CVE-2014-4049

MEDIUM

Description

Heap-based buffer overflow in the php_parserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record, related to the dns_get_record function.

References

http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00002.html

http://lists.opensuse.org/opensuse-updates/2014-06/msg00051.html

http://lists.opensuse.org/opensuse-updates/2014-07/msg00032.html

http://marc.info/?l=bugtraq&m=141017844705317&w=2

http://rhn.redhat.com/errata/RHSA-2014-1765.html

http://rhn.redhat.com/errata/RHSA-2014-1766.html

http://secunia.com/advisories/59270

http://secunia.com/advisories/59329

http://secunia.com/advisories/59418

http://secunia.com/advisories/59496

http://secunia.com/advisories/59513

http://secunia.com/advisories/59652

http://secunia.com/advisories/60998

http://support.apple.com/kb/HT6443

http://www.debian.org/security/2014/dsa-2961

http://www.openwall.com/lists/oss-security/2014/06/13/4

http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

http://www.securityfocus.com/bid/68007

http://www.securitytracker.com/id/1030435

http://www-01.ibm.com/support/docview.wss?uid=swg21683486

https://bugzilla.redhat.com/show_bug.cgi?id=1108447

https://github.com/php/php-src/commit/b34d7849ed90ced9345f8ea1c59bc8d101c18468

https://support.apple.com/HT204659

Details

Source: MITRE

Published: 2014-06-18

Updated: 2018-10-30

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 5.1

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 4.9

Severity: MEDIUM

Vulnerable Software

Configuration 1

cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*

Configuration 2

cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*

cpe:2.3:a:php:php:*:beta4:*:*:*:*:*:* versions up to 5.6.0 (inclusive)

Tenable Plugins

View all (34 total)

ID	Name	Product	Family	Severity
700510	Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities	Nessus Network Monitor	Operating System Detection	critical
93161	SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1638-1) (BACKRONYM)	Nessus	SuSE Local Security Checks	critical
83630	SUSE SLES11 Security Update : PHP5 (SUSE-SU-2014:0868-1)	Nessus	SuSE Local Security Checks	medium
82700	Mac OS X Multiple Vulnerabilities (Security Update 2015-004) (FREAK)	Nessus	MacOS X Local Security Checks	critical
82699	Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities (FREAK)	Nessus	MacOS X Local Security Checks	critical
82333	Mandriva Linux Security Advisory : php (MDVSA-2015:080)	Nessus	Mandriva Local Security Checks	high
78556	PHP 5.6.0 Multiple Vulnerabilities	Nessus	CGI abuses	high
78336	Amazon Linux AMI : php (ALAS-2014-393)	Nessus	Amazon Linux Local Security Checks	high
78315	Amazon Linux AMI : php55 (ALAS-2014-372)	Nessus	Amazon Linux Local Security Checks	high
78310	Amazon Linux AMI : php54 (ALAS-2014-367)	Nessus	Amazon Linux Local Security Checks	high
8394	Mac OS X < 10.9.5 Multiple Vulnerabilities (Security Update 2014-004)	Nessus Network Monitor	Web Clients	critical
77748	Mac OS X 10.9.x < 10.9.5 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	critical
77742	SuSE 11.3 Security Update : php53 (SAT Patch Number 9718)	Nessus	SuSE Local Security Checks	medium
77720	openSUSE Security Update : php5 (openSUSE-SU-2014:1133-1)	Nessus	SuSE Local Security Checks	medium
77455	GLSA-201408-11 : PHP: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
77285	PHP 5.3.x < 5.3.29 Multiple Vulnerabilities	Nessus	CGI abuses	high
77241	FreeBSD : PHP multiple vulnerabilities (d2a892b9-2605-11e4-9da0-00a0986f28c4)	Nessus	FreeBSD Local Security Checks	high
77047	Scientific Linux Security Update : php53 and php on SL5.x, SL6.x i386/x86_64 (20140806)	Nessus	Scientific Linux Local Security Checks	high
77044	Oracle Linux 7 : php (ELSA-2014-1013)	Nessus	Oracle Linux Local Security Checks	high
77043	Oracle Linux 5 / 6 : php / php53 (ELSA-2014-1012)	Nessus	Oracle Linux Local Security Checks	high
77033	CentOS 7 : php (CESA-2014:1013)	Nessus	CentOS Local Security Checks	high
77032	CentOS 5 / 6 : php / php53 (CESA-2014:1012)	Nessus	CentOS Local Security Checks	high
77016	RHEL 7 : php (RHSA-2014:1013)	Nessus	Red Hat Local Security Checks	high
77015	RHEL 5 / 6 : php53 and php (RHSA-2014:1012)	Nessus	Red Hat Local Security Checks	high
76476	Slackware 14.0 / 14.1 / current : php (SSA:2014-192-01)	Nessus	Slackware Local Security Checks	high
76438	Mandriva Linux Security Advisory : php (MDVSA-2014:130)	Nessus	Mandriva Local Security Checks	high
76367	SuSE 11.3 Security Update : php53 (SAT Patch Number 9450)	Nessus	SuSE Local Security Checks	medium
8320	PHP 5.4.x < 5.4.30 / 5.5.x < 5.5.14 Multiple Vulnerabilities	Nessus Network Monitor	Web Servers	critical
76282	PHP 5.5.x < 5.5.14 Multiple Vulnerabilities	Nessus	CGI abuses	high
76281	PHP 5.4.x < 5.4.30 Multiple Vulnerabilities	Nessus	CGI abuses	high
76249	Ubuntu 13.10 / 14.04 LTS : php5 updates (USN-2254-2)	Nessus	Ubuntu Local Security Checks	high
76230	openSUSE Security Update : php5 (openSUSE-SU-2014:0841-1)	Nessus	SuSE Local Security Checks	medium
76201	Ubuntu 10.04 LTS / 12.04 LTS / 13.10 / 14.04 LTS : php5 vulnerabilities (USN-2254-1)	Nessus	Ubuntu Local Security Checks	high
76082	Debian DSA-2961-1 : php5 - security update	Nessus	Debian Local Security Checks	medium