Main Vulnerability Database SB2019012102

SB2019012102 - Backdoor in PHP PEAR

Published: January 21, 2019

Security Bulletin ID SB2019012102

CSH Severity

Critical

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Backdoor (CVE-ID: N/A)

CWE-ID: CWE-912 - Hidden Functionality (Backdoor)

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Red

The vulnerability allows a remote attacker to compromise the affected system.

The issue exists within the PHP PEAR software, downloaded from the official repository within the last 6 month. Unknown attackers compromised the official repository and implanted malicious code into it.

If you have updated your PEAR installation within the last 6 month, most likely your server is compromised.

Remediation

Install update from vendor's website.

References

http://blog.pear.php.net/2018/12/20/security-vulnerability-announcement-archive_tar/