CVE-2012-0807MEDIUM
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
Stack-based buffer overflow in the suhosin_encrypt_single_cookie function in the transparent cookie-encryption feature in the Suhosin extension before 0.9.33 for PHP, when suhosin.cookie.encrypt and suhosin.multiheader are enabled, might allow remote attackers to execute arbitrary code via a long string that is used in a Set-Cookie HTTP header.
References
http://archives.neohapsis.com/archives/fulldisclosure/2012-01/0296.html
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html
http://secunia.com/advisories/48668
http://www.openwall.com/lists/oss-security/2012/01/24/11
http://www.openwall.com/lists/oss-security/2012/01/24/7
https://bugzilla.redhat.com/show_bug.cgi?id=783350
https://github.com/stefanesser/suhosin/commit/73b1968ee30f6d9d2dae497544b910e68e114bfa
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:hardened-php:suhosin:*:beta_2006.09.07:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:*:beta_2006.09.09:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.5:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.6.1:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.6.2:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.6.3:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.7:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.8:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.9:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.9.1:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.10:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.11:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.12:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.13:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.14:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.15:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.16:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.17:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.18:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.19:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.20:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.21:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.22:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.23:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.24:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.25:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.26:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.27:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.28:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.29:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:0.9.30:*:*:*:*:*:*:*
cpe:2.3:a:hardened-php:suhosin:*:*:*:*:*:*:*:* versions up to 0.9.31 (inclusive)
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 79963 | GLSA-201412-10 : Multiple packages, Multiple vulnerabilities fixed in 2012 | Nessus | Gentoo Local Security Checks | high |
| 74580 | openSUSE Security Update : php5 (openSUSE-SU-2012:0426-1) | Nessus | SuSE Local Security Checks | high |
| 58890 | Mandriva Linux Security Advisory : php (MDVSA-2012:065) | Nessus | Mandriva Local Security Checks | high |
| 58740 | SuSE 11.1 Security Update : PHP5 (SAT Patch Number 5964) | Nessus | SuSE Local Security Checks | high |
| 58615 | SuSE 11.2 Security Update : PHP5 (SAT Patch Number 5958) | Nessus | SuSE Local Security Checks | medium |
| 58480 | SuSE 10 Security Update : PHP5 (ZYPP Patch Number 8009) | Nessus | SuSE Local Security Checks | high |