|| Hotline : 800 2378 ||  To contact CERT-MU send e-mail on --> info[at]cert-mu.gov.mu ||  To report incident e-mail on --> incident[at]cert-mu.gov.mu || To report Vulnerabilities send e-mail on --> Vulnerability[at]cert-mu.gov.mu ||
    Constituency
    Authority
    Vol. 2, Feb 2012
    Vol. 1, Oct 2011
    World CERTs
    Email Abuse
 
 
Authorized to use CERT(TM) - CERT is a mark owned by Carnegie Mellon University
 
 
 
 
 
 
 
 
 
 
 
 


   
 

CERT-MU AD-2008-14

Multiple vulnerabilities in PHP

Original Issue Date: 20th August 2008

Overview

Multiple vulnerabilities have been reported in PHP, since the application fails to perform adequate boundary checks on user-supplied data, which could be exploited by a remote attacker to cause Denial of Service.

Description

1. imageloadfont function Buffer Overflow vulnerability

A Buffer Overflow vulnerability has been reported in the “imageloadfont” function in “ext/gd/gd.c” in PHP. A remote attacker can exploit this issue to cause a Denial of Service (crash) via a crafted font file.

2. memnstr function Buffer Overflow vulnerability

A Buffer Overflow vulnerability exists in the “memnsttr()” function in PHP. A remote attacker can exploit this issue to cause a Denial of Service (crash) via a delimiter argument to the explode function.

3. Denial of Service Vulnerability

A vulnerability has been reported in PHP, when used as a FastCGI module. This could be exploited by remote attacker to cause a denial of service via a request with multiple dots preceding the extension.

Affected systems  

PHP versions prior to 4.4.9

Impact

imageloadfont function Buffer Overflow vulnerability

Allows unauthorized disclosure of information, allows unauthorized modification , allows disruption of service.

memnstr function Buffer Overflow vulnerability

Allows unauthorized modification, allows disruption of service

Denial of Service Vulnerability

Allows disruption of service

Solution

Upgrade PHP to version 4.4.9
http://www.php.net/downloads.php#v4

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Vendor Information

PHP
http://www.php.net/ChangeLog-4.php#4.4.9
http://news.php.net/php.cvs/52002

CVE-Name

CVE-2008-3658
CVE-2008-3659
CVE-2008-3660

References

Secunia
http://secunia.com/advisories/31409/

Juniper Networks
http://www.juniper.net/security/auto/vulnerabilities/vuln30649.html

Gentoo Bugzilla
http://bugs.gentoo.org/show_bug.cgi?id=234102

Openwall
http://www.openwall.com
http://www.openwall.com/lists/oss-security/2008/08/13/8

SANS
https://www.sans.org/newsletters/risk/display.php?v=7&i=33#08.33.45

  
 
News & Events
Safer Internet Day 2012
Computer Security Day 2011
Workshop on Cloud Security
Workshop on Mobile Security
Certificate Award Ceremony for Trainings in Information Security Management
  more...
 
Virus Alerts
RSS Feed
Subscribe Mailing List
 
 
 

Last Updated 20-Jul-2011
Disclaimer Maintained & Hosted by NCB
This site is best viewed in 1024 x 768 resolution. Internet Explorer 6.0 +
09-Jul-2011