CVE-2010-0397

Related Files

Ubuntu Security Notice 989-1

Posted Sep 21, 2010

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 989-1 - Auke van Slooten discovered that PHP incorrectly handled certain xmlrpc requests. It was discovered that the pseudorandom number generator in PHP did not provide the expected entropy. It was discovered that PHP did not properly handle directory pathnames that lacked a trailing slash character. Grzegorz Stachowiak discovered that the PHP session extension did not properly handle semicolon characters. Stefan Esser discovered that PHP incorrectly decoded remote HTTP chunked encoding streams. Various other issues were also addressed.

tags | advisory, remote, web, php

systems | linux, ubuntu

advisories | CVE-2010-0397, CVE-2010-1128, CVE-2010-1129, CVE-2010-1130, CVE-2010-1866, CVE-2010-1868, CVE-2010-1917, CVE-2010-2094, CVE-2010-2225, CVE-2010-2531, CVE-2010-2950, CVE-2010-3065

SHA-256 | 39223359acd2eea854bfefcc60f483e06e1a0cd1e0a9f2252a3448603f64be5c

Download | Favorite | View

Mandriva Linux Security Advisory 2010-140

Posted Jul 28, 2010

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-140 - This is a maintenance and security update that upgrades php to 5.3.3 for 2010.0/2010.1. Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs. Fixed a possible resource destruction issues in shm_put_var(). Fixed a possible information leak because of interruption of XOR operator. Fixed a possible memory corruption because of unexpected call-time pass by reference and following memory clobbering through callbacks. Fixed a possible memory corruption in ArrayObject::uasort(). Fixed a possible memory corruption in parse_str(). Fixed a possible memory corruption in pack(). Fixed a possible memory corruption in substr_replace(). Fixed a possible memory corruption in addcslashes(). Fixed a possible stack exhaustion inside fnmatch(). Fixed a possible dechunking filter buffer overflow. Fixed a possible arbitrary memory access inside sqlite extension. Fixed string format validation inside phar extension. Fixed handling of session variable serialization on certain prefix characters. Fixed a NULL pointer dereference when processing invalid XML-RPC requests. Fixed SplObjectStorage unserialization problems. Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user. Fixed possible buffer overflows when handling error packets in mysqlnd. Additionally some of the third party extensions and required dependencies has been upgraded and/or rebuilt for the new php version.

tags | advisory, overflow, arbitrary, php

systems | linux, mandriva

advisories | CVE-2010-2531, CVE-2010-0397, CVE-2010-2225

SHA-256 | 263282a55164e1c13bdc2969faf4e31379a529b35efca4398c0ecb9b5e04c31a

Download | Favorite | View

Mandriva Linux Security Advisory 2010-139

Posted Jul 27, 2010

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-139 - This is a maintenance and security update that upgrades php to 5.2.14 for CS4/MES5/2008.0/2009.0/2009.1. Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs. Fixed a possible interruption array leak in strrchr(). Fixed a possible interruption array leak in strchr(), strstr(), substr(), chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). Fixed a possible memory corruption in substr_replace(). Fixed SplObjectStorage unserialization problems. Fixed a possible stack exhaustion inside fnmatch(). Fixed a NULL pointer dereference when processing invalid XML-RPC requests. Fixed handling of session variable serialization on certain prefix characters. Fixed a possible arbitrary memory access inside sqlite extension. Reported by Mateusz Kocielski. Additionally some of the third party extensions has been upgraded and/or rebuilt for the new php version.

tags | advisory, arbitrary, php

systems | linux, mandriva

advisories | CVE-2010-2484, CVE-2010-2225, CVE-2010-0397, CVE-2010-2531

SHA-256 | ebb87718bcfb837ddb1778560e0e7d8acfd8aa738446314fbcafa2464569d551

Download | Favorite | View

Mandriva Linux Security Advisory 2010-068

Posted Mar 28, 2010

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-068 - The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.

tags | advisory, denial of service, php

systems | linux, mandriva

advisories | CVE-2010-0397

SHA-256 | 8cb11eca6a5ad875af5e8cda45b7935b9e5a430d25bdc9b630d474f2187ae6eb

Download | Favorite | View

Debian Linux Security Advisory 2018-1

Posted Mar 19, 2010

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2018-1 - Auke van Slooten discovered that PHP 5, an hypertext preprocessor, crashes (because of a NULL pointer dereference) when processing invalid XML-RPC requests.

tags | advisory, php

systems | linux, debian

advisories | CVE-2010-0397

SHA-256 | ad5028d259efd26fd2ab55dd73b13e22bdc1b8918da7c4f56a770b62385c6501

Download | Favorite | View