Amazon Linux AMI update for php56, php70, php71



Published: 2018-05-11
Risk Low
Patch available YES
Number of vulnerabilities 5
CVE-ID CVE-2018-10547
CVE-2018-10546
CVE-2018-10549
CVE-2018-10548
CVE-2018-5712
CWE-ID CWE-79
CWE-835
CWE-119
CWE-300
Exploitation vector Network
Public exploit Public exploit code for vulnerability #2 is available.
Public exploit code for vulnerability #3 is available.
Vulnerable software
Subscribe
Amazon Linux AMI
Operating systems & Components / Operating system

Vendor Amazon Web Services

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) Cross-site scripting

EUVDB-ID: #VU12327

Risk: Low

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-10547

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists in the phar_do_404() and phar_do_403() functions due to insufficient sanitization of user-supplied data processed by the phar_do_404() and phar_do_403() functions, as defined in the ext/phar/phar_object.c source code file. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

The vulnerability exists due to an incomplete fix for CVE-2018-5712.

Mitigation

Update the affected packages.

i686:
    php56-enchant-5.6.36-1.138.amzn1.i686
    php56-tidy-5.6.36-1.138.amzn1.i686
    php56-fpm-5.6.36-1.138.amzn1.i686
    php56-mbstring-5.6.36-1.138.amzn1.i686
    php56-xmlrpc-5.6.36-1.138.amzn1.i686
    php56-imap-5.6.36-1.138.amzn1.i686
    php56-snmp-5.6.36-1.138.amzn1.i686
    php56-opcache-5.6.36-1.138.amzn1.i686
    php56-intl-5.6.36-1.138.amzn1.i686
    php56-xml-5.6.36-1.138.amzn1.i686
    php56-gd-5.6.36-1.138.amzn1.i686
    php56-debuginfo-5.6.36-1.138.amzn1.i686
    php56-dbg-5.6.36-1.138.amzn1.i686
    php56-recode-5.6.36-1.138.amzn1.i686
    php56-mysqlnd-5.6.36-1.138.amzn1.i686
    php56-embedded-5.6.36-1.138.amzn1.i686
    php56-bcmath-5.6.36-1.138.amzn1.i686
    php56-dba-5.6.36-1.138.amzn1.i686
    php56-cli-5.6.36-1.138.amzn1.i686
    php56-gmp-5.6.36-1.138.amzn1.i686
    php56-pdo-5.6.36-1.138.amzn1.i686
    php56-mssql-5.6.36-1.138.amzn1.i686
    php56-pgsql-5.6.36-1.138.amzn1.i686
    php56-ldap-5.6.36-1.138.amzn1.i686
    php56-soap-5.6.36-1.138.amzn1.i686
    php56-mcrypt-5.6.36-1.138.amzn1.i686
    php56-process-5.6.36-1.138.amzn1.i686
    php56-common-5.6.36-1.138.amzn1.i686
    php56-pspell-5.6.36-1.138.amzn1.i686
    php56-5.6.36-1.138.amzn1.i686
    php56-odbc-5.6.36-1.138.amzn1.i686
    php56-devel-5.6.36-1.138.amzn1.i686
    php71-dba-7.1.17-1.32.amzn1.i686
    php71-gmp-7.1.17-1.32.amzn1.i686
    php71-ldap-7.1.17-1.32.amzn1.i686
    php71-xmlrpc-7.1.17-1.32.amzn1.i686
    php71-opcache-7.1.17-1.32.amzn1.i686
    php71-pdo-dblib-7.1.17-1.32.amzn1.i686
    php71-mysqlnd-7.1.17-1.32.amzn1.i686
    php71-cli-7.1.17-1.32.amzn1.i686
    php71-xml-7.1.17-1.32.amzn1.i686
    php71-fpm-7.1.17-1.32.amzn1.i686
    php71-enchant-7.1.17-1.32.amzn1.i686
    php71-mcrypt-7.1.17-1.32.amzn1.i686
    php71-bcmath-7.1.17-1.32.amzn1.i686
    php71-7.1.17-1.32.amzn1.i686
    php71-dbg-7.1.17-1.32.amzn1.i686
    php71-recode-7.1.17-1.32.amzn1.i686
    php71-snmp-7.1.17-1.32.amzn1.i686
    php71-pgsql-7.1.17-1.32.amzn1.i686
    php71-embedded-7.1.17-1.32.amzn1.i686
    php71-intl-7.1.17-1.32.amzn1.i686
    php71-imap-7.1.17-1.32.amzn1.i686
    php71-pspell-7.1.17-1.32.amzn1.i686
    php71-json-7.1.17-1.32.amzn1.i686
    php71-tidy-7.1.17-1.32.amzn1.i686
    php71-common-7.1.17-1.32.amzn1.i686
    php71-process-7.1.17-1.32.amzn1.i686
    php71-devel-7.1.17-1.32.amzn1.i686
    php71-odbc-7.1.17-1.32.amzn1.i686
    php71-soap-7.1.17-1.32.amzn1.i686
    php71-gd-7.1.17-1.32.amzn1.i686
    php71-mbstring-7.1.17-1.32.amzn1.i686
    php71-debuginfo-7.1.17-1.32.amzn1.i686
    php71-pdo-7.1.17-1.32.amzn1.i686
    php70-common-7.0.30-1.29.amzn1.i686
    php70-dbg-7.0.30-1.29.amzn1.i686
    php70-mysqlnd-7.0.30-1.29.amzn1.i686
    php70-recode-7.0.30-1.29.amzn1.i686
    php70-bcmath-7.0.30-1.29.amzn1.i686
    php70-mcrypt-7.0.30-1.29.amzn1.i686
    php70-enchant-7.0.30-1.29.amzn1.i686
    php70-xml-7.0.30-1.29.amzn1.i686
    php70-embedded-7.0.30-1.29.amzn1.i686
    php70-fpm-7.0.30-1.29.amzn1.i686
    php70-pspell-7.0.30-1.29.amzn1.i686
    php70-xmlrpc-7.0.30-1.29.amzn1.i686
    php70-pdo-7.0.30-1.29.amzn1.i686
    php70-gmp-7.0.30-1.29.amzn1.i686
    php70-dba-7.0.30-1.29.amzn1.i686
    php70-gd-7.0.30-1.29.amzn1.i686
    php70-7.0.30-1.29.amzn1.i686
    php70-zip-7.0.30-1.29.amzn1.i686
    php70-pdo-dblib-7.0.30-1.29.amzn1.i686
    php70-debuginfo-7.0.30-1.29.amzn1.i686
    php70-odbc-7.0.30-1.29.amzn1.i686
    php70-json-7.0.30-1.29.amzn1.i686
    php70-pgsql-7.0.30-1.29.amzn1.i686
    php70-snmp-7.0.30-1.29.amzn1.i686
    php70-intl-7.0.30-1.29.amzn1.i686
    php70-soap-7.0.30-1.29.amzn1.i686
    php70-ldap-7.0.30-1.29.amzn1.i686
    php70-imap-7.0.30-1.29.amzn1.i686
    php70-cli-7.0.30-1.29.amzn1.i686
    php70-process-7.0.30-1.29.amzn1.i686
    php70-tidy-7.0.30-1.29.amzn1.i686
    php70-mbstring-7.0.30-1.29.amzn1.i686
    php70-devel-7.0.30-1.29.amzn1.i686
    php70-opcache-7.0.30-1.29.amzn1.i686

src:
    php56-5.6.36-1.138.amzn1.src
    php71-7.1.17-1.32.amzn1.src
    php70-7.0.30-1.29.amzn1.src

x86_64:
    php56-opcache-5.6.36-1.138.amzn1.x86_64
    php56-embedded-5.6.36-1.138.amzn1.x86_64
    php56-dba-5.6.36-1.138.amzn1.x86_64
    php56-odbc-5.6.36-1.138.amzn1.x86_64
    php56-intl-5.6.36-1.138.amzn1.x86_64
    php56-tidy-5.6.36-1.138.amzn1.x86_64
    php56-mysqlnd-5.6.36-1.138.amzn1.x86_64
    php56-devel-5.6.36-1.138.amzn1.x86_64
    php56-gd-5.6.36-1.138.amzn1.x86_64
    php56-5.6.36-1.138.amzn1.x86_64
    php56-bcmath-5.6.36-1.138.amzn1.x86_64
    php56-fpm-5.6.36-1.138.amzn1.x86_64
    php56-soap-5.6.36-1.138.amzn1.x86_64
    php56-mbstring-5.6.36-1.138.amzn1.x86_64
    php56-pspell-5.6.36-1.138.amzn1.x86_64
    php56-recode-5.6.36-1.138.amzn1.x86_64
    php56-pdo-5.6.36-1.138.amzn1.x86_64
    php56-xml-5.6.36-1.138.amzn1.x86_64
    php56-common-5.6.36-1.138.amzn1.x86_64
    php56-snmp-5.6.36-1.138.amzn1.x86_64
    php56-imap-5.6.36-1.138.amzn1.x86_64
    php56-cli-5.6.36-1.138.amzn1.x86_64
    php56-dbg-5.6.36-1.138.amzn1.x86_64
    php56-ldap-5.6.36-1.138.amzn1.x86_64
    php56-pgsql-5.6.36-1.138.amzn1.x86_64
    php56-debuginfo-5.6.36-1.138.amzn1.x86_64
    php56-xmlrpc-5.6.36-1.138.amzn1.x86_64
    php56-mcrypt-5.6.36-1.138.amzn1.x86_64
    php56-enchant-5.6.36-1.138.amzn1.x86_64
    php56-mssql-5.6.36-1.138.amzn1.x86_64
    php56-gmp-5.6.36-1.138.amzn1.x86_64
    php56-process-5.6.36-1.138.amzn1.x86_64
    php71-soap-7.1.17-1.32.amzn1.x86_64
    php71-debuginfo-7.1.17-1.32.amzn1.x86_64
    php71-json-7.1.17-1.32.amzn1.x86_64
    php71-7.1.17-1.32.amzn1.x86_64
    php71-opcache-7.1.17-1.32.amzn1.x86_64
    php71-mysqlnd-7.1.17-1.32.amzn1.x86_64
    php71-pgsql-7.1.17-1.32.amzn1.x86_64
    php71-pdo-dblib-7.1.17-1.32.amzn1.x86_64
    php71-gd-7.1.17-1.32.amzn1.x86_64
    php71-dba-7.1.17-1.32.amzn1.x86_64
    php71-embedded-7.1.17-1.32.amzn1.x86_64
    php71-gmp-7.1.17-1.32.amzn1.x86_64
    php71-intl-7.1.17-1.32.amzn1.x86_64
    php71-recode-7.1.17-1.32.amzn1.x86_64
    php71-imap-7.1.17-1.32.amzn1.x86_64
    php71-dbg-7.1.17-1.32.amzn1.x86_64
    php71-pdo-7.1.17-1.32.amzn1.x86_64
    php71-fpm-7.1.17-1.32.amzn1.x86_64
    php71-pspell-7.1.17-1.32.amzn1.x86_64
    php71-mbstring-7.1.17-1.32.amzn1.x86_64
    php71-common-7.1.17-1.32.amzn1.x86_64
    php71-devel-7.1.17-1.32.amzn1.x86_64
    php71-xmlrpc-7.1.17-1.32.amzn1.x86_64
    php71-mcrypt-7.1.17-1.32.amzn1.x86_64
    php71-bcmath-7.1.17-1.32.amzn1.x86_64
    php71-enchant-7.1.17-1.32.amzn1.x86_64
    php71-xml-7.1.17-1.32.amzn1.x86_64
    php71-process-7.1.17-1.32.amzn1.x86_64
    php71-cli-7.1.17-1.32.amzn1.x86_64
    php71-snmp-7.1.17-1.32.amzn1.x86_64
    php71-odbc-7.1.17-1.32.amzn1.x86_64
    php71-tidy-7.1.17-1.32.amzn1.x86_64
    php71-ldap-7.1.17-1.32.amzn1.x86_64
    php70-gmp-7.0.30-1.29.amzn1.x86_64
    php70-debuginfo-7.0.30-1.29.amzn1.x86_64
    php70-mysqlnd-7.0.30-1.29.amzn1.x86_64
    php70-pspell-7.0.30-1.29.amzn1.x86_64
    php70-7.0.30-1.29.amzn1.x86_64
    php70-soap-7.0.30-1.29.amzn1.x86_64
    php70-common-7.0.30-1.29.amzn1.x86_64
    php70-imap-7.0.30-1.29.amzn1.x86_64
    php70-recode-7.0.30-1.29.amzn1.x86_64
    php70-enchant-7.0.30-1.29.amzn1.x86_64
    php70-tidy-7.0.30-1.29.amzn1.x86_64
    php70-xml-7.0.30-1.29.amzn1.x86_64
    php70-zip-7.0.30-1.29.amzn1.x86_64
    php70-process-7.0.30-1.29.amzn1.x86_64
    php70-mcrypt-7.0.30-1.29.amzn1.x86_64
    php70-cli-7.0.30-1.29.amzn1.x86_64
    php70-json-7.0.30-1.29.amzn1.x86_64
    php70-ldap-7.0.30-1.29.amzn1.x86_64
    php70-dbg-7.0.30-1.29.amzn1.x86_64
    php70-intl-7.0.30-1.29.amzn1.x86_64
    php70-snmp-7.0.30-1.29.amzn1.x86_64
    php70-fpm-7.0.30-1.29.amzn1.x86_64
    php70-gd-7.0.30-1.29.amzn1.x86_64
    php70-pgsql-7.0.30-1.29.amzn1.x86_64
    php70-opcache-7.0.30-1.29.amzn1.x86_64
    php70-odbc-7.0.30-1.29.amzn1.x86_64
    php70-embedded-7.0.30-1.29.amzn1.x86_64
    php70-pdo-7.0.30-1.29.amzn1.x86_64
    php70-dba-7.0.30-1.29.amzn1.x86_64
    php70-xmlrpc-7.0.30-1.29.amzn1.x86_64
    php70-pdo-dblib-7.0.30-1.29.amzn1.x86_64
    php70-devel-7.0.30-1.29.amzn1.x86_64
    php70-bcmath-7.0.30-1.29.amzn1.x86_64
    php70-mbstring-7.0.30-1.29.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

External links

http://alas.aws.amazon.com/ALAS-2018-1019.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Infinite loop

EUVDB-ID: #VU12257

Risk: Low

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2018-10546

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to infinite loop. A remote attacker can use a stream filter with convert.iconv and not enough input bytes, trigger an infinite loop, one CPU Core at 100% and cause the service to crash.

Mitigation

Update the affected packages.

i686:
    php56-enchant-5.6.36-1.138.amzn1.i686
    php56-tidy-5.6.36-1.138.amzn1.i686
    php56-fpm-5.6.36-1.138.amzn1.i686
    php56-mbstring-5.6.36-1.138.amzn1.i686
    php56-xmlrpc-5.6.36-1.138.amzn1.i686
    php56-imap-5.6.36-1.138.amzn1.i686
    php56-snmp-5.6.36-1.138.amzn1.i686
    php56-opcache-5.6.36-1.138.amzn1.i686
    php56-intl-5.6.36-1.138.amzn1.i686
    php56-xml-5.6.36-1.138.amzn1.i686
    php56-gd-5.6.36-1.138.amzn1.i686
    php56-debuginfo-5.6.36-1.138.amzn1.i686
    php56-dbg-5.6.36-1.138.amzn1.i686
    php56-recode-5.6.36-1.138.amzn1.i686
    php56-mysqlnd-5.6.36-1.138.amzn1.i686
    php56-embedded-5.6.36-1.138.amzn1.i686
    php56-bcmath-5.6.36-1.138.amzn1.i686
    php56-dba-5.6.36-1.138.amzn1.i686
    php56-cli-5.6.36-1.138.amzn1.i686
    php56-gmp-5.6.36-1.138.amzn1.i686
    php56-pdo-5.6.36-1.138.amzn1.i686
    php56-mssql-5.6.36-1.138.amzn1.i686
    php56-pgsql-5.6.36-1.138.amzn1.i686
    php56-ldap-5.6.36-1.138.amzn1.i686
    php56-soap-5.6.36-1.138.amzn1.i686
    php56-mcrypt-5.6.36-1.138.amzn1.i686
    php56-process-5.6.36-1.138.amzn1.i686
    php56-common-5.6.36-1.138.amzn1.i686
    php56-pspell-5.6.36-1.138.amzn1.i686
    php56-5.6.36-1.138.amzn1.i686
    php56-odbc-5.6.36-1.138.amzn1.i686
    php56-devel-5.6.36-1.138.amzn1.i686
    php71-dba-7.1.17-1.32.amzn1.i686
    php71-gmp-7.1.17-1.32.amzn1.i686
    php71-ldap-7.1.17-1.32.amzn1.i686
    php71-xmlrpc-7.1.17-1.32.amzn1.i686
    php71-opcache-7.1.17-1.32.amzn1.i686
    php71-pdo-dblib-7.1.17-1.32.amzn1.i686
    php71-mysqlnd-7.1.17-1.32.amzn1.i686
    php71-cli-7.1.17-1.32.amzn1.i686
    php71-xml-7.1.17-1.32.amzn1.i686
    php71-fpm-7.1.17-1.32.amzn1.i686
    php71-enchant-7.1.17-1.32.amzn1.i686
    php71-mcrypt-7.1.17-1.32.amzn1.i686
    php71-bcmath-7.1.17-1.32.amzn1.i686
    php71-7.1.17-1.32.amzn1.i686
    php71-dbg-7.1.17-1.32.amzn1.i686
    php71-recode-7.1.17-1.32.amzn1.i686
    php71-snmp-7.1.17-1.32.amzn1.i686
    php71-pgsql-7.1.17-1.32.amzn1.i686
    php71-embedded-7.1.17-1.32.amzn1.i686
    php71-intl-7.1.17-1.32.amzn1.i686
    php71-imap-7.1.17-1.32.amzn1.i686
    php71-pspell-7.1.17-1.32.amzn1.i686
    php71-json-7.1.17-1.32.amzn1.i686
    php71-tidy-7.1.17-1.32.amzn1.i686
    php71-common-7.1.17-1.32.amzn1.i686
    php71-process-7.1.17-1.32.amzn1.i686
    php71-devel-7.1.17-1.32.amzn1.i686
    php71-odbc-7.1.17-1.32.amzn1.i686
    php71-soap-7.1.17-1.32.amzn1.i686
    php71-gd-7.1.17-1.32.amzn1.i686
    php71-mbstring-7.1.17-1.32.amzn1.i686
    php71-debuginfo-7.1.17-1.32.amzn1.i686
    php71-pdo-7.1.17-1.32.amzn1.i686
    php70-common-7.0.30-1.29.amzn1.i686
    php70-dbg-7.0.30-1.29.amzn1.i686
    php70-mysqlnd-7.0.30-1.29.amzn1.i686
    php70-recode-7.0.30-1.29.amzn1.i686
    php70-bcmath-7.0.30-1.29.amzn1.i686
    php70-mcrypt-7.0.30-1.29.amzn1.i686
    php70-enchant-7.0.30-1.29.amzn1.i686
    php70-xml-7.0.30-1.29.amzn1.i686
    php70-embedded-7.0.30-1.29.amzn1.i686
    php70-fpm-7.0.30-1.29.amzn1.i686
    php70-pspell-7.0.30-1.29.amzn1.i686
    php70-xmlrpc-7.0.30-1.29.amzn1.i686
    php70-pdo-7.0.30-1.29.amzn1.i686
    php70-gmp-7.0.30-1.29.amzn1.i686
    php70-dba-7.0.30-1.29.amzn1.i686
    php70-gd-7.0.30-1.29.amzn1.i686
    php70-7.0.30-1.29.amzn1.i686
    php70-zip-7.0.30-1.29.amzn1.i686
    php70-pdo-dblib-7.0.30-1.29.amzn1.i686
    php70-debuginfo-7.0.30-1.29.amzn1.i686
    php70-odbc-7.0.30-1.29.amzn1.i686
    php70-json-7.0.30-1.29.amzn1.i686
    php70-pgsql-7.0.30-1.29.amzn1.i686
    php70-snmp-7.0.30-1.29.amzn1.i686
    php70-intl-7.0.30-1.29.amzn1.i686
    php70-soap-7.0.30-1.29.amzn1.i686
    php70-ldap-7.0.30-1.29.amzn1.i686
    php70-imap-7.0.30-1.29.amzn1.i686
    php70-cli-7.0.30-1.29.amzn1.i686
    php70-process-7.0.30-1.29.amzn1.i686
    php70-tidy-7.0.30-1.29.amzn1.i686
    php70-mbstring-7.0.30-1.29.amzn1.i686
    php70-devel-7.0.30-1.29.amzn1.i686
    php70-opcache-7.0.30-1.29.amzn1.i686

src:
    php56-5.6.36-1.138.amzn1.src
    php71-7.1.17-1.32.amzn1.src
    php70-7.0.30-1.29.amzn1.src

x86_64:
    php56-opcache-5.6.36-1.138.amzn1.x86_64
    php56-embedded-5.6.36-1.138.amzn1.x86_64
    php56-dba-5.6.36-1.138.amzn1.x86_64
    php56-odbc-5.6.36-1.138.amzn1.x86_64
    php56-intl-5.6.36-1.138.amzn1.x86_64
    php56-tidy-5.6.36-1.138.amzn1.x86_64
    php56-mysqlnd-5.6.36-1.138.amzn1.x86_64
    php56-devel-5.6.36-1.138.amzn1.x86_64
    php56-gd-5.6.36-1.138.amzn1.x86_64
    php56-5.6.36-1.138.amzn1.x86_64
    php56-bcmath-5.6.36-1.138.amzn1.x86_64
    php56-fpm-5.6.36-1.138.amzn1.x86_64
    php56-soap-5.6.36-1.138.amzn1.x86_64
    php56-mbstring-5.6.36-1.138.amzn1.x86_64
    php56-pspell-5.6.36-1.138.amzn1.x86_64
    php56-recode-5.6.36-1.138.amzn1.x86_64
    php56-pdo-5.6.36-1.138.amzn1.x86_64
    php56-xml-5.6.36-1.138.amzn1.x86_64
    php56-common-5.6.36-1.138.amzn1.x86_64
    php56-snmp-5.6.36-1.138.amzn1.x86_64
    php56-imap-5.6.36-1.138.amzn1.x86_64
    php56-cli-5.6.36-1.138.amzn1.x86_64
    php56-dbg-5.6.36-1.138.amzn1.x86_64
    php56-ldap-5.6.36-1.138.amzn1.x86_64
    php56-pgsql-5.6.36-1.138.amzn1.x86_64
    php56-debuginfo-5.6.36-1.138.amzn1.x86_64
    php56-xmlrpc-5.6.36-1.138.amzn1.x86_64
    php56-mcrypt-5.6.36-1.138.amzn1.x86_64
    php56-enchant-5.6.36-1.138.amzn1.x86_64
    php56-mssql-5.6.36-1.138.amzn1.x86_64
    php56-gmp-5.6.36-1.138.amzn1.x86_64
    php56-process-5.6.36-1.138.amzn1.x86_64
    php71-soap-7.1.17-1.32.amzn1.x86_64
    php71-debuginfo-7.1.17-1.32.amzn1.x86_64
    php71-json-7.1.17-1.32.amzn1.x86_64
    php71-7.1.17-1.32.amzn1.x86_64
    php71-opcache-7.1.17-1.32.amzn1.x86_64
    php71-mysqlnd-7.1.17-1.32.amzn1.x86_64
    php71-pgsql-7.1.17-1.32.amzn1.x86_64
    php71-pdo-dblib-7.1.17-1.32.amzn1.x86_64
    php71-gd-7.1.17-1.32.amzn1.x86_64
    php71-dba-7.1.17-1.32.amzn1.x86_64
    php71-embedded-7.1.17-1.32.amzn1.x86_64
    php71-gmp-7.1.17-1.32.amzn1.x86_64
    php71-intl-7.1.17-1.32.amzn1.x86_64
    php71-recode-7.1.17-1.32.amzn1.x86_64
    php71-imap-7.1.17-1.32.amzn1.x86_64
    php71-dbg-7.1.17-1.32.amzn1.x86_64
    php71-pdo-7.1.17-1.32.amzn1.x86_64
    php71-fpm-7.1.17-1.32.amzn1.x86_64
    php71-pspell-7.1.17-1.32.amzn1.x86_64
    php71-mbstring-7.1.17-1.32.amzn1.x86_64
    php71-common-7.1.17-1.32.amzn1.x86_64
    php71-devel-7.1.17-1.32.amzn1.x86_64
    php71-xmlrpc-7.1.17-1.32.amzn1.x86_64
    php71-mcrypt-7.1.17-1.32.amzn1.x86_64
    php71-bcmath-7.1.17-1.32.amzn1.x86_64
    php71-enchant-7.1.17-1.32.amzn1.x86_64
    php71-xml-7.1.17-1.32.amzn1.x86_64
    php71-process-7.1.17-1.32.amzn1.x86_64
    php71-cli-7.1.17-1.32.amzn1.x86_64
    php71-snmp-7.1.17-1.32.amzn1.x86_64
    php71-odbc-7.1.17-1.32.amzn1.x86_64
    php71-tidy-7.1.17-1.32.amzn1.x86_64
    php71-ldap-7.1.17-1.32.amzn1.x86_64
    php70-gmp-7.0.30-1.29.amzn1.x86_64
    php70-debuginfo-7.0.30-1.29.amzn1.x86_64
    php70-mysqlnd-7.0.30-1.29.amzn1.x86_64
    php70-pspell-7.0.30-1.29.amzn1.x86_64
    php70-7.0.30-1.29.amzn1.x86_64
    php70-soap-7.0.30-1.29.amzn1.x86_64
    php70-common-7.0.30-1.29.amzn1.x86_64
    php70-imap-7.0.30-1.29.amzn1.x86_64
    php70-recode-7.0.30-1.29.amzn1.x86_64
    php70-enchant-7.0.30-1.29.amzn1.x86_64
    php70-tidy-7.0.30-1.29.amzn1.x86_64
    php70-xml-7.0.30-1.29.amzn1.x86_64
    php70-zip-7.0.30-1.29.amzn1.x86_64
    php70-process-7.0.30-1.29.amzn1.x86_64
    php70-mcrypt-7.0.30-1.29.amzn1.x86_64
    php70-cli-7.0.30-1.29.amzn1.x86_64
    php70-json-7.0.30-1.29.amzn1.x86_64
    php70-ldap-7.0.30-1.29.amzn1.x86_64
    php70-dbg-7.0.30-1.29.amzn1.x86_64
    php70-intl-7.0.30-1.29.amzn1.x86_64
    php70-snmp-7.0.30-1.29.amzn1.x86_64
    php70-fpm-7.0.30-1.29.amzn1.x86_64
    php70-gd-7.0.30-1.29.amzn1.x86_64
    php70-pgsql-7.0.30-1.29.amzn1.x86_64
    php70-opcache-7.0.30-1.29.amzn1.x86_64
    php70-odbc-7.0.30-1.29.amzn1.x86_64
    php70-embedded-7.0.30-1.29.amzn1.x86_64
    php70-pdo-7.0.30-1.29.amzn1.x86_64
    php70-dba-7.0.30-1.29.amzn1.x86_64
    php70-xmlrpc-7.0.30-1.29.amzn1.x86_64
    php70-pdo-dblib-7.0.30-1.29.amzn1.x86_64
    php70-devel-7.0.30-1.29.amzn1.x86_64
    php70-bcmath-7.0.30-1.29.amzn1.x86_64
    php70-mbstring-7.0.30-1.29.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

External links

http://alas.aws.amazon.com/ALAS-2018-1019.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

3) Memory corruption

EUVDB-ID: #VU12258

Risk: Low

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2018-10549

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in exif_read_data() function due to an out-of-bounds read while processing crafted JPEG data. A remote attacker can supply a specially image file, trigger heap-based buffer overflow in exif_iif_add_value and cause the service to crash.

Mitigation

Update the affected packages.

i686:
    php56-enchant-5.6.36-1.138.amzn1.i686
    php56-tidy-5.6.36-1.138.amzn1.i686
    php56-fpm-5.6.36-1.138.amzn1.i686
    php56-mbstring-5.6.36-1.138.amzn1.i686
    php56-xmlrpc-5.6.36-1.138.amzn1.i686
    php56-imap-5.6.36-1.138.amzn1.i686
    php56-snmp-5.6.36-1.138.amzn1.i686
    php56-opcache-5.6.36-1.138.amzn1.i686
    php56-intl-5.6.36-1.138.amzn1.i686
    php56-xml-5.6.36-1.138.amzn1.i686
    php56-gd-5.6.36-1.138.amzn1.i686
    php56-debuginfo-5.6.36-1.138.amzn1.i686
    php56-dbg-5.6.36-1.138.amzn1.i686
    php56-recode-5.6.36-1.138.amzn1.i686
    php56-mysqlnd-5.6.36-1.138.amzn1.i686
    php56-embedded-5.6.36-1.138.amzn1.i686
    php56-bcmath-5.6.36-1.138.amzn1.i686
    php56-dba-5.6.36-1.138.amzn1.i686
    php56-cli-5.6.36-1.138.amzn1.i686
    php56-gmp-5.6.36-1.138.amzn1.i686
    php56-pdo-5.6.36-1.138.amzn1.i686
    php56-mssql-5.6.36-1.138.amzn1.i686
    php56-pgsql-5.6.36-1.138.amzn1.i686
    php56-ldap-5.6.36-1.138.amzn1.i686
    php56-soap-5.6.36-1.138.amzn1.i686
    php56-mcrypt-5.6.36-1.138.amzn1.i686
    php56-process-5.6.36-1.138.amzn1.i686
    php56-common-5.6.36-1.138.amzn1.i686
    php56-pspell-5.6.36-1.138.amzn1.i686
    php56-5.6.36-1.138.amzn1.i686
    php56-odbc-5.6.36-1.138.amzn1.i686
    php56-devel-5.6.36-1.138.amzn1.i686
    php71-dba-7.1.17-1.32.amzn1.i686
    php71-gmp-7.1.17-1.32.amzn1.i686
    php71-ldap-7.1.17-1.32.amzn1.i686
    php71-xmlrpc-7.1.17-1.32.amzn1.i686
    php71-opcache-7.1.17-1.32.amzn1.i686
    php71-pdo-dblib-7.1.17-1.32.amzn1.i686
    php71-mysqlnd-7.1.17-1.32.amzn1.i686
    php71-cli-7.1.17-1.32.amzn1.i686
    php71-xml-7.1.17-1.32.amzn1.i686
    php71-fpm-7.1.17-1.32.amzn1.i686
    php71-enchant-7.1.17-1.32.amzn1.i686
    php71-mcrypt-7.1.17-1.32.amzn1.i686
    php71-bcmath-7.1.17-1.32.amzn1.i686
    php71-7.1.17-1.32.amzn1.i686
    php71-dbg-7.1.17-1.32.amzn1.i686
    php71-recode-7.1.17-1.32.amzn1.i686
    php71-snmp-7.1.17-1.32.amzn1.i686
    php71-pgsql-7.1.17-1.32.amzn1.i686
    php71-embedded-7.1.17-1.32.amzn1.i686
    php71-intl-7.1.17-1.32.amzn1.i686
    php71-imap-7.1.17-1.32.amzn1.i686
    php71-pspell-7.1.17-1.32.amzn1.i686
    php71-json-7.1.17-1.32.amzn1.i686
    php71-tidy-7.1.17-1.32.amzn1.i686
    php71-common-7.1.17-1.32.amzn1.i686
    php71-process-7.1.17-1.32.amzn1.i686
    php71-devel-7.1.17-1.32.amzn1.i686
    php71-odbc-7.1.17-1.32.amzn1.i686
    php71-soap-7.1.17-1.32.amzn1.i686
    php71-gd-7.1.17-1.32.amzn1.i686
    php71-mbstring-7.1.17-1.32.amzn1.i686
    php71-debuginfo-7.1.17-1.32.amzn1.i686
    php71-pdo-7.1.17-1.32.amzn1.i686
    php70-common-7.0.30-1.29.amzn1.i686
    php70-dbg-7.0.30-1.29.amzn1.i686
    php70-mysqlnd-7.0.30-1.29.amzn1.i686
    php70-recode-7.0.30-1.29.amzn1.i686
    php70-bcmath-7.0.30-1.29.amzn1.i686
    php70-mcrypt-7.0.30-1.29.amzn1.i686
    php70-enchant-7.0.30-1.29.amzn1.i686
    php70-xml-7.0.30-1.29.amzn1.i686
    php70-embedded-7.0.30-1.29.amzn1.i686
    php70-fpm-7.0.30-1.29.amzn1.i686
    php70-pspell-7.0.30-1.29.amzn1.i686
    php70-xmlrpc-7.0.30-1.29.amzn1.i686
    php70-pdo-7.0.30-1.29.amzn1.i686
    php70-gmp-7.0.30-1.29.amzn1.i686
    php70-dba-7.0.30-1.29.amzn1.i686
    php70-gd-7.0.30-1.29.amzn1.i686
    php70-7.0.30-1.29.amzn1.i686
    php70-zip-7.0.30-1.29.amzn1.i686
    php70-pdo-dblib-7.0.30-1.29.amzn1.i686
    php70-debuginfo-7.0.30-1.29.amzn1.i686
    php70-odbc-7.0.30-1.29.amzn1.i686
    php70-json-7.0.30-1.29.amzn1.i686
    php70-pgsql-7.0.30-1.29.amzn1.i686
    php70-snmp-7.0.30-1.29.amzn1.i686
    php70-intl-7.0.30-1.29.amzn1.i686
    php70-soap-7.0.30-1.29.amzn1.i686
    php70-ldap-7.0.30-1.29.amzn1.i686
    php70-imap-7.0.30-1.29.amzn1.i686
    php70-cli-7.0.30-1.29.amzn1.i686
    php70-process-7.0.30-1.29.amzn1.i686
    php70-tidy-7.0.30-1.29.amzn1.i686
    php70-mbstring-7.0.30-1.29.amzn1.i686
    php70-devel-7.0.30-1.29.amzn1.i686
    php70-opcache-7.0.30-1.29.amzn1.i686

src:
    php56-5.6.36-1.138.amzn1.src
    php71-7.1.17-1.32.amzn1.src
    php70-7.0.30-1.29.amzn1.src

x86_64:
    php56-opcache-5.6.36-1.138.amzn1.x86_64
    php56-embedded-5.6.36-1.138.amzn1.x86_64
    php56-dba-5.6.36-1.138.amzn1.x86_64
    php56-odbc-5.6.36-1.138.amzn1.x86_64
    php56-intl-5.6.36-1.138.amzn1.x86_64
    php56-tidy-5.6.36-1.138.amzn1.x86_64
    php56-mysqlnd-5.6.36-1.138.amzn1.x86_64
    php56-devel-5.6.36-1.138.amzn1.x86_64
    php56-gd-5.6.36-1.138.amzn1.x86_64
    php56-5.6.36-1.138.amzn1.x86_64
    php56-bcmath-5.6.36-1.138.amzn1.x86_64
    php56-fpm-5.6.36-1.138.amzn1.x86_64
    php56-soap-5.6.36-1.138.amzn1.x86_64
    php56-mbstring-5.6.36-1.138.amzn1.x86_64
    php56-pspell-5.6.36-1.138.amzn1.x86_64
    php56-recode-5.6.36-1.138.amzn1.x86_64
    php56-pdo-5.6.36-1.138.amzn1.x86_64
    php56-xml-5.6.36-1.138.amzn1.x86_64
    php56-common-5.6.36-1.138.amzn1.x86_64
    php56-snmp-5.6.36-1.138.amzn1.x86_64
    php56-imap-5.6.36-1.138.amzn1.x86_64
    php56-cli-5.6.36-1.138.amzn1.x86_64
    php56-dbg-5.6.36-1.138.amzn1.x86_64
    php56-ldap-5.6.36-1.138.amzn1.x86_64
    php56-pgsql-5.6.36-1.138.amzn1.x86_64
    php56-debuginfo-5.6.36-1.138.amzn1.x86_64
    php56-xmlrpc-5.6.36-1.138.amzn1.x86_64
    php56-mcrypt-5.6.36-1.138.amzn1.x86_64
    php56-enchant-5.6.36-1.138.amzn1.x86_64
    php56-mssql-5.6.36-1.138.amzn1.x86_64
    php56-gmp-5.6.36-1.138.amzn1.x86_64
    php56-process-5.6.36-1.138.amzn1.x86_64
    php71-soap-7.1.17-1.32.amzn1.x86_64
    php71-debuginfo-7.1.17-1.32.amzn1.x86_64
    php71-json-7.1.17-1.32.amzn1.x86_64
    php71-7.1.17-1.32.amzn1.x86_64
    php71-opcache-7.1.17-1.32.amzn1.x86_64
    php71-mysqlnd-7.1.17-1.32.amzn1.x86_64
    php71-pgsql-7.1.17-1.32.amzn1.x86_64
    php71-pdo-dblib-7.1.17-1.32.amzn1.x86_64
    php71-gd-7.1.17-1.32.amzn1.x86_64
    php71-dba-7.1.17-1.32.amzn1.x86_64
    php71-embedded-7.1.17-1.32.amzn1.x86_64
    php71-gmp-7.1.17-1.32.amzn1.x86_64
    php71-intl-7.1.17-1.32.amzn1.x86_64
    php71-recode-7.1.17-1.32.amzn1.x86_64
    php71-imap-7.1.17-1.32.amzn1.x86_64
    php71-dbg-7.1.17-1.32.amzn1.x86_64
    php71-pdo-7.1.17-1.32.amzn1.x86_64
    php71-fpm-7.1.17-1.32.amzn1.x86_64
    php71-pspell-7.1.17-1.32.amzn1.x86_64
    php71-mbstring-7.1.17-1.32.amzn1.x86_64
    php71-common-7.1.17-1.32.amzn1.x86_64
    php71-devel-7.1.17-1.32.amzn1.x86_64
    php71-xmlrpc-7.1.17-1.32.amzn1.x86_64
    php71-mcrypt-7.1.17-1.32.amzn1.x86_64
    php71-bcmath-7.1.17-1.32.amzn1.x86_64
    php71-enchant-7.1.17-1.32.amzn1.x86_64
    php71-xml-7.1.17-1.32.amzn1.x86_64
    php71-process-7.1.17-1.32.amzn1.x86_64
    php71-cli-7.1.17-1.32.amzn1.x86_64
    php71-snmp-7.1.17-1.32.amzn1.x86_64
    php71-odbc-7.1.17-1.32.amzn1.x86_64
    php71-tidy-7.1.17-1.32.amzn1.x86_64
    php71-ldap-7.1.17-1.32.amzn1.x86_64
    php70-gmp-7.0.30-1.29.amzn1.x86_64
    php70-debuginfo-7.0.30-1.29.amzn1.x86_64
    php70-mysqlnd-7.0.30-1.29.amzn1.x86_64
    php70-pspell-7.0.30-1.29.amzn1.x86_64
    php70-7.0.30-1.29.amzn1.x86_64
    php70-soap-7.0.30-1.29.amzn1.x86_64
    php70-common-7.0.30-1.29.amzn1.x86_64
    php70-imap-7.0.30-1.29.amzn1.x86_64
    php70-recode-7.0.30-1.29.amzn1.x86_64
    php70-enchant-7.0.30-1.29.amzn1.x86_64
    php70-tidy-7.0.30-1.29.amzn1.x86_64
    php70-xml-7.0.30-1.29.amzn1.x86_64
    php70-zip-7.0.30-1.29.amzn1.x86_64
    php70-process-7.0.30-1.29.amzn1.x86_64
    php70-mcrypt-7.0.30-1.29.amzn1.x86_64
    php70-cli-7.0.30-1.29.amzn1.x86_64
    php70-json-7.0.30-1.29.amzn1.x86_64
    php70-ldap-7.0.30-1.29.amzn1.x86_64
    php70-dbg-7.0.30-1.29.amzn1.x86_64
    php70-intl-7.0.30-1.29.amzn1.x86_64
    php70-snmp-7.0.30-1.29.amzn1.x86_64
    php70-fpm-7.0.30-1.29.amzn1.x86_64
    php70-gd-7.0.30-1.29.amzn1.x86_64
    php70-pgsql-7.0.30-1.29.amzn1.x86_64
    php70-opcache-7.0.30-1.29.amzn1.x86_64
    php70-odbc-7.0.30-1.29.amzn1.x86_64
    php70-embedded-7.0.30-1.29.amzn1.x86_64
    php70-pdo-7.0.30-1.29.amzn1.x86_64
    php70-dba-7.0.30-1.29.amzn1.x86_64
    php70-xmlrpc-7.0.30-1.29.amzn1.x86_64
    php70-pdo-dblib-7.0.30-1.29.amzn1.x86_64
    php70-devel-7.0.30-1.29.amzn1.x86_64
    php70-bcmath-7.0.30-1.29.amzn1.x86_64
    php70-mbstring-7.0.30-1.29.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

External links

http://alas.aws.amazon.com/ALAS-2018-1019.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

4) Man-in-the-middle attack

EUVDB-ID: #VU12256

Risk: Low

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-10548

CWE-ID: CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the ext/ldap/ldap.c source code file due to improper handling of return values from the ldap_get_dn function. A remote attacker can use man-in-the middle techniques to trigger ldap_get_dn() to return a NULL pointer and cause ldap_get_entries() because add_assoc_string() to crash.

Mitigation

Update the affected packages.

i686:
    php56-enchant-5.6.36-1.138.amzn1.i686
    php56-tidy-5.6.36-1.138.amzn1.i686
    php56-fpm-5.6.36-1.138.amzn1.i686
    php56-mbstring-5.6.36-1.138.amzn1.i686
    php56-xmlrpc-5.6.36-1.138.amzn1.i686
    php56-imap-5.6.36-1.138.amzn1.i686
    php56-snmp-5.6.36-1.138.amzn1.i686
    php56-opcache-5.6.36-1.138.amzn1.i686
    php56-intl-5.6.36-1.138.amzn1.i686
    php56-xml-5.6.36-1.138.amzn1.i686
    php56-gd-5.6.36-1.138.amzn1.i686
    php56-debuginfo-5.6.36-1.138.amzn1.i686
    php56-dbg-5.6.36-1.138.amzn1.i686
    php56-recode-5.6.36-1.138.amzn1.i686
    php56-mysqlnd-5.6.36-1.138.amzn1.i686
    php56-embedded-5.6.36-1.138.amzn1.i686
    php56-bcmath-5.6.36-1.138.amzn1.i686
    php56-dba-5.6.36-1.138.amzn1.i686
    php56-cli-5.6.36-1.138.amzn1.i686
    php56-gmp-5.6.36-1.138.amzn1.i686
    php56-pdo-5.6.36-1.138.amzn1.i686
    php56-mssql-5.6.36-1.138.amzn1.i686
    php56-pgsql-5.6.36-1.138.amzn1.i686
    php56-ldap-5.6.36-1.138.amzn1.i686
    php56-soap-5.6.36-1.138.amzn1.i686
    php56-mcrypt-5.6.36-1.138.amzn1.i686
    php56-process-5.6.36-1.138.amzn1.i686
    php56-common-5.6.36-1.138.amzn1.i686
    php56-pspell-5.6.36-1.138.amzn1.i686
    php56-5.6.36-1.138.amzn1.i686
    php56-odbc-5.6.36-1.138.amzn1.i686
    php56-devel-5.6.36-1.138.amzn1.i686
    php71-dba-7.1.17-1.32.amzn1.i686
    php71-gmp-7.1.17-1.32.amzn1.i686
    php71-ldap-7.1.17-1.32.amzn1.i686
    php71-xmlrpc-7.1.17-1.32.amzn1.i686
    php71-opcache-7.1.17-1.32.amzn1.i686
    php71-pdo-dblib-7.1.17-1.32.amzn1.i686
    php71-mysqlnd-7.1.17-1.32.amzn1.i686
    php71-cli-7.1.17-1.32.amzn1.i686
    php71-xml-7.1.17-1.32.amzn1.i686
    php71-fpm-7.1.17-1.32.amzn1.i686
    php71-enchant-7.1.17-1.32.amzn1.i686
    php71-mcrypt-7.1.17-1.32.amzn1.i686
    php71-bcmath-7.1.17-1.32.amzn1.i686
    php71-7.1.17-1.32.amzn1.i686
    php71-dbg-7.1.17-1.32.amzn1.i686
    php71-recode-7.1.17-1.32.amzn1.i686
    php71-snmp-7.1.17-1.32.amzn1.i686
    php71-pgsql-7.1.17-1.32.amzn1.i686
    php71-embedded-7.1.17-1.32.amzn1.i686
    php71-intl-7.1.17-1.32.amzn1.i686
    php71-imap-7.1.17-1.32.amzn1.i686
    php71-pspell-7.1.17-1.32.amzn1.i686
    php71-json-7.1.17-1.32.amzn1.i686
    php71-tidy-7.1.17-1.32.amzn1.i686
    php71-common-7.1.17-1.32.amzn1.i686
    php71-process-7.1.17-1.32.amzn1.i686
    php71-devel-7.1.17-1.32.amzn1.i686
    php71-odbc-7.1.17-1.32.amzn1.i686
    php71-soap-7.1.17-1.32.amzn1.i686
    php71-gd-7.1.17-1.32.amzn1.i686
    php71-mbstring-7.1.17-1.32.amzn1.i686
    php71-debuginfo-7.1.17-1.32.amzn1.i686
    php71-pdo-7.1.17-1.32.amzn1.i686
    php70-common-7.0.30-1.29.amzn1.i686
    php70-dbg-7.0.30-1.29.amzn1.i686
    php70-mysqlnd-7.0.30-1.29.amzn1.i686
    php70-recode-7.0.30-1.29.amzn1.i686
    php70-bcmath-7.0.30-1.29.amzn1.i686
    php70-mcrypt-7.0.30-1.29.amzn1.i686
    php70-enchant-7.0.30-1.29.amzn1.i686
    php70-xml-7.0.30-1.29.amzn1.i686
    php70-embedded-7.0.30-1.29.amzn1.i686
    php70-fpm-7.0.30-1.29.amzn1.i686
    php70-pspell-7.0.30-1.29.amzn1.i686
    php70-xmlrpc-7.0.30-1.29.amzn1.i686
    php70-pdo-7.0.30-1.29.amzn1.i686
    php70-gmp-7.0.30-1.29.amzn1.i686
    php70-dba-7.0.30-1.29.amzn1.i686
    php70-gd-7.0.30-1.29.amzn1.i686
    php70-7.0.30-1.29.amzn1.i686
    php70-zip-7.0.30-1.29.amzn1.i686
    php70-pdo-dblib-7.0.30-1.29.amzn1.i686
    php70-debuginfo-7.0.30-1.29.amzn1.i686
    php70-odbc-7.0.30-1.29.amzn1.i686
    php70-json-7.0.30-1.29.amzn1.i686
    php70-pgsql-7.0.30-1.29.amzn1.i686
    php70-snmp-7.0.30-1.29.amzn1.i686
    php70-intl-7.0.30-1.29.amzn1.i686
    php70-soap-7.0.30-1.29.amzn1.i686
    php70-ldap-7.0.30-1.29.amzn1.i686
    php70-imap-7.0.30-1.29.amzn1.i686
    php70-cli-7.0.30-1.29.amzn1.i686
    php70-process-7.0.30-1.29.amzn1.i686
    php70-tidy-7.0.30-1.29.amzn1.i686
    php70-mbstring-7.0.30-1.29.amzn1.i686
    php70-devel-7.0.30-1.29.amzn1.i686
    php70-opcache-7.0.30-1.29.amzn1.i686

src:
    php56-5.6.36-1.138.amzn1.src
    php71-7.1.17-1.32.amzn1.src
    php70-7.0.30-1.29.amzn1.src

x86_64:
    php56-opcache-5.6.36-1.138.amzn1.x86_64
    php56-embedded-5.6.36-1.138.amzn1.x86_64
    php56-dba-5.6.36-1.138.amzn1.x86_64
    php56-odbc-5.6.36-1.138.amzn1.x86_64
    php56-intl-5.6.36-1.138.amzn1.x86_64
    php56-tidy-5.6.36-1.138.amzn1.x86_64
    php56-mysqlnd-5.6.36-1.138.amzn1.x86_64
    php56-devel-5.6.36-1.138.amzn1.x86_64
    php56-gd-5.6.36-1.138.amzn1.x86_64
    php56-5.6.36-1.138.amzn1.x86_64
    php56-bcmath-5.6.36-1.138.amzn1.x86_64
    php56-fpm-5.6.36-1.138.amzn1.x86_64
    php56-soap-5.6.36-1.138.amzn1.x86_64
    php56-mbstring-5.6.36-1.138.amzn1.x86_64
    php56-pspell-5.6.36-1.138.amzn1.x86_64
    php56-recode-5.6.36-1.138.amzn1.x86_64
    php56-pdo-5.6.36-1.138.amzn1.x86_64
    php56-xml-5.6.36-1.138.amzn1.x86_64
    php56-common-5.6.36-1.138.amzn1.x86_64
    php56-snmp-5.6.36-1.138.amzn1.x86_64
    php56-imap-5.6.36-1.138.amzn1.x86_64
    php56-cli-5.6.36-1.138.amzn1.x86_64
    php56-dbg-5.6.36-1.138.amzn1.x86_64
    php56-ldap-5.6.36-1.138.amzn1.x86_64
    php56-pgsql-5.6.36-1.138.amzn1.x86_64
    php56-debuginfo-5.6.36-1.138.amzn1.x86_64
    php56-xmlrpc-5.6.36-1.138.amzn1.x86_64
    php56-mcrypt-5.6.36-1.138.amzn1.x86_64
    php56-enchant-5.6.36-1.138.amzn1.x86_64
    php56-mssql-5.6.36-1.138.amzn1.x86_64
    php56-gmp-5.6.36-1.138.amzn1.x86_64
    php56-process-5.6.36-1.138.amzn1.x86_64
    php71-soap-7.1.17-1.32.amzn1.x86_64
    php71-debuginfo-7.1.17-1.32.amzn1.x86_64
    php71-json-7.1.17-1.32.amzn1.x86_64
    php71-7.1.17-1.32.amzn1.x86_64
    php71-opcache-7.1.17-1.32.amzn1.x86_64
    php71-mysqlnd-7.1.17-1.32.amzn1.x86_64
    php71-pgsql-7.1.17-1.32.amzn1.x86_64
    php71-pdo-dblib-7.1.17-1.32.amzn1.x86_64
    php71-gd-7.1.17-1.32.amzn1.x86_64
    php71-dba-7.1.17-1.32.amzn1.x86_64
    php71-embedded-7.1.17-1.32.amzn1.x86_64
    php71-gmp-7.1.17-1.32.amzn1.x86_64
    php71-intl-7.1.17-1.32.amzn1.x86_64
    php71-recode-7.1.17-1.32.amzn1.x86_64
    php71-imap-7.1.17-1.32.amzn1.x86_64
    php71-dbg-7.1.17-1.32.amzn1.x86_64
    php71-pdo-7.1.17-1.32.amzn1.x86_64
    php71-fpm-7.1.17-1.32.amzn1.x86_64
    php71-pspell-7.1.17-1.32.amzn1.x86_64
    php71-mbstring-7.1.17-1.32.amzn1.x86_64
    php71-common-7.1.17-1.32.amzn1.x86_64
    php71-devel-7.1.17-1.32.amzn1.x86_64
    php71-xmlrpc-7.1.17-1.32.amzn1.x86_64
    php71-mcrypt-7.1.17-1.32.amzn1.x86_64
    php71-bcmath-7.1.17-1.32.amzn1.x86_64
    php71-enchant-7.1.17-1.32.amzn1.x86_64
    php71-xml-7.1.17-1.32.amzn1.x86_64
    php71-process-7.1.17-1.32.amzn1.x86_64
    php71-cli-7.1.17-1.32.amzn1.x86_64
    php71-snmp-7.1.17-1.32.amzn1.x86_64
    php71-odbc-7.1.17-1.32.amzn1.x86_64
    php71-tidy-7.1.17-1.32.amzn1.x86_64
    php71-ldap-7.1.17-1.32.amzn1.x86_64
    php70-gmp-7.0.30-1.29.amzn1.x86_64
    php70-debuginfo-7.0.30-1.29.amzn1.x86_64
    php70-mysqlnd-7.0.30-1.29.amzn1.x86_64
    php70-pspell-7.0.30-1.29.amzn1.x86_64
    php70-7.0.30-1.29.amzn1.x86_64
    php70-soap-7.0.30-1.29.amzn1.x86_64
    php70-common-7.0.30-1.29.amzn1.x86_64
    php70-imap-7.0.30-1.29.amzn1.x86_64
    php70-recode-7.0.30-1.29.amzn1.x86_64
    php70-enchant-7.0.30-1.29.amzn1.x86_64
    php70-tidy-7.0.30-1.29.amzn1.x86_64
    php70-xml-7.0.30-1.29.amzn1.x86_64
    php70-zip-7.0.30-1.29.amzn1.x86_64
    php70-process-7.0.30-1.29.amzn1.x86_64
    php70-mcrypt-7.0.30-1.29.amzn1.x86_64
    php70-cli-7.0.30-1.29.amzn1.x86_64
    php70-json-7.0.30-1.29.amzn1.x86_64
    php70-ldap-7.0.30-1.29.amzn1.x86_64
    php70-dbg-7.0.30-1.29.amzn1.x86_64
    php70-intl-7.0.30-1.29.amzn1.x86_64
    php70-snmp-7.0.30-1.29.amzn1.x86_64
    php70-fpm-7.0.30-1.29.amzn1.x86_64
    php70-gd-7.0.30-1.29.amzn1.x86_64
    php70-pgsql-7.0.30-1.29.amzn1.x86_64
    php70-opcache-7.0.30-1.29.amzn1.x86_64
    php70-odbc-7.0.30-1.29.amzn1.x86_64
    php70-embedded-7.0.30-1.29.amzn1.x86_64
    php70-pdo-7.0.30-1.29.amzn1.x86_64
    php70-dba-7.0.30-1.29.amzn1.x86_64
    php70-xmlrpc-7.0.30-1.29.amzn1.x86_64
    php70-pdo-dblib-7.0.30-1.29.amzn1.x86_64
    php70-devel-7.0.30-1.29.amzn1.x86_64
    php70-bcmath-7.0.30-1.29.amzn1.x86_64
    php70-mbstring-7.0.30-1.29.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

External links

http://alas.aws.amazon.com/ALAS-2018-1019.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Reflected cross-site scripting

EUVDB-ID: #VU10389

Risk: Low

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-5712

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists on the PHAR 404 error page due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Update the affected packages.

i686:
    php56-enchant-5.6.36-1.138.amzn1.i686
    php56-tidy-5.6.36-1.138.amzn1.i686
    php56-fpm-5.6.36-1.138.amzn1.i686
    php56-mbstring-5.6.36-1.138.amzn1.i686
    php56-xmlrpc-5.6.36-1.138.amzn1.i686
    php56-imap-5.6.36-1.138.amzn1.i686
    php56-snmp-5.6.36-1.138.amzn1.i686
    php56-opcache-5.6.36-1.138.amzn1.i686
    php56-intl-5.6.36-1.138.amzn1.i686
    php56-xml-5.6.36-1.138.amzn1.i686
    php56-gd-5.6.36-1.138.amzn1.i686
    php56-debuginfo-5.6.36-1.138.amzn1.i686
    php56-dbg-5.6.36-1.138.amzn1.i686
    php56-recode-5.6.36-1.138.amzn1.i686
    php56-mysqlnd-5.6.36-1.138.amzn1.i686
    php56-embedded-5.6.36-1.138.amzn1.i686
    php56-bcmath-5.6.36-1.138.amzn1.i686
    php56-dba-5.6.36-1.138.amzn1.i686
    php56-cli-5.6.36-1.138.amzn1.i686
    php56-gmp-5.6.36-1.138.amzn1.i686
    php56-pdo-5.6.36-1.138.amzn1.i686
    php56-mssql-5.6.36-1.138.amzn1.i686
    php56-pgsql-5.6.36-1.138.amzn1.i686
    php56-ldap-5.6.36-1.138.amzn1.i686
    php56-soap-5.6.36-1.138.amzn1.i686
    php56-mcrypt-5.6.36-1.138.amzn1.i686
    php56-process-5.6.36-1.138.amzn1.i686
    php56-common-5.6.36-1.138.amzn1.i686
    php56-pspell-5.6.36-1.138.amzn1.i686
    php56-5.6.36-1.138.amzn1.i686
    php56-odbc-5.6.36-1.138.amzn1.i686
    php56-devel-5.6.36-1.138.amzn1.i686
    php71-dba-7.1.17-1.32.amzn1.i686
    php71-gmp-7.1.17-1.32.amzn1.i686
    php71-ldap-7.1.17-1.32.amzn1.i686
    php71-xmlrpc-7.1.17-1.32.amzn1.i686
    php71-opcache-7.1.17-1.32.amzn1.i686
    php71-pdo-dblib-7.1.17-1.32.amzn1.i686
    php71-mysqlnd-7.1.17-1.32.amzn1.i686
    php71-cli-7.1.17-1.32.amzn1.i686
    php71-xml-7.1.17-1.32.amzn1.i686
    php71-fpm-7.1.17-1.32.amzn1.i686
    php71-enchant-7.1.17-1.32.amzn1.i686
    php71-mcrypt-7.1.17-1.32.amzn1.i686
    php71-bcmath-7.1.17-1.32.amzn1.i686
    php71-7.1.17-1.32.amzn1.i686
    php71-dbg-7.1.17-1.32.amzn1.i686
    php71-recode-7.1.17-1.32.amzn1.i686
    php71-snmp-7.1.17-1.32.amzn1.i686
    php71-pgsql-7.1.17-1.32.amzn1.i686
    php71-embedded-7.1.17-1.32.amzn1.i686
    php71-intl-7.1.17-1.32.amzn1.i686
    php71-imap-7.1.17-1.32.amzn1.i686
    php71-pspell-7.1.17-1.32.amzn1.i686
    php71-json-7.1.17-1.32.amzn1.i686
    php71-tidy-7.1.17-1.32.amzn1.i686
    php71-common-7.1.17-1.32.amzn1.i686
    php71-process-7.1.17-1.32.amzn1.i686
    php71-devel-7.1.17-1.32.amzn1.i686
    php71-odbc-7.1.17-1.32.amzn1.i686
    php71-soap-7.1.17-1.32.amzn1.i686
    php71-gd-7.1.17-1.32.amzn1.i686
    php71-mbstring-7.1.17-1.32.amzn1.i686
    php71-debuginfo-7.1.17-1.32.amzn1.i686
    php71-pdo-7.1.17-1.32.amzn1.i686
    php70-common-7.0.30-1.29.amzn1.i686
    php70-dbg-7.0.30-1.29.amzn1.i686
    php70-mysqlnd-7.0.30-1.29.amzn1.i686
    php70-recode-7.0.30-1.29.amzn1.i686
    php70-bcmath-7.0.30-1.29.amzn1.i686
    php70-mcrypt-7.0.30-1.29.amzn1.i686
    php70-enchant-7.0.30-1.29.amzn1.i686
    php70-xml-7.0.30-1.29.amzn1.i686
    php70-embedded-7.0.30-1.29.amzn1.i686
    php70-fpm-7.0.30-1.29.amzn1.i686
    php70-pspell-7.0.30-1.29.amzn1.i686
    php70-xmlrpc-7.0.30-1.29.amzn1.i686
    php70-pdo-7.0.30-1.29.amzn1.i686
    php70-gmp-7.0.30-1.29.amzn1.i686
    php70-dba-7.0.30-1.29.amzn1.i686
    php70-gd-7.0.30-1.29.amzn1.i686
    php70-7.0.30-1.29.amzn1.i686
    php70-zip-7.0.30-1.29.amzn1.i686
    php70-pdo-dblib-7.0.30-1.29.amzn1.i686
    php70-debuginfo-7.0.30-1.29.amzn1.i686
    php70-odbc-7.0.30-1.29.amzn1.i686
    php70-json-7.0.30-1.29.amzn1.i686
    php70-pgsql-7.0.30-1.29.amzn1.i686
    php70-snmp-7.0.30-1.29.amzn1.i686
    php70-intl-7.0.30-1.29.amzn1.i686
    php70-soap-7.0.30-1.29.amzn1.i686
    php70-ldap-7.0.30-1.29.amzn1.i686
    php70-imap-7.0.30-1.29.amzn1.i686
    php70-cli-7.0.30-1.29.amzn1.i686
    php70-process-7.0.30-1.29.amzn1.i686
    php70-tidy-7.0.30-1.29.amzn1.i686
    php70-mbstring-7.0.30-1.29.amzn1.i686
    php70-devel-7.0.30-1.29.amzn1.i686
    php70-opcache-7.0.30-1.29.amzn1.i686

src:
    php56-5.6.36-1.138.amzn1.src
    php71-7.1.17-1.32.amzn1.src
    php70-7.0.30-1.29.amzn1.src

x86_64:
    php56-opcache-5.6.36-1.138.amzn1.x86_64
    php56-embedded-5.6.36-1.138.amzn1.x86_64
    php56-dba-5.6.36-1.138.amzn1.x86_64
    php56-odbc-5.6.36-1.138.amzn1.x86_64
    php56-intl-5.6.36-1.138.amzn1.x86_64
    php56-tidy-5.6.36-1.138.amzn1.x86_64
    php56-mysqlnd-5.6.36-1.138.amzn1.x86_64
    php56-devel-5.6.36-1.138.amzn1.x86_64
    php56-gd-5.6.36-1.138.amzn1.x86_64
    php56-5.6.36-1.138.amzn1.x86_64
    php56-bcmath-5.6.36-1.138.amzn1.x86_64
    php56-fpm-5.6.36-1.138.amzn1.x86_64
    php56-soap-5.6.36-1.138.amzn1.x86_64
    php56-mbstring-5.6.36-1.138.amzn1.x86_64
    php56-pspell-5.6.36-1.138.amzn1.x86_64
    php56-recode-5.6.36-1.138.amzn1.x86_64
    php56-pdo-5.6.36-1.138.amzn1.x86_64
    php56-xml-5.6.36-1.138.amzn1.x86_64
    php56-common-5.6.36-1.138.amzn1.x86_64
    php56-snmp-5.6.36-1.138.amzn1.x86_64
    php56-imap-5.6.36-1.138.amzn1.x86_64
    php56-cli-5.6.36-1.138.amzn1.x86_64
    php56-dbg-5.6.36-1.138.amzn1.x86_64
    php56-ldap-5.6.36-1.138.amzn1.x86_64
    php56-pgsql-5.6.36-1.138.amzn1.x86_64
    php56-debuginfo-5.6.36-1.138.amzn1.x86_64
    php56-xmlrpc-5.6.36-1.138.amzn1.x86_64
    php56-mcrypt-5.6.36-1.138.amzn1.x86_64
    php56-enchant-5.6.36-1.138.amzn1.x86_64
    php56-mssql-5.6.36-1.138.amzn1.x86_64
    php56-gmp-5.6.36-1.138.amzn1.x86_64
    php56-process-5.6.36-1.138.amzn1.x86_64
    php71-soap-7.1.17-1.32.amzn1.x86_64
    php71-debuginfo-7.1.17-1.32.amzn1.x86_64
    php71-json-7.1.17-1.32.amzn1.x86_64
    php71-7.1.17-1.32.amzn1.x86_64
    php71-opcache-7.1.17-1.32.amzn1.x86_64
    php71-mysqlnd-7.1.17-1.32.amzn1.x86_64
    php71-pgsql-7.1.17-1.32.amzn1.x86_64
    php71-pdo-dblib-7.1.17-1.32.amzn1.x86_64
    php71-gd-7.1.17-1.32.amzn1.x86_64
    php71-dba-7.1.17-1.32.amzn1.x86_64
    php71-embedded-7.1.17-1.32.amzn1.x86_64
    php71-gmp-7.1.17-1.32.amzn1.x86_64
    php71-intl-7.1.17-1.32.amzn1.x86_64
    php71-recode-7.1.17-1.32.amzn1.x86_64
    php71-imap-7.1.17-1.32.amzn1.x86_64
    php71-dbg-7.1.17-1.32.amzn1.x86_64
    php71-pdo-7.1.17-1.32.amzn1.x86_64
    php71-fpm-7.1.17-1.32.amzn1.x86_64
    php71-pspell-7.1.17-1.32.amzn1.x86_64
    php71-mbstring-7.1.17-1.32.amzn1.x86_64
    php71-common-7.1.17-1.32.amzn1.x86_64
    php71-devel-7.1.17-1.32.amzn1.x86_64
    php71-xmlrpc-7.1.17-1.32.amzn1.x86_64
    php71-mcrypt-7.1.17-1.32.amzn1.x86_64
    php71-bcmath-7.1.17-1.32.amzn1.x86_64
    php71-enchant-7.1.17-1.32.amzn1.x86_64
    php71-xml-7.1.17-1.32.amzn1.x86_64
    php71-process-7.1.17-1.32.amzn1.x86_64
    php71-cli-7.1.17-1.32.amzn1.x86_64
    php71-snmp-7.1.17-1.32.amzn1.x86_64
    php71-odbc-7.1.17-1.32.amzn1.x86_64
    php71-tidy-7.1.17-1.32.amzn1.x86_64
    php71-ldap-7.1.17-1.32.amzn1.x86_64
    php70-gmp-7.0.30-1.29.amzn1.x86_64
    php70-debuginfo-7.0.30-1.29.amzn1.x86_64
    php70-mysqlnd-7.0.30-1.29.amzn1.x86_64
    php70-pspell-7.0.30-1.29.amzn1.x86_64
    php70-7.0.30-1.29.amzn1.x86_64
    php70-soap-7.0.30-1.29.amzn1.x86_64
    php70-common-7.0.30-1.29.amzn1.x86_64
    php70-imap-7.0.30-1.29.amzn1.x86_64
    php70-recode-7.0.30-1.29.amzn1.x86_64
    php70-enchant-7.0.30-1.29.amzn1.x86_64
    php70-tidy-7.0.30-1.29.amzn1.x86_64
    php70-xml-7.0.30-1.29.amzn1.x86_64
    php70-zip-7.0.30-1.29.amzn1.x86_64
    php70-process-7.0.30-1.29.amzn1.x86_64
    php70-mcrypt-7.0.30-1.29.amzn1.x86_64
    php70-cli-7.0.30-1.29.amzn1.x86_64
    php70-json-7.0.30-1.29.amzn1.x86_64
    php70-ldap-7.0.30-1.29.amzn1.x86_64
    php70-dbg-7.0.30-1.29.amzn1.x86_64
    php70-intl-7.0.30-1.29.amzn1.x86_64
    php70-snmp-7.0.30-1.29.amzn1.x86_64
    php70-fpm-7.0.30-1.29.amzn1.x86_64
    php70-gd-7.0.30-1.29.amzn1.x86_64
    php70-pgsql-7.0.30-1.29.amzn1.x86_64
    php70-opcache-7.0.30-1.29.amzn1.x86_64
    php70-odbc-7.0.30-1.29.amzn1.x86_64
    php70-embedded-7.0.30-1.29.amzn1.x86_64
    php70-pdo-7.0.30-1.29.amzn1.x86_64
    php70-dba-7.0.30-1.29.amzn1.x86_64
    php70-xmlrpc-7.0.30-1.29.amzn1.x86_64
    php70-pdo-dblib-7.0.30-1.29.amzn1.x86_64
    php70-devel-7.0.30-1.29.amzn1.x86_64
    php70-bcmath-7.0.30-1.29.amzn1.x86_64
    php70-mbstring-7.0.30-1.29.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions

External links

http://alas.aws.amazon.com/ALAS-2018-1019.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###