RootSSV:15129PEAR Mail软件包Recipient参数注入漏洞
EPSS
Percentile
91.2%
BUGTRAQ ID: 37395
CVE ID: CVE-2009-4111
PEAR是“PHP扩展和应用库”的缩写,用于为PHP用户提供结构化的开源代码库。
PEAR的Mail软件包中Mail/sendmail.php没有正确地过滤$recipients参数,远程攻击者可以通过提交恶意请求读写任意文件。
PEAR Mail 1.1.4
厂商补丁:
Debian
Debian已经为此发布了一个安全公告(DSA-1938-1)以及相应补丁:
DSA-1938-1:New php-mail packages fix insufficient input sanitising
链接:http://www.debian.org/security/2009/dsa-1938
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.6.orig.tar.gz
Size/MD5 checksum: 13702 47b38a06acdec73c4d8c01f9d7e5e8e2
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.6-2+etch1.diff.gz
Size/MD5 checksum: 3310 64425237844fed79a4b71aa34ccb0cee
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.6-2+etch1.dsc
Size/MD5 checksum: 689 93c32b0cb655191ac6edb48013d18921
Architecture independent packages:
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.6-2+etch1_all.deb
Size/MD5 checksum: 17884 a2abda15da9ddab5f1590198cc852b3f
Debian GNU/Linux 5.0 alias lenny
Debian (stable)
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.14-1+lenny1.dsc
Size/MD5 checksum: 1258 6d361bf9406e9195813b4396bb7d5c13
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.14.orig.tar.gz
Size/MD5 checksum: 17537 e50da58b6b787b3903ce4d07dc791bb2
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.14-1+lenny1.diff.gz
Size/MD5 checksum: 4105 a8154d9e86e98a591dfc9e84210ce163
Architecture independent packages:
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.14-1+lenny1_all.deb
Size/MD5 checksum: 21904 d5184514df44b348582071748e855c32
补丁安装方法:
- 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
dpkg -i file.deb (file是相应的补丁名)
-
使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
apt-get update
然后,使用下面的命令安装更新软件包:
apt-get upgrade
PEAR
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://pear.php.net/bugs/bug.php?id=16200&edit=12&patch=quick-fix&revision=1241757412
Related
