PHPJPEG文件處理不正確遠(yuǎn)程任意指令執(zhí)行漏洞

第第頁P(yáng)HPJPEG文件處理不正確遠(yuǎn)程任意指令執(zhí)行漏洞PHPJPEG文件處理不正確遠(yuǎn)程任意指令執(zhí)行漏洞

發(fā)表于：2023-05-25來源：：點(diǎn)擊數(shù)：標(biāo)簽：PHPJPEG不正確文件遠(yuǎn)程處理

發(fā)布日期：2023-12-16更新日期：2023-12-17受影響系統(tǒng)：PHPPHP5.0.2PHPPHP5.0.1PHPPHP5.0.0PHPPHP4.3.9PHPPHP4.3.6描述：CVE(CAN)ID:_blank>CAN-2023-1065PHP是一種流行的WEB服務(wù)器端編程語言。PHP在處理JPEG圖象文件時(shí)存在

發(fā)布日期：2023-12-16

更新日期：2023-12-17

受影響系統(tǒng)：PHPPHP5.0.2

PHPPHP5.0.1

PHPPHP5.0.0

PHPPHP4.3.9

PHPPHP4.3.6描述：CVE(CAN)ID:_blank>CAN-2023-1065

PHP是一種流行的WEB服務(wù)器端編程語言。

PHP在處理JPEG圖象文件時(shí)存在問題，遠(yuǎn)程攻擊者可以利用這個(gè)漏洞以WEB進(jìn)程權(quán)限在系統(tǒng)上執(zhí)行任意指令。

問題存在于exif_read_data()函數(shù)中，通過發(fā)送包含超長"sectionname"數(shù)據(jù)的JPEG圖象給支持圖象上傳的PHP應(yīng)用程序，可導(dǎo)致發(fā)生緩沖區(qū)溢出，精心構(gòu)建提交數(shù)據(jù)可能以WEB進(jìn)程權(quán)限在系統(tǒng)上執(zhí)行任意指令。

*來源：MartinPitt（martin.pitt@）

鏈接：_blank>/?l=（bug）traqm=110322695529497w=2

*

建議：廠商補(bǔ)?。?/p>

PHP

目前廠商已經(jīng)發(fā)布了升級補(bǔ)丁以修復(fù)這個(gè)安全問題，請到廠商的主頁下載：

Sourcearchives:

_4.3.8-3ubuntu7.1.diff.gz"target=_blank>/ubuntu/pool/main/p/php4/php4_4.3.8-3ubuntu7.1.diff.gz

Size/MD5:610651e966340847246b2191f23982664390ed

_4.3.8-3ubuntu7.1.dsc"target=_blank>/ubuntu/pool/main/p/php4/php4_4.3.8-3ubuntu7.1.dsc

Size/MD5:1624659779c771610d813c1f3a4aa580abc0

_4.3.8.orig.tar.gz"target=_blank>/ubuntu/pool/main/p/php4/php4_4.3.8.orig.tar.gz

Size/MD5:4832570dd69f8c89281f088eadf4ade3dbd39ee

Architectureindependentpackages:

_4.3.8-3ubuntu7.1_all.deb"target=_blank>/ubuntu/pool/main/p/php4/php4-dev_4.3.8-3ubuntu7.1_all.deb

Size/MD5:331236de01a589c82ee9b4ab0386287487bc20

_4.3.8-3ubuntu7.1_all.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-pear_4.3.8-3ubuntu7.1_all.deb

Size/MD5:332374a68bc6c786b9afde950254ede5b6e5f7

amd64architecture(Athlon64,Opteron,EM64TXeon)

_4.3.8-3ubuntu7.1_amd64.deb"target=_blank>/ubuntu/pool/main/p/php4/libapache2-mod-php4_4.3.8-3ubuntu7.1_amd64.deb

Size/MD5:1687074691eee396077c870a30fb238d9191862

_4.3.8-3ubuntu7.1_amd64.deb"target=_blank>/ubuntu/pool/main/p/php4/php4-cgi_4.3.8-3ubuntu7.1_amd64.deb

Size/MD5:3195360c809b2db355a7bc84dec07f253aa10cf

_4.3.8-3ubuntu7.1_amd64.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-curl_4.3.8-3ubuntu7.1_amd64.deb

Size/MD5:17040afc1817ea59b7b9ea456fc955594245b

_4.3.8-3ubuntu7.1_amd64.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-domxml_4.3.8-3ubuntu7.1_amd64.deb

Size/MD5:40430f75458e8clearcase/"target="_blank">cceb8ee81c89bb96f78eedd0

_4.3.8-3ubuntu7.1_amd64.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-gd_4.3.8-3ubuntu7.1_amd64.deb

Size/MD5:33494a9855bcb2e9cd2af0ebcb557bb6d4380

_4.3.8-3ubuntu7.1_amd64.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-ldap_4.3.8-3ubuntu7.1_amd64.deb

Size/MD5:212320698d1bc76347ba0cd982fc06f1bd0e8

_4.3.8-3ubuntu7.1_amd64.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-mcal_4.3.8-3ubuntu7.1_amd64.deb

Size/MD5:1840450319c698a92bc02ba400f0576d85691

_4.3.8-3ubuntu7.1_amd64.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-mhash_4.3.8-3ubuntu7.1_amd64.deb

Size/MD5:7994e195f98822655c7ca1cf144738502096

sql_4.3.8-3ubuntu7.1_amd64.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-mysql_4.3.8-3ubuntu7.1_amd64.deb

Size/MD5:23112d8cc467306a90d6c85cb7b07ca3a7a31

_4.3.8-3ubuntu7.1_amd64.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-odbc_4.3.8-3ubuntu7.1_amd64.deb

Size/MD5:28324c265f308ebdc7166189771574aef4ca4

_4.3.8-3ubuntu7.1_amd64.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-recode_4.3.8-3ubuntu7.1_amd64.deb

Size/MD5:76100044c60c1352ea2062305b9ad4e218f8

_4.3.8-3ubuntu7.1_amd64.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-snmp_4.3.8-3ubuntu7.1_amd64.deb

Size/MD5:1296818ef336bde0ab867e0e9ae1a9fef55b9

_4.3.8-3ubuntu7.1_amd64.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-sybase_4.3.8-3ubuntu7.1_amd64.deb

Size/MD5:215081eaf9ea7357ea445a5836f2a9608560b

_4.3.8-3ubuntu7.1_amd64.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-xslt_4.3.8-3ubuntu7.1_amd64.deb

Size/MD5:17244b653332b01cdded019b98027e6271542

_4.3.8-3ubuntu7.1_amd64.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4_4.3.8-3ubuntu7.1_amd64.deb

Size/MD5:17030685a046adb9b630c9ffd2240b8f707399e

i386architecture(x86compatibleIntel/AMD)

_4.3.8-3ubuntu7.1_i386.deb"target=_blank>/ubuntu/pool/main/p/php4/libapache2-mod-php4_4.3.8-3ubuntu7.1_i386.deb

Size/MD5:1629472f3a06742df44f2d61525ff6ad10a2118

_4.3.8-3ubuntu7.1_i386.deb"target=_blank>/ubuntu/pool/main/p/php4/php4-cgi_4.3.8-3ubuntu7.1_i386.deb

Size/MD5:30423163e47ad3d3e214cab1864c7338d999bf7

_4.3.8-3ubuntu7.1_i386.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-curl_4.3.8-3ubuntu7.1_i386.deb

Size/MD5:16596e94769b268e370ce703a3034dca26a29

_4.3.8-3ubuntu7.1_i386.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-domxml_4.3.8-3ubuntu7.1_i386.deb

Size/MD5:355562a0e1e904e6e94b77ff50e55519c2091

_4.3.8-3ubuntu7.1_i386.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-gd_4.3.8-3ubuntu7.1_i386.deb

Size/MD5:31072bfcb31da78652ef4a903fea15cde2f6f

_4.3.8-3ubuntu7.1_i386.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-ldap_4.3.8-3ubuntu7.1_i386.deb

Size/MD5:19474612fc6968c909cfe4d234c3785ddfe57

_4.3.8-3ubuntu7.1_i386.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-mcal_4.3.8-3ubuntu7.1_i386.deb

Size/MD5:17052d555c32361241f8b077a2d48a7f2df75

_4.3.8-3ubuntu7.1_i386.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-mhash_4.3.8-3ubuntu7.1_i386.deb

Size/MD5:7736e976e52ee818f267b19694b394296738

sql_4.3.8-3ubuntu7.1_i386.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-mysql_4.3.8-3ubuntu7.1_i386.deb

Size/MD5:20902a10de406012b814358414c98c721e011

_4.3.8-3ubuntu7.1_i386.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-odbc_4.3.8-3ubuntu7.1_i386.deb

Size/MD5:26062df8df48148e63e3e77eb5559a9bf5bbc

_4.3.8-3ubuntu7.1_i386.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-recode_4.3.8-3ubuntu7.1_i386.deb

Size/MD5:737414304803fd0c2363ebe2dbf4effc4aeb

_4.3.8-3ubuntu7.1_i386.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-snmp_4.3.8-3ubuntu7.1_i386.deb

Size/MD5:123164147ba0de6f7fb75cc54f94a92a9158d

_4.3.8-3ubuntu7.1_i386.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-sybase_4.3.8-3ubuntu7.1_i386.deb

Size/MD5:20230ebb83d15f0dd57dfbc8c84d4714b8ef7

_4.3.8-3ubuntu7.1_i386.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-xslt_4.3.8-3ubuntu7.1_i386.deb

Size/MD5:158784014ffe19c87776268de3446ba285e71

_4.3.8-3ubuntu7.1_i386.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4_4.3.8-3ubuntu7.1_i386.deb

Size/MD5:164391468eea9ea59d35b35cb949a406de5c9b9

powerpcarchitecture(AppleMacintoshG3/G4/G5)

_4.3.8-3ubuntu7.1_powerpc.deb"target=_blank>/ubuntu/pool/main/p/php4/libapache2-mod-php4_4.3.8-3ubuntu7.1_powerpc.deb

Size/MD5:1689302807531344823fc9a286b5ae7511020fe

_4.3.8-3ubuntu7.1_powerpc.deb"target=_blank>/ubuntu/pool/main/p/php4/php4-cgi_4.3.8-3ubuntu7.1_powerpc.deb

Size/MD5:320239066d309045f186a07c886d061440d5e21

_4.3.8-3ubuntu7.1_powerpc.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-curl_4.3.8-3ubuntu7.1_powerpc.deb

Size/MD5:18870e8eb9726de46eb207ac41a992bf9a4c8

_4.3.8-3ubuntu7.1_powerpc.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-domxml_4.3.8-3ubuntu7.1_powerpc.deb

Size/MD5:382840d3392f73734f400f1934f28f2252eaf

_4.3.8-3ubuntu7.1_powerpc.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-gd_4.3.8-3ubuntu7.1_powerpc.deb

Size/MD5:34002dbc5e62935b72f8fa6f7b80206ca66ae

_4.3.8-3ubuntu7.1_powerpc.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-ldap_4.3.8-3ubuntu7.1_powerpc.deb

Size/MD5:21474818192591970cbbfe93e5d30db622030

_4.3.8-3ubuntu7.1_powerpc.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-mcal_4.3.8-3ubuntu7.1_powerpc.deb

Size/MD5:19310f5d749f3b0a1371d8f59e036bd9cb50d

_4.3.8-3ubuntu7.1_powerpc.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-mhash_4.3.8-3ubuntu7.1_powerpc.deb

Size/MD5:9314165fec2b86b60d646d176df101116e2c

sql_4.3.8-3ubuntu7.1_powerpc.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-mysql_4.3.8-3ubuntu7.1_powerpc.deb

Size/MD5:22680d2aebe8f3db956a56dc5d02c9821df77

_4.3.8-3ubuntu7.1_powerpc.deb"target=_blank>/ubuntu/pool/universe/p/php4/php4-odbc_4.3.8-3ubuntu