Executive Summary

Informations
NameCVE-2011-1938First vendor Publication2011-05-31
VendorCveLast vendor Modification2012-02-08

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score7.5Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938

CWE : Common Weakness Enumeration

idName
CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application4

ExploitDB Exploits

idDescription
2011-07-04PHP 5.3.6 Buffer Overflow PoC (ROP) CVE-2011-1938
2011-05-25PHP <= 5.3.5 socket_connect() Buffer Overflow Vulnerability

OpenVAS Exploits

DateDescription
2012-09-10Name : Slackware Advisory SSA:2011-237-01 php
File : nvt/esoft_slk_ssa_2011_237_01.nasl
2012-07-30Name : CentOS Update for php53 CESA-2011:1423 centos5 x86_64
File : nvt/gb_CESA-2011_1423_php53_centos5_x86_64.nasl
2012-04-02Name : Fedora Update for maniadrive FEDORA-2011-11464
File : nvt/gb_fedora_2011_11464_maniadrive_fc16.nasl
2012-03-19Name : Fedora Update for php-eaccelerator FEDORA-2011-11464
File : nvt/gb_fedora_2011_11464_php-eaccelerator_fc16.nasl
2012-03-19Name : Fedora Update for php FEDORA-2011-11464
File : nvt/gb_fedora_2011_11464_php_fc16.nasl
2012-02-12Name : Debian Security Advisory DSA 2399-1 (php5)
File : nvt/deb_2399_1.nasl
2012-02-12Name : Debian Security Advisory DSA 2399-2 (php5)
File : nvt/deb_2399_2.nasl
2012-02-12Name : Gentoo Security Advisory GLSA 201110-06 (php)
File : nvt/glsa_201110_06.nasl
2012-02-06Name : Mac OS X Multiple Vulnerabilities (2012-001)
File : nvt/gb_macosx_su12-001.nasl
2011-11-08Name : Mandriva Update for php MDVSA-2011:165 (php)
File : nvt/gb_mandriva_MDVSA_2011_165.nasl
2011-11-08Name : Mandriva Update for php MDVSA-2011:166 (php)
File : nvt/gb_mandriva_MDVSA_2011_166.nasl
2011-11-03Name : RedHat Update for php53 and php RHSA-2011:1423-01
File : nvt/gb_RHSA-2011_1423-01_php53_and_php.nasl
2011-11-03Name : CentOS Update for php53 CESA-2011:1423 centos5 i386
File : nvt/gb_CESA-2011_1423_php53_centos5_i386.nasl
2011-10-21Name : Ubuntu Update for php5 USN-1231-1
File : nvt/gb_ubuntu_USN_1231_1.nasl
2011-09-21Name : FreeBSD Ports: php5, php5-sockets
File : nvt/freebsd_php513.nasl
2011-09-20Name : Fedora Update for maniadrive FEDORA-2011-11528
File : nvt/gb_fedora_2011_11528_maniadrive_fc15.nasl
2011-09-20Name : Fedora Update for php-eaccelerator FEDORA-2011-11528
File : nvt/gb_fedora_2011_11528_php-eaccelerator_fc15.nasl
2011-09-20Name : Fedora Update for php FEDORA-2011-11528
File : nvt/gb_fedora_2011_11528_php_fc15.nasl
2011-09-20Name : Fedora Update for maniadrive FEDORA-2011-11537
File : nvt/gb_fedora_2011_11537_maniadrive_fc14.nasl
2011-09-20Name : Fedora Update for php-eaccelerator FEDORA-2011-11537
File : nvt/gb_fedora_2011_11537_php-eaccelerator_fc14.nasl
2011-09-20Name : Fedora Update for php FEDORA-2011-11537
File : nvt/gb_fedora_2011_11537_php_fc14.nasl
2011-06-02Name : PHP 'socket_connect()' Buffer Overflow Vulnerability
File : nvt/secpod_php_bof_vuln_win.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
72644PHP ext/sockets/sockets.c socket_connect Function UNIX Socket Pathname Overflow

Snort® IPS/IDS

DateDescription
2014-01-10socket_connect buffer overflow attempt
RuleID : 24195 - Revision : 3 - Type : SERVER-WEBAPP
2014-01-10socket_connect buffer overflow attempt
RuleID : 24194 - Revision : 3 - Type : SERVER-WEBAPP
2014-01-10socket_connect buffer overflow attempt
RuleID : 24193 - Revision : 3 - Type : SERVER-WEBAPP
2014-01-10socket_connect buffer overflow attempt
RuleID : 24192 - Revision : 3 - Type : SERVER-WEBAPP

Nessus® Vulnerability Scanner

DateDescription
2014-10-11Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-7.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_3_apache2-mod_php5-110601.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote openSUSE host is missing a security update.
File : suse_11_4_apache2-mod_php5-110601.nasl - Type : ACT_GATHER_INFO
2013-09-04Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-07.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1423.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111102_php53_and_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-04-20Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_7_0_0_24.nasl - Type : ACT_GATHER_INFO
2012-02-02Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_7_3.nasl - Type : ACT_GATHER_INFO
2012-02-02Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_SecUpd2012-001.nasl - Type : ACT_GATHER_INFO
2012-02-01Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2399.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_apache2-mod_php5-7553.nasl - Type : ACT_GATHER_INFO
2011-11-04Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-165.nasl - Type : ACT_GATHER_INFO
2011-11-04Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-166.nasl - Type : ACT_GATHER_INFO
2011-11-03Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1423.nasl - Type : ACT_GATHER_INFO
2011-11-03Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1423.nasl - Type : ACT_GATHER_INFO
2011-10-19Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1231-1.nasl - Type : ACT_GATHER_INFO
2011-10-12Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201110-06.nasl - Type : ACT_GATHER_INFO
2011-09-19Name : The remote Fedora host is missing one or more security updates.
File : fedora_2011-11528.nasl - Type : ACT_GATHER_INFO
2011-09-19Name : The remote Fedora host is missing one or more security updates.
File : fedora_2011-11537.nasl - Type : ACT_GATHER_INFO
2011-09-12Name : The remote Fedora host is missing one or more security updates.
File : fedora_2011-11464.nasl - Type : ACT_GATHER_INFO
2011-08-26Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2011-237-01.nasl - Type : ACT_GATHER_INFO
2011-08-22Name : The remote web server uses a version of PHP that is affected by multiple vuln...
File : php_5_3_7.nasl - Type : ACT_GATHER_INFO
2011-08-20Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_057bf770cac411e0aea300215c6a37bb.nasl - Type : ACT_GATHER_INFO
2011-06-17Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_apache2-mod_php5-110601.nasl - Type : ACT_GATHER_INFO
2011-06-17Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_apache2-mod_php5-7554.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
APPLEhttp://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
BIDhttp://www.securityfocus.com/bid/49241
CONFIRMhttp://support.apple.com/kb/HT5130
http://svn.php.net/viewvc?view=revision&revision=311369
http://svn.php.net/viewvc/php/php-src/trunk/ext/sockets/sockets.c?r1=311369&a...
http://www.php.net/archive/2011.php#id2011-08-18-1
http://www.php.net/ChangeLog-5.php#5.3.7
DEBIANhttp://www.debian.org/security/2012/dsa-2399
EXPLOIT-DBhttp://www.exploit-db.com/exploits/17318/
MANDRIVAhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:165
MLISThttp://openwall.com/lists/oss-security/2011/05/24/1
http://openwall.com/lists/oss-security/2011/05/24/9
OSVDBhttp://osvdb.org/72644
REDHAThttp://www.redhat.com/support/errata/RHSA-2011-1423.html
SREASONhttp://securityreason.com/securityalert/8262
http://securityreason.com/securityalert/8294
XFhttp://xforce.iss.net/xforce/xfdb/67606

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
DateInformations
2014-10-12 13:26:44
  • Multiple Updates
2014-06-14 13:30:46
  • Multiple Updates
2014-02-17 11:02:26
  • Multiple Updates
2014-01-19 21:27:49
  • Multiple Updates
2013-05-10 23:00:43
  • Multiple Updates