PHP Team Patches DoS Bugs - Bitzenbytes.com :: CompuClues Forum - hzgn.com

HZGN.COM
welcome to my space

HOME

Homepage

Add to favorites

Search:

Welcome to:hzgn.com

NAVIGATION: Home >>

PHP Team Patches DoS Bugs
Published by: jack 2008-11-18

The PHP Development Team released updates to the PHP 4 and 5 code base, fixing two security vulnerabilities that open the door to Denial-of-Service (DoS) attacks (define) Wednesday.

PHP is a popular open source scripting language used by Web developers. In February, an anonymous researcher discovered that two functions that handle images uploads used within PHP 4 and 5 (php_handle_iff and php_handle_jpeg) could be manipulated to create infinite loops in the program.

Bitzenbytes.com :: CompuClues Forum::
The PHP team is once again proud to participate in the Google Summer of Code. patches for the PHP 4.4 series, and is therefore the last normal PHP 4.4 release.
http://www.bitzenbytes.com/News-php.htmlHOME

The infinite loop, in turn, consumes 100 percent of the system's CPU (define) and crashes the system. Both vulnerabilities require the attacker to upload a malicious image to the getimagesize() routine and affects PHP versions 4.2.2, 4.3.9, 4.3.10 and 5.0.3. The routine is used to determine the size and dimensions of image file formats like GIF, JPEG and TIFF.

Controversial month of bugs getting security results | Zero Day ::
Categories: Patch Watch, Hackers, Zero-day attacks, the look of things, the PHP development team was paying close attention to Essers disclosures.
http://blogs.zdnet.com/security/?p=189&tag=fdc6HOME

At risk are sites running PHP that allow users to upload images to the Web server, like photo blogs or wikis. Michael Sutton, director of iDefense labs, said the vulnerabilities aren't considered critical bugs because they only bring down the system; the bugs won't allow a malicious hacker to take over the Web server.

"It's reasonably significant in that you're taking out a Web server and denying other people access to it, but the thing that makes it not critical is that you can't execute any code on that server," he said.

360Patches.com::
Team Underdog by S90. Xbox 360 Arcade finds a shelf in the wild by S90 Patches Request by Xmods. Xenthors Beginners Guide Into Stealth MySQL PHP
http://360patches.comHOME

Officials at iDefense said there is no known workaround for the vulnerabilities at this time, outside downloading and updating the PHP code. Maintainers of the PHP.net Web site, say developers, are "strongly encouraged" to upgrade to PHP 4.3.11 and 5.0.4.

The php_handle_iff() bug is caused when a user-defined file-stream size and size variable are set to negating values, 8 and -8 for example.

Insufficient validation of JPEG image file headers led to the vulnerability in the php_handle_jpeg() function. The vulnerability can be exploited if an invalid marker is sent in the stream through the php_next_marker() function, causing the function to point to two bytes of the file when it is returned to php_handle_jpeg() for loop.

Developers can download PHP 4.3.11 and 5.0.4 at the PHP.net download site.

Adobe to Build Community With Creative Update
OSI Group to Slow License Influx?