CVE-2005-3319
CVSS2.1
发布时间 :2005-10-27 06:02:00
修订时间 :2016-10-17 23:34:29
NMCOPS    

[原文]The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost.


[CNNVD] Apache For PHP 模块拒绝服务攻击漏洞(CNNVD-200510-256)

        PHP(PHP:Hypertext Preprocessor)是一种在计算机上运行的脚本语言,主要是用途在于处理动态网页。
        PHP 5.1.0 和 4.4.1以前版本中的Apache 模块中的sapi_apache2.c允许攻击者通过.htaccess 文件或者 VirtualHost 中的session.save_path选项来引发拒绝服务攻击。

- CVSS (基础分值)

CVSS分值: 2.1 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:php:php:4.3.11PHP PHP 4.3.11
cpe:/a:php:php:4.3.10PHP PHP 4.3.10
cpe:/a:php:php:5.0.5PHP PHP 5.0.5
cpe:/a:php:php:5.0.4PHP PHP 5.0.4
cpe:/a:php:php:5.0.3PHP PHP 5.0.3
cpe:/a:php:php:4.0.7:rc2
cpe:/a:php:php:5.0.2PHP PHP 5.0.2
cpe:/a:php:php:5.0.1PHP PHP 5.0.1
cpe:/a:php:php:4.3
cpe:/a:php:php:5.0.0PHP PHP 5.0.0
cpe:/a:php:php:4.0.7:rc1
cpe:/a:php:php:4.3.9PHP PHP 4.3.9
cpe:/a:php:php:4.3.6PHP PHP 4.3.6
cpe:/a:php:php:4.3.5PHP PHP 4.3.5
cpe:/a:php:php:4.3.8PHP PHP 4.3.8
cpe:/a:php:php:4.3.7PHP PHP 4.3.7
cpe:/a:php:php:4.0.1PHP PHP 4.0.1
cpe:/a:php:php:4.1.0PHP PHP 4.1.0
cpe:/a:php:php:4.0.0PHP PHP 4.0.0
cpe:/a:php:php:4.0.3PHP PHP 4.0.3
cpe:/a:php:php:4.1.2PHP PHP 4.1.2
cpe:/a:php:php:4.2.1PHP PHP 4.2.1
cpe:/a:php:php:5.0:rc3
cpe:/a:php:php:4.0.2PHP PHP 4.0.2
cpe:/a:php:php:4.1.1PHP PHP 4.1.1
cpe:/a:php:php:4.2.0PHP PHP 4.2.0
cpe:/a:php:php:5.0:rc1
cpe:/a:php:php:4.0.7:rc3
cpe:/a:php:php:5.0:rc2
cpe:/a:php:php:4.0.1:patch1
cpe:/a:php:php:4.0.3:patch1
cpe:/a:php:php:4.0.1:patch2
cpe:/a:php:php:4.2::dev
cpe:/a:php:php:4.0.5PHP PHP 4.0.5
cpe:/a:php:php:4.2.3PHP PHP 4.2.3
cpe:/a:php:php:4.3.2PHP PHP 4.3.2
cpe:/a:php:php:4.0.4PHP PHP 4.0.4
cpe:/a:php:php:4.2.2PHP PHP 4.2.2
cpe:/a:php:php:4.3.1PHP PHP 4.3.1
cpe:/a:php:php:4.4.0PHP PHP 4.4.0
cpe:/a:php:php:4.0.7PHP PHP 4.0.7
cpe:/a:php:php:4.3.4PHP PHP 4.3.4
cpe:/a:php:php:4.0.6PHP PHP 4.0.6
cpe:/a:php:php:4.3.3PHP PHP 4.3.3

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3319
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3319
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200510-256
(官方数据源) CNNVD

- 其它链接及资源

http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0491.html
(UNKNOWN)  FULLDISC  20051024 php < 4.4.1 htaccess apache dos
http://bugs.gentoo.org/show_bug.cgi?id=107602
(UNKNOWN)  CONFIRM  http://bugs.gentoo.org/show_bug.cgi?id=107602
http://docs.info.apple.com/article.html?artnum=303382
(UNKNOWN)  CONFIRM  http://docs.info.apple.com/article.html?artnum=303382
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522
(UNKNOWN)  HP  HPSBMA02159
http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html
(UNKNOWN)  APPLE  APPLE-SA-2006-03-01
http://marc.info/?l=bugtraq&m=113019286208204&w=2
(UNKNOWN)  BUGTRAQ  20051024 php < 4.4.1 htaccess apache dos
http://securityreason.com/securityalert/525
(UNKNOWN)  SREASON  525
http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml
(UNKNOWN)  GENTOO  GLSA-200511-08
http://www.mandriva.com/security/advisories?name=MDKSA-2005:213
(UNKNOWN)  MANDRIVA  MDKSA-2005:213
http://www.securityfocus.com/bid/15177
(UNKNOWN)  BID  15177
http://www.securityfocus.com/bid/16907
(UNKNOWN)  BID  16907
http://www.ubuntulinux.org/usn/usn-232-1/document_view
(UNKNOWN)  UBUNTU  USN-232-1
http://www.us-cert.gov/cas/techalerts/TA06-062A.html
(UNKNOWN)  CERT  TA06-062A
http://www.vupen.com/english/advisories/2006/0791
(UNKNOWN)  VUPEN  ADV-2006-0791
http://www.vupen.com/english/advisories/2006/4320
(UNKNOWN)  VUPEN  ADV-2006-4320
http://xforce.iss.net/xforce/xfdb/22844
(UNKNOWN)  XF  php-htaccess-dos(22844)

- 漏洞信息

Apache For PHP 模块拒绝服务攻击漏洞
低危 其他
2005-10-27 00:00:00 2006-03-06 00:00:00
本地  
        PHP(PHP:Hypertext Preprocessor)是一种在计算机上运行的脚本语言,主要是用途在于处理动态网页。
        PHP 5.1.0 和 4.4.1以前版本中的Apache 模块中的sapi_apache2.c允许攻击者通过.htaccess 文件或者 VirtualHost 中的session.save_path选项来引发拒绝服务攻击。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
        http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09818&cat=1&platform=osx&method=sa/SecUpd2006-001Ti.dmg
        http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=09818&cat=1&platform=osx&method=sa/SecUpd2006-001Ti.dmg

- 漏洞信息 (F44321)

Apple Security Advisory 2006-03-01 (PacketStormID:F44321)
2006-03-03 00:00:00
Apple  apple.com
advisory,perl,vulnerability
apple,osx
CVE-2005-3319,CVE-2005-3353,CVE-2005-3391,CVE-2005-3392,CVE-2006-0384,CVE-2006-0391,CVE-2005-2713,CVE-2005-2714,CVE-2006-0386,CVE-2006-0383,CVE-2005-3706,CVE-2006-0395,CVE-2005-4217,CVE-2005-3712,CVE-2005-4504,CVE-2006-0387,CVE-2006-0388,CVE-2006-0394
[点击下载]

APPLE-SA-2006-03-01 Security Update 2006-001 - A new update has been released for Mac OS X that addresses vulnerabilities in apache_mod_php, automount, COM, Directory Services, FileVault, IPSec, LibSystem, Mail, perl, rsync, Safari, LaunchServices, and Syndication.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2006-03-01 Security Update 2006-001

Security Update 2006-001 is now available and addresses the following
issues:

apache_mod_php
CVE-ID:  CVE-2005-3319, CVE-2005-3353, CVE-2005-3391, CVE-2005-3392
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
v10.4.5, Mac OS X Server v10.4.5
Impact:  Multiple security issues in PHP 4.4
Description:  PHP 4.4.1 fixes several security issues in the Apache
module and scripting environment. Details of the fixes are
available via the PHP web site (www.php.net). PHP ships with Mac OS
X but is disabled by default.

automount
CVE-ID:  CVE-2006-0384
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
v10.4.5, Mac OS X Server v10.4.5
Impact:  Malicious network servers may cause a denial of service or
arbitrary code execution
Description:  File servers on the local network may be able to cause
Mac OS X systems to mount file systems with reserved names. This
could cause the systems to become unresponsive, or possibly allow
arbitrary code delivered from the file servers to run on the target
system.

BOM
CVE-ID:  CVE-2006-0391
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
v10.4.5, Mac OS X Server v10.4.5
Impact:  Directory traversal may occur while unpacking archives with
BOM
Description:  The BOM framework handles the unpacking of certain
types of archives. This framework is vulnerable to a directory
traversal attack that can allow archived files to be unpacked into
arbitrary locations that are writable by the current user. This
update addresses the issue by properly sanitizing those paths.
Credit to Stephane Kardas of CERTA for reporting this issue.

Directory Services
CVE-ID:  CVE-2005-2713, CVE-2005-2714
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
v10.4.5, Mac OS X Server v10.4.5
Impact:  Malicious local users may create and manipulate files as
root
Description:  The passwd program is vulnerable to temporary file
attacks. This could lead to privilege elevation. This update
addresses the issue by anticipating a hostile environment and by
creating temporary files securely. Credit to Ilja van Sprundel of
Suresec LTD, vade79, and iDefense (idefense.com) for reporting this
issue.

FileVault
CVE-ID:  CVE-2006-0386
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
v10.4.5, Mac OS X Server v10.4.5
Impact:  FileVault may permit access to files during when it is
first enabled
Description:  User directories are mounted in an unsafe fashion when
a FileVault image is created. This update secures the method in
which a FileVault image is created.

IPSec
CVE-ID:  CVE-2006-0383
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
v10.4.5, Mac OS X Server v10.4.5
Impact:  Remote denial of service against VPN connections
Description:  Incorrect handling of error conditions for virtual
private networks based on IPSec may allow a remote attacker to
cause a service interruption. This update addresses the issues by
correctly handling the conditions that may cause crashes. Credit to
OUSPG from the University of Oulu, NISCC, and CERT-FI for
coordinating and reporting this issue.

LibSystem
CVE-ID:  CVE-2005-3706
Available for:  Mac OS X v10.4.5, Mac OS X Server v10.4.5
Impact:  Attackers may cause crashes or arbitrary code execution
depending upon the application
Description:  An attacker able to cause an application to make
requests for large amounts of memory may also be able to trigger a
heap buffer overflow. This could cause the targeted application to
crash or execute arbitrary code. This update addresses the issue by
correctly handling these memory requests. This issue does not
affect systems prior to Mac OS X v10.4. Credit to Neil Archibald of
Suresec LTD for reporting this issue.

Mail
CVE-ID:  CVE-2006-0395
Available for:  Mac OS X v10.4.5, Mac OS X Server v10.4.5
Impact:  Download Validation fails to warn about unsafe file types
Description:  In Mac OS X v10.4 Tiger, when an email attachment is
double-clicked in Mail, Download Validation is used to warn the
user if the file type is not "safe". Certain techniques can be used
to disguise the file's type so that Download Validation is
bypassed. This update addresses the issue by presenting Download
Validation with the entire file, providing more information for
Download Validation to detect unknown or unsafe file types in
attachments.

perl
CVE-ID:  CVE-2005-4217
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9
Impact:  Perl programs may fail to drop privileges
Description:  When a perl program running as root attempts to switch
to another user ID, the operation may fail without notification to
the program. This may cause a program to continue to run with root
privileges, assuming they have been dropped. This can cause
security issues in third-party tools. This update addresses the
issue by preventing such applications from continuing if the
operation fails. This issue does not affect Mac OS X v10.4 or later
systems. Credit to Jason Self for reporting this issue.

rsync
CVE-ID:  CVE-2005-3712
Available for:  Mac OS X v10.4.5, Mac OS X Server v10.4.5
Impact:  Authenticated users may cause an rsync server to crash or
execute arbitrary code
Description:  A heap-based buffer overflow may be triggered when the
rsync server is used with the flag that allows extended attributes
to be transferred. It may be possible for a malicious user with
access to an rsync server to cause denial of service or code
execution. This update addresses the problem by ensuring that the
destination buffer is large enough to hold the extended attributes.
This issue does not affect systems prior to Mac OS X v10.4. Credit
to Jan-Derk Bakker for reporting this issue.

Safari
CVE-ID:  CVE-2005-4504
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
v10.4.5, Mac OS X Server v10.4.5
Impact:  Viewing a maliciously-crafted web page may result in
arbitrary code execution
Description:  A heap-based buffer overflow in WebKit's handling of
certain HTML could allow a malicious web site to cause a crash or
execute arbitrary code as the user viewing the site. This update
addresses the issue by preventing the condition causing the
overflow. Credit to Suresec LTD for reporting this issue.

Safari
CVE-ID:  CVE-2006-0387
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
v10.4.5, Mac OS X Server v10.4.5
Impact:  Viewing a malicious web page may cause arbitrary code
execution
Description:  By preparing a web page including specially-crafted
JavaScript, an attacker may trigger a stack buffer overflow that
could lead to arbitrary code execution with the privileges of the
user. This update addresses the issue by performing additional
bounds checking.

Safari
CVE-ID:  CVE-2006-0388
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
v10.4.5, Mac OS X Server v10.4.5
Impact:  Remote web sites can redirect to local resources, allowing
JavaScript to execute in the local domain
Description:  Safari's security model prevents remote resources from
causing redirection to local resources. An issue involving HTTP
redirection can cause the browser to access a local file, bypassing
certain restrictions. This update addresses the issue by preventing
cross-domain HTTP redirects.

Safari, LaunchServices
CVE-ID:  CVE-2006-0394
Available for:  Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
v10.4.5, Mac OS X Server v10.4.5
Impact:  Viewing a malicious web site may result in arbitrary code
execution
Description:  It is possible to construct a file which appears to be
a safe file type, such as an image or movie, but is actually an
application. When the "Open `safe' files after downloading" option
is enabled in Safari's General preferences, visiting a malicious
web site may result in the automatic download and execution of such
a file. A proof-of-concept has been detected on public web sites
that demonstrates the automatic execution of shell scripts. This
update addresses the issue by performing additional download
validation so that the user is warned (in Mac OS X v10.4.5) or the
download is not automatically opened (in Mac OS X v10.3.9).

Syndication
CVE-ID:  CVE-2006-0389
Available for:  Mac OS X v10.4.5, Mac OS X Server v10.4.5
Impact:  Subscriptions to malicious RSS content can lead to
cross-site scripting
Description:  Syndication (Safari RSS) may allow JavaScript code
embedded in feeds to run within the context of the RSS reader
document, allowing malicious feeds to circumvent Safari's security
model. This update addresses the issue by properly removing
JavaScript code from feeds. Syndication is only available in Mac OS
X v10.4 and later.

The following security enhancements are also included in this update:

FileVault: AES-128 encrypted FileVault disk images are now created
with more restrictive operating system permissions. Credit to Eric
Hall of DarkArt Consulting Services for reporting this issue.

iChat: A malicious application named Leap.A that attempts to
propagate using iChat has been detected. With this update for Mac
OS X v10.4.5 and Mac OS X Server v10.4.5, iChat now uses Download
Validation to warn of unknown or unsafe file types during file
transfers.

Users should use caution when opening files that are obtained from
the network. Further information is available via:
http://docs.info.apple.com/article.html?artnum=108009

Security Update 2006-001 may be obtained from the Software Update
pane in System Preferences, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/

For Mac OS X v10.4.5 (PowerPC) and Mac OS X Server v10.4.5
The download file is named:  "SecUpd2006-001Ti.dmg"
Its SHA-1 digest is:  999b73a54951b4e0a7f873fecf75f92840e8b439

For Mac OS X v10.4.5 (Intel)
The download file is named:  "SecUpd2006-001Intel.dmg"
Its SHA-1 digest is:  473f94264876fa49fa15a8b6bb4bc30956502ad5

For Mac OS X v10.3.9
The download file is named:  "SecUpd2006-001Pan.dmg"
Its SHA-1 digest is:  b6a000d451a1b1696726ff60142fc3da08042433

For Mac OS X Server v10.3.9
The download file is named:  "SecUpdSrvr2006-001Pan.dmg"
Its SHA-1 digest is:  2299380d72a61eadcbd0a5c6f46c924600ff5a9c

Information will also be posted to the Apple Product Security
web site:
http://docs.info.apple.com/article.html?artnum=61798

This message is signed with Apple's Product Security PGP key,
and details are available at:
http://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.5 (Build 5050)

iQEVAwUBRAYYVoHaV5ucd/HdAQJQWggApQmizj2t3+/87Fqun66/HCEkFt2YhUoe
cmel0/KwJhWrk+LV+CYvixbDvKuGIjP8CWB9/s78YN93pOI5WcfyTKd07rEQYkT4
i8KPrM9QjdvgIjKd6O/VAOkzBc3DqV7KNVR2Hewa3jOigTm7Yxil9o/nZt1TLxAI
9TN0uduc13WHC8WE2N41I8MQ+VdGTX3ANZkfgR90lua4A2E1ab9kCN2qbg+E7Cus
SkwsKp0qSH7bl8v0/R6c1hsYG0T1RwSWU6arAEliqzrrIbCm0Yxtgwp/CYFWC46j
TQNCcppNgcr/pVPojACy8WFtQ3wEb6rJ4ZjH1C5nOem2EoCBh10WFw==
=1Ww0
-----END PGP SIGNATURE-----
    

- 漏洞信息

20491
PHP mod_php apache2handler SAPI Crafted .htaccess DoS
Local Access Required Denial of Service
Loss of Availability
Exploit Public Vendor Verified

- 漏洞描述

The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) contains a flaw that may allow a local denial of service. The issue is triggered when a malicious user places a specially crafted .htaccess file in a root directory while safe mode is active. This will cause a segmentation fault, resulting in loss of availability for the service.

- 时间线

2005-10-24 Unknow
2005-10-24 Unknow

- 解决方案

Upgrade to version 4.4.1 or higher or to version 5.1.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

PHP Apache 2 Local Denial of Service Vulnerability
Failure to Handle Exceptional Conditions 15177
No Yes
2005-10-24 12:00:00 2006-11-06 04:37:00
Discovery is credited to Eric Romang / ZATAZ.com <exploits@zataz.net>.

- 受影响的程序版本

Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
Trustix Secure Enterprise Linux 2.0
PHP PHP 5.0.5
PHP PHP 5.0.4
PHP PHP 5.0.3
+ Trustix Secure Linux 2.2
PHP PHP 5.0.2
PHP PHP 5.0.1
PHP PHP 5.0 candidate 3
PHP PHP 5.0 candidate 2
PHP PHP 5.0 candidate 1
PHP PHP 5.0 .0
PHP PHP 4.4 .0
PHP PHP 4.3.11
PHP PHP 4.3.10
+ Gentoo Linux
+ Red Hat Fedora Core3
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
+ Trustix Secure Linux 1.5
PHP PHP 4.3.9
PHP PHP 4.3.8
PHP PHP 4.3.7
PHP PHP 4.3.6
PHP PHP 4.3.5
PHP PHP 4.3.4
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ S.u.S.E. Linux Personal 9.1
PHP PHP 4.3.3
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ Turbolinux Home
+ Turbolinux Turbolinux 10 F...
+ Turbolinux Turbolinux Desktop 10.0
PHP PHP 4.3.2
PHP PHP 4.3.1
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ OpenPKG OpenPKG Current
+ S.u.S.E. Linux Personal 8.2
PHP PHP 4.3
PHP PHP 4.2.3
+ EnGarde Secure Linux 1.0.1
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Mandriva Linux Mandrake 9.0
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 7.0
PHP PHP 4.2.2
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.2
+ OpenPKG OpenPKG 1.1
+ RedHat Linux 8.0 i386
+ RedHat Linux 8.0
+ S.u.S.E. Linux 8.1
PHP PHP 4.2.1
- FreeBSD FreeBSD 4.6
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
+ Slackware Linux 8.1
PHP PHP 4.2 .0
PHP PHP 4.2 -dev
PHP PHP 4.1.2
+ Apple Mac OS X 10.1.5
+ Apple Mac OS X 10.1.4
+ Apple Mac OS X 10.1.3
+ Apple Mac OS X 10.1.2
+ Apple Mac OS X 10.1.1
+ Apple Mac OS X 10.1
+ Apple Mac OS X 10.1
+ Apple Mac OS X 10.0.4
+ Apple Mac OS X 10.0.3
+ Apple Mac OS X 10.0.2
+ Apple Mac OS X 10.0.1
+ Apple Mac OS X 10.0
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ MandrakeSoft Multi Network Firewall 2.0
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
PHP PHP 4.1.1
+ Conectiva Linux 7.0
PHP PHP 4.1 .0
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
PHP PHP 4.0.7 RC3
PHP PHP 4.0.7 RC2
PHP PHP 4.0.7 RC1
PHP PHP 4.0.7
PHP PHP 4.0.6
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ HP Secure OS software for Linux 1.0
- IBM AIX 4.3.3
- IBM AIX 4.3.2
- IBM AIX 4.3.1
- IBM AIX 4.3
- IBM AIX 5.1
+ MandrakeSoft Corporate Server 1.0.1
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.1
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
+ RedHat Linux 7.0
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.3
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.2
+ Sun Cobalt RaQ 550
+ Sun LX50
+ Trustix Secure Linux 1.5
PHP PHP 4.0.5
PHP PHP 4.0.4
+ Compaq Compaq Secure Web Server PHP 1.0
+ Conectiva Linux 6.0
+ Guardian Digital Engarde Secure Linux 1.0.1
+ S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 7.0
PHP PHP 4.0.3 pl1
+ S.u.S.E. Linux 6.4 ppc
+ S.u.S.E. Linux 6.4 i386
+ S.u.S.E. Linux 6.4 alpha
+ S.u.S.E. Linux 6.4
PHP PHP 4.0.3
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
+ Sun Cobalt Control Station 4100CS
+ Sun Cobalt Qube3 Japanese 4000WGJ
+ Sun Cobalt Qube3 Japanese w/ Caching and RAID 4100WGJ
+ Sun Cobalt Qube3 Japanese w/Caching 4010WGJ
+ Sun Cobalt RaQ XTR 3500R
+ Sun Cobalt RaQ XTR Japanese 3500R-ja
PHP PHP 4.0.2
PHP PHP 4.0.1 pl2
PHP PHP 4.0.1 pl1
PHP PHP 4.0.1
+ Sun Cobalt Qube3 4000WG
+ Sun Cobalt Qube3 w/ Caching and RAID 4100WG
+ Sun Cobalt Qube3 w/Caching 4010WG
+ Sun Cobalt RaQ4 3001R
+ Sun Cobalt RaQ4 Japanese RAID 3100R-ja
+ Sun Cobalt RaQ4 RAID 3100R
PHP PHP 4.0 0
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
HP System Management Homepage 2.1.4
HP System Management Homepage 2.1.3 .132
HP System Management Homepage 2.1.3
HP System Management Homepage 2.1.2
HP System Management Homepage 2.1.1
HP System Management Homepage 2.1
HP System Management Homepage 2.0.2
HP System Management Homepage 2.0.1
HP System Management Homepage 2.0
Gentoo Linux
Apple Mac OS X Server 10.4.5
Apple Mac OS X Server 10.3.9
Apple Mac OS X 10.4.5
Apple Mac OS X 10.3.9
Apache Software Foundation Apache 2.1.8
Apache Software Foundation Apache 2.1.7
Apache Software Foundation Apache 2.1.6
Apache Software Foundation Apache 2.1.5
Apache Software Foundation Apache 2.1.4
Apache Software Foundation Apache 2.1.3
Apache Software Foundation Apache 2.1.2
Apache Software Foundation Apache 2.1.1
Apache Software Foundation Apache 2.1
Apache Software Foundation Apache 2.0.55
Apache Software Foundation Apache 2.0.54
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
Apache Software Foundation Apache 2.0.53
Apache Software Foundation Apache 2.0.52
+ Apple Mac OS X 10.3.6
+ Apple Mac OS X 10.2.8
+ Apple Mac OS X Server 10.3.6
+ Apple Mac OS X Server 10.2.8
+ Red Hat Enterprise Linux AS 4
+ RedHat Desktop 4.0
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux WS 4
+ Sun Solaris 10
Apache Software Foundation Apache 2.0.51
Apache Software Foundation Apache 2.0.50
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
Apache Software Foundation Apache 2.0.49
+ S.u.S.E. Linux Personal 9.1
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Apache Software Foundation Apache 2.0.48
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Apache Software Foundation Apache 2.0.47
+ Apple Mac OS X Server 10.3.5
+ Apple Mac OS X Server 10.3.4
+ Apple Mac OS X Server 10.3.3
+ Apple Mac OS X Server 10.3.2
+ Apple Mac OS X Server 10.3.1
+ Apple Mac OS X Server 10.3
+ Apple Mac OS X Server 10.2.8
+ Apple Mac OS X Server 10.2.7
+ Apple Mac OS X Server 10.2.6
+ Apple Mac OS X Server 10.2.5
+ Apple Mac OS X Server 10.2.4
+ Apple Mac OS X Server 10.2.3
+ Apple Mac OS X Server 10.2.2
+ Apple Mac OS X Server 10.2.1
+ Apple Mac OS X Server 10.2
+ Apple Mac OS X Server 10.1.5
+ Apple Mac OS X Server 10.1.4
+ Apple Mac OS X Server 10.1.3
+ Apple Mac OS X Server 10.1.2
+ Apple Mac OS X Server 10.1.1
+ Apple Mac OS X Server 10.1
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
Apache Software Foundation Apache 2.0.46
+ Red Hat Enterprise Linux AS 3
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 3
+ Trustix Secure Linux 2.0
Apache Software Foundation Apache 2.0.45
- Apple Mac OS X 10.2.6
- Apple Mac OS X 10.2.5
- Apple Mac OS X 10.2.4
- Apple Mac OS X 10.2.3
- Apple Mac OS X 10.2.2
- Apple Mac OS X 10.2.1
- Apple Mac OS X 10.2
- Apple Mac OS X 10.1.5
- Apple Mac OS X 10.1.4
- Apple Mac OS X 10.1.3
- Apple Mac OS X 10.1.2
- Apple Mac OS X 10.1.1
- Apple Mac OS X 10.1
- Apple Mac OS X 10.1
- Apple Mac OS X 10.0.4
- Apple Mac OS X 10.0.3
- Apple Mac OS X 10.0.2
- Apple Mac OS X 10.0.1
- Apple Mac OS X 10.0
+ Conectiva Linux 9.0
Apache Software Foundation Apache 2.0.44
Apache Software Foundation Apache 2.0.43
Apache Software Foundation Apache 2.0.42
Apache Software Foundation Apache 2.0.41
Apache Software Foundation Apache 2.0.40
+ RedHat Linux 9.0 i386
+ RedHat Linux 8.0
+ Terra Soft Solutions Yellow Dog Linux 3.0
Apache Software Foundation Apache 2.0.39
Apache Software Foundation Apache 2.0.38
Apache Software Foundation Apache 2.0.37
Apache Software Foundation Apache 2.0.36
Apache Software Foundation Apache 2.0.35
Apache Software Foundation Apache 2.0.32
Apache Software Foundation Apache 2.0.28 Beta
Apache Software Foundation Apache 2.0.28
Apache Software Foundation Apache 2.0 a9
Apache Software Foundation Apache 2.0
PHP PHP 5.1
PHP PHP 4.4.1
HP System Management Homepage 2.1.5

- 不受影响的程序版本

PHP PHP 5.1
PHP PHP 4.4.1
HP System Management Homepage 2.1.5

- 漏洞讨论

PHP is prone to a local denial-of-service vulnerability when it is used as an Apache 2 module.

Reports indicate that due to a bug in the apache2handler SAPI (of the 'sapi_apache2.c' file), this issue triggers a segmentation fault and leads to a crash in the server.

This issue affects PHP versions prior to 5.1.0 final and 4.4.1 final.

- 漏洞利用

An exploit is not required.

- 解决方案


Please see the referenced vendor advisories for more information.


Apple Mac OS X Server 10.3.9

Apple Mac OS X Server 10.4.5

Apple Mac OS X 10.4.5

HP System Management Homepage 2.0.1

HP System Management Homepage 2.0.2

HP System Management Homepage 2.1

HP System Management Homepage 2.1.1

HP System Management Homepage 2.1.3 .132

HP System Management Homepage 2.1.4

PHP PHP 4.1.2

PHP PHP 4.2.3

PHP PHP 4.3.10

PHP PHP 4.3.4

PHP PHP 4.4 .0

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站