SB2018011106 - Debian update for php5

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018011106

SB2018011106 - Debian update for php5

Published: January 11, 2018 Updated: November 21, 2018

Security Bulletin ID SB2018011106
Severity
High
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 14% Medium 14% Low 71%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Improper input validation (CVE-ID: CVE-2017-11142)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper check for variable length in main/php_variables.c. A remote attacker can cause a CPU consumption denial of service attack by injecting long form variables.

2) Deserialization of untrusted data (CVE-ID: CVE-2017-11143)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in parser.c function due to deserialization of untrusted data. A remote attacker can inject specially crafted XML file and crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wddx/wddx.c.

Successful exploitation of the vulnerability results in denial of service.

3) Denial of service (CVE-ID: CVE-2017-11144)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function. A remote attacker can trigger a crash of the PHP interpreter, related to an interpretation conflict for a negative number in ext/openssl/openssl.c, and an OpenSSL documentation omission.

Successful exploitation of the vulnerability results in denial of service.

4) Out-of-bounds read (CVE-ID: CVE-2017-11145)

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to out-of-bounds read in timelib_meridian(). A remote attacker can read arbitrary data on the target system.

5) Stack-based buffer overflow (CVE-ID: CVE-2017-11628)

The vulnerability allows a remote attacker to cause DoS condition or potentially execute arbitrary code.

The weakness exists due to stack buffer overflow in PHP INI parsing API 2 when handling malicious input. A remote attacker can send specially crafted data, trigger stack buffer overflow in zend_ini_do_op() that may lead to out-of-bounds write, cause the application to crash or execute arbitrary code with web server privileges.

Successful exploitation of the vulnerability may result in system compromise.

6) Deserialization of untrusted data (CVE-ID: CVE-2017-12933)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a buffer over-read while unserializing untrusted data in the finish_nested_data function in ext/standard/var_unserializer.re. A remote attacker can perform a denial of service attack.



7) Out-of-bounds read (CVE-ID: CVE-2017-16642)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to out-of-bounds read in timelib_meridian(). A remote attacker can cause the application to crash.

Remediation

Install update from vendor's website.

References