#VU110539 Improper Neutralization of Argument Delimiters in a Command in PHP - CVE-2002-0985
Vulnerability identifier: #VU110539
Vulnerability risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID:
CWE-ID:
CWE-88
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
PHP
Universal components / Libraries /
Scripting languages
Vendor: PHP Group
Description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.
Mitigation
Install update from vendor's website.
Vulnerable software versions
PHP: 4.2, 4.2.0, 4.2.1
External links
https://www.redhat.com/support/errata/RHSA-2002-213.html
https://www.debian.org/security/2002/dsa-168
https://www.redhat.com/support/errata/RHSA-2002-214.html
https://www.redhat.com/support/errata/RHSA-2002-243.html
https://www.redhat.com/support/errata/RHSA-2002-244.html
https://www.redhat.com/support/errata/RHSA-2002-248.html
https://www.redhat.com/support/errata/RHSA-2003-159.html
https://www.novell.com/linux/security/advisories/2002_036_modphp4.html
https://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt
https://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082
https://www.osvdb.org/2111
https://marc.info/?l=bugtraq&m=103011916928204&w=2
https://marc.info/?l=bugtraq&m=105760591228031&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/9966
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
