php-5.1.6-34.0.1.AXS3
エラータID: AXSA:2012-548:04
リリース日:
2012/05/15 Tuesday - 20:13
題名:
php-5.1.6-34.0.1.AXS3
影響のあるチャネル:
Asianux Server 3 for x86_64
Asianux Server 3 for x86
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- PHP の sapi/cgi/cgi_main.c は CGI スクリプトとして設定されている場合,= (イコール記号) 文字のないクエリの文字列を適切に処理できず,クエリ文字列のコマンドラインオプションに置くことで,リモートの攻撃者が任意のコードを実行する脆弱性があります。(CVE-2012-1823)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2012-1823
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
追加情報:
N/A
ダウンロード:
Asianux Server 3 for x86
- php-5.1.6-34.0.1.AXS3.i386.rpm
MD5: 2c2eb8bced2182c48cbd4b1220974569
SHA-256: 52ecb953c41422d44bf6ca3cc8ea05c9674307537c6cfc81b0bfcf88926d0a27
Size: 2.33 MB - php-bcmath-5.1.6-34.0.1.AXS3.i386.rpm
MD5: e0645a7ea88adb95ef3a384e5cea7ccc
SHA-256: 8c00f144490000ee4e0f9397450d9b7f05a08a1ece15c7d7ff7e90b1a3c48d34
Size: 36.27 kB - php-cli-5.1.6-34.0.1.AXS3.i386.rpm
MD5: 7e02a3232d1824c1c2d1edd47ae7682b
SHA-256: ee292dc3dc671d9cfb40418bc08b405f64067e305a5dfb690c2d7d9b4eca233e
Size: 2.11 MB - php-common-5.1.6-34.0.1.AXS3.i386.rpm
MD5: 823f6e0551bed6f83ea7b2c3fd77a364
SHA-256: a296892cef18b876c45c034daa67f01ffc1478acec18357b27f9cc7393ce997e
Size: 155.26 kB - php-dba-5.1.6-34.0.1.AXS3.i386.rpm
MD5: f87ba12df45e920f3a77e79f111347e7
SHA-256: 22d5f6f53925c26066bb2c478f08babe45e9357ec0409c5e0cfa3b240bbd1b26
Size: 43.27 kB - php-devel-5.1.6-34.0.1.AXS3.i386.rpm
MD5: c23d664ac65588596bfd0581403159e2
SHA-256: 627fa6b40fd81370cff04df4050a5c1e790d3b2d758191370080b16f04247ba9
Size: 511.56 kB - php-gd-5.1.6-34.0.1.AXS3.i386.rpm
MD5: fe474ee00af087aa038b71f8aa60821d
SHA-256: 09f801b8cd8bf2ee19cb9f9e67e82736e774028a689dbdac1b58bbbcacc22501
Size: 119.19 kB - php-imap-5.1.6-34.0.1.AXS3.i386.rpm
MD5: f2b52ee1a21bec86f78af84761795764
SHA-256: 9018fe6c7d04b09df8992256e64def01fda20b7d6a30332883d547ea1639fbab
Size: 56.48 kB - php-ldap-5.1.6-34.0.1.AXS3.i386.rpm
MD5: 7c6528b7f42a39333f486c230d8efa91
SHA-256: 3038e3d12975694d0b117419ec7d2f8a3c1c849390e294192c752d2fe36d82f8
Size: 38.65 kB - php-mbstring-5.1.6-34.0.1.AXS3.i386.rpm
MD5: b0fee33c85369622b0ec84cbc17df098
SHA-256: 1343903e5e20d51dedc7f1d6d4e701a2e08bc77da4566098e0f764c44a5a4908
Size: 1.06 MB - php-mysql-5.1.6-34.0.1.AXS3.i386.rpm
MD5: c6248fb2bd4d347c6fbac2ef4e9282f4
SHA-256: 04c375e47e608ff91911ef3feeda21224d650bd11353b902466d95f5cd5bacdf
Size: 87.88 kB - php-ncurses-5.1.6-34.0.1.AXS3.i386.rpm
MD5: 28e65f4f3b3302b533bd73a63783e83a
SHA-256: fcff2dfb8eb28fd8df94d598656837dbb543133d38946aa5c9fd09e826bc142a
Size: 43.60 kB - php-oci8-5.1.6-34.0.1.AXS3.i386.rpm
MD5: cd5adf56d73e0689f06a49fdd719c4f7
SHA-256: fdf0b1b98894af569f7603931627d122f6afa0f7ba57d5f192ebb47101f16958
Size: 77.79 kB - php-odbc-5.1.6-34.0.1.AXS3.i386.rpm
MD5: 8b78d1d2168228449e4082a36b4f19ac
SHA-256: 765da6791af8745d389fd5cbbce3557fab49a9f16247a81120192575175f2236
Size: 55.19 kB - php-pdo-5.1.6-34.0.1.AXS3.i386.rpm
MD5: e5cfcf5cb2ef9bc508edfa1b2a34e2c1
SHA-256: 651edc86d3c7bde18ae325a02fda3fef7c125a4a50a97f1fc3d174d167724014
Size: 66.73 kB - php-pgsql-5.1.6-34.0.1.AXS3.i386.rpm
MD5: a553206a3288b70cbd30143cc9bba77f
SHA-256: 0ef63af1047564056a1299a96cc8e1cc722e9669a045a56bb5ed51048c4c0644
Size: 69.92 kB - php-snmp-5.1.6-34.0.1.AXS3.i386.rpm
MD5: 988e4e6866e613da32c8725473585bff
SHA-256: a480c6961db720b7f97b0d4f73e2e1b9fd6438cfa11f12ca12237f1b905797a1
Size: 31.74 kB - php-soap-5.1.6-34.0.1.AXS3.i386.rpm
MD5: 901170eb48279a6246e66a9b2e8e96df
SHA-256: 368ab395f43e7ce24ddf2dce217cd9c755a7f2791427fb9b5d3899a02a7d7e65
Size: 138.50 kB - php-xml-5.1.6-34.0.1.AXS3.i386.rpm
MD5: 6af8d8c62778f542c0a0033aa7c11a52
SHA-256: 0d5094a70cd6a2d2808adedd42c99c5563791b7196e5dae4ee5869c93e2a5d13
Size: 98.71 kB - php-xmlrpc-5.1.6-34.0.1.AXS3.i386.rpm
MD5: 53258c04bc03608a340ad5d8c24a3bd6
SHA-256: a15350d8894b3a6ab19837f51f3c8df85bf98bd00230ff8bdb93fd9d8aac458d
Size: 59.29 kB
Asianux Server 3 for x86_64
- php-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: 45b3ebae7d260a4f3549029a43ef1114
SHA-256: bece3cb8cf04ba9e691b8fecd14721f0e8ecfdd539b8cb5bf8e5588a938d1c06
Size: 2.37 MB - php-bcmath-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: 6a4227da286bfd5e1429c40752a0db30
SHA-256: ac640d9b1da20b6082df8e77a54502d03c3b61675ba336a7d4ed15bb28f76eb8
Size: 36.58 kB - php-cli-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: f0f902d33028c71c86397d61f0e0c6fa
SHA-256: fd2d7fb6fc03b1c9f7f65ed6625318104a9550d2269c6c8595b675f5d70d8335
Size: 2.18 MB - php-common-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: d57c9fe690f6ef5a14e6460d2bebcca5
SHA-256: ab102c366e69dfac06759d8cc8eb4800e4ff57f0ee631bc7fdb4f575659306cf
Size: 155.62 kB - php-dba-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: 98b849548d74aab323d7483008825f1a
SHA-256: 46850467b57b0d04c44e7d14c9abbeeb1e8761d7dea11ee19dbd636192fcd9a7
Size: 43.18 kB - php-devel-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: 43e7782c089074a9f410311cee23ed86
SHA-256: c7f666f991184f28804f5e5dfda6b3b2d9436e1b359461664a22b21d8248f587
Size: 511.45 kB - php-gd-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: 41132d30c2d205273349a5e5e8c3dc13
SHA-256: 7356f15d5a9e5af352b5e6cc4fb752f07c6ef589a8c8dfe7f302ea6c3319a763
Size: 119.39 kB - php-imap-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: aec7c55a54397ab6d85b4b76e1022785
SHA-256: 30b0ff8c45dede965e9c60ebe0901c79a3406e79e10efc41c3393cfda4bc62c9
Size: 56.96 kB - php-ldap-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: f7cec71d7044cd7497cee82446d6cfc2
SHA-256: 611f92e2733e9506231586d447b99f7dca68a9231b49ee46640bf6cd243fbdd0
Size: 39.63 kB - php-mbstring-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: 1effda09e2a11e041e3cfe9779ffe584
SHA-256: 59277e476362802b1ceb1ab445f6af2925c18db56036b313983adda54838e96c
Size: 1.07 MB - php-mysql-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: 3c14cf8258607eaeaf9f5457c9c119d6
SHA-256: b93ba00bf5f99d600fe74bb63fb0d7a7d7c3d8596a2af2da01a9be034b2fd757
Size: 91.34 kB - php-ncurses-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: 3a56c1b9f8b98bcd447744309ac71ad4
SHA-256: 9d9a84102a5e39242790a437053a80da34b2a2ad9605fefc9640804089d6d93b
Size: 44.83 kB - php-oci8-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: 6a640d9ca0b1d73a841f557e2f48ee73
SHA-256: 945d436919abcfe9e8522e38bc699e92277b54fbfa11bc1bf47b8211c125aca6
Size: 80.32 kB - php-odbc-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: 5ff1f29fb5330e34f2d50b148c05539e
SHA-256: 38a1f300268d2fd1ef5bfe4f0ad8de302a2cc2124e4ddfd683af08fdbdfc0750
Size: 56.14 kB - php-pdo-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: 6fcc4aa8877be11a67bfb4325538bf45
SHA-256: e6c8150bb99ad74cb55086076c2e352fd6cc99360117d475716134baff6c0871
Size: 67.71 kB - php-pgsql-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: f15d6e89dda8ed48cbab9892ce087f22
SHA-256: 60c33d5b5fd0bbe49c266cc7d0504aa76055ded88e34a0c80253e251f49e242e
Size: 71.86 kB - php-snmp-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: 7ac8982ca2892406e5e1e34275057be6
SHA-256: 021caa1e952f9ed5ab970d310b546d6f6b6b7b0746fe0876d482cfe8fde77990
Size: 32.08 kB - php-soap-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: 33f8513526ec4d8e5839ce1b8b76275d
SHA-256: a25aca3e7ce33e7c13bf1ad05428e7d4a3a24d21f41628953358fe365a0e560a
Size: 138.35 kB - php-xml-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: 9614eb768db0c572f1ab400960675f23
SHA-256: 93b3db94f9ee8f3207cb0f3a18e4fb114a7df61c464c17d34d264aa69b6d9db0
Size: 103.60 kB - php-xmlrpc-5.1.6-34.0.1.AXS3.x86_64.rpm
MD5: 7abcb120509aba48e2e8a5bade48ae3b
SHA-256: 6c581e1707f260f0afbe6a0f370c89f1ceddec46da2554a28e6460446bc9a388
Size: 59.15 kB