Slackware Linux update for php
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2011-2483 CVE-2011-2202 CVE-2011-1938 CVE-2011-1148 |
| CWE-ID | CWE-310 CWE-264 CWE-121 CWE-399 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #3 is available. |
| Vulnerable software |
Slackware Linux Operating systems & Components / Operating system php Operating systems & Components / Operating system package or component |
| Vendor | Slackware |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Cryptographic issues
EUVDB-ID: #VU110278
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2011-2483
CWE-ID:
CWE-310 - Cryptographic Issues
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash.
MitigationUpdate the affected package php.
Vulnerable software versionsSlackware Linux: 11.0 - 13.37
php: before 5.3.8
CPE2.3- cpe:2.3:o:slackware:slackware_linux:11.0:*:*:*:*:*:*:*
- cpe:2.3:o:slackware:slackware_linux:13.0:*:*:*:*:*:*:*
- cpe:2.3:o:slackware:slackware_linux:13.1:*:*:*:*:*:*:*
- cpe:2.3:a:slackware:php:*:*:*:*:*:slackware_linux:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU44946
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2011-2202
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate or delete data.
The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request, related to a "file path injection vulnerability."
MitigationUpdate the affected package php.
Vulnerable software versionsSlackware Linux: 11.0 - 13.37
php: before 5.3.8
CPE2.3- cpe:2.3:o:slackware:slackware_linux:11.0:*:*:*:*:*:*:*
- cpe:2.3:o:slackware:slackware_linux:13.0:*:*:*:*:*:*:*
- cpe:2.3:o:slackware:slackware_linux:13.1:*:*:*:*:*:*:*
- cpe:2.3:a:slackware:php:*:*:*:*:*:slackware_linux:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Stack-based buffer overflow
EUVDB-ID: #VU45008
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2011-1938
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing a long pathname for a UNIX socket. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package php.
Vulnerable software versionsSlackware Linux: 11.0 - 13.37
php: before 5.3.8
CPE2.3- cpe:2.3:o:slackware:slackware_linux:11.0:*:*:*:*:*:*:*
- cpe:2.3:o:slackware:slackware_linux:13.0:*:*:*:*:*:*:*
- cpe:2.3:o:slackware:slackware_linux:13.1:*:*:*:*:*:*:*
- cpe:2.3:a:slackware:php:*:*:*:*:*:slackware_linux:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
4) Resource management error
EUVDB-ID: #VU45220
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2011-1148
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and earlier allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by using the same variable for multiple arguments.
MitigationUpdate the affected package php.
Vulnerable software versionsSlackware Linux: 11.0 - 13.37
php: before 5.3.8
CPE2.3- cpe:2.3:o:slackware:slackware_linux:11.0:*:*:*:*:*:*:*
- cpe:2.3:o:slackware:slackware_linux:13.0:*:*:*:*:*:*:*
- cpe:2.3:o:slackware:slackware_linux:13.1:*:*:*:*:*:*:*
- cpe:2.3:a:slackware:php:*:*:*:*:*:slackware_linux:*:*
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
