Amazon Linux AMI update for php54
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2015-2325 CVE-2015-2326 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 |
| CWE-ID | CWE-125 CWE-191 CWE-190 CWE-400 CWE-200 CWE-264 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Amazon Linux AMI Operating systems & Components / Operating system |
| Vendor | Amazon Web Services |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU30441
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2015-2325
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary error in the compile_branch function. A remote attacker can create a regular expression with a group containing a forward reference repeated a large number of times within a repeated outer group that has a zero minimum quantifier, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected packages:
i686:Vulnerable software versions
php54-enchant-5.4.41-1.69.amzn1.i686
php54-mssql-5.4.41-1.69.amzn1.i686
php54-mbstring-5.4.41-1.69.amzn1.i686
php54-pdo-5.4.41-1.69.amzn1.i686
php54-gd-5.4.41-1.69.amzn1.i686
php54-pgsql-5.4.41-1.69.amzn1.i686
php54-mysql-5.4.41-1.69.amzn1.i686
php54-odbc-5.4.41-1.69.amzn1.i686
php54-soap-5.4.41-1.69.amzn1.i686
php54-embedded-5.4.41-1.69.amzn1.i686
php54-imap-5.4.41-1.69.amzn1.i686
php54-bcmath-5.4.41-1.69.amzn1.i686
php54-process-5.4.41-1.69.amzn1.i686
php54-recode-5.4.41-1.69.amzn1.i686
php54-mysqlnd-5.4.41-1.69.amzn1.i686
php54-fpm-5.4.41-1.69.amzn1.i686
php54-xmlrpc-5.4.41-1.69.amzn1.i686
php54-mcrypt-5.4.41-1.69.amzn1.i686
php54-snmp-5.4.41-1.69.amzn1.i686
php54-tidy-5.4.41-1.69.amzn1.i686
php54-cli-5.4.41-1.69.amzn1.i686
php54-intl-5.4.41-1.69.amzn1.i686
php54-dba-5.4.41-1.69.amzn1.i686
php54-debuginfo-5.4.41-1.69.amzn1.i686
php54-ldap-5.4.41-1.69.amzn1.i686
php54-xml-5.4.41-1.69.amzn1.i686
php54-pspell-5.4.41-1.69.amzn1.i686
php54-devel-5.4.41-1.69.amzn1.i686
php54-common-5.4.41-1.69.amzn1.i686
php54-5.4.41-1.69.amzn1.i686
src:
php54-5.4.41-1.69.amzn1.src
x86_64:
php54-intl-5.4.41-1.69.amzn1.x86_64
php54-mysql-5.4.41-1.69.amzn1.x86_64
php54-common-5.4.41-1.69.amzn1.x86_64
php54-gd-5.4.41-1.69.amzn1.x86_64
php54-5.4.41-1.69.amzn1.x86_64
php54-tidy-5.4.41-1.69.amzn1.x86_64
php54-ldap-5.4.41-1.69.amzn1.x86_64
php54-mssql-5.4.41-1.69.amzn1.x86_64
php54-imap-5.4.41-1.69.amzn1.x86_64
php54-xml-5.4.41-1.69.amzn1.x86_64
php54-embedded-5.4.41-1.69.amzn1.x86_64
php54-cli-5.4.41-1.69.amzn1.x86_64
php54-enchant-5.4.41-1.69.amzn1.x86_64
php54-pdo-5.4.41-1.69.amzn1.x86_64
php54-odbc-5.4.41-1.69.amzn1.x86_64
php54-soap-5.4.41-1.69.amzn1.x86_64
php54-pgsql-5.4.41-1.69.amzn1.x86_64
php54-pspell-5.4.41-1.69.amzn1.x86_64
php54-recode-5.4.41-1.69.amzn1.x86_64
php54-mysqlnd-5.4.41-1.69.amzn1.x86_64
php54-process-5.4.41-1.69.amzn1.x86_64
php54-debuginfo-5.4.41-1.69.amzn1.x86_64
php54-xmlrpc-5.4.41-1.69.amzn1.x86_64
php54-devel-5.4.41-1.69.amzn1.x86_64
php54-fpm-5.4.41-1.69.amzn1.x86_64
php54-dba-5.4.41-1.69.amzn1.x86_64
php54-bcmath-5.4.41-1.69.amzn1.x86_64
php54-mcrypt-5.4.41-1.69.amzn1.x86_64
php54-snmp-5.4.41-1.69.amzn1.x86_64
php54-mbstring-5.4.41-1.69.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2015-534.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU30442
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2015-2326
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local non-authenticated attacker to perform a denial of service (DoS) attack.
The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by "((?+1)(1))/".
MitigationUpdate the affected packages:
i686:Vulnerable software versions
php54-enchant-5.4.41-1.69.amzn1.i686
php54-mssql-5.4.41-1.69.amzn1.i686
php54-mbstring-5.4.41-1.69.amzn1.i686
php54-pdo-5.4.41-1.69.amzn1.i686
php54-gd-5.4.41-1.69.amzn1.i686
php54-pgsql-5.4.41-1.69.amzn1.i686
php54-mysql-5.4.41-1.69.amzn1.i686
php54-odbc-5.4.41-1.69.amzn1.i686
php54-soap-5.4.41-1.69.amzn1.i686
php54-embedded-5.4.41-1.69.amzn1.i686
php54-imap-5.4.41-1.69.amzn1.i686
php54-bcmath-5.4.41-1.69.amzn1.i686
php54-process-5.4.41-1.69.amzn1.i686
php54-recode-5.4.41-1.69.amzn1.i686
php54-mysqlnd-5.4.41-1.69.amzn1.i686
php54-fpm-5.4.41-1.69.amzn1.i686
php54-xmlrpc-5.4.41-1.69.amzn1.i686
php54-mcrypt-5.4.41-1.69.amzn1.i686
php54-snmp-5.4.41-1.69.amzn1.i686
php54-tidy-5.4.41-1.69.amzn1.i686
php54-cli-5.4.41-1.69.amzn1.i686
php54-intl-5.4.41-1.69.amzn1.i686
php54-dba-5.4.41-1.69.amzn1.i686
php54-debuginfo-5.4.41-1.69.amzn1.i686
php54-ldap-5.4.41-1.69.amzn1.i686
php54-xml-5.4.41-1.69.amzn1.i686
php54-pspell-5.4.41-1.69.amzn1.i686
php54-devel-5.4.41-1.69.amzn1.i686
php54-common-5.4.41-1.69.amzn1.i686
php54-5.4.41-1.69.amzn1.i686
src:
php54-5.4.41-1.69.amzn1.src
x86_64:
php54-intl-5.4.41-1.69.amzn1.x86_64
php54-mysql-5.4.41-1.69.amzn1.x86_64
php54-common-5.4.41-1.69.amzn1.x86_64
php54-gd-5.4.41-1.69.amzn1.x86_64
php54-5.4.41-1.69.amzn1.x86_64
php54-tidy-5.4.41-1.69.amzn1.x86_64
php54-ldap-5.4.41-1.69.amzn1.x86_64
php54-mssql-5.4.41-1.69.amzn1.x86_64
php54-imap-5.4.41-1.69.amzn1.x86_64
php54-xml-5.4.41-1.69.amzn1.x86_64
php54-embedded-5.4.41-1.69.amzn1.x86_64
php54-cli-5.4.41-1.69.amzn1.x86_64
php54-enchant-5.4.41-1.69.amzn1.x86_64
php54-pdo-5.4.41-1.69.amzn1.x86_64
php54-odbc-5.4.41-1.69.amzn1.x86_64
php54-soap-5.4.41-1.69.amzn1.x86_64
php54-pgsql-5.4.41-1.69.amzn1.x86_64
php54-pspell-5.4.41-1.69.amzn1.x86_64
php54-recode-5.4.41-1.69.amzn1.x86_64
php54-mysqlnd-5.4.41-1.69.amzn1.x86_64
php54-process-5.4.41-1.69.amzn1.x86_64
php54-debuginfo-5.4.41-1.69.amzn1.x86_64
php54-xmlrpc-5.4.41-1.69.amzn1.x86_64
php54-devel-5.4.41-1.69.amzn1.x86_64
php54-fpm-5.4.41-1.69.amzn1.x86_64
php54-dba-5.4.41-1.69.amzn1.x86_64
php54-bcmath-5.4.41-1.69.amzn1.x86_64
php54-mcrypt-5.4.41-1.69.amzn1.x86_64
php54-snmp-5.4.41-1.69.amzn1.x86_64
php54-mbstring-5.4.41-1.69.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2015-534.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Integer underflow
EUVDB-ID: #VU16119
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2015-4021
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to the phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the character. A remote attacker can trigger integer underflow and memory corruption)via a crafted entry in a tar archive and cause the service to crash.
Update the affected packages:
i686:Vulnerable software versions
php54-enchant-5.4.41-1.69.amzn1.i686
php54-mssql-5.4.41-1.69.amzn1.i686
php54-mbstring-5.4.41-1.69.amzn1.i686
php54-pdo-5.4.41-1.69.amzn1.i686
php54-gd-5.4.41-1.69.amzn1.i686
php54-pgsql-5.4.41-1.69.amzn1.i686
php54-mysql-5.4.41-1.69.amzn1.i686
php54-odbc-5.4.41-1.69.amzn1.i686
php54-soap-5.4.41-1.69.amzn1.i686
php54-embedded-5.4.41-1.69.amzn1.i686
php54-imap-5.4.41-1.69.amzn1.i686
php54-bcmath-5.4.41-1.69.amzn1.i686
php54-process-5.4.41-1.69.amzn1.i686
php54-recode-5.4.41-1.69.amzn1.i686
php54-mysqlnd-5.4.41-1.69.amzn1.i686
php54-fpm-5.4.41-1.69.amzn1.i686
php54-xmlrpc-5.4.41-1.69.amzn1.i686
php54-mcrypt-5.4.41-1.69.amzn1.i686
php54-snmp-5.4.41-1.69.amzn1.i686
php54-tidy-5.4.41-1.69.amzn1.i686
php54-cli-5.4.41-1.69.amzn1.i686
php54-intl-5.4.41-1.69.amzn1.i686
php54-dba-5.4.41-1.69.amzn1.i686
php54-debuginfo-5.4.41-1.69.amzn1.i686
php54-ldap-5.4.41-1.69.amzn1.i686
php54-xml-5.4.41-1.69.amzn1.i686
php54-pspell-5.4.41-1.69.amzn1.i686
php54-devel-5.4.41-1.69.amzn1.i686
php54-common-5.4.41-1.69.amzn1.i686
php54-5.4.41-1.69.amzn1.i686
src:
php54-5.4.41-1.69.amzn1.src
x86_64:
php54-intl-5.4.41-1.69.amzn1.x86_64
php54-mysql-5.4.41-1.69.amzn1.x86_64
php54-common-5.4.41-1.69.amzn1.x86_64
php54-gd-5.4.41-1.69.amzn1.x86_64
php54-5.4.41-1.69.amzn1.x86_64
php54-tidy-5.4.41-1.69.amzn1.x86_64
php54-ldap-5.4.41-1.69.amzn1.x86_64
php54-mssql-5.4.41-1.69.amzn1.x86_64
php54-imap-5.4.41-1.69.amzn1.x86_64
php54-xml-5.4.41-1.69.amzn1.x86_64
php54-embedded-5.4.41-1.69.amzn1.x86_64
php54-cli-5.4.41-1.69.amzn1.x86_64
php54-enchant-5.4.41-1.69.amzn1.x86_64
php54-pdo-5.4.41-1.69.amzn1.x86_64
php54-odbc-5.4.41-1.69.amzn1.x86_64
php54-soap-5.4.41-1.69.amzn1.x86_64
php54-pgsql-5.4.41-1.69.amzn1.x86_64
php54-pspell-5.4.41-1.69.amzn1.x86_64
php54-recode-5.4.41-1.69.amzn1.x86_64
php54-mysqlnd-5.4.41-1.69.amzn1.x86_64
php54-process-5.4.41-1.69.amzn1.x86_64
php54-debuginfo-5.4.41-1.69.amzn1.x86_64
php54-xmlrpc-5.4.41-1.69.amzn1.x86_64
php54-devel-5.4.41-1.69.amzn1.x86_64
php54-fpm-5.4.41-1.69.amzn1.x86_64
php54-dba-5.4.41-1.69.amzn1.x86_64
php54-bcmath-5.4.41-1.69.amzn1.x86_64
php54-mcrypt-5.4.41-1.69.amzn1.x86_64
php54-snmp-5.4.41-1.69.amzn1.x86_64
php54-mbstring-5.4.41-1.69.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2015-534.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Integer overflow
EUVDB-ID: #VU16120
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2015-4022
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9. A remote attacker can trigger heap-based buffer overflow via a long reply to a LIST command and execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise.
Update the affected packages:
i686:Vulnerable software versions
php54-enchant-5.4.41-1.69.amzn1.i686
php54-mssql-5.4.41-1.69.amzn1.i686
php54-mbstring-5.4.41-1.69.amzn1.i686
php54-pdo-5.4.41-1.69.amzn1.i686
php54-gd-5.4.41-1.69.amzn1.i686
php54-pgsql-5.4.41-1.69.amzn1.i686
php54-mysql-5.4.41-1.69.amzn1.i686
php54-odbc-5.4.41-1.69.amzn1.i686
php54-soap-5.4.41-1.69.amzn1.i686
php54-embedded-5.4.41-1.69.amzn1.i686
php54-imap-5.4.41-1.69.amzn1.i686
php54-bcmath-5.4.41-1.69.amzn1.i686
php54-process-5.4.41-1.69.amzn1.i686
php54-recode-5.4.41-1.69.amzn1.i686
php54-mysqlnd-5.4.41-1.69.amzn1.i686
php54-fpm-5.4.41-1.69.amzn1.i686
php54-xmlrpc-5.4.41-1.69.amzn1.i686
php54-mcrypt-5.4.41-1.69.amzn1.i686
php54-snmp-5.4.41-1.69.amzn1.i686
php54-tidy-5.4.41-1.69.amzn1.i686
php54-cli-5.4.41-1.69.amzn1.i686
php54-intl-5.4.41-1.69.amzn1.i686
php54-dba-5.4.41-1.69.amzn1.i686
php54-debuginfo-5.4.41-1.69.amzn1.i686
php54-ldap-5.4.41-1.69.amzn1.i686
php54-xml-5.4.41-1.69.amzn1.i686
php54-pspell-5.4.41-1.69.amzn1.i686
php54-devel-5.4.41-1.69.amzn1.i686
php54-common-5.4.41-1.69.amzn1.i686
php54-5.4.41-1.69.amzn1.i686
src:
php54-5.4.41-1.69.amzn1.src
x86_64:
php54-intl-5.4.41-1.69.amzn1.x86_64
php54-mysql-5.4.41-1.69.amzn1.x86_64
php54-common-5.4.41-1.69.amzn1.x86_64
php54-gd-5.4.41-1.69.amzn1.x86_64
php54-5.4.41-1.69.amzn1.x86_64
php54-tidy-5.4.41-1.69.amzn1.x86_64
php54-ldap-5.4.41-1.69.amzn1.x86_64
php54-mssql-5.4.41-1.69.amzn1.x86_64
php54-imap-5.4.41-1.69.amzn1.x86_64
php54-xml-5.4.41-1.69.amzn1.x86_64
php54-embedded-5.4.41-1.69.amzn1.x86_64
php54-cli-5.4.41-1.69.amzn1.x86_64
php54-enchant-5.4.41-1.69.amzn1.x86_64
php54-pdo-5.4.41-1.69.amzn1.x86_64
php54-odbc-5.4.41-1.69.amzn1.x86_64
php54-soap-5.4.41-1.69.amzn1.x86_64
php54-pgsql-5.4.41-1.69.amzn1.x86_64
php54-pspell-5.4.41-1.69.amzn1.x86_64
php54-recode-5.4.41-1.69.amzn1.x86_64
php54-mysqlnd-5.4.41-1.69.amzn1.x86_64
php54-process-5.4.41-1.69.amzn1.x86_64
php54-debuginfo-5.4.41-1.69.amzn1.x86_64
php54-xmlrpc-5.4.41-1.69.amzn1.x86_64
php54-devel-5.4.41-1.69.amzn1.x86_64
php54-fpm-5.4.41-1.69.amzn1.x86_64
php54-dba-5.4.41-1.69.amzn1.x86_64
php54-bcmath-5.4.41-1.69.amzn1.x86_64
php54-mcrypt-5.4.41-1.69.amzn1.x86_64
php54-snmp-5.4.41-1.69.amzn1.x86_64
php54-mbstring-5.4.41-1.69.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2015-534.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Resource exhaustion
EUVDB-ID: #VU16122
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2015-4024
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9. A remote attacker can trigger CPU consumption and cause the service to crash via crafted form data that triggers an improper order-of-growth outcome.
Update the affected packages:
i686:Vulnerable software versions
php54-enchant-5.4.41-1.69.amzn1.i686
php54-mssql-5.4.41-1.69.amzn1.i686
php54-mbstring-5.4.41-1.69.amzn1.i686
php54-pdo-5.4.41-1.69.amzn1.i686
php54-gd-5.4.41-1.69.amzn1.i686
php54-pgsql-5.4.41-1.69.amzn1.i686
php54-mysql-5.4.41-1.69.amzn1.i686
php54-odbc-5.4.41-1.69.amzn1.i686
php54-soap-5.4.41-1.69.amzn1.i686
php54-embedded-5.4.41-1.69.amzn1.i686
php54-imap-5.4.41-1.69.amzn1.i686
php54-bcmath-5.4.41-1.69.amzn1.i686
php54-process-5.4.41-1.69.amzn1.i686
php54-recode-5.4.41-1.69.amzn1.i686
php54-mysqlnd-5.4.41-1.69.amzn1.i686
php54-fpm-5.4.41-1.69.amzn1.i686
php54-xmlrpc-5.4.41-1.69.amzn1.i686
php54-mcrypt-5.4.41-1.69.amzn1.i686
php54-snmp-5.4.41-1.69.amzn1.i686
php54-tidy-5.4.41-1.69.amzn1.i686
php54-cli-5.4.41-1.69.amzn1.i686
php54-intl-5.4.41-1.69.amzn1.i686
php54-dba-5.4.41-1.69.amzn1.i686
php54-debuginfo-5.4.41-1.69.amzn1.i686
php54-ldap-5.4.41-1.69.amzn1.i686
php54-xml-5.4.41-1.69.amzn1.i686
php54-pspell-5.4.41-1.69.amzn1.i686
php54-devel-5.4.41-1.69.amzn1.i686
php54-common-5.4.41-1.69.amzn1.i686
php54-5.4.41-1.69.amzn1.i686
src:
php54-5.4.41-1.69.amzn1.src
x86_64:
php54-intl-5.4.41-1.69.amzn1.x86_64
php54-mysql-5.4.41-1.69.amzn1.x86_64
php54-common-5.4.41-1.69.amzn1.x86_64
php54-gd-5.4.41-1.69.amzn1.x86_64
php54-5.4.41-1.69.amzn1.x86_64
php54-tidy-5.4.41-1.69.amzn1.x86_64
php54-ldap-5.4.41-1.69.amzn1.x86_64
php54-mssql-5.4.41-1.69.amzn1.x86_64
php54-imap-5.4.41-1.69.amzn1.x86_64
php54-xml-5.4.41-1.69.amzn1.x86_64
php54-embedded-5.4.41-1.69.amzn1.x86_64
php54-cli-5.4.41-1.69.amzn1.x86_64
php54-enchant-5.4.41-1.69.amzn1.x86_64
php54-pdo-5.4.41-1.69.amzn1.x86_64
php54-odbc-5.4.41-1.69.amzn1.x86_64
php54-soap-5.4.41-1.69.amzn1.x86_64
php54-pgsql-5.4.41-1.69.amzn1.x86_64
php54-pspell-5.4.41-1.69.amzn1.x86_64
php54-recode-5.4.41-1.69.amzn1.x86_64
php54-mysqlnd-5.4.41-1.69.amzn1.x86_64
php54-process-5.4.41-1.69.amzn1.x86_64
php54-debuginfo-5.4.41-1.69.amzn1.x86_64
php54-xmlrpc-5.4.41-1.69.amzn1.x86_64
php54-devel-5.4.41-1.69.amzn1.x86_64
php54-fpm-5.4.41-1.69.amzn1.x86_64
php54-dba-5.4.41-1.69.amzn1.x86_64
php54-bcmath-5.4.41-1.69.amzn1.x86_64
php54-mcrypt-5.4.41-1.69.amzn1.x86_64
php54-snmp-5.4.41-1.69.amzn1.x86_64
php54-mbstring-5.4.41-1.69.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2015-534.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Information disclosure
EUVDB-ID: #VU16116
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2015-4025
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a x00 character in certain situations. A remote attacker can bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink.
Update the affected packages:
i686:Vulnerable software versions
php54-enchant-5.4.41-1.69.amzn1.i686
php54-mssql-5.4.41-1.69.amzn1.i686
php54-mbstring-5.4.41-1.69.amzn1.i686
php54-pdo-5.4.41-1.69.amzn1.i686
php54-gd-5.4.41-1.69.amzn1.i686
php54-pgsql-5.4.41-1.69.amzn1.i686
php54-mysql-5.4.41-1.69.amzn1.i686
php54-odbc-5.4.41-1.69.amzn1.i686
php54-soap-5.4.41-1.69.amzn1.i686
php54-embedded-5.4.41-1.69.amzn1.i686
php54-imap-5.4.41-1.69.amzn1.i686
php54-bcmath-5.4.41-1.69.amzn1.i686
php54-process-5.4.41-1.69.amzn1.i686
php54-recode-5.4.41-1.69.amzn1.i686
php54-mysqlnd-5.4.41-1.69.amzn1.i686
php54-fpm-5.4.41-1.69.amzn1.i686
php54-xmlrpc-5.4.41-1.69.amzn1.i686
php54-mcrypt-5.4.41-1.69.amzn1.i686
php54-snmp-5.4.41-1.69.amzn1.i686
php54-tidy-5.4.41-1.69.amzn1.i686
php54-cli-5.4.41-1.69.amzn1.i686
php54-intl-5.4.41-1.69.amzn1.i686
php54-dba-5.4.41-1.69.amzn1.i686
php54-debuginfo-5.4.41-1.69.amzn1.i686
php54-ldap-5.4.41-1.69.amzn1.i686
php54-xml-5.4.41-1.69.amzn1.i686
php54-pspell-5.4.41-1.69.amzn1.i686
php54-devel-5.4.41-1.69.amzn1.i686
php54-common-5.4.41-1.69.amzn1.i686
php54-5.4.41-1.69.amzn1.i686
src:
php54-5.4.41-1.69.amzn1.src
x86_64:
php54-intl-5.4.41-1.69.amzn1.x86_64
php54-mysql-5.4.41-1.69.amzn1.x86_64
php54-common-5.4.41-1.69.amzn1.x86_64
php54-gd-5.4.41-1.69.amzn1.x86_64
php54-5.4.41-1.69.amzn1.x86_64
php54-tidy-5.4.41-1.69.amzn1.x86_64
php54-ldap-5.4.41-1.69.amzn1.x86_64
php54-mssql-5.4.41-1.69.amzn1.x86_64
php54-imap-5.4.41-1.69.amzn1.x86_64
php54-xml-5.4.41-1.69.amzn1.x86_64
php54-embedded-5.4.41-1.69.amzn1.x86_64
php54-cli-5.4.41-1.69.amzn1.x86_64
php54-enchant-5.4.41-1.69.amzn1.x86_64
php54-pdo-5.4.41-1.69.amzn1.x86_64
php54-odbc-5.4.41-1.69.amzn1.x86_64
php54-soap-5.4.41-1.69.amzn1.x86_64
php54-pgsql-5.4.41-1.69.amzn1.x86_64
php54-pspell-5.4.41-1.69.amzn1.x86_64
php54-recode-5.4.41-1.69.amzn1.x86_64
php54-mysqlnd-5.4.41-1.69.amzn1.x86_64
php54-process-5.4.41-1.69.amzn1.x86_64
php54-debuginfo-5.4.41-1.69.amzn1.x86_64
php54-xmlrpc-5.4.41-1.69.amzn1.x86_64
php54-devel-5.4.41-1.69.amzn1.x86_64
php54-fpm-5.4.41-1.69.amzn1.x86_64
php54-dba-5.4.41-1.69.amzn1.x86_64
php54-bcmath-5.4.41-1.69.amzn1.x86_64
php54-mcrypt-5.4.41-1.69.amzn1.x86_64
php54-snmp-5.4.41-1.69.amzn1.x86_64
php54-mbstring-5.4.41-1.69.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2015-534.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Security restrictions bypass
EUVDB-ID: #VU16117
Risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2015-4026
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists due to the pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a x00 character. A remote attacker can bypass intended extension restrictions and execute files with unexpected names via a crafted first argument.
Update the affected packages:
i686:Vulnerable software versions
php54-enchant-5.4.41-1.69.amzn1.i686
php54-mssql-5.4.41-1.69.amzn1.i686
php54-mbstring-5.4.41-1.69.amzn1.i686
php54-pdo-5.4.41-1.69.amzn1.i686
php54-gd-5.4.41-1.69.amzn1.i686
php54-pgsql-5.4.41-1.69.amzn1.i686
php54-mysql-5.4.41-1.69.amzn1.i686
php54-odbc-5.4.41-1.69.amzn1.i686
php54-soap-5.4.41-1.69.amzn1.i686
php54-embedded-5.4.41-1.69.amzn1.i686
php54-imap-5.4.41-1.69.amzn1.i686
php54-bcmath-5.4.41-1.69.amzn1.i686
php54-process-5.4.41-1.69.amzn1.i686
php54-recode-5.4.41-1.69.amzn1.i686
php54-mysqlnd-5.4.41-1.69.amzn1.i686
php54-fpm-5.4.41-1.69.amzn1.i686
php54-xmlrpc-5.4.41-1.69.amzn1.i686
php54-mcrypt-5.4.41-1.69.amzn1.i686
php54-snmp-5.4.41-1.69.amzn1.i686
php54-tidy-5.4.41-1.69.amzn1.i686
php54-cli-5.4.41-1.69.amzn1.i686
php54-intl-5.4.41-1.69.amzn1.i686
php54-dba-5.4.41-1.69.amzn1.i686
php54-debuginfo-5.4.41-1.69.amzn1.i686
php54-ldap-5.4.41-1.69.amzn1.i686
php54-xml-5.4.41-1.69.amzn1.i686
php54-pspell-5.4.41-1.69.amzn1.i686
php54-devel-5.4.41-1.69.amzn1.i686
php54-common-5.4.41-1.69.amzn1.i686
php54-5.4.41-1.69.amzn1.i686
src:
php54-5.4.41-1.69.amzn1.src
x86_64:
php54-intl-5.4.41-1.69.amzn1.x86_64
php54-mysql-5.4.41-1.69.amzn1.x86_64
php54-common-5.4.41-1.69.amzn1.x86_64
php54-gd-5.4.41-1.69.amzn1.x86_64
php54-5.4.41-1.69.amzn1.x86_64
php54-tidy-5.4.41-1.69.amzn1.x86_64
php54-ldap-5.4.41-1.69.amzn1.x86_64
php54-mssql-5.4.41-1.69.amzn1.x86_64
php54-imap-5.4.41-1.69.amzn1.x86_64
php54-xml-5.4.41-1.69.amzn1.x86_64
php54-embedded-5.4.41-1.69.amzn1.x86_64
php54-cli-5.4.41-1.69.amzn1.x86_64
php54-enchant-5.4.41-1.69.amzn1.x86_64
php54-pdo-5.4.41-1.69.amzn1.x86_64
php54-odbc-5.4.41-1.69.amzn1.x86_64
php54-soap-5.4.41-1.69.amzn1.x86_64
php54-pgsql-5.4.41-1.69.amzn1.x86_64
php54-pspell-5.4.41-1.69.amzn1.x86_64
php54-recode-5.4.41-1.69.amzn1.x86_64
php54-mysqlnd-5.4.41-1.69.amzn1.x86_64
php54-process-5.4.41-1.69.amzn1.x86_64
php54-debuginfo-5.4.41-1.69.amzn1.x86_64
php54-xmlrpc-5.4.41-1.69.amzn1.x86_64
php54-devel-5.4.41-1.69.amzn1.x86_64
php54-fpm-5.4.41-1.69.amzn1.x86_64
php54-dba-5.4.41-1.69.amzn1.x86_64
php54-bcmath-5.4.41-1.69.amzn1.x86_64
php54-mcrypt-5.4.41-1.69.amzn1.x86_64
php54-snmp-5.4.41-1.69.amzn1.x86_64
php54-mbstring-5.4.41-1.69.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2015-534.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
