SB2014061001 - Slackware Linux update for php

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2014061001

SB2014061001 - Slackware Linux update for php

Published: June 10, 2014

Security Bulletin ID SB2014061001
Severity
Low
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Privilege escalation (CVE-ID: CVE-2014-0185)

The vulnerability allows a local attacker to gain elevated privileges. The weakness exists due to sapi/fpm/fpm/fpm_unix.c in the FastCGI Process Manager (FPM) in PHP before 5.4.28 and 5.5.x before 5.5.12 uses 0666 permissions for the UNIX socket. A local attacker can gain elevated privileges via a crafted FastCGI client.

2) Denial of service (CVE-ID: CVE-2014-0237)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists in cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 due to performance degradation. A remote attacker can trigger many file_printf calls and cause the service to crash.


3) Infinite loop (CVE-ID: CVE-2014-0238)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop in the cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13. A remote attacker can trigger out-of-bounds memory access via a vector that (1) has zero length or (2) is too long and cause the service to crash.

Remediation

Install update from vendor's website.

References