Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name CVE-2008-0599 First vendor Publication 2008-05-05
Vendor Cve Last vendor Modification 2024-02-02

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Overall CVSS Score 9.8
Base Score 9.8 Environmental Score 9.8
impact SubScore 5.9 Temporal Score 9.8
Exploitabality Sub Score 3.9
 
Attack Vector Network Attack Complexity Low
Privileges Required None User Interaction None
Scope Unchanged Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599

CAPEC : Common Attack Pattern Enumeration & Classification

Id Name
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-100 Overflow Buffers
CAPEC-123 Buffer Attacks

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-131 Incorrect Calculation of Buffer Size (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:5510
 
Oval ID: oval:org.mitre.oval:def:5510
Title: HP-UX Running Apache with PHP, Remote Execution of Arbitrary Code
Description: The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.
Family: unix Class: vulnerability
Reference(s): CVE-2008-0599
Version: 9
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 301
Os 59
Os 57
Os 4
Os 2

OpenVAS Exploits

Date Description
2012-06-21 Name : PHP version smaller than 5.2.6
File : nvt/nopsec_php_5_2_6.nasl
2010-05-12 Name : Mac OS X Security Update 2008-005
File : nvt/macosx_secupd_2008-005.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-22 Name : HP-UX Update for Apache-based Web Server HPSBUX02465
File : nvt/gb_hp_ux_HPSBUX02465.nasl
2009-10-13 Name : SLES10: Security update for PHP5
File : nvt/sles10_apache2-mod_php2.nasl
2009-07-17 Name : HP-UX Update for Apache Web Server Suite HPSBUX02431
File : nvt/gb_hp_ux_HPSBUX02431.nasl
2009-05-05 Name : HP-UX Update for Apache with PHP HPSBUX02342
File : nvt/gb_hp_ux_HPSBUX02342.nasl
2009-04-09 Name : Mandriva Update for php MDVSA-2008:127 (php)
File : nvt/gb_mandriva_MDVSA_2008_127.nasl
2009-04-09 Name : Mandriva Update for php MDVSA-2008:128 (php)
File : nvt/gb_mandriva_MDVSA_2008_128.nasl
2009-03-23 Name : Ubuntu Update for php5 vulnerabilities USN-628-1
File : nvt/gb_ubuntu_USN_628_1.nasl
2009-02-17 Name : Fedora Update for php FEDORA-2008-3606
File : nvt/gb_fedora_2008_3606_php_fc9.nasl
2009-02-17 Name : Fedora Update for php FEDORA-2008-3864
File : nvt/gb_fedora_2008_3864_php_fc8.nasl
2008-11-19 Name : Gentoo Security Advisory GLSA 200811-05 (php)
File : nvt/glsa_200811_05.nasl
2008-10-07 Name : Multiple Vulnerabilities in PHP August-08
File : nvt/gb_php_mult_vuln_aug08.nasl
0000-00-00 Name : Slackware Advisory SSA:2008-128-01 php
File : nvt/esoft_slk_ssa_2008_128_01.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
44906 PHP cgi_main.c PATH_TRANSLATED Length Calculation Unspecified Issue

Nessus® Vulnerability Scanner

Date Description
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-127.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-128.nasl - Type : ACT_GATHER_INFO
2008-11-17 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200811-05.nasl - Type : ACT_GATHER_INFO
2008-08-01 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2008-005.nasl - Type : ACT_GATHER_INFO
2008-07-24 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-628-1.nasl - Type : ACT_GATHER_INFO
2008-06-26 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_apache2-mod_php5-5345.nasl - Type : ACT_GATHER_INFO
2008-06-24 Name : The remote Fedora host is missing a security update.
File : fedora_2008-3606.nasl - Type : ACT_GATHER_INFO
2008-06-24 Name : The remote Fedora host is missing a security update.
File : fedora_2008-3864.nasl - Type : ACT_GATHER_INFO
2008-05-28 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2008-128-01.nasl - Type : ACT_GATHER_INFO
2008-05-02 Name : The remote web server uses a version of PHP that is affected by multiple flaws.
File : php_5_2_6.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
APPLE http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
BID http://www.securityfocus.com/bid/29009
BUGTRAQ http://www.securityfocus.com/archive/1/492535/100/0/threaded
CERT-VN http://www.kb.cert.org/vuls/id/147027
CONFIRM http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.267.2.15.2.50....
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176
http://www.php.net/ChangeLog-5.php
https://issues.rpath.com/browse/RPL-2503
FEDORA https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.html
GENTOO http://security.gentoo.org/glsa/glsa-200811-05.xml
HP http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01476437
http://marc.info/?l=bugtraq&m=124654546101607&w=2
http://marc.info/?l=bugtraq&m=125631037611762&w=2
MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:127
http://www.mandriva.com/security/advisories?name=MDVSA-2008:128
MLIST http://www.openwall.com/lists/oss-security/2008/05/02/2
OVAL https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT http://www.redhat.com/support/errata/RHSA-2008-0505.html
SECTRACK http://www.securitytracker.com/id?1019958
SECUNIA http://secunia.com/advisories/30048
http://secunia.com/advisories/30083
http://secunia.com/advisories/30345
http://secunia.com/advisories/30616
http://secunia.com/advisories/30757
http://secunia.com/advisories/30828
http://secunia.com/advisories/31200
http://secunia.com/advisories/31326
http://secunia.com/advisories/32746
http://secunia.com/advisories/35650
SLACKWARE http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&...
UBUNTU http://www.ubuntu.com/usn/usn-628-1
VUPEN http://www.vupen.com/english/advisories/2008/1412
http://www.vupen.com/english/advisories/2008/1810/references
http://www.vupen.com/english/advisories/2008/2268
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/42137

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
Date Informations
2024-02-02 17:28:15
  • Multiple Updates
2024-02-02 01:08:13
  • Multiple Updates
2024-02-01 12:02:34
  • Multiple Updates
2023-09-05 12:07:40
  • Multiple Updates
2023-09-05 01:02:25
  • Multiple Updates
2023-09-02 12:07:46
  • Multiple Updates
2023-09-02 01:02:26
  • Multiple Updates
2023-08-12 12:09:08
  • Multiple Updates
2023-08-12 01:02:26
  • Multiple Updates
2023-08-11 12:07:49
  • Multiple Updates
2023-08-11 01:02:30
  • Multiple Updates
2023-08-06 12:07:29
  • Multiple Updates
2023-08-06 01:02:27
  • Multiple Updates
2023-08-04 12:07:34
  • Multiple Updates
2023-08-04 01:02:30
  • Multiple Updates
2023-07-14 12:07:32
  • Multiple Updates
2023-07-14 01:02:27
  • Multiple Updates
2023-03-29 01:08:31
  • Multiple Updates
2023-03-28 12:02:33
  • Multiple Updates
2022-10-11 12:06:41
  • Multiple Updates
2022-10-11 01:02:17
  • Multiple Updates
2021-05-04 12:07:04
  • Multiple Updates
2021-04-22 01:07:31
  • Multiple Updates
2020-05-23 01:39:04
  • Multiple Updates
2020-05-23 00:21:13
  • Multiple Updates
2019-06-08 12:02:23
  • Multiple Updates
2019-03-18 12:01:37
  • Multiple Updates
2018-10-16 05:18:09
  • Multiple Updates
2018-10-04 12:04:55
  • Multiple Updates
2017-09-29 09:23:24
  • Multiple Updates
2017-08-08 09:23:51
  • Multiple Updates
2016-12-08 09:23:22
  • Multiple Updates
2016-10-13 01:00:50
  • Multiple Updates
2016-06-28 17:11:12
  • Multiple Updates
2016-04-26 17:05:29
  • Multiple Updates
2014-02-17 10:43:40
  • Multiple Updates
2013-05-11 00:08:34
  • Multiple Updates
2012-11-07 00:16:28
  • Multiple Updates