PHP函数CRLF注入漏洞

漏洞信息详情

PHP函数CRLF注入漏洞

• CNNVD编号：CNNVD-200212-731
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2002-1783
  
• 漏洞类型：
  
  
  输入验证
  
• 发布时间：
  
  2002-12-31
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  php
• 漏洞来源：
  Discovery of this …

PHP从4.2.1到 4.2.3版本存在CRLF注入漏洞。当allow_url_fopen被启用时，远程攻击者可以通过导致CRLF序列注入被传递给(1) fopen 或 (2) file函数的参数中为离开的请求修改HTTP头。

The vendor has made a source code fix available via the CVS repository.
Mandrake has released a new security advisory, (MDKSA-2003:082). Information on obtaining and applying fixes can be found in the referenced advisory.
OpenPKG has released a new security advisory, OpenPKG-SA-2003.032. Information on obtaining and applying fixes can be found in the referenced advisory.
Conectiva has released an advisory (CLA-2002:545) which contains fixes for this issue. Please see the attached advisory for further details on obtaining fixes.
RedHat has released a security advisory, RHSA-2002:213-06. Information on obtaining and applying fixes can be found in the referenced advisory.
HP has released an advisory for HP Secure OS, and has advised users to upgrade using the packages listed in Red Hat Security Advisory RHSA-2002:213-06.
Fixes available:
PHP PHP 3.0.18

• Debian php3_3.0.18-0potato1.2_alpha.deb
  
  http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-0potat
  o1.2_alpha.deb
• Debian php3_3.0.18-0potato1.2_arm.deb
  
  http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-0potat
  o1.2_arm.deb
• Debian php3_3.0.18-0potato1.2_i386.deb
  
  http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-0potat
  o1.2_i386.deb
• Debian php3_3.0.18-0potato1.2_m68k.deb
  
  http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-0potat
  o1.2_m68k.deb
• Debian php3_3.0.18-0potato1.2_powerpc.deb
  
  http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-0potat
  o1.2_powerpc.deb
• Debian php3_3.0.18-0potato1.2_sparc.deb
  
  http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-0potat
  o1.2_sparc.deb
• Debian php3_3.0.18-23.1woody1_alpha.deb
  
  http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1wo
  ody1_alpha.deb
• Debian php3_3.0.18-23.1woody1_arm.deb
  
  http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1wo
  ody1_arm.deb
• Debian php3_3.0.18-23.1woody1_hppa.deb
  
  http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1wo
  ody1_hppa.deb
• Debian php3_3.0.18-23.1woody1_i386.deb
  
  http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1wo
  ody1_i386.deb
• Debian php3_3.0.18-23.1woody1_ia64.deb
  
  http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1wo
  ody1_ia64.deb
• Debian php3_3.0.18-23.1woody1_m68k.deb
  
  http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1wo
  ody1_m68k.deb
• Debian php3_3.0.18-23.1woody1_mips.deb
  
  http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1wo
  ody1_mips.deb
• Debian php3_3.0.18-23.1woody1_mipsel.deb
  
  http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1wo
  ody1_mipsel.deb
• Debian php3_3.0.18-23.1woody1_powerpc.deb
  
  http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1wo
  ody1_powerpc.deb
• Debian php3_3.0.18-23.1woody1_s390.deb
  
  http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1wo
  ody1_s390.deb
• Debian php3_3.0.18-23.1woody1_sparc.deb
  
  http://security.debian.org/pool/updates/main/p/php3/php3_3.0.18-23.1wo
  ody1_sparc.deb

PHP PHP 4.0.3

• Debian php4-cgi_4.0.3pl1-0potato4_alpha.deb
  
  http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.0.3pl1-
  0potato4_alpha.deb
• Debian php4-cgi_4.0.3pl1-0potato4_i386.deb
  
  http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.0.3pl1-
  0potato4_i386.deb
• Debian php4-cgi_4.0.3pl1-0potato4_m68k.deb
  
  http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.0.3pl1-
  0potato4_m68k.deb
• Debian php4-cgi_4.0.3pl1-0potato4_powerpc.deb
  
  http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.0.3pl1-
  0potato4_powerpc.deb
• Debian php4-cgi_4.0.3pl1-0potato4_sparc.deb
  
  http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.0.3pl1-
  0potato4_sparc.deb
• Debian php4_4.0.3pl1-0potato4_alpha.deb
  
  http://security.debian.org/pool/updates/main/p/php4/php4_4.0.3pl1-0pot
  ato4_alpha.deb
• Debian php4_4.0.3pl1-0potato4_i386.deb
  
  http://security.debian.org/pool/updates/main/p/php4/php4_4.0.3pl1-0pot
  ato4_i386.deb
• Debian php4_4.0.3pl1-0potato4_m68k.deb
  
  http://security.debian.org/pool/updates/main/p/php4/php4_4.0.3pl1-0pot
  ato4_m68k.deb
• Debian php4_4.0.3pl1-0potato4_powerpc.deb
  
  http://security.debian.org/pool/updates/main/p/php4/php4_4.0.3pl1-0pot
  ato4_powerpc.deb
• Debian php4_4.0.3pl1-0potato4_sparc.deb
  
  http://security.debian.org/pool/updates/main/p/php4/php4_4.0.3pl1-0pot
  ato4_sparc.deb
• PHP url.cSource Code Patch from CVS.
  
  http://cvs.php.net/diff.php/php4/ext/standard/url.c?r1=1.51&r2=1.52&ty
  =u&Horde=0

PHP PHP 4.0.4

• PHP url.cSource Code Patch from CVS.
  

  参考网址

  来源: XF
  名称: php-fopen-crlf-injection(10080)
  链接:http://xforce.iss.net/xforce/xfdb/10080

  来源: BID
  名称: 5681
  链接:http://www.securityfocus.com/bid/5681

  来源: DEBIAN
  名称: DSA-168
  链接:http://www.debian.org/security/2002/dsa-168

  来源: BUGTRAQ
  名称: 20020912 Re: PHP fopen() CRLF Injection
  链接:http://archives.neohapsis.com/archives/bugtraq/2002-09/0132.html

  来源: BUGTRAQ
  名称: 20020909 PHP fopen() CRLF Injection
  链接:http://archives.neohapsis.com/archives/bugtraq/2002-09/0086.html