[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 708/06 - Two Mandriva Linux Security Advisories:



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________

 UNIRAS (UK Government CERT) Briefing - 708/06 dated 03.11.06 time 14:45
 UNIRAS is part of NISCC (the UK National Infrastructure Security
 Co-ordination Centre)
______________________________________________________________________________

 UNIRAS material is available from the NISCC website at www.niscc.gov.uk
______________________________________________________________________________

Title
=====

Two Mandriva Linux Security Advisories:

1. MDKSA-2006:195 - Updated wireshark packages fix multiple vulnerabilities 

2. MDKSA-2006:196 - Updated php packages to address buffer overflow issue

Detail
======

1.  Vulnerabilities in the HTTP, LDAP, XOT, WBXML, and MIME Multipart
 dissectors were discovered in versions of wireshark less than 0.99.4,
 as well as various other bugs.

2.  The Hardened-PHP Project discovered buffer overflows in
 htmlentities/htmlspecialchars internal routines to the PHP Project. Of
 course the whole purpose of these functions is to be filled with user
 input. (The overflow can only be when UTF-8 is used)



1.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:195
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : wireshark
 Date    : November 2, 2006
 Affected: 2006.0, 2007.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 Vulnerabilities in the HTTP, LDAP, XOT, WBXML, and MIME Multipart
 dissectors were discovered in versions of wireshark less than 0.99.4,
 as well as various other bugs.

 This updated provides wireshark 0.99.4 which is not vulnerable to these
 issues.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4574
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4805
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5468
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5469
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5740
 http://www.wireshark.org/security/wnpa-sec-2006-03.html
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 6d9200ceb28c080700a14c5082d06144  2006.0/i586/libwireshark0-0.99.4-0.1.20060mdk.i586.rpm
 846bf319dbf28977697f0360e6c9c3bf  2006.0/i586/tshark-0.99.4-0.1.20060mdk.i586.rpm
 cf4c6ad8bcc4e8f1d0f30747e43629a0  2006.0/i586/wireshark-0.99.4-0.1.20060mdk.i586.rpm
 7c298b8216d885c501698333a351a6df  2006.0/i586/wireshark-tools-0.99.4-0.1.20060mdk.i586.rpm 
 da584fd84e4eaa96134eae8bb6b2ccd9  2006.0/SRPMS/wireshark-0.99.4-0.1.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 5cc25cf7a14362017b627804a23415ce  2006.0/x86_64/lib64wireshark0-0.99.4-0.1.20060mdk.x86_64.rpm
 a30498851a759f07b8cebcdebb0f906b  2006.0/x86_64/tshark-0.99.4-0.1.20060mdk.x86_64.rpm
 cafef7ec7d7df699ca288ae03ed37c67  2006.0/x86_64/wireshark-0.99.4-0.1.20060mdk.x86_64.rpm
 f84e2b12d83f53f0032992ead38cacff  2006.0/x86_64/wireshark-tools-0.99.4-0.1.20060mdk.x86_64.rpm 
 da584fd84e4eaa96134eae8bb6b2ccd9  2006.0/SRPMS/wireshark-0.99.4-0.1.20060mdk.src.rpm

 Mandriva Linux 2007.0:
 3d1f3895ce1a440d94768fed10657cc6  2007.0/i586/libwireshark0-0.99.4-0.1mdv2007.0.i586.rpm
 ef44905cba00cfb7ba5d72e4d45b4dee  2007.0/i586/tshark-0.99.4-0.1mdv2007.0.i586.rpm
 21ef07d16228990f81952e6a9d0d4c02  2007.0/i586/wireshark-0.99.4-0.1mdv2007.0.i586.rpm
 60cf791c1bdb8819e69da5a31381fbf7  2007.0/i586/wireshark-tools-0.99.4-0.1mdv2007.0.i586.rpm 
 7205c72932f614d8b4bcc7ac214a3cd5  2007.0/SRPMS/wireshark-0.99.4-0.1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 3c0c94604f22665270ecfd5ea4ef63b8  2007.0/x86_64/lib64wireshark0-0.99.4-0.1mdv2007.0.x86_64.rpm
 2f50e6bdb122c99a8ccfe265bd5e9871  2007.0/x86_64/tshark-0.99.4-0.1mdv2007.0.x86_64.rpm
 d6b35a2cc4871b09e65c97d438d8e5aa  2007.0/x86_64/wireshark-0.99.4-0.1mdv2007.0.x86_64.rpm
 8dbd4f0e7cb7165e0877fead9b767aa8  2007.0/x86_64/wireshark-tools-0.99.4-0.1mdv2007.0.x86_64.rpm 
 7205c72932f614d8b4bcc7ac214a3cd5  2007.0/SRPMS/wireshark-0.99.4-0.1mdv2007.0.src.rpm

 Corporate 4.0:
 cf6d82d53a965a367b37ddce468eb5e1  corporate/4.0/i586/libwireshark0-0.99.4-0.1.20060mlcs4.i586.rpm
 4fd35ab3805a08b8010832759b6520ca  corporate/4.0/i586/tshark-0.99.4-0.1.20060mlcs4.i586.rpm
 5ceb4d06dcec263ca472b1a0cebacb6e  corporate/4.0/i586/wireshark-0.99.4-0.1.20060mlcs4.i586.rpm
 254f405e87704d0a3bff60730af347cd  corporate/4.0/i586/wireshark-tools-0.99.4-0.1.20060mlcs4.i586.rpm 
 063c6e14b5bbcc81f4a26fd183d9c53c  corporate/4.0/SRPMS/wireshark-0.99.4-0.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 66a696916ebf9665d62d0fe7363ac742  corporate/4.0/x86_64/lib64wireshark0-0.99.4-0.1.20060mlcs4.x86_64.rpm
 1662228d5a03d68af75cd6a93654fb81  corporate/4.0/x86_64/tshark-0.99.4-0.1.20060mlcs4.x86_64.rpm
 e4be92066710fb02ad806ebb154006be  corporate/4.0/x86_64/wireshark-0.99.4-0.1.20060mlcs4.x86_64.rpm
 2066c3a5738e8e3ade6fa4afab2adfed  corporate/4.0/x86_64/wireshark-tools-0.99.4-0.1.20060mlcs4.x86_64.rpm 
 063c6e14b5bbcc81f4a26fd183d9c53c  corporate/4.0/SRPMS/wireshark-0.99.4-0.1.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFSswpmqjQ0CJFipgRAmdWAKDd0iFIsCPrAvFXrex8QMgr0HUM+gCgmoeQ
qoPH91IikU+7ptsVeGXI4fc=
=TwK1
- -----END PGP SIGNATURE-----



2.




- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:196
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : php
 Date    : November 2, 2006
 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0,
           Multi Network Firewall 2.0
 _______________________________________________________________________
 
 Problem Description:
 
 The Hardened-PHP Project discovered buffer overflows in
 htmlentities/htmlspecialchars internal routines to the PHP Project. Of
 course the whole purpose of these functions is to be filled with user
 input. (The overflow can only be when UTF-8 is used)

 In addition, selected patches backported from php cvs that address
 other issues that may or may not have security implications have been
 applied to this release.

 Updated packages have been patched to correct these issues. Users must
 restart Apache for the changes to take effect.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 8ae019c38dca51a9337f4d5458789998  2006.0/i586/libphp5_common5-5.0.4-9.17.20060mdk.i586.rpm
 89764f16b9cd1633f5493ed3d132e66b  2006.0/i586/php-cgi-5.0.4-9.17.20060mdk.i586.rpm
 c595ac93489ded728816bb6fe22af554  2006.0/i586/php-cli-5.0.4-9.17.20060mdk.i586.rpm
 356e13c13453e8a386d9e3da81b0a378  2006.0/i586/php-devel-5.0.4-9.17.20060mdk.i586.rpm
 48f41b59e68f594918b1885a3c9c0a6b  2006.0/i586/php-fcgi-5.0.4-9.17.20060mdk.i586.rpm 
 f72d50220e83c73973ec1bfe1257b0e9  2006.0/SRPMS/php-5.0.4-9.17.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 18b1ca183e03ce34b599d6108277209a  2006.0/x86_64/lib64php5_common5-5.0.4-9.17.20060mdk.x86_64.rpm
 abd014a9856e9b5c77e8a05fb3c34e40  2006.0/x86_64/php-cgi-5.0.4-9.17.20060mdk.x86_64.rpm
 6379ac6c6e3191f65e6b9d5836ae3c31  2006.0/x86_64/php-cli-5.0.4-9.17.20060mdk.x86_64.rpm
 ce8df1e1bcf4392d99b84af60da3944b  2006.0/x86_64/php-devel-5.0.4-9.17.20060mdk.x86_64.rpm
 940e32735642c94069c98b2c4ba20af5  2006.0/x86_64/php-fcgi-5.0.4-9.17.20060mdk.x86_64.rpm 
 f72d50220e83c73973ec1bfe1257b0e9  2006.0/SRPMS/php-5.0.4-9.17.20060mdk.src.rpm

 Mandriva Linux 2007.0:
 a410da63de208fc194368b890aa0364d  2007.0/i586/libphp5_common5-5.1.6-1.3mdv2007.0.i586.rpm
 3dcfafde63b2678052b4aa1f6828b2e4  2007.0/i586/php-cgi-5.1.6-1.3mdv2007.0.i586.rpm
 a2c1f77cac12a533e1f955d16ba481b6  2007.0/i586/php-cli-5.1.6-1.3mdv2007.0.i586.rpm
 042fe335cea18315607c5a89e5aa760a  2007.0/i586/php-devel-5.1.6-1.3mdv2007.0.i586.rpm
 4bb82eaf337acdd66124b1ca0ee517c3  2007.0/i586/php-fcgi-5.1.6-1.3mdv2007.0.i586.rpm 
 ba7910d7b21effc105bb5f72628145aa  2007.0/SRPMS/php-5.1.6-1.3mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 02c03b58ab4972b1db6355136efcbc95  2007.0/x86_64/lib64php5_common5-5.1.6-1.3mdv2007.0.x86_64.rpm
 338064ee4822681c6bb3118197190aa0  2007.0/x86_64/php-cgi-5.1.6-1.3mdv2007.0.x86_64.rpm
 6aec88f1f6a23b305d0a37ef6b07d606  2007.0/x86_64/php-cli-5.1.6-1.3mdv2007.0.x86_64.rpm
 b0bc60669b685186c0495c6211227b5b  2007.0/x86_64/php-devel-5.1.6-1.3mdv2007.0.x86_64.rpm
 ecc3d8f51bc4428ce0c4d397383dcec6  2007.0/x86_64/php-fcgi-5.1.6-1.3mdv2007.0.x86_64.rpm 
 ba7910d7b21effc105bb5f72628145aa  2007.0/SRPMS/php-5.1.6-1.3mdv2007.0.src.rpm

 Corporate 3.0:
 8d7650ec6b137d4170bbb342ea3844c1  corporate/3.0/i586/libphp_common432-4.3.4-4.22.C30mdk.i586.rpm
 e3b750a6a804d6fea6eec412d2c1f310  corporate/3.0/i586/php432-devel-4.3.4-4.22.C30mdk.i586.rpm
 8b6c53ed0fb0d46a08e3895921639d6c  corporate/3.0/i586/php-cgi-4.3.4-4.22.C30mdk.i586.rpm
 f3a09cfde83407281e1b9d6d7a32534f  corporate/3.0/i586/php-cli-4.3.4-4.22.C30mdk.i586.rpm 
 c002aea6333f18e14fa1ac28e898dbad  corporate/3.0/SRPMS/php-4.3.4-4.22.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 97243a9fa985697f0fd52a970a8077cc  corporate/3.0/x86_64/lib64php_common432-4.3.4-4.22.C30mdk.x86_64.rpm
 0b1607dc61d278c7d04372fa914e4c8d  corporate/3.0/x86_64/php432-devel-4.3.4-4.22.C30mdk.x86_64.rpm
 c0d7bbe2392dc6ddb4acbeabd887bd29  corporate/3.0/x86_64/php-cgi-4.3.4-4.22.C30mdk.x86_64.rpm
 1ea692b1ad5a3d477512e11e86fd713d  corporate/3.0/x86_64/php-cli-4.3.4-4.22.C30mdk.x86_64.rpm 
 c002aea6333f18e14fa1ac28e898dbad  corporate/3.0/SRPMS/php-4.3.4-4.22.C30mdk.src.rpm

 Corporate 4.0:
 8df71b11fed8cc21f445d55e58601aa0  corporate/4.0/i586/libphp4_common4-4.4.4-1.2.20060mlcs4.i586.rpm
 5e77c32ad6fb645b896fee3d6f50f11a  corporate/4.0/i586/libphp5_common5-5.1.6-1.2.20060mlcs4.i586.rpm
 be96a5eb32f41e54881e4466009b37d9  corporate/4.0/i586/php4-cgi-4.4.4-1.2.20060mlcs4.i586.rpm
 c1c5252b1684f8d7f0fe58e9e605828a  corporate/4.0/i586/php4-cli-4.4.4-1.2.20060mlcs4.i586.rpm
 39a2dc3fd1d9adddaed8181c000f5302  corporate/4.0/i586/php4-devel-4.4.4-1.2.20060mlcs4.i586.rpm
 6ea5d049c5da06d2931ca3337985304f  corporate/4.0/i586/php-cgi-5.1.6-1.2.20060mlcs4.i586.rpm
 93941ace693293c77daba334636b7563  corporate/4.0/i586/php-cli-5.1.6-1.2.20060mlcs4.i586.rpm
 06ea3e95a9ac1d3fbb507328b646e940  corporate/4.0/i586/php-devel-5.1.6-1.2.20060mlcs4.i586.rpm
 58a608f2fd1cf8e565c2ab1f934ab8d2  corporate/4.0/i586/php-fcgi-5.1.6-1.2.20060mlcs4.i586.rpm 
 9c8997a7a9a9c17b50e18a227f71ee23  corporate/4.0/SRPMS/php4-4.4.4-1.2.20060mlcs4.src.rpm
 7cd8221ccc428aab1d38f1a91add22f8  corporate/4.0/SRPMS/php-5.1.6-1.2.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 adbc99f70811f6c7ed676bef35577e5d  corporate/4.0/x86_64/lib64php4_common4-4.4.4-1.2.20060mlcs4.x86_64.rpm
 e6b2055e58580db96413f163574b3cdc  corporate/4.0/x86_64/lib64php5_common5-5.1.6-1.2.20060mlcs4.x86_64.rpm
 50031789901c23ee5fb217e577ee719c  corporate/4.0/x86_64/php4-cgi-4.4.4-1.2.20060mlcs4.x86_64.rpm
 be2a21195970e9b532ba16fc9b157f40  corporate/4.0/x86_64/php4-cli-4.4.4-1.2.20060mlcs4.x86_64.rpm
 fdebf3289f9cc10d0f1484593c313162  corporate/4.0/x86_64/php4-devel-4.4.4-1.2.20060mlcs4.x86_64.rpm
 6fac2f67fab3a30431fd132d22b4aa27  corporate/4.0/x86_64/php-cgi-5.1.6-1.2.20060mlcs4.x86_64.rpm
 6c5c947a02c4e7bc63ac4a005ffd1040  corporate/4.0/x86_64/php-cli-5.1.6-1.2.20060mlcs4.x86_64.rpm
 fe92ab34335e0297dcaa548d26b63556  corporate/4.0/x86_64/php-devel-5.1.6-1.2.20060mlcs4.x86_64.rpm
 09d68ae77defbfd1e8b66ff6a213b3f9  corporate/4.0/x86_64/php-fcgi-5.1.6-1.2.20060mlcs4.x86_64.rpm 
 9c8997a7a9a9c17b50e18a227f71ee23  corporate/4.0/SRPMS/php4-4.4.4-1.2.20060mlcs4.src.rpm
 7cd8221ccc428aab1d38f1a91add22f8  corporate/4.0/SRPMS/php-5.1.6-1.2.20060mlcs4.src.rpm

 Multi Network Firewall 2.0:
 7b2b2b8cd5c75b2313b121754833dcfe  mnf/2.0/i586/libphp_common432-4.3.4-4.22.M20mdk.i586.rpm
 033d110e3c513bfd3a1faab0e758b49f  mnf/2.0/i586/php432-devel-4.3.4-4.22.M20mdk.i586.rpm
 d8b87da4f43969db8f3a4e3ec11cd0b9  mnf/2.0/i586/php-cgi-4.3.4-4.22.M20mdk.i586.rpm
 1d72f35d59e635335a759a92806b1723  mnf/2.0/i586/php-cli-4.3.4-4.22.M20mdk.i586.rpm 
 7179f60bc913aca238097d745267e946  mnf/2.0/SRPMS/php-4.3.4-4.22.M20mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFSszNmqjQ0CJFipgRAl5vAJ9BbMa5HLGnS0b3wwesGZVrrwLNnQCfV8I5
nUBTwN6kNXOsqsMJFXbalSs=
=gI3+
- -----END PGP SIGNATURE-----



______________________________________________________________________________

NISCC values your feedback.

1. Which of the following most reflects the value of the briefing to you?
(Place an 'X' next to your choice)

Very useful:__ Useful:__ Not useful:__ 

2. If you did not find it useful, why not?


3. Any other comments? How could we improve our briefings?


Thank you for your contribution.
______________________________________________________________________________

For additional information or assistance, please contact our help desk
by telephone.  You may send Not Protectively Marked information via
e-mail to uniras@xxxxxxxxxxxxx

Office hours:

Mon - Fri: 08:30 - 17:00 hours
Tel: +44 (0) 870 487 0748 and follow the voice prompts
Fax: +44 (0) 870 487 0749

On-call duty officer outside office hours:
Tel: +44 (0) 870 487 0748 and follow the voice prompts

______________________________________________________________________________

UNIRAS wishes to acknowledge the contributions of Mandriva for the
information contained in this briefing.
______________________________________________________________________________

This notice contains information released by the original author.
Some of the information may have changed since it was released. If the
vulnerability affects you, it may be prudent to retrieve the advisory
from the site of the original source to ensure that you receive the most
current information concerning that problem.

Reference to any specific commercial product, process, or service by
trade name, trademark manufacturer, or otherwise, does not constitute or
imply its endorsement, recommendation, or favouring by UNIRAS or NISCC.
The views and opinions of authors expressed within this notice shall not
be used for advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors
or omissions contained within this briefing notice. In particular, they
shall not be liable for any loss or damage whatsoever, arising from or
in connection with the usage of information contained within this
notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams
(FIRST) and has contacts with other international Incident Response
Teams (IRTs) in order to foster cooperation and coordination in incident
prevention, to prompt rapid reaction to incidents, and to promote
information sharing amongst its members and the community at large.
______________________________________________________________________________

<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRUtVG2l7oeQsXfKvEQIeVwCgsKoC5gzwmfRdicHJWqv1Q9iqW1gAn13j
B86klzXHLeOlwxYR2huBgZU0
=PE8R
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________