Hole in PHP could give attacker server control

[InfoSec News <isn () c4i org>]

http://www.nwfusion.com/news/2002/0722phphole.html

By Sam Costello
IDG News Service, 07/22/02 

A security hole in the PHP (PHP: Hypertext Preprocessor) scripting
language used on many Web servers could allow an attacker to execute
code on affected systems or even take control of them, according to a
security alert released Monday by The PHP Group.

The vulnerability affects PHP 4.2.0 and 4.2.1 and comes as a result of
a flaw in the HTTP POST parser component of PHP. The HTTP POST parser
is used to differentiate between files and variables sent by users to
a Web server through Web forms, according to the alert. Insufficient
checking in the parser could allow an attacker to crash the server,
execute code or even take control of the system, The PHP Group said.

The hole can be exploited, locally or remotely, by anyone who can send
HTTP POST requests to a server, the advisory said.

Different platforms may respond to attacks differently, however. PHP
running on the IA-32 platform, more commonly-known as the x86 platform
that includes such chips as the Pentium, does not experience the code
execution issue, though attack on the vulnerability can still crash
PHP or the Web server, according to the advisory.

-=-

Related Links

A new version of PHP, 4.2.2, has been released to fix the problem. The
new version of the software can be downloaded here [1]. The full
security advisory is available here [2].

[1] http://www.php.net/downloads.php
[2] http://www.php.net/release_4_2_2.php



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.