Executive Summary
Summary | |
---|---|
Title | php security update |
Informations | |||
---|---|---|---|
Name | RHSA-2010:0919 | First vendor Publication | 2010-11-29 |
Vendor | RedHat | Last vendor Modification | 2010-11-29 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An input validation flaw was discovered in the PHP session serializer. If a PHP script generated session variable names from untrusted user input, a remote attacker could use this flaw to inject an arbitrary variable into the PHP session. (CVE-2010-3065) An information leak flaw was discovered in the PHP var_export() function implementation. If some fatal error occurred during the execution of this function (such as the exhaustion of memory or script execution time limit), part of the function's output was sent to the user as script output, possibly leading to the disclosure of sensitive information. (CVE-2010-2531) A numeric truncation error and an input validation flaw were found in the way the PHP utf8_decode() function decoded partial multi-byte sequences for some multi-byte encodings, sending them to output without them being escaped. An attacker could use these flaws to perform a cross-site scripting attack. (CVE-2009-5016, CVE-2010-3870) It was discovered that the PHP lcg_value() function used insufficient entropy to seed the pseudo-random number generator. A remote attacker could possibly use this flaw to predict values returned by the function, which are used to generate session identifiers by default. This update changes the function's implementation to use more entropy during seeding. (CVE-2010-1128) It was discovered that the PHP fnmatch() function did not restrict the length of the pattern argument. A remote attacker could use this flaw to crash the PHP interpreter where a script used fnmatch() on untrusted matching patterns. (CVE-2010-1917) A NULL pointer dereference flaw was discovered in the PHP XML-RPC extension. A malicious XML-RPC client or server could use this flaw to crash the PHP interpreter via a specially-crafted XML-RPC request. (CVE-2010-0397) All php users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 573779 - CVE-2010-0397 php: NULL pointer dereference in XML-RPC extension 577582 - CVE-2010-1128 php: LCG entropy weakness 617232 - CVE-2010-1917 php: fnmatch long pattern stack memory exhaustion (MOPS-2010-021) 617673 - CVE-2010-2531 php: information leak vulnerability in var_export() 619030 - CVE-2010-3065 php: session serializer session data injection vulnerability (MOPS-2010-060) 649056 - CVE-2010-3870 php: XSS mitigation bypass via utf8_decode() 652836 - CVE-2009-5016 php: XSS and SQL injection bypass via crafted overlong UTF-8 encoded string |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2010-0919.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
17 % | CWE-399 | Resource Management Errors |
17 % | CWE-310 | Cryptographic Issues |
17 % | CWE-264 | Permissions, Privileges, and Access Controls |
17 % | CWE-200 | Information Exposure |
17 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
17 % | CWE-20 | Improper Input Validation |
OVAL Definitions
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-06-21 | Name : PHP version smaller than 5.3.4 File : nvt/nopsec_php_5_3_4.nasl |
2012-06-21 | Name : PHP version smaller than 5.3.3 File : nvt/nopsec_php_5_3_3.nasl |
2012-06-21 | Name : PHP version smaller than 5.3.1 File : nvt/nopsec_php_5_3_1.nasl |
2012-06-21 | Name : PHP version smaller than 5.2.14 File : nvt/nopsec_php_5_2_14.nasl |
2012-06-21 | Name : PHP version smaller than 5.2.11 File : nvt/nopsec_php_5_2_11.nasl |
2012-06-05 | Name : RedHat Update for php RHSA-2011:0195-01 File : nvt/gb_RHSA-2011_0195-01_php.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-06 (php) File : nvt/glsa_201110_06.nasl |
2011-09-07 | Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) File : nvt/gb_macosx_su10-007.nasl |
2011-08-26 | Name : Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001) File : nvt/secpod_macosx_su11-001.nasl |
2011-08-09 | Name : CentOS Update for php CESA-2010:0919 centos5 i386 File : nvt/gb_CESA-2010_0919_php_centos5_i386.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2262-2 (php5) File : nvt/deb_2262_2.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2266-1 (php5) File : nvt/deb_2266_1.nasl |
2011-05-12 | Name : Debian Security Advisory DSA 2195-1 (php5) File : nvt/deb_2195_1.nasl |
2011-01-14 | Name : Ubuntu Update for php5 vulnerabilities USN-1042-1 File : nvt/gb_ubuntu_USN_1042_1.nasl |
2011-01-11 | Name : Fedora Update for php-eaccelerator FEDORA-2010-19011 File : nvt/gb_fedora_2010_19011_php-eaccelerator_fc13.nasl |
2011-01-11 | Name : Fedora Update for php FEDORA-2010-19011 File : nvt/gb_fedora_2010_19011_php_fc13.nasl |
2011-01-11 | Name : Fedora Update for maniadrive FEDORA-2010-19011 File : nvt/gb_fedora_2010_19011_maniadrive_fc13.nasl |
2011-01-11 | Name : Fedora Update for php FEDORA-2010-18976 File : nvt/gb_fedora_2010_18976_php_fc14.nasl |
2011-01-11 | Name : Fedora Update for php-eaccelerator FEDORA-2010-18976 File : nvt/gb_fedora_2010_18976_php-eaccelerator_fc14.nasl |
2011-01-11 | Name : Fedora Update for maniadrive FEDORA-2010-18976 File : nvt/gb_fedora_2010_18976_maniadrive_fc14.nasl |
2010-12-28 | Name : Mandriva Update for php MDVSA-2010:254 (php) File : nvt/gb_mandriva_MDVSA_2010_254.nasl |
2010-12-09 | Name : RedHat Update for php RHSA-2010:0919-01 File : nvt/gb_RHSA-2010_0919-01_php.nasl |
2010-12-09 | Name : CentOS Update for php CESA-2010:0919 centos4 i386 File : nvt/gb_CESA-2010_0919_php_centos4_i386.nasl |
2010-11-16 | Name : Mandriva Update for php MDVSA-2010:224 (php) File : nvt/gb_mandriva_MDVSA_2010_224.nasl |
2010-11-10 | Name : PHP 'xml_utf8_decode()' UTF-8 Input Validation Vulnerability File : nvt/gb_php_44605.nasl |
2010-09-22 | Name : Ubuntu Update for php5 vulnerabilities USN-989-1 File : nvt/gb_ubuntu_USN_989_1.nasl |
2010-08-30 | Name : Fedora Update for php FEDORA-2010-11428 File : nvt/gb_fedora_2010_11428_php_fc12.nasl |
2010-08-30 | Name : Fedora Update for maniadrive FEDORA-2010-11428 File : nvt/gb_fedora_2010_11428_maniadrive_fc12.nasl |
2010-08-30 | Name : Fedora Update for php FEDORA-2010-11481 File : nvt/gb_fedora_2010_11481_php_fc13.nasl |
2010-08-30 | Name : Fedora Update for php-eaccelerator FEDORA-2010-11481 File : nvt/gb_fedora_2010_11481_php-eaccelerator_fc13.nasl |
2010-08-30 | Name : Fedora Update for maniadrive FEDORA-2010-11481 File : nvt/gb_fedora_2010_11481_maniadrive_fc13.nasl |
2010-08-30 | Name : Fedora Update for php-eaccelerator FEDORA-2010-11428 File : nvt/gb_fedora_2010_11428_php-eaccelerator_fc12.nasl |
2010-08-02 | Name : PHP Versions Prior to 5.3.3/5.2.14 Multiple Vulnerabilities File : nvt/gb_php_41991.nasl |
2010-07-30 | Name : Mandriva Update for php MDVSA-2010:140 (php) File : nvt/gb_mandriva_MDVSA_2010_140.nasl |
2010-07-30 | Name : Mandriva Update for php MDVSA-2010:139 (php) File : nvt/gb_mandriva_MDVSA_2010_139.nasl |
2010-03-31 | Name : Mandriva Update for php MDVSA-2010:068 (php) File : nvt/gb_mandriva_MDVSA_2010_068.nasl |
2010-03-15 | Name : PHP xmlrpc Extension Multiple Remote Denial of Service Vulnerabilities File : nvt/gb_php_38708.nasl |
2010-02-27 | Name : PHP < 5.2.13 Multiple Vulnerabilities File : nvt/php_5_2_13.nasl |
2010-02-19 | Name : Mandriva Update for drakconf MDVA-2010:068 (drakconf) File : nvt/gb_mandriva_MDVA_2010_068.nasl |
2010-02-15 | Name : Mandriva Update for mandriva-release MDVA-2010:058 (mandriva-release) File : nvt/gb_mandriva_MDVA_2010_058.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2010-240-04 php File : nvt/esoft_slk_ssa_2010_240_04.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
69230 | PHP utf8_decode Function UTF-8 Encoding / Data Crafted String Protection Mech... |
69227 | PHP ext/xml/xml.c xml_utf8_decode Function UTF-8 Encoding Remote Overflow |
66805 | PHP var_export() Function Fata Error Information Disclosure |
66798 | PHP Prefix Character Session Variable Serialization Unspecified Issue |
64607 | PHP fnmatch Function Stack Exhaustion DoS |
63323 | PHP Linear Congruential Generator (LCG) uniqid Function Session Cookie Entrop... |
63078 | PHP xmlrpc Extension xmlrpc_decode_request Function methodName Element Handli... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-11-28 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15885.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL13519.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_apache2-mod_php5-101110.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_apache2-mod_php5-100812.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0919.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0195.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101129_php_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110203_php_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2011-10-12 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-06.nasl - Type : ACT_GATHER_INFO |
2011-07-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2266.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_apache2-mod_php5-101110.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_apache2-mod_php5-101105.nasl - Type : ACT_GATHER_INFO |
2011-04-22 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_6_3_0_22.nasl - Type : ACT_GATHER_INFO |
2011-03-22 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_6_7.nasl - Type : ACT_GATHER_INFO |
2011-03-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2195.nasl - Type : ACT_GATHER_INFO |
2011-02-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0195.nasl - Type : ACT_GATHER_INFO |
2011-01-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1042-1.nasl - Type : ACT_GATHER_INFO |
2011-01-05 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-19011.nasl - Type : ACT_GATHER_INFO |
2011-01-05 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-18976.nasl - Type : ACT_GATHER_INFO |
2010-12-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-254.nasl - Type : ACT_GATHER_INFO |
2010-12-13 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_3_4.nasl - Type : ACT_GATHER_INFO |
2010-12-03 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-101105.nasl - Type : ACT_GATHER_INFO |
2010-12-03 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-7221.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-100805.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0919.nasl - Type : ACT_GATHER_INFO |
2010-11-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0919.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-224.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_5.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote host is missing a Mac OS X update that fixes security issues. File : macosx_SecUpd2010-007.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-7110.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_apache2-mod_php5-100928.nasl - Type : ACT_GATHER_INFO |
2010-09-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-989-1.nasl - Type : ACT_GATHER_INFO |
2010-09-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_apache2-mod_php5-100813.nasl - Type : ACT_GATHER_INFO |
2010-08-29 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-240-04.nasl - Type : ACT_GATHER_INFO |
2010-08-24 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-11428.nasl - Type : ACT_GATHER_INFO |
2010-08-24 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-11481.nasl - Type : ACT_GATHER_INFO |
2010-08-24 | Name : The remote host is missing a Mac OS X update that fixes security issues. File : macosx_SecUpd2010-005.nasl - Type : ACT_GATHER_INFO |
2010-08-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2089.nasl - Type : ACT_GATHER_INFO |
2010-08-04 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_2_14.nasl - Type : ACT_GATHER_INFO |
2010-08-04 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_3_3.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-139.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-140.nasl - Type : ACT_GATHER_INFO |
2010-05-18 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_apache2-mod_php5-100506.nasl - Type : ACT_GATHER_INFO |
2010-05-18 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_apache2-mod_php5-100507.nasl - Type : ACT_GATHER_INFO |
2010-03-29 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-068.nasl - Type : ACT_GATHER_INFO |
2010-03-19 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2018.nasl - Type : ACT_GATHER_INFO |
2010-03-11 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-058.nasl - Type : ACT_GATHER_INFO |
2010-02-26 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_2_13.nasl - Type : ACT_GATHER_INFO |
2009-11-20 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_3_1.nasl - Type : ACT_GATHER_INFO |
2009-09-18 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_2_11.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:54:07 |
|