remote command execution in mod_php, mod_php4

2002-02-2820:59:29

lists.opensuse.org

0.937 High

EPSS

Percentile

99.1%

JSON

The e-matters team have found multiple remotely exploitable vulnerabilites in the source code responsible for file upload in the apache modules mod_php and mod_php4 (versions 3 and 4). The weakness can be used to have the webserver execute arbitrary code as supplied by the attacker.

OSVersionArchitecturePackageVersionFilename
openSUSE7.0alphamod_php4< 4.0.4pl1-44mod_php4-4.0.4pl1-44.alpha.rpm
openSUSE7.3ppcmod_php4< 4.0.6-87mod_php4-4.0.6-87.ppc.rpm
openSUSE7.3i386mod_php4-servlet< 4.0.6-148mod_php4-servlet-4.0.6-148.i386.rpm
openSUSE7.1alphamod_php4-roxen< 4.0.4pl1-44mod_php4-roxen-4.0.4pl1-44.alpha.rpm
openSUSE7.0ppcmod_php4< 4.0.4pl1-36mod_php4-4.0.4pl1-36.ppc.rpm
openSUSE7.0i386mod_php< 3.0.17RC1-54mod_php-3.0.17RC1-54.i386.rpm
openSUSE7.0sparcmod_php4< 4.0.4pl1-37mod_php4-4.0.4pl1-37.sparc.rpm
openSUSE6.4i386mod_php< 3.0.16-79mod_php-3.0.16-79.i386.rpm
openSUSE7.1i386mod_php4-roxen< 4.0.4pl1-126mod_php4-roxen-4.0.4pl1-126.i386.rpm
openSUSE7.3i386mod_php4< 4.0.6-148mod_php4-4.0.6-148.i386.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE	7.0	alpha	mod_php4	< 4.0.4pl1-44	mod_php4-4.0.4pl1-44.alpha.rpm
openSUSE	7.3	ppc	mod_php4	< 4.0.6-87	mod_php4-4.0.6-87.ppc.rpm
openSUSE	7.3	i386	mod_php4-servlet	< 4.0.6-148	mod_php4-servlet-4.0.6-148.i386.rpm
openSUSE	7.1	alpha	mod_php4-roxen	< 4.0.4pl1-44	mod_php4-roxen-4.0.4pl1-44.alpha.rpm
openSUSE	7.0	ppc	mod_php4	< 4.0.4pl1-36	mod_php4-4.0.4pl1-36.ppc.rpm
openSUSE	7.0	i386	mod_php	< 3.0.17RC1-54	mod_php-3.0.17RC1-54.i386.rpm
openSUSE	7.0	sparc	mod_php4	< 4.0.4pl1-37	mod_php4-4.0.4pl1-37.sparc.rpm
openSUSE	6.4	i386	mod_php	< 3.0.16-79	mod_php-3.0.16-79.i386.rpm
openSUSE	7.1	i386	mod_php4-roxen	< 4.0.4pl1-126	mod_php4-roxen-4.0.4pl1-126.i386.rpm
openSUSE	7.3	i386	mod_php4	< 4.0.6-148	mod_php4-4.0.6-148.i386.rpm

Rows per page:

1-10 of 391

0.937 High

EPSS

Percentile

99.1%

JSON

Related for SUSE-SA:2002:007