---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: Mandriva update for php SECUNIA ADVISORY ID: SA22693 VERIFY ADVISORY: http://secunia.com/advisories/22693/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Mandriva Linux 2007 http://secunia.com/product/12165/ Mandriva Linux 2006 http://secunia.com/product/9020/ DESCRIPTION: Mandriva has issued an update for php. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA22653 SOLUTION: Apply updated packages. Mandriva Linux 2006 8ae019c38dca51a9337f4d5458789998 2006.0/i586/libphp5_common5-5.0.4-9.17.20060mdk.i586.rpm 89764f16b9cd1633f5493ed3d132e66b 2006.0/i586/php-cgi-5.0.4-9.17.20060mdk.i586.rpm c595ac93489ded728816bb6fe22af554 2006.0/i586/php-cli-5.0.4-9.17.20060mdk.i586.rpm 356e13c13453e8a386d9e3da81b0a378 2006.0/i586/php-devel-5.0.4-9.17.20060mdk.i586.rpm 48f41b59e68f594918b1885a3c9c0a6b 2006.0/i586/php-fcgi-5.0.4-9.17.20060mdk.i586.rpm f72d50220e83c73973ec1bfe1257b0e9 2006.0/SRPMS/php-5.0.4-9.17.20060mdk.src.rpm Mandriva Linux 2006/X86_64 18b1ca183e03ce34b599d6108277209a 2006.0/x86_64/lib64php5_common5-5.0.4-9.17.20060mdk.x86_64.rpm abd014a9856e9b5c77e8a05fb3c34e40 2006.0/x86_64/php-cgi-5.0.4-9.17.20060mdk.x86_64.rpm 6379ac6c6e3191f65e6b9d5836ae3c31 2006.0/x86_64/php-cli-5.0.4-9.17.20060mdk.x86_64.rpm ce8df1e1bcf4392d99b84af60da3944b 2006.0/x86_64/php-devel-5.0.4-9.17.20060mdk.x86_64.rpm 940e32735642c94069c98b2c4ba20af5 2006.0/x86_64/php-fcgi-5.0.4-9.17.20060mdk.x86_64.rpm f72d50220e83c73973ec1bfe1257b0e9 2006.0/SRPMS/php-5.0.4-9.17.20060mdk.src.rpm Mandriva Linux 2007 a410da63de208fc194368b890aa0364d 2007.0/i586/libphp5_common5-5.1.6-1.3mdv2007.0.i586.rpm 3dcfafde63b2678052b4aa1f6828b2e4 2007.0/i586/php-cgi-5.1.6-1.3mdv2007.0.i586.rpm a2c1f77cac12a533e1f955d16ba481b6 2007.0/i586/php-cli-5.1.6-1.3mdv2007.0.i586.rpm 042fe335cea18315607c5a89e5aa760a 2007.0/i586/php-devel-5.1.6-1.3mdv2007.0.i586.rpm 4bb82eaf337acdd66124b1ca0ee517c3 2007.0/i586/php-fcgi-5.1.6-1.3mdv2007.0.i586.rpm ba7910d7b21effc105bb5f72628145aa 2007.0/SRPMS/php-5.1.6-1.3mdv2007.0.src.rpm Mandriva Linux 2007/X86_64 02c03b58ab4972b1db6355136efcbc95 2007.0/x86_64/lib64php5_common5-5.1.6-1.3mdv2007.0.x86_64.rpm 338064ee4822681c6bb3118197190aa0 2007.0/x86_64/php-cgi-5.1.6-1.3mdv2007.0.x86_64.rpm 6aec88f1f6a23b305d0a37ef6b07d606 2007.0/x86_64/php-cli-5.1.6-1.3mdv2007.0.x86_64.rpm b0bc60669b685186c0495c6211227b5b 2007.0/x86_64/php-devel-5.1.6-1.3mdv2007.0.x86_64.rpm ecc3d8f51bc4428ce0c4d397383dcec6 2007.0/x86_64/php-fcgi-5.1.6-1.3mdv2007.0.x86_64.rpm ba7910d7b21effc105bb5f72628145aa 2007.0/SRPMS/php-5.1.6-1.3mdv2007.0.src.rpm ORIGINAL ADVISORY: http://www.mandriva.com/security/advisories?name=MDKSA-2006:196 OTHER REFERENCES: SA22653: http://secunia.com/advisories/22653/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------