Fedora EPEL 7 update for php-ZendFramework2, php-guzzle-Guzzle

1) Input validation error

EUVDB-ID: #VU40663

Risk: Medium

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2015-5161

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The Zend_Xml_Security::scan in ZendXml before 1.0.1 and Zend Framework before 1.12.14, 2.x before 2.4.6, and 2.5.x before 2.5.2, when running under PHP-FPM in a threaded environment, allows remote attackers to bypass security checks and conduct XML external entity (XXE) and XML entity expansion (XEE) attacks via multibyte encoded characters. <a href="http://cwe.mitre.org/data/definitions/611.html">CWE-611: Improper Restriction of XML External Entity Reference ('XXE')</a>

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Fedora: 7

php-guzzle-Guzzle: before 3.9.3-5.el7

php-ZendFramework2: before 2.4.7-2.el7

CPE2.3

• cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*
• cpe:2.3:a:fedoraproject:php-guzzle-guzzle:*:*:*:*:*:fedora:*:*
• cpe:2.3:a:fedoraproject:php-zendframework2:*:*:*:*:*:fedora:*:*

External links

https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7845

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.