HP Security Bulletin HPSBUX03150 SSRT101681 - Potential security vulnerabilities have been identified with the HP-UX Apache Web Server Suite, Tomcat Servlet Engine, and PHP. These could be exploited remotely to create a Denial of Service (DoS) and other vulnerabilities. Revision 1 of this advisory.
4da09901892670541bc06bce0716f03bf67eec1782653c05c5f559b376b89246Gentoo Linux Security Advisory 201408-11 - Multiple vulnerabilities have been discovered in PHP, the worst of which could lead to remote execution of arbitrary code. Versions less than 5.5.16 are affected.
603e59db98b503d98e09222be7ae1aa6e92e8c93410b7df813b8dd5222e058f1Apple Security Advisory 2014-02-25-1 - OS X Mavericks 10.9.2 and Security Update 2014-001 is now available and addresses multiple security issues including the recent SSL vulnerability.
1d8f727073c1ea1d6289c8c7fa93c5237ad978b58d6ca700d78a6f12ea0f3b83Mandriva Linux Security Advisory 2014-014 - The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service via a crafted certificate that is not properly handled by the openssl_x509_parse function. The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service via a crafted interval specification. The updated php packages have been upgraded to the 5.5.8 version which is not vulnerable to these issues. Additionally, the PECL packages which requires so has been rebuilt for php-5.5.8 and some has been upgraded to their latest versions.
8cf7940a193c870dfe4a5421f1538695dff4660b76dc24b692930776885f8223Red Hat Security Advisory 2013-1615-02 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that PHP did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. A flaw was found in PHP's SSL client's hostname identity check when handling certificates that contain hostnames with NULL bytes. If an attacker was able to get a carefully crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate to conduct man-in-the-middle attacks to spoof SSL servers.
e9c43b76ec5610e3455ac53f39d2e0ecc1fbdf12915676ffe3014f05ce897df2Red Hat Security Advisory 2013-1307-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that PHP did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. It was found that PHP did not check for carriage returns in HTTP headers, allowing intended HTTP response splitting protections to be bypassed. Depending on the web browser the victim is using, a remote attacker could use this flaw to perform HTTP response splitting attacks.
329966a55bfeee91b34efdf6e4c6fdb40fa5bff4b1c4705ad759326610acb9fdUbuntu Security Notice 1937-1 - It was discovered that PHP did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.
9a14a21ea4f555b39c39d0b3419b2aca7ce5a0e9188a932cf51da07e328bed31Slackware Security Advisory - New php packages are available for Slackware 14.0, and -current to fix a security issue.
ecb1893087d0d66f7dad6cf8deaa65276787950af36d4ce86965243130244165Mandriva Linux Security Advisory 2013-221 - The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. Additionally a patch has been applied to fix an UMR (Unitialized Memory Read) bug in the original fix for CVE-2013-4248. The updated packages have been patched to correct these issues.
645f59943e5f467ddce2176dbf8da00053c3a0235f9de73ed2f48beec92773ebDebian Linux Security Advisory 2742-1 - It was discovered that PHP, a general-purpose scripting language commonly used for web application development, did not properly process embedded NUL characters in the subjectAltName extension of X.509 certificates. Depending on the application and with insufficient CA-level checks, this could be abused for impersonating other users.
94d9e680a062358787e25ec659acc74944e9b260376d2f8e2978f25085b91e0e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed