CVE-2001-1385

Name of the Vulnerable Software and Affected Versions PHP versions 3.0.10 through 3.0.18 PHP versions 4.0.0 through 4.0.4 PHP versions 4.0.1 pl1 through 4.0.1 pl2 PHP versions 4.0.3 pl1 through 4.0.7 RC3 PHP versions 4.1.0 through 4.1.1

Description The issue affects PHP, a server-side scripting language for creating dynamic Web sites. A vulnerability in the handling of file uploads can cause buffer overflows, allowing a remote attacker to execute arbitrary code on the Web server with elevated privileges by using the HTTP POST method to upload a PHP form containing specially-crafted MIME-encoded data. Another vulnerability can allow a remote attacker to gain unauthorized access to restricted files caused by a vulnerability in the .htaccess file. A remote attacker can create a specially-crafted HTTP request that would cause PHP to display the next Web page using the wrong values for the directives. Additionally, if the parameter engine=off is configured on just one of the virtual hosts to disable PHP execution, it may disable PHP execution on other virtual hosts on the same server, allowing a remote attacker to view the source code for the PHP page, which may contain sensitive information.

Recommendations For PHP versions 3.0.10 through 3.0.18, update to a version prior to the affected range or apply configuration changes to restrict access to sensitive files. For PHP versions 4.0.0 through 4.0.4, consider disabling the engine parameter in the .htaccess file to prevent unauthorized access to restricted files. For PHP versions 4.0.1 pl1 through 4.0.1 pl2, restrict access to the upload module to minimize the risk of buffer overflow exploitation. For PHP versions 4.0.3 pl1 through 4.0.7 RC3, avoid using the HTTP POST method to upload files until the issue is resolved. For PHP versions 4.1.0 through 4.1.1, update to a version prior to the affected range or apply configuration changes to restrict access to sensitive files.