CVE-2002-0081

Name of the Vulnerable Software and Affected Versions PHP versions prior to 4.2.0 PHP version 4.1.1 PHP version 4.1.0 PHP version 4.0.6 and earlier PHP 3.0.x

Description The issue allows remote attackers to execute arbitrary code via a multipart/form-data HTTP POST request when file uploads is enabled. This is due to buffer overflows in the handling of file uploads, specifically in the php mime split and php3 mime split functions. By using the HTTP POST method to upload a PHP form containing specially-crafted MIME-encoded data, a remote attacker can overflow a buffer and execute arbitrary code on the Web server with elevated privileges.

Recommendations For PHP versions prior to 4.2.0, update to version 4.2.0 or later to resolve the issue. For PHP version 4.1.1, update to version 4.2.0 or later to resolve the issue. For PHP version 4.1.0, update to version 4.2.0 or later to resolve the issue. For PHP version 4.0.6 and earlier, update to version 4.2.0 or later to resolve the issue. For PHP 3.0.x, update to version 4.2.0 or later to resolve the issue. As a temporary workaround, consider disabling the file uploads feature until a patch is available. Restrict access to the vulnerable php mime split and php3 mime split functions to minimize the risk of exploitation. Avoid using the HTTP POST method to upload PHP forms containing MIME-encoded data until the issue is resolved.