 |
| Prev-20 | Home | Next-20 |
| Prev-20 | Home | Next-20 |
| Prev- | Prev- | Debian- | May- | Next- | Next- |
| Subject: | CVE-2006-4625 Vulnerability not fixed on libapache2-mod-php4.3.10-20 |
| Group: | Debian-security |
| From: | Etienne Carriere |
| Date: | 18 May 2007 |
I discovered yesterday that on a server it is possible to override the
php_admin_value statements .After some researches,this correspond to the
CVE-2006-4625 vulnerability.I search in the DSA between Sept 2006 and
nowadays and I found no quotation about the fixation of the hole for php4 .
You will find attached a patch to this hole .
Best Regards,
Etienne Carriere
P.S : As I did not know the right manner to report a security bug, I
also open an BTS entry : #424937 .
--- Zend/zend_ini.c.old 2007-05-18 18:52:20.000000000 +0200
+++ Zend/zend_ini.c 2007-05-18 18:52:59.000000000 +0200
@@ -241,8 +241,8 @@
{
zend_ini_entry *ini_entry;
TSRMLS_FETCH();
-
- if (zend_hash_find(EG(ini_directives), name, name_length, (void **) &ini_entry)==FAILURE) {
+ if (zend_hash_find(EG(ini_directives), name, name_length, (void**) &ini_entry)==FAILURE ||
+ (stage == ZEND_INI_STAGE_RUNTIME && (ini_entry->modifyable & ZEND_INI_USER) == 0)){
return FAILURE;
}
| Prev- | Prev- | Debian- | May- | Next- | Next- |