SB2005111301 - Gentoo update for PHP

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2005111301

SB2005111301 - Gentoo update for PHP

Published: November 13, 2005 Updated: June 28, 2025

Security Bulletin ID SB2005111301
Severity
Medium
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 71% Low 29%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2005-3390)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote attackers to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a "GLOBALS" fileupload field.


2) Input validation error (CVE-ID: CVE-2005-3319)

The vulnerability allows a local user to perform service disruption.

The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost.


3) Input validation error (CVE-ID: CVE-2005-3054)

The vulnerability allows a local user to gain access to sensitive information.

fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly restrict access to other directories when the open_basedir directive includes a trailing slash, which allows PHP scripts in one directory to access files in other directories whose names are substrings of the original directory.


4) Input validation error (CVE-ID: CVE-2005-3392)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives.


5) Input validation error (CVE-ID: CVE-2005-3389)

The vulnerability allows a remote non-authenticated attacker to corrupt data.

The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting, which causes PHP to set an internal flag that enables register_globals and allows attackers to exploit vulnerabilities in PHP applications that would otherwise be protected.


6) Input validation error (CVE-ID: CVE-2005-3391)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to bypass safe_mode and open_basedir restrictions via unknown attack vectors in (1) ext/curl and (2) ext/gd.


7) Cross-site scripting (CVE-ID: CVE-2005-3388)

Vulnerability allows a remote attacker to perform Cross-site scripting attacks.

An input validation error exists in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


Remediation

Install update from vendor's website.

References