Apache mod_php全局变量信息泄露漏洞更新日期:2004-02-12
受影响系统:
Apache Software Foundation Apache 2.0a9
Apache Software Foundation Apache 2.0.48
Apache Software Foundation Apache 2.0.47
Apache Software Foundation Apache 2.0.46
Apache Software Foundation Apache 2.0.45
Apache Software Foundation Apache 2.0.44
Apache Software Foundation Apache 2.0.43
Apache Software Foundation Apache 2.0.42
Apache Software Foundation Apache 2.0.41
Apache Software Foundation Apache 2.0.40
Apache Software Foundation Apache 2.0.39
Apache Software Foundation Apache 2.0.38
Apache Software Foundation Apache 2.0.37
Apache Software Foundation Apache 2.0.36
Apache Software Foundation Apache 2.0.35
Apache Software Foundation Apache 2.0.32
Apache Software Foundation Apache 2.0.28
Apache Software Foundation Apache 2.0
Apache Software Foundation Apache 1.3.29
Apache Software Foundation Apache 1.3.28
Apache Software Foundation Apache 1.3.26
Apache Software Foundation Apache 1.3.25
Apache Software Foundation Apache 1.3.24
Apache Software Foundation Apache 1.3.23
Apache Software Foundation Apache 1.3.22
Apache Software Foundation Apache 1.3.20
Apache Software Foundation Apache 1.3.19
Apache Software Foundation Apache 1.3.18
Apache Software Foundation Apache 1.3.17
Apache Software Foundation Apache 1.3.14
Apache Software Foundation Apache 1.3.12
Apache Software Foundation Apache 1.3.11
Apache Software Foundation Apache 1.3
Apache Software Foundation Apache 1.3.27
- HP HP-UX 11.04
- OpenBSD 3.3
- RedHat Enterprise Linux WS 2.1
- RedHat Enterprise Linux ES 2.1
- RedHat Enterprise Linux AS 2.1
- RedHat Linux 8.0
- RedHat Linux 7.3
- RedHat Linux 7.2
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 9599
Apache mod_php是用于解析PHP的Apache模块。
Apache mod_php在部分设置的情况下存在问题,远程攻击者可以利用这个漏洞获得敏感信息。
如果服务器配置文件"php.ini"设置"register_globals = on",及提交一个请求给虚拟主机(虚拟主机包含"php_admin_flag register_globals off"设置),如果下一个请求通过相同apache子进程发送给其他的虚拟主机(此虚拟主机没有任何设置),那么服务器部分设置就会泄露。
根据服务器和站点配置,攻击者可能获得全局变量信息,如MySQL密码等。
<*来源:Gentoo Linux Security Advisory
链接:http://www.securityfocus.com/advisories/6301
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
Apache Software Foundation
--------------------------
Gentoo Linux建议升级到mode_php 4.3.4-r4版本:
执行如下命令:
# emerge sync
# emerge -pv ">=dev-php/mod_php-4.3.4-r4"
# emerge ">=dev-php/mod_php-4.3.4-r4"