Executive Summary

Summary
Title php5 security update
Informations
Name DSA-2961 First vendor Publication 2014-06-16
Vendor Debian Last vendor Modification 2014-06-16
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:P/I:P/A:P)
Cvss Base Score 5.1 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity High
Cvss Expoit Score 4.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

It was discovered that PHP, a general-purpose scripting language commonly used for web application development, is vulnerable to a heap-based buffer overflow in the DNS TXT record parsing. A malicious server or man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application uses dns_get_record() to perform a DNS query.

For the stable distribution (wheezy), this problem has been fixed in version 5.4.4-14+deb7u11.

For the testing distribution (jessie), this problem has been fixed in version 5.6.0~beta4+dfsg-3.

For the unstable distribution (sid), this problem has been fixed in version 5.6.0~beta4+dfsg-3.

We recommend that you upgrade your php5 packages.

Original Source

Url : http://www.debian.org/security/2014/dsa-2961

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:24159
 
Oval ID: oval:org.mitre.oval:def:24159
Title: USN-2254-1 -- php5 vulnerabilities
Description: Several security issues were fixed in PHP.
Family: unix Class: patch
Reference(s): USN-2254-1
CVE-2014-0185
CVE-2014-0237
CVE-2014-0238
CVE-2014-4049
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 13.10
Ubuntu 12.04
Ubuntu 10.04
Product(s): php5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24930
 
Oval ID: oval:org.mitre.oval:def:24930
Title: USN-2254-2 -- php5 updates
Description: An improvement was made for PHP FPM environments.
Family: unix Class: patch
Reference(s): USN-2254-2
CVE-2014-0185
CVE-2014-0237
CVE-2014-0238
CVE-2014-4049
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 13.10
Product(s): php5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24951
 
Oval ID: oval:org.mitre.oval:def:24951
Title: DSA-2961-1 php5 - security update
Description: It was discovered that PHP, a general-purpose scripting language commonly used for web application development, is vulnerable to a heap-based buffer overflow in the DNS TXT record parsing. A malicious server or man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application uses dns_get_record() to perform a DNS query.
Family: unix Class: patch
Reference(s): DSA-2961-1
CVE-2014-4049
Version: 3
Platform(s): Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
Product(s): php5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26689
 
Oval ID: oval:org.mitre.oval:def:26689
Title: DSA-3008-1 php5 - security update
Description: Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.
Family: unix Class: patch
Reference(s): DSA-3008-1
CVE-2014-3538
CVE-2014-3587
CVE-2014-3597
CVE-2014-4670
CVE-2013-7345
CVE-2014-4049
Version: 3
Platform(s): Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
Product(s): php5
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 561
Os 2
Os 1

Information Assurance Vulnerability Management (IAVM)

Date Description
2014-07-03 IAVM : 2014-B-0086 - Multiple Vulnerabilities in PHP
Severity : Category I - VMSKEY : V0052897

Snort® IPS/IDS

Date Description
2014-11-16 PHP DNS parsing heap overflow attempt
RuleID : 31460 - Revision : 3 - Type : SERVER-WEBAPP

Nessus® Vulnerability Scanner

Date Description
2016-08-29 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-1638-1.nasl - Type : ACT_GATHER_INFO
2015-04-10 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_SecUpd2015-004.nasl - Type : ACT_GATHER_INFO
2015-04-10 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_10_10_3.nasl - Type : ACT_GATHER_INFO
2015-03-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-080.nasl - Type : ACT_GATHER_INFO
2015-03-26 Name : The remote Debian host is missing a security update.
File : debian_DLA-67.nasl - Type : ACT_GATHER_INFO
2014-10-12 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-393.nasl - Type : ACT_GATHER_INFO
2014-10-12 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-372.nasl - Type : ACT_GATHER_INFO
2014-10-12 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-367.nasl - Type : ACT_GATHER_INFO
2014-09-18 Name : The remote host is missing a Mac OS X update that fixes multiple vulnerabilit...
File : macosx_10_9_5.nasl - Type : ACT_GATHER_INFO
2014-09-17 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-546.nasl - Type : ACT_GATHER_INFO
2014-09-12 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-172.nasl - Type : ACT_GATHER_INFO
2014-08-30 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201408-11.nasl - Type : ACT_GATHER_INFO
2014-08-22 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3008.nasl - Type : ACT_GATHER_INFO
2014-08-19 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_d2a892b9260511e49da000a0986f28c4.nasl - Type : ACT_GATHER_INFO
2014-08-07 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1013.nasl - Type : ACT_GATHER_INFO
2014-08-07 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1012.nasl - Type : ACT_GATHER_INFO
2014-08-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1013.nasl - Type : ACT_GATHER_INFO
2014-08-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1012.nasl - Type : ACT_GATHER_INFO
2014-07-10 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-130.nasl - Type : ACT_GATHER_INFO
2014-07-08 Name : The remote Fedora host is missing a security update.
File : fedora_2014-7782.nasl - Type : ACT_GATHER_INFO
2014-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2014-7765.nasl - Type : ACT_GATHER_INFO
2014-06-27 Name : The remote web server is running a version of PHP that is affected by multipl...
File : php_5_5_14.nasl - Type : ACT_GATHER_INFO
2014-06-27 Name : The remote web server is running a version of PHP that is affected by multipl...
File : php_5_4_30.nasl - Type : ACT_GATHER_INFO
2014-06-26 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2254-2.nasl - Type : ACT_GATHER_INFO
2014-06-26 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-443.nasl - Type : ACT_GATHER_INFO
2014-06-24 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2254-1.nasl - Type : ACT_GATHER_INFO
2014-06-17 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2961.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2014-06-20 00:27:10
  • Multiple Updates
2014-06-19 00:26:04
  • Multiple Updates
2014-06-18 13:26:18
  • Multiple Updates
2014-06-17 00:22:02
  • First insertion