more security updates.
Description
Updated php packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4.
This update has been rated as having moderate security impact by the Red Hat Security Response Team.
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server.
A heap-based buffer overflow flaw was found in PHP's mbstring extension. A remote attacker able to pass arbitrary input to a PHP script using mbstring conversion functions could cause the PHP interpreter to crash or, possibly, execute arbitrary code.
(CVE-2008-5557)
A flaw was found in the handling of the 'mbstring.func_overload' configuration setting. A value set for one virtual host, or in a user's .htaccess file, was incorrectly applied to other virtual hosts on the same server, causing the handling of multibyte character strings to not work correctly. (CVE-2009-0754)
A buffer overflow flaw was found in PHP's imageloadfont function. If a PHP script allowed a remote attacker to load a carefully crafted font file, it could cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2008-3658)
A flaw was found in the way PHP handled certain file extensions when running in FastCGI mode. If the PHP interpreter was being executed via FastCGI, a remote attacker could create a request which would cause the PHP interpreter to crash. (CVE-2008-3660)
A memory disclosure flaw was found in the PHP gd extension's imagerotate function. A remote attacker able to pass arbitrary values as the 'background color' argument of the function could, possibly, view portions of the PHP interpreter's memory. (CVE-2008-5498)
All php users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. The httpd web server must be restarted for the changes to take effect.
Solution
Update the affected php packages.
Plugin Details
File Name: centos_RHSA-2009-0337.nasl
Agent: unix
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:centos:centos:php-mysql, p-cpe:/a:centos:centos:php, p-cpe:/a:centos:centos:php-odbc, p-cpe:/a:centos:centos:php-gd, p-cpe:/a:centos:centos:php-devel, p-cpe:/a:centos:centos:php-pgsql, p-cpe:/a:centos:centos:php-ldap, cpe:/o:centos:centos:3, p-cpe:/a:centos:centos:php-pear, p-cpe:/a:centos:centos:php-domxml, p-cpe:/a:centos:centos:php-snmp, p-cpe:/a:centos:centos:php-xmlrpc, cpe:/o:centos:centos:4, p-cpe:/a:centos:centos:php-ncurses, p-cpe:/a:centos:centos:php-mbstring, p-cpe:/a:centos:centos:php-imap
Required KB Items: Host/local_checks_enabled, Host/CentOS/release, Host/CentOS/rpm-list
Exploit Ease: Exploits are available
Patch Publication Date: 4/6/2009
Vulnerability Publication Date: 8/14/2008