75 lines
2.7 KiB
XML
75 lines
2.7 KiB
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
<?xml-stylesheet href="/xsl/glsa.xsl" type="text/xsl"?>
|
|
<?xml-stylesheet href="/xsl/guide.xsl" type="text/xsl"?>
|
|
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
|
|
|
|
<glsa id="200402-01">
|
|
<title>PHP setting leaks from .htaccess files on virtual hosts</title>
|
|
<synopsis>
|
|
If the server configuration "php.ini" file has
|
|
"register_globals = on" and a request is made to one virtual host
|
|
(which has "php_admin_flag register_globals off") and the next
|
|
request is sent to the another virtual host (which does not have the
|
|
setting) global variables may leak and may be used to exploit the
|
|
site.
|
|
</synopsis>
|
|
<product type="ebuild">PHP</product>
|
|
<announced>February 07, 2004</announced>
|
|
<revised>February 07, 2004: 01</revised>
|
|
<bug>39952</bug>
|
|
<access>remote</access>
|
|
<affected>
|
|
<package name="dev-php/mod_php" auto="yes" arch="*">
|
|
<unaffected range="ge">4.3.4-r4</unaffected>
|
|
<vulnerable range="lt">4.3.4-r4</vulnerable>
|
|
</package>
|
|
</affected>
|
|
<background>
|
|
<p>
|
|
PHP is a widely-used general-purpose scripting language that is
|
|
especially suited for Web development and can be embedded into HTML.
|
|
</p>
|
|
</background>
|
|
<description>
|
|
<p>
|
|
If the server configuration "php.ini" file has
|
|
"register_globals = on" and a request is made to one virtual host
|
|
(which has "php_admin_flag register_globals off") and the next
|
|
request is sent to the another virtual host (which does not have the
|
|
setting) through the same apache child, the setting will persist.
|
|
</p>
|
|
</description>
|
|
<impact type="normal">
|
|
<p>
|
|
Depending on the server and site, an attacker may be able to exploit
|
|
global variables to gain access to reserved areas, such as MySQL passwords,
|
|
or this vulnerability may simply cause a lack of functionality. As a
|
|
result, users are urged to upgrade their PHP installations.
|
|
</p>
|
|
<p>
|
|
Gentoo ships PHP with "register_globals" set to "off"
|
|
by default.
|
|
</p>
|
|
<p>
|
|
This issue affects both servers running Apache 1.x and servers running
|
|
Apache 2.x.
|
|
</p>
|
|
</impact>
|
|
<workaround>
|
|
<p>
|
|
No immediate workaround is available; a software upgrade is required.
|
|
</p>
|
|
</workaround>
|
|
<resolution>
|
|
<p>
|
|
All users are recommended to upgrade their PHP installation to 4.3.4-r4:
|
|
</p>
|
|
<code>
|
|
# emerge sync
|
|
# emerge -pv ">=dev-php/mod_php-4.3.4-r4"
|
|
# emerge ">=dev-php/mod_php-4.3.4-r4"</code>
|
|
</resolution>
|
|
<references>
|
|
<uri link="http://bugs.php.net/bug.php?id=25753">Corresponding PHP bug</uri>
|
|
</references>
|
|
</glsa>
|