CVE-2006-3017
CVSS9.3
发布时间 :2006-06-14 19:02:00
修订时间 :2010-09-15 00:00:00
NMCOPS    

[原文]zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations.


[CNNVD]PHP zend_hash.c 输入验证漏洞 (CNNVD-200606-296)

        PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。
        PHP 4.4.3以及5.1.3 之前的5.x版本中的中的zend_hash.c,其zend_hash_del_key_or_index 可能导致zend_hash_del删除错误的元素,它可以防止被取消设置即使取消设置PHP的函数被调用,这可能导致变量的值将用于安全相关的操作变量。

- CVSS (基础分值)

CVSS分值: 9.3 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: MEDIUM [漏洞利用存在一定的访问条件]
攻击向量: NETWORK [攻击者不需要获取内网访问权或本地访问权]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:php:php:3.0.17PHP PHP 3.0.17
cpe:/a:php:php:5.0.0:rc1PHP PHP 5.0.0 RC1
cpe:/a:php:php:3.0.13PHP PHP 3.0.13
cpe:/a:php:php:5.0.0:beta3PHP PHP 5.0.0 Beta3
cpe:/a:php:php:4.0.1PHP PHP 4.0.1
cpe:/a:php:php:5.0.0:beta2PHP PHP 5.0.0 Beta2
cpe:/a:php:php:5.0.5PHP PHP 5.0.5
cpe:/a:php:php:5.0.0:rc3PHP PHP 5.0.0 RC3
cpe:/a:php:php:4.3.10PHP PHP 4.3.10
cpe:/a:php:php:4.3.1PHP PHP 4.3.1
cpe:/a:php:php:4.0.0PHP PHP 4.0.0
cpe:/a:php:php:4.3.7PHP PHP 4.3.7
cpe:/a:php:php:3.0.1PHP PHP 3.0.1
cpe:/a:php:php:4.2.0PHP PHP 4.2.0
cpe:/a:php:php:5.0.1PHP PHP 5.0.1
cpe:/a:php:php:3.0.14PHP PHP 3.0.14
cpe:/a:php:php:4.2.2PHP PHP 4.2.2
cpe:/a:php:php:5.0:rc1
cpe:/a:php:php:4.0.7:rc3
cpe:/a:php:php:4.0.2PHP PHP 4.0.2
cpe:/a:php:php:4.0.6PHP PHP 4.0.6
cpe:/a:php:php:5.0:rc3
cpe:/a:php:php:4.1.2PHP PHP 4.1.2
cpe:/a:php:php:4.0:rc1
cpe:/a:php:php:4.0.5PHP PHP 4.0.5
cpe:/a:php:php:4.0:beta1PHP PHP 4.0 Beta 1
cpe:/a:php:php:5.1.1PHP PHP 5.1.1
cpe:/a:php:php:4.2::dev
cpe:/a:php:php:4.3.6PHP PHP 4.3.6
cpe:/a:php:php:4.0:rc2
cpe:/a:php:php:4.3
cpe:/a:php:php:4.0.1:patch2
cpe:/a:php:php:4.0.4PHP PHP 4.0.4
cpe:/a:php:php:4.4.2PHP PHP 4.4.2
cpe:/a:php:php:3.0.15PHP PHP 3.0.15
cpe:/a:php:php:5.0.4PHP PHP 5.0.4
cpe:/a:php:php:5.0.0:rc2PHP PHP 5.0.0 RC2
cpe:/a:php:php:4.3.4PHP PHP 4.3.4
cpe:/a:php:php:3.0.9PHP PHP 3.0.9
cpe:/a:php:php:4.0.3PHP PHP 4.0.3
cpe:/a:php:php:5.0:rc2
cpe:/a:php:php:4.3.2PHP PHP 4.3.2
cpe:/a:php:php:4.0:beta2PHP PHP 4.0 Beta 2
cpe:/a:php:php:4.3.3PHP PHP 4.3.3
cpe:/a:php:php:3.0.16PHP PHP 3.0.16
cpe:/a:php:php:5.1
cpe:/a:php:php:4.0.1:patch1
cpe:/a:php:php:3.0.2PHP PHP 3.0.2
cpe:/a:php:php:4.0:beta4PHP PHP 4.0 Beta 4
cpe:/a:php:php:4.0.3:patch1
cpe:/a:php:php:5.1.2PHP PHP 5.1.2
cpe:/a:php:php:3.0.5PHP PHP 3.0.5
cpe:/a:php:php:5.1.0PHP PHP 5.1.0
cpe:/a:php:php:3.0.7PHP PHP 3.0.7
cpe:/a:php:php:4.0.4:patch1
cpe:/a:php:php:4.0.7:rc2
cpe:/a:php:php:5.0.0PHP PHP 5.0.0
cpe:/a:php:php:5.0.2PHP PHP 5.0.2
cpe:/a:php:php:4.2.1PHP PHP 4.2.1
cpe:/a:php:php:4.4.1PHP PHP 4.4.1
cpe:/a:php:php:4.0:beta_4_patch1PHP PHP 4.0 Beta 4 Patch Level 1
cpe:/a:php:php:4.0
cpe:/a:php:php:5.0.3PHP PHP 5.0.3
cpe:/a:php:php:3.0.11PHP PHP 3.0.11
cpe:/a:php:php:4.1.1PHP PHP 4.1.1
cpe:/a:php:php:3.0.6PHP PHP 3.0.6
cpe:/a:php:php:4.0.7PHP PHP 4.0.7
cpe:/a:php:php:3.0.10PHP PHP 3.0.10
cpe:/a:php:php:4.3.11PHP PHP 4.3.11
cpe:/a:php:php:3.0.12PHP PHP 3.0.12
cpe:/a:php:php:5.0.0:beta1PHP PHP 5.0.0 Beta1
cpe:/a:php:php:4.0.7:rc1
cpe:/a:php:php:3.0.8PHP PHP 3.0.8
cpe:/a:php:php:3.0.18PHP PHP 3.0.18
cpe:/a:php:php:5.0.0:beta4PHP PHP 5.0.0 Beta4
cpe:/a:php:php:4.3.8PHP PHP 4.3.8
cpe:/a:php:php:3.0.3PHP PHP 3.0.3
cpe:/a:php:php:4.1.0PHP PHP 4.1.0
cpe:/a:php:php:3.0PHP PHP 3.0
cpe:/a:php:php:pl1
cpe:/a:php:php:4.4.0PHP PHP 4.4.0
cpe:/a:php:php:4.3.9PHP PHP 4.3.9
cpe:/a:php:php:3.0.4PHP PHP 3.0.4
cpe:/a:php:php:4.0:beta3PHP PHP 4.0 Beta 3
cpe:/a:php:php:4.3.5PHP PHP 4.3.5
cpe:/a:php:php:4.2.3PHP PHP 4.2.3

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10118zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, whic...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3017
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-3017
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200606-296
(官方数据源) CNNVD

- 其它链接及资源

https://issues.rpath.com/browse/RPL-683
(UNKNOWN)  CONFIRM  https://issues.rpath.com/browse/RPL-683
http://xforce.iss.net/xforce/xfdb/27396
(UNKNOWN)  XF  php-zendhashdel-unspecified(27396)
http://www.ubuntulinux.org/support/documentation/usn/usn-320-1
(UNKNOWN)  UBUNTU  USN-320-1
http://www.turbolinux.com/security/2006/TLSA-2006-38.txt
(UNKNOWN)  TURBO  TLSA-2006-38
http://www.securityfocus.com/bid/17843
(UNKNOWN)  BID  17843
http://www.securityfocus.com/archive/1/archive/1/447866/100/0/threaded
(UNKNOWN)  BUGTRAQ  20061005 rPSA-2006-0182-1 php php-mysql php-pgsql
http://www.securityfocus.com/archive/1/archive/1/442437/100/0/threaded
(UNKNOWN)  BUGTRAQ  20060806 PHP: Zend_Hash_Del_Key_Or_Index Vulnerability
http://www.redhat.com/support/errata/RHSA-2006-0568.html
(UNKNOWN)  REDHAT  RHSA-2006:0568
http://www.redhat.com/support/errata/RHSA-2006-0567.html
(UNKNOWN)  REDHAT  RHSA-2006:0567
http://www.php.net/release_5_1_3.php
(UNKNOWN)  CONFIRM  http://www.php.net/release_5_1_3.php
http://www.osvdb.org/26466
(UNKNOWN)  OSVDB  26466
http://www.osvdb.org/25255
(UNKNOWN)  OSVDB  25255
http://www.novell.com/linux/security/advisories/2006_34_php4.html
(UNKNOWN)  SUSE  SUSE-SA:2006:034
http://www.novell.com/linux/security/advisories/2006_31_php.html
(UNKNOWN)  SUSE  SUSE-SA:2006:031
http://www.mandriva.com/security/advisories?name=MDKSA-2006:122
(UNKNOWN)  MANDRIVA  MDKSA-2006:122
http://www.hardened-php.net/hphp/zend_hash_del_key_or_index_vulnerability.html
(UNKNOWN)  MISC  http://www.hardened-php.net/hphp/zend_hash_del_key_or_index_vulnerability.html
http://www.debian.org/security/2006/dsa-1206
(UNKNOWN)  DEBIAN  DSA-1206
http://support.avaya.com/elmodocs2/security/ASA-2006-175.htm
(UNKNOWN)  CONFIRM  http://support.avaya.com/elmodocs2/security/ASA-2006-175.htm
http://securitytracker.com/id?1016649
(UNKNOWN)  SECTRACK  1016649
http://securitytracker.com/id?1016306
(UNKNOWN)  SECTRACK  1016306
http://secunia.com/advisories/22713
(VENDOR_ADVISORY)  SECUNIA  22713
http://secunia.com/advisories/22225
(VENDOR_ADVISORY)  SECUNIA  22225
http://secunia.com/advisories/21723
(VENDOR_ADVISORY)  SECUNIA  21723
http://secunia.com/advisories/21252
(VENDOR_ADVISORY)  SECUNIA  21252
http://secunia.com/advisories/21202
(VENDOR_ADVISORY)  SECUNIA  21202
http://secunia.com/advisories/21135
(VENDOR_ADVISORY)  SECUNIA  21135
http://secunia.com/advisories/21125
(VENDOR_ADVISORY)  SECUNIA  21125
http://secunia.com/advisories/21050
(VENDOR_ADVISORY)  SECUNIA  21050
http://secunia.com/advisories/21031
(VENDOR_ADVISORY)  SECUNIA  21031
http://secunia.com/advisories/19927
(VENDOR_ADVISORY)  SECUNIA  19927
http://rhn.redhat.com/errata/RHSA-2006-0549.html
(UNKNOWN)  REDHAT  RHSA-2006:0549
http://cvs.php.net/viewcvs.cgi/Zend/zend_hash.c?hideattic=0&view=log
(UNKNOWN)  CONFIRM  http://cvs.php.net/viewcvs.cgi/Zend/zend_hash.c?hideattic=0&view=log
http://cvs.php.net/viewcvs.cgi/Zend/zend_hash.c?hideattic=0&r1=1.87.4.8.2.1&r2=1.87.4.8.2.2
(UNKNOWN)  CONFIRM  http://cvs.php.net/viewcvs.cgi/Zend/zend_hash.c?hideattic=0&r1=1.87.4.8.2.1&r2=1.87.4.8.2.2
http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0166.html
(UNKNOWN)  FULLDISC  20060806 PHP: Zend_Hash_Del_Key_Or_Index Vulnerability
ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U
(UNKNOWN)  SGI  20060701-01-U

- 漏洞信息

PHP zend_hash.c 输入验证漏洞
高危 资料不足
2006-06-14 00:00:00 2007-08-13 00:00:00
远程  
        PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。
        PHP 4.4.3以及5.1.3 之前的5.x版本中的中的zend_hash.c,其zend_hash_del_key_or_index 可能导致zend_hash_del删除错误的元素,它可以防止被取消设置即使取消设置PHP的函数被调用,这可能导致变量的值将用于安全相关的操作变量。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        http://www.php.net/downloads.php

- 漏洞信息 (F51730)

Debian Linux Security Advisory 1206-1 (PacketStormID:F51730)
2006-11-07 00:00:00
Debian  debian.org
advisory,remote,arbitrary,php,vulnerability
linux,debian
CVE-2005-3353,CVE-2006-3017,CVE-2006-4482,CVE-2006-5465
[点击下载]

Debian Security Advisory 1206-1 - Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language, which may lead to the execution of arbitrary code.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1206-1                    security@debian.org
http://www.debian.org/security/                         Moritz Muehlenhoff
November 6th, 2006                      http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : php4
Vulnerability  : several
Problem-Type   : remote
Debian-specific: no
CVE ID         : CVE-2005-3353 CVE-2006-3017 CVE-2006-4482 CVE-2006-5465

Several remote vulnerabilities have been discovered in PHP, a
server-side, HTML-embedded scripting language, which may lead to the
execution of arbitrary code. The Common Vulnerabilities and Exposures
project identifies the following problems:

CVE-2005-3353

    Tim Starling discovered that missing input sanitising in the EXIF
    module could lead to denial of service.

CVE-2006-3017

    Stefan Esser discovered a security-critical programming error in the
    hashtable implementation of the internal Zend engine.

CVE-2006-4482

    It was discovered that str_repeat() and wordwrap() functions perform
    insufficient checks for buffer boundaries on 64 bit systems, which
    might lead to the execution of arbitrary code.

CVE-2006-5465

    Stefan Esser discovered a buffer overflow in the htmlspecialchars()
    and htmlentities(), which might lead to the execution of arbitrary
    code.

For the stable distribution (sarge) these problems have been fixed in
version 4:4.3.10-18. Builds for hppa and m68k will be provided later
once they are available.

For the unstable distribution (sid) these problems have been fixed in
version 4:4.4.4-4 of php4 and version 5.1.6-6 of php5.

We recommend that you upgrade your php4 packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/p/php4/php4_4.3.10-18.dsc
      Size/MD5 checksum:     1686 b99c2dd2804c2bbc49e2ddf4552cc80c
    http://security.debian.org/pool/updates/main/p/php4/php4_4.3.10-18.diff.gz
      Size/MD5 checksum:   280816 86bdd61412df9ca0b87a5f5aa536a610
    http://security.debian.org/pool/updates/main/p/php4/php4_4.3.10.orig.tar.gz
      Size/MD5 checksum:  4892209 73f5d1f42e34efa534a09c6091b5a21e

  Architecture independent components:

    http://security.debian.org/pool/updates/main/p/php4/php4-pear_4.3.10-18_all.deb
      Size/MD5 checksum:   250000 8d364cb47cfbb8bb2472ca47812123e3
    http://security.debian.org/pool/updates/main/p/php4/php4_4.3.10-18_all.deb
      Size/MD5 checksum:     1144 26260bbbf8804b071cdf75ce70bde876

  Alpha architecture:

    http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.3.10-18_alpha.deb
      Size/MD5 checksum:  1700934 1deff9409b11b01a88a805ca8726d3c3
    http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.3.10-18_alpha.deb
      Size/MD5 checksum:  1698672 d91afe4bf274a9abc1227747765be8ca
    http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.3.10-18_alpha.deb
      Size/MD5 checksum:  3464908 2d3ac8b65a2650bbc60327043bb74cfa
    http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.3.10-18_alpha.deb
      Size/MD5 checksum:  1743098 0228c6cb6f305f473d0df08c61bfe10f
    http://security.debian.org/pool/updates/main/p/php4/php4-common_4.3.10-18_alpha.deb
      Size/MD5 checksum:   167916 02f6e85f6e12684c41f16cf908aa2a0e
    http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.3.10-18_alpha.deb
      Size/MD5 checksum:    18148 3aa1ca7f556608a37d8dc6442cbc244e
    http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.3.10-18_alpha.deb
      Size/MD5 checksum:   325200 7126e4aa1ca42fd6e04a72ba782dc2e0
    http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.3.10-18_alpha.deb
      Size/MD5 checksum:    39036 28fc28ae9bf2b4ab091b7ae6687b027d
    http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.3.10-18_alpha.deb
      Size/MD5 checksum:    34552 daa6539117567a4fffd1c8196426b3d7
    http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.3.10-18_alpha.deb
      Size/MD5 checksum:    38060 026c1fdd47d1cc9ff426427d5e04e5c6
    http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.3.10-18_alpha.deb
      Size/MD5 checksum:    21378 01d0e1b4abc53a4aff236bae15a3021c
    http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.3.10-18_alpha.deb
      Size/MD5 checksum:    18210 ebb9a131438cd54cd636fab7db1b3293
    http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.3.10-18_alpha.deb
      Size/MD5 checksum:     8340 29dda4814444739effce591f24f4b3da
    http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.3.10-18_alpha.deb
      Size/MD5 checksum:    22454 344307b6d30996a6fc9bcffab5ea163d
    http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.3.10-18_alpha.deb
      Size/MD5 checksum:    28368 114065def6bdf90c16fc60e8c087dfec
    http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.3.10-18_alpha.deb
      Size/MD5 checksum:     7964 4b614f3bfa16346d449bcbee71c58d75
    http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.3.10-18_alpha.deb
      Size/MD5 checksum:    13770 6f8c4f516e744ed9daf4157df9112fa6
    http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.3.10-18_alpha.deb
      Size/MD5 checksum:    23304 644e7764688b5d9305cf9bb625ae6747
    http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.3.10-18_alpha.deb
      Size/MD5 checksum:    17886 a01178a81b43e0fd909a16a81695832b

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.3.10-18_amd64.deb
      Size/MD5 checksum:  1660608 2dcf0c9a7c99609665f54d571628bc4f
    http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.3.10-18_amd64.deb
      Size/MD5 checksum:  1658062 009757f161f1ff3bd3fc29bee44d6e17
    http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.3.10-18_amd64.deb
      Size/MD5 checksum:  3277740 76ee9926ad67aa6dd666edb59a590adf
    http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.3.10-18_amd64.deb
      Size/MD5 checksum:  1648188 3b40796e964ee6eab1e06a1a76029ef1
    http://security.debian.org/pool/updates/main/p/php4/php4-common_4.3.10-18_amd64.deb
      Size/MD5 checksum:   167920 0064aba32b455b870848cf0c151ed93f
    http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.3.10-18_amd64.deb
      Size/MD5 checksum:    17834 d44cba2553a65d00f844d964615c2f0c
    http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.3.10-18_amd64.deb
      Size/MD5 checksum:   325184 f21e0e6afe5835083193c3039ab5fdfc
    http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.3.10-18_amd64.deb
      Size/MD5 checksum:    40802 9ccd024e9fb5f70aa3ecc3d4c0fe8531
    http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.3.10-18_amd64.deb
      Size/MD5 checksum:    34286 781c66281eb08f129aae64d806cb42b1
    http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.3.10-18_amd64.deb
      Size/MD5 checksum:    37650 a0c129d1e47883a244199e553c637581
    http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.3.10-18_amd64.deb
      Size/MD5 checksum:    21412 7de677bfdae7ac19f663f878a00dcb40
    http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.3.10-18_amd64.deb
      Size/MD5 checksum:    18884 bb82e2d09986e4f76e64b05d27f26dd5
    http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.3.10-18_amd64.deb
      Size/MD5 checksum:     8244 1ede17004a053a4d66f541e580fcf56d
    http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.3.10-18_amd64.deb
      Size/MD5 checksum:    22890 83c5c86e1c9e4260cdf68048b8a4052b
    http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.3.10-18_amd64.deb
      Size/MD5 checksum:    28784 c717f11defbfd27a151035510efae669
    http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.3.10-18_amd64.deb
      Size/MD5 checksum:     7908 9a89b18ed52654643c368b8374494940
    http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.3.10-18_amd64.deb
      Size/MD5 checksum:    13672 aadb8c935c6cfc0940ebca26f74a8f66
    http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.3.10-18_amd64.deb
      Size/MD5 checksum:    22434 904489e90619114f29a371c175b81e7d
    http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.3.10-18_amd64.deb
      Size/MD5 checksum:    17570 08b245b8e01cb69806b8e453a7ec6234

  ARM architecture:

    http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.3.10-18_arm.deb
      Size/MD5 checksum:  1591974 afdd3c988badd5c2751e364f77987dbb
    http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.3.10-18_arm.deb
      Size/MD5 checksum:  1591786 a2ea48b3394a081b42eb5f680f29ef72
    http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.3.10-18_arm.deb
      Size/MD5 checksum:  3171516 07df6b074d821e4a61396964050ded20
    http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.3.10-18_arm.deb
      Size/MD5 checksum:  1593088 0703edb2b7348ebf2a4d072e1b52b3bc
    http://security.debian.org/pool/updates/main/p/php4/php4-common_4.3.10-18_arm.deb
      Size/MD5 checksum:   167938 0934b0061b9aa706a2e33a47d270508a
    http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.3.10-18_arm.deb
      Size/MD5 checksum:    17646 adba08080702e089bffba483a9de1035
    http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.3.10-18_arm.deb
      Size/MD5 checksum:   325468 10b04c3f5e58e3c0a8ca1122f7afb518
    http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.3.10-18_arm.deb
      Size/MD5 checksum:    36114 474494efb516b9cbc403e809df4e419c
    http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.3.10-18_arm.deb
      Size/MD5 checksum:    31782 2f3485924aabf2da12ff9a6c15826abb
    http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.3.10-18_arm.deb
      Size/MD5 checksum:    35384 d4c458352a00c5c2b93c0ea7db3c47fa
    http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.3.10-18_arm.deb
      Size/MD5 checksum:    19736 64ecf4479384d29a420873bcd3f89a65
    http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.3.10-18_arm.deb
      Size/MD5 checksum:    17086 8a5ee897db51d1ef44613dad242b51ea
    http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.3.10-18_arm.deb
      Size/MD5 checksum:     7814 fe2c30426aaaffe72d8ca0151702bc96
    http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.3.10-18_arm.deb
      Size/MD5 checksum:    20598 88b93b4216656b50fc52b2022f7d1d3a
    http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.3.10-18_arm.deb
      Size/MD5 checksum:    27324 e0498ee38ead720b3c8592a1bdc41224
    http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.3.10-18_arm.deb
      Size/MD5 checksum:     7640 52bdb48050f3b8c2d569bbfca236d0ea
    http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.3.10-18_arm.deb
      Size/MD5 checksum:    12794 c9642636475261fe406ffcc81ed9be4e
    http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.3.10-18_arm.deb
      Size/MD5 checksum:    20888 8742826563b883e2e761afc44788c027
    http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.3.10-18_arm.deb
      Size/MD5 checksum:    15792 79495683d81c4cb9063b5c13b94c4547

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.3.10-18_i386.deb
      Size/MD5 checksum:  1614232 572e82d2d3c8e9299fc27fb3da1be573
    http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.3.10-18_i386.deb
      Size/MD5 checksum:  1611996 3eb79568d85b2154e07fbc7c8a71ab99
    http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.3.10-18_i386.deb
      Size/MD5 checksum:  3208898 822b7d30ae417ca4cca7a959d33967c0
    http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.3.10-18_i386.deb
      Size/MD5 checksum:  1609468 354276638d467776e026a9b95a1acb60
    http://security.debian.org/pool/updates/main/p/php4/php4-common_4.3.10-18_i386.deb
      Size/MD5 checksum:   167936 cf408f6af1e686a1b9a9a33e59341bb5
    http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.3.10-18_i386.deb
      Size/MD5 checksum:    17902 3a863a5c7f7540aa01e53ff817affeca
    http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.3.10-18_i386.deb
      Size/MD5 checksum:   325168 3cccbdc82dd6ef063746c691cb5d063f
    http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.3.10-18_i386.deb
      Size/MD5 checksum:    37234 0fbaff4f5b3bcc2ff27ea25ef377f7d8
    http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.3.10-18_i386.deb
      Size/MD5 checksum:    32390 a5110ec9f8e82505613bceb78341a829
    http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.3.10-18_i386.deb
      Size/MD5 checksum:    37370 fd429c6203e71101cd628e4ac040087b
    http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.3.10-18_i386.deb
      Size/MD5 checksum:    19960 8384a96bc96147a83ad05a5ec5f2cfd3
    http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.3.10-18_i386.deb
      Size/MD5 checksum:    17676 90a2ffebe127c8c672b2f43cc9fddfcf
    http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.3.10-18_i386.deb
      Size/MD5 checksum:     8040 e7ee51f0cd7fcb8a66c29a58837509df
    http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.3.10-18_i386.deb
      Size/MD5 checksum:    21218 00f174cd3965a23abcccccc3bcfa2200
    http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.3.10-18_i386.deb
      Size/MD5 checksum:    27146 e84270ecde6cae6a3b4bbdd36bb86c3d
    http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.3.10-18_i386.deb
      Size/MD5 checksum:     7700 a58a6b0579b26459afb478462ee31519
    http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.3.10-18_i386.deb
      Size/MD5 checksum:    13158 a508e1dc78f5fda5c3dd2ad19360fe0d
    http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.3.10-18_i386.deb
      Size/MD5 checksum:    21376 ec7bd84b0e3b1d1cc17355c474486cbb
    http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.3.10-18_i386.deb
      Size/MD5 checksum:    16396 c141d3d2498cc3391f32232b95cb196a

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.3.10-18_ia64.deb
      Size/MD5 checksum:  1952128 ced874b90ed36a7843a56303a8a04522
    http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.3.10-18_ia64.deb
      Size/MD5 checksum:  1949382 4cc9f82fe65d380bab127178b3b5f08c
    http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.3.10-18_ia64.deb
      Size/MD5 checksum:  3895128 43c19f3ab0f53e5371595520b2f7d1e7
    http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.3.10-18_ia64.deb
      Size/MD5 checksum:  1949590 cc7d7eff9e324c31ebec2112345821ef
    http://security.debian.org/pool/updates/main/p/php4/php4-common_4.3.10-18_ia64.deb
      Size/MD5 checksum:   167916 d17b9aa8fc429e41ad6b7393977af93a
    http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.3.10-18_ia64.deb
      Size/MD5 checksum:    22022 ae3a31d8f477eb69650c9d88f7271788
    http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.3.10-18_ia64.deb
      Size/MD5 checksum:   325196 4d7e3dd0d060056bc20198f3d5ead646
    http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.3.10-18_ia64.deb
      Size/MD5 checksum:    50632 7368a6ef6bd8e41bf7a3e905a448660c
    http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.3.10-18_ia64.deb
      Size/MD5 checksum:    45248 0b2cc6364099fe906820c8043f565629
    http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.3.10-18_ia64.deb
      Size/MD5 checksum:    48216 44a538ecbe3760c449e6898fcd9f02a8
    http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.3.10-18_ia64.deb
      Size/MD5 checksum:    27026 8ea2a8c41ce29715747457503714a76b
    http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.3.10-18_ia64.deb
      Size/MD5 checksum:    22648 e6edbf30d910de441c2e080695612a71
    http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.3.10-18_ia64.deb
      Size/MD5 checksum:     9324 2d056ffa84d4d37195cc38c395e4ddec
    http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.3.10-18_ia64.deb
      Size/MD5 checksum:    27598 4e228c68bd22099f414cfc34794a422e
    http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.3.10-18_ia64.deb
      Size/MD5 checksum:    36170 8d23bb4db75de14272daa22e543a8adc
    http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.3.10-18_ia64.deb
      Size/MD5 checksum:     9004 345581f1565d77212bff7dec007322a1
    http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.3.10-18_ia64.deb
      Size/MD5 checksum:    16328 5e96eab77cd21d2ad0074c791429488e
    http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.3.10-18_ia64.deb
      Size/MD5 checksum:    28870 fe208dfb33c64c60888da4ae676eca01
    http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.3.10-18_ia64.deb
      Size/MD5 checksum:    21896 0ae7872423bcddb068506be60a592e02

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.3.10-18_mips.deb
      Size/MD5 checksum:  1648412 b22897e5386936f5e0c3e534d0ef4edc
    http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.3.10-18_mips.deb
      Size/MD5 checksum:  1646484 bde0d663e4b088ca096707dbd5ea085e
    http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.3.10-18_mips.deb
      Size/MD5 checksum:  3295390 e7ba986c31963686d61cb4e6e7ab0fb1
    http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.3.10-18_mips.deb
      Size/MD5 checksum:  1652314 7b1146db3f44d0756ab8ba581d91204a
    http://security.debian.org/pool/updates/main/p/php4/php4-common_4.3.10-18_mips.deb
      Size/MD5 checksum:   167932 f0f0d7221606384be034a43584f6c130
    http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.3.10-18_mips.deb
      Size/MD5 checksum:    16826 26ea16ea5120b002899cb096fb339e04
    http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.3.10-18_mips.deb
      Size/MD5 checksum:   325300 4e7913d8409c58e8d440e222d9bbbaeb
    http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.3.10-18_mips.deb
      Size/MD5 checksum:    35224 c35ca59240f075ee1ad544771e82f52d
    http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.3.10-18_mips.deb
      Size/MD5 checksum:    31930 94ef5618ceaed84a592d5323f25b503c
    http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.3.10-18_mips.deb
      Size/MD5 checksum:    33966 1e3af07adb4c1d335115fadca331a3a9
    http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.3.10-18_mips.deb
      Size/MD5 checksum:    19920 2446320de817c5de6df458cd04b84458
    http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.3.10-18_mips.deb
      Size/MD5 checksum:    16478 daf3946631fc385d2ae3200a84a9e6a7
    http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.3.10-18_mips.deb
      Size/MD5 checksum:     8116 9c12d49a7546cb73d12ce943a0c62ab9
    http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.3.10-18_mips.deb
      Size/MD5 checksum:    20510 c65e0863274f9e341f5085c3cf693ea2
    http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.3.10-18_mips.deb
      Size/MD5 checksum:    26372 f631fadcf8aaf2cde32cc9f34cf9ef62
    http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.3.10-18_mips.deb
      Size/MD5 checksum:     7824 8deeeadd18e998e42dcd4c57fb86db7b
    http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.3.10-18_mips.deb
      Size/MD5 checksum:    13152 9449dc1c15a0b9771b08edb99ac7817c
    http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.3.10-18_mips.deb
      Size/MD5 checksum:    21652 2135a7a2354a4d6009105258cd2cb833
    http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.3.10-18_mips.deb
      Size/MD5 checksum:    16192 6747f81d0d4ccbd501053f68da3ac259

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.3.10-18_mipsel.deb
      Size/MD5 checksum:  1630250 9a406a4362e3a8bce8ab0893f1b3fc1e
    http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.3.10-18_mipsel.deb
      Size/MD5 checksum:  1628592 8ff9ec915fd228bab715b4126f0624f8
    http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.3.10-18_mipsel.deb
      Size/MD5 checksum:  3253842 d9101ff31106d55f1361a1aea4da796e
    http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.3.10-18_mipsel.deb
      Size/MD5 checksum:  1631568 92d31cf18ff2138026e9412d5a8c1df6
    http://security.debian.org/pool/updates/main/p/php4/php4-common_4.3.10-18_mipsel.deb
      Size/MD5 checksum:   167940 46e1e1fed86610fc6a01580eb305e9da
    http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.3.10-18_mipsel.deb
      Size/MD5 checksum:    16794 508b3379bef4e8d7ce31dfc235a11702
    http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.3.10-18_mipsel.deb
      Size/MD5 checksum:   325300 aebcf44cf3ec1a9f5d57254d58240a2f
    http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.3.10-18_mipsel.deb
      Size/MD5 checksum:    34776 bcb4cd6a3606ee5a069328928a466b1b
    http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.3.10-18_mipsel.deb
      Size/MD5 checksum:    31662 5b371eb869cab39bc263dec252b24d46
    http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.3.10-18_mipsel.deb
      Size/MD5 checksum:    33836 79365af49433d2a52fa84eb83e13ff18
    http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.3.10-18_mipsel.deb
      Size/MD5 checksum:    19802 c7271c289d897c487b9ad2b9d3c8c848
    http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.3.10-18_mipsel.deb
      Size/MD5 checksum:    16388 ab9a58b595aa4da0edb92d8907b3abd4
    http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.3.10-18_mipsel.deb
      Size/MD5 checksum:     8088 af3bb195ba0f355539c95e512dacaa1b
    http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.3.10-18_mipsel.deb
      Size/MD5 checksum:    20452 f59bc05f9fe9806a5e96245629444ae8
    http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.3.10-18_mipsel.deb
      Size/MD5 checksum:    26242 495d0af0489ef27a27fb803df9c22f9c
    http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.3.10-18_mipsel.deb
      Size/MD5 checksum:     7772 c0e91e320dc7aa8612cb7ffcf67ff6f4
    http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.3.10-18_mipsel.deb
      Size/MD5 checksum:    13056 9c12b7d4dc873e79ee0367b2f127974a
    http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.3.10-18_mipsel.deb
      Size/MD5 checksum:    21592 347945c9d9724838b43d11d8f1d4d5d6
    http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.3.10-18_mipsel.deb
      Size/MD5 checksum:    16164 9f74e955acaf979f87665c3376c0cfba

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.3.10-18_powerpc.deb
      Size/MD5 checksum:  1661074 de33a92ea64c2550885a34babf3f5ae5
    http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.3.10-18_powerpc.deb
      Size/MD5 checksum:  1659118 207692feed208166db82a46f076e938d
    http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.3.10-18_powerpc.deb
      Size/MD5 checksum:  3280842 aaba5c02175be6b9aac9a0ff8d3a97aa
    http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.3.10-18_powerpc.deb
      Size/MD5 checksum:  1646628 05931feddf04a8b49a0d6949a85ec9eb
    http://security.debian.org/pool/updates/main/p/php4/php4-common_4.3.10-18_powerpc.deb
      Size/MD5 checksum:   167922 9186efbcb949031a5fccc92ba312ee38
    http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.3.10-18_powerpc.deb
      Size/MD5 checksum:    19648 6da340b1fa5354815eaba491289986f5
    http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.3.10-18_powerpc.deb
      Size/MD5 checksum:   325250 15eea0af4ce60a1dcfe1d7ae92afc402
    http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.3.10-18_powerpc.deb
      Size/MD5 checksum:    38644 b4040bf7ecfe5b637313f9bc5e882888
    http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.3.10-18_powerpc.deb
      Size/MD5 checksum:    34522 2e6be18ffa1aa076263a6da66a88c27e
    http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.3.10-18_powerpc.deb
      Size/MD5 checksum:    37694 507520edf8e62d12190a3784d9c5a0aa
    http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.3.10-18_powerpc.deb
      Size/MD5 checksum:    21412 5cc50111e0d54a54a8ec1f2b7d0dbe30
    http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.3.10-18_powerpc.deb
      Size/MD5 checksum:    19728 ba9ce16e48257a48a46a33cf341e54cb
    http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.3.10-18_powerpc.deb
      Size/MD5 checksum:     9580 00eb12058d551beb520cecc1f34e8c59
    http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.3.10-18_powerpc.deb
      Size/MD5 checksum:    22604 38e4691efa7d14d4bc03837f476df8f3
    http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.3.10-18_powerpc.deb
      Size/MD5 checksum:    28678 8c9c39f6f82f3392b80e14cf275aef87
    http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.3.10-18_powerpc.deb
      Size/MD5 checksum:     9288 de1312a2c4216b38eb6c1a22f5efe546
    http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.3.10-18_powerpc.deb
      Size/MD5 checksum:    14962 707066edaffa958be582a9212f2a21cc
    http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.3.10-18_powerpc.deb
      Size/MD5 checksum:    23042 4de2aa3b1d417f9d26e2e5bf1dd71788
    http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.3.10-18_powerpc.deb
      Size/MD5 checksum:    18272 a0efbed8f0c4b8a776c25e63f3342a8a

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.3.10-18_s390.deb
      Size/MD5 checksum:  1709170 9617e3bbeb9446df5c1900e28cfc52b1
    http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.3.10-18_s390.deb
      Size/MD5 checksum:  1708204 22f34f5b7a54d8f3451b7fe102957734
    http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.3.10-18_s390.deb
      Size/MD5 checksum:  3359814 b023379d97ef567f2683ac4b5f890971
    http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.3.10-18_s390.deb
      Size/MD5 checksum:  1686996 505abcc5893d0a3baeafd6e2b0b0eb31
    http://security.debian.org/pool/updates/main/p/php4/php4-common_4.3.10-18_s390.deb
      Size/MD5 checksum:   167916 e5523c78fa26ed7407fd67100e5a83ce
    http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.3.10-18_s390.deb
      Size/MD5 checksum:    17842 eb4b8cff51d8fa622a12d44d6bd5b565
    http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.3.10-18_s390.deb
      Size/MD5 checksum:   325198 fa39ecd9bb6fd108ace01971d5d760d8
    http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.3.10-18_s390.deb
      Size/MD5 checksum:    41124 e325433c9917a0f9ed78487b809486b8
    http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.3.10-18_s390.deb
      Size/MD5 checksum:    33562 19bba35e8efcb6b6eed5902c4b65f64d
    http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.3.10-18_s390.deb
      Size/MD5 checksum:    37390 f044f6504195d0e26c70e794a7ff1c19
    http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.3.10-18_s390.deb
      Size/MD5 checksum:    21422 41504297d336bbb1980a48a5ac31a8be
    http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.3.10-18_s390.deb
      Size/MD5 checksum:    17730 9a7635d7747ec80f38678b96c1104f25
    http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.3.10-18_s390.deb
      Size/MD5 checksum:     8404 8f214c43723e76ec8b0844787f7e4c98
    http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.3.10-18_s390.deb
      Size/MD5 checksum:    22932 42e45785723a8ab3271c8314c36ef810
    http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.3.10-18_s390.deb
      Size/MD5 checksum:    28870 958a0c1ad3980cc26ba6189cdf0cc021
    http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.3.10-18_s390.deb
      Size/MD5 checksum:     8046 e809d6ba139fc24b01b9555b201a3fc8
    http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.3.10-18_s390.deb
      Size/MD5 checksum:    13896 dc37c6e85e1b356ba613b38925748228
    http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.3.10-18_s390.deb
      Size/MD5 checksum:    22268 91fbdc05c3fcf7dfadeb43b3efc9994a
    http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.3.10-18_s390.deb
      Size/MD5 checksum:    17302 bd9c0b622afb237e5de2c554fffa5b9c

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.3.10-18_sparc.deb
      Size/MD5 checksum:  1623888 ee4aedd6b606aba754a303a541c77919
    http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.3.10-18_sparc.deb
      Size/MD5 checksum:  1620786 24dc831a486a402d8f136a0a5a5faecf
    http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.3.10-18_sparc.deb
      Size/MD5 checksum:  3197026 c8bc2f63cd0efd85baa0375b6efe86b0
    http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.3.10-18_sparc.deb
      Size/MD5 checksum:  1605892 78a3c37f4af1c88784c01fd851da2210
    http://security.debian.org/pool/updates/main/p/php4/php4-common_4.3.10-18_sparc.deb
      Size/MD5 checksum:   167940 16e45134f678a7511f3ef6b0e5ec86b9
    http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.3.10-18_sparc.deb
      Size/MD5 checksum:    18082 e11be70c03c1c1c2abe1c3c3f7cfb83d
    http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.3.10-18_sparc.deb
      Size/MD5 checksum:   325308 440df8a0434ac65f4aa1199e33015da1
    http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.3.10-18_sparc.deb
      Size/MD5 checksum:    36492 3f654fa0a80786edb8302fb23ad0c965
    http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.3.10-18_sparc.deb
      Size/MD5 checksum:    31942 cd693e51e4e75e60c7d6d827988bf721
    http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.3.10-18_sparc.deb
      Size/MD5 checksum:    36192 12252492284b653d5286098d1d2056a2
    http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.3.10-18_sparc.deb
      Size/MD5 checksum:    19286 8fb4f461f23b0e388939498c75a06055
    http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.3.10-18_sparc.deb
      Size/MD5 checksum:    17494 31449be7b22340e753e49e21106d8231
    http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.3.10-18_sparc.deb
      Size/MD5 checksum:     7874 9166cab619fd43713eec88016096bd1c
    http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.3.10-18_sparc.deb
      Size/MD5 checksum:    20672 a9b3e7d4ed1a95b16b401c7a8c0db990
    http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.3.10-18_sparc.deb
      Size/MD5 checksum:    26542 87c822f25db53c283f5ff8fb0dc6f261
    http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.3.10-18_sparc.deb
      Size/MD5 checksum:     7598 05e5f7e761f14797c0f7babd747f14c7
    http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.3.10-18_sparc.deb
      Size/MD5 checksum:    12840 59e5bf49084a5eff48987b8b884e51e3
    http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.3.10-18_sparc.deb
      Size/MD5 checksum:    20848 8eb304df470d8144050b1797d8b67b9d
    http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.3.10-18_sparc.deb
      Size/MD5 checksum:    15866 ac6ef12e44e28426818b29e94f177f48


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFT3rkXm3vHE4uyloRAnziAJ4tJNdtfI9rDkneckmOJGXpLEm9cQCdHKit
9yUJXxts03rf3LLMSnpHWJE=
=XS7G
-----END PGP SIGNATURE-----

    

- 漏洞信息

25255
PHP unset() Function Variable Persistence
Location Unknown Attack Type Unknown
Impact Unknown
Exploit Unknown Vendor Verified

- 漏洞描述

PHP contains a flaw where variables will not have their data removed even after having been unset(). No further details have been provided.

- 时间线

2006-05-01 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 5.1.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

PHP Multiple Unspecified Vulnerabilities
Unknown 17843
Yes No
2006-05-04 12:00:00 2007-01-15 07:40:00
These issues were disclosed by the vendor. Stefan Esser discovered the 'unset()' vulnerability.

- 受影响的程序版本

Ubuntu Ubuntu Linux 5.10 sparc
Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
Turbolinux Turbolinux Server 10.0 x86
Turbolinux Turbolinux Server 10.0
Turbolinux Turbolinux 10 F...
TurboLinux Personal
TurboLinux Multimedia
Turbolinux Home
Turbolinux Appliance Server Workgroup Edition 1.0
Turbolinux Appliance Server Hosting Edition 1.0
Turbolinux Appliance Server 1.0 Workgroup Edition
Turbolinux Appliance Server 1.0 Hosting Edition
Turbolinux Appliance Server 2.0
TransSoft Broker FTP Server 8.0
Simple Machines SMF 1.1 rc1
Simple Machines SMF 1.0.7
Simple Machines SMF 1.0.6
Simple Machines SMF 1.0.5
Simple Machines SMF 1.0.4
Simple Machines SMF 1.0.2
Simple Machines SMF 1.0 -beta5p
Simple Machines SMF 1.0 -beta4p
Simple Machines SMF 1.0 -beta4.1
SGI ProPack 3.0 SP6
rPath rPath Linux 1
RedHat Stronghold for Enterprise Linux 0
RedHat Stronghold 4.0
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 2.1
PmWiki PmWiki 2.1.19
PHP PHP/FI 2.0 b10
PHP PHP/FI 2.0
PHP PHP/FI 1.0
PHP PHP 5.1.3 -RC1
PHP PHP 5.1.2
PHP PHP 5.1.1
PHP PHP 5.1
PHP PHP 5.0.5
PHP PHP 5.0.4
PHP PHP 5.0.3
PHP PHP 5.0.2
PHP PHP 5.0.1
PHP PHP 5.0 candidate 3
PHP PHP 5.0 candidate 2
PHP PHP 5.0 candidate 1
PHP PHP 5.0 .0
PHP PHP 4.4.2
PHP PHP 4.4.1
PHP PHP 4.4 .0
PHP PHP 4.3.11
PHP PHP 4.3.10
PHP PHP 4.3.9
PHP PHP 4.3.8
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ S.u.S.E. Linux Personal 9.2
+ Turbolinux Turbolinux Server 10.0
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
PHP PHP 4.3.7
PHP PHP 4.3.6
PHP PHP 4.3.5
PHP PHP 4.3.4
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ S.u.S.E. Linux Personal 9.1
PHP PHP 4.3.3
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ Turbolinux Home
+ Turbolinux Turbolinux 10 F...
+ Turbolinux Turbolinux Desktop 10.0
PHP PHP 4.3.2
PHP PHP 4.3.1
PHP PHP 4.3
PHP PHP 4.2.3
PHP PHP 4.2.2
PHP PHP 4.2.1
- FreeBSD FreeBSD 4.6
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
+ Slackware Linux 8.1
PHP PHP 4.2 .0
PHP PHP 4.2 -dev
PHP PHP 4.1.2
PHP PHP 4.1.1
PHP PHP 4.1 .0
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
PHP PHP 4.0.7 RC3
PHP PHP 4.0.7 RC2
PHP PHP 4.0.7 RC1
PHP PHP 4.0.7
PHP PHP 4.0.6
PHP PHP 4.0.5
PHP PHP 4.0.4
PHP PHP 4.0.3 pl1
+ S.u.S.E. Linux 6.4 ppc
+ S.u.S.E. Linux 6.4 i386
+ S.u.S.E. Linux 6.4 alpha
+ S.u.S.E. Linux 6.4
PHP PHP 4.0.3
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
+ Sun Cobalt Control Station 4100CS
+ Sun Cobalt Qube3 Japanese 4000WGJ
+ Sun Cobalt Qube3 Japanese w/ Caching and RAID 4100WGJ
+ Sun Cobalt Qube3 Japanese w/Caching 4010WGJ
+ Sun Cobalt RaQ XTR 3500R
+ Sun Cobalt RaQ XTR Japanese 3500R-ja
PHP PHP 4.0.2
PHP PHP 4.0.1 pl2
PHP PHP 4.0.1 pl1
PHP PHP 4.0.1
+ Sun Cobalt Qube3 4000WG
+ Sun Cobalt Qube3 w/ Caching and RAID 4100WG
+ Sun Cobalt Qube3 w/Caching 4010WG
+ Sun Cobalt RaQ4 3001R
+ Sun Cobalt RaQ4 Japanese RAID 3100R-ja
+ Sun Cobalt RaQ4 RAID 3100R
PHP PHP 4.0 0
PHP PHP 3.0.18
PHP PHP 3.0.17
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 7.0
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.1
PHP PHP 3.0.16
PHP PHP 3.0.15
PHP PHP 3.0.14
PHP PHP 3.0.13
PHP PHP 3.0.12
PHP PHP 3.0.11
PHP PHP 3.0.10
PHP PHP 3.0.9
PHP PHP 3.0.8
PHP PHP 3.0.7
PHP PHP 3.0.6
PHP PHP 3.0.5
PHP PHP 3.0.4
PHP PHP 3.0.3
PHP PHP 3.0.2
PHP PHP 3.0.1
PHP PHP 3.0 0
PHP PHP 3.0 .16
PHP PHP 3.0 .13
PHP PHP 3.0 .12
PHP PHP 3.0 .11
PHP PHP 3.0 .10
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
e107 e107 website system 0.7.5
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Avaya S8710 R2.0.1
Avaya S8710 R2.0.0
Avaya S8700 R2.0.1
Avaya S8700 R2.0.0
Avaya S8500 R2.0.1
Avaya S8500 R2.0.0
Avaya S8300 R2.0.1
Avaya S8300 R2.0.0
Avaya S8300 0
Avaya Messaging Storage Server MM3.0
Avaya Messaging Storage Server
Avaya Message Networking
Avaya Intuity LX
Avaya Integrated Management
Avaya CVLAN
Avaya Converged Communications Server 2.0
Simple Machines SMF 1.1 rc3
Simple Machines SMF 1.0.8
PHP PHP 5.1.3

- 不受影响的程序版本

Simple Machines SMF 1.1 rc3
Simple Machines SMF 1.0.8
PHP PHP 5.1.3

- 漏洞讨论

PHP is vulnerable to multiple unspecified vulnerabilities ranging from buffer-overflow to cross-site scripting issues.

The precise nature of these vulnerabilities is currently not known; this BID will be updated as more information becomes available.

Some of the issues discussed may be related to other BIDs regarding PHP vulnerabilities.

- 漏洞利用

An exploit has been released for e107 that demonstrates the 'zend_hash_del_key_or_index()' function vulnerability.

Attackers may exploit some of these issues through a web client.

- 解决方案

The vendor has addressed these issues in version 5.1.3 and later.

Please see the referenced advisories for information on obtaining and applying fixes.


Simple Machines SMF 1.0 -beta4.1

Simple Machines SMF 1.0 -beta4p

Simple Machines SMF 1.0.2

PHP PHP/FI 2.0 b10

PHP PHP 3.0 0

PHP PHP 3.0 .10

PHP PHP 3.0 .12

PHP PHP 3.0 .13

PHP PHP 3.0 .11

PHP PHP 3.0.10

PHP PHP 3.0.11

PHP PHP 3.0.13

PHP PHP 3.0.15

PHP PHP 3.0.17

PHP PHP 3.0.2

PHP PHP 3.0.3

PHP PHP 3.0.4

PHP PHP 3.0.5

PHP PHP 3.0.9

PHP PHP 4.0 0

PHP PHP 4.0.1

PHP PHP 4.0.1 pl2

PHP PHP 4.0.2

PHP PHP 4.0.3 pl1

PHP PHP 4.0.3

PHP PHP 4.0.5

PHP PHP 4.0.7 RC1

PHP PHP 4.0.7 RC2

PHP PHP 4.0.7

PHP PHP 4.1 .0

PHP PHP 4.2 -dev

PHP PHP 4.2.1

PHP PHP 4.3

PHP PHP 4.3.2

PHP PHP 4.3.3

PHP PHP 4.3.4

PHP PHP 4.3.5

PHP PHP 4.3.6

PHP PHP 4.3.8

PHP PHP 4.3.9

PHP PHP 4.4.1

PHP PHP 4.4.2

PHP PHP 5.0 .0

PHP PHP 5.0 candidate 1

PHP PHP 5.0.1

PHP PHP 5.0.2

PHP PHP 5.0.4

PHP PHP 5.1

PHP PHP 5.1.1

PHP PHP 5.1.3 -RC1

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站