Risk | Low |
Patch available | YES |
Number of vulnerabilities | 7 |
CVE-ID | CVE-2018-7584 CVE-2018-10545 CVE-2018-10546 CVE-2018-10547 CVE-2018-10548 CVE-2018-10549 CVE-2018-5712 |
CWE-ID | CWE-121 CWE-200 CWE-835 CWE-79 CWE-300 CWE-119 |
Exploitation vector | Network |
Public exploit |
Public exploit code for vulnerability #3 is available. Public exploit code for vulnerability #6 is available. |
Vulnerable software Subscribe |
Debian Linux Operating systems & Components / Operating system |
Vendor | Debian |
This security bulletin contains information about 7 vulnerabilities.
EUVDB-ID: #VU10800
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2018-7584
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to stack-based buffer overflow when handling malicious input. A remote attacker can send specially crafted HTTP response packets, trigger memory corruption and cause the application to crash.
Update the affected package to version: 7.0.30-0+deb9u1
Vulnerable software versionsDebian Linux: All versions
http://www.debian.org/security/2018/dsa-4240
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
EUVDB-ID: #VU11343
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2018-10545
CWE-ID:
CWE-200 - Information Exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass security restrictions and obtain potentially sensitive information on the target system.
The weakness exists due to improper access controls. A local attacker can change UID and GID, PHP-FPM sets pool worker processes to be dumpable, attach to the PHP-FPM workers and gain access to any restricted resources that are not supposed to be allowed.
Update the affected package to version: 7.0.30-0+deb9u1
Vulnerable software versionsDebian Linux: All versions
http://www.debian.org/security/2018/dsa-4240
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
EUVDB-ID: #VU12257
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2018-10546
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to infinite loop. A remote attacker can use a stream filter with convert.iconv and not enough input bytes, trigger an infinite loop, one CPU Core at 100% and cause the service to crash.
Update the affected package to version: 7.0.30-0+deb9u1
Vulnerable software versionsDebian Linux: All versions
http://www.debian.org/security/2018/dsa-4240
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
EUVDB-ID: #VU12327
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2018-10547
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists in the phar_do_404() and phar_do_403() functions due to insufficient sanitization of user-supplied data processed by the phar_do_404() and phar_do_403() functions, as defined in the ext/phar/phar_object.c source code file. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
The vulnerability exists due to an incomplete fix for CVE-2018-5712.
MitigationUpdate the affected package to version: 7.0.30-0+deb9u1
Vulnerable software versionsDebian Linux: All versions
http://www.debian.org/security/2018/dsa-4240
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
EUVDB-ID: #VU12256
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2018-10548
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the ext/ldap/ldap.c source code file due to improper handling of return values from the ldap_get_dn function. A remote attacker can use man-in-the middle techniques to trigger ldap_get_dn() to return a NULL pointer and cause ldap_get_entries() because add_assoc_string() to crash.
Update the affected package to version: 7.0.30-0+deb9u1
Vulnerable software versionsDebian Linux: All versions
http://www.debian.org/security/2018/dsa-4240
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
EUVDB-ID: #VU12258
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2018-10549
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in exif_read_data() function due to an out-of-bounds read while processing crafted JPEG data. A remote attacker can supply a specially image file, trigger heap-based buffer overflow in exif_iif_add_value and cause the service to crash.
Update the affected package to version: 7.0.30-0+deb9u1
Vulnerable software versionsDebian Linux: All versions
http://www.debian.org/security/2018/dsa-4240
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
EUVDB-ID: #VU10389
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2018-5712
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists on the PHAR 404 error page due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
Update the affected package to version: 7.0.30-0+deb9u1
Vulnerable software versionsDebian Linux: All versions
http://www.debian.org/security/2018/dsa-4240
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?