CVE-2014-4049

MEDIUM

Description

Heap-based buffer overflow in the php_parserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record, related to the dns_get_record function.

References

http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00002.html

http://lists.opensuse.org/opensuse-updates/2014-06/msg00051.html

http://lists.opensuse.org/opensuse-updates/2014-07/msg00032.html

http://marc.info/?l=bugtraq&m=141017844705317&w=2

http://rhn.redhat.com/errata/RHSA-2014-1765.html

http://rhn.redhat.com/errata/RHSA-2014-1766.html

http://secunia.com/advisories/59270

http://secunia.com/advisories/59329

http://secunia.com/advisories/59418

http://secunia.com/advisories/59496

http://secunia.com/advisories/59513

http://secunia.com/advisories/59652

http://secunia.com/advisories/60998

http://support.apple.com/kb/HT6443

http://www.debian.org/security/2014/dsa-2961

http://www.openwall.com/lists/oss-security/2014/06/13/4

http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

http://www.securityfocus.com/bid/68007

http://www.securitytracker.com/id/1030435

http://www-01.ibm.com/support/docview.wss?uid=swg21683486

https://bugzilla.redhat.com/show_bug.cgi?id=1108447

https://github.com/php/php-src/commit/b34d7849ed90ced9345f8ea1c59bc8d101c18468

https://support.apple.com/HT204659

Details

Source: MITRE

Published: 2014-06-18

Updated: 2018-10-30

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 5.1

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 4.9

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*

cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*

cpe:2.3:a:php:php:*:beta4:*:*:*:*:*:* versions up to 5.6.0 (inclusive)

Tenable Plugins

View all (34 total)

IDNameProductFamilySeverity
700510Mac OS X 10.10.x < 10.10.3 Multiple VulnerabilitiesNessus Network MonitorOperating System Detection
critical
93161SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1638-1) (BACKRONYM)NessusSuSE Local Security Checks
critical
83630SUSE SLES11 Security Update : PHP5 (SUSE-SU-2014:0868-1)NessusSuSE Local Security Checks
medium
82700Mac OS X Multiple Vulnerabilities (Security Update 2015-004) (FREAK)NessusMacOS X Local Security Checks
critical
82699Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities (FREAK)NessusMacOS X Local Security Checks
critical
82333Mandriva Linux Security Advisory : php (MDVSA-2015:080)NessusMandriva Local Security Checks
high
78556PHP 5.6.0 Multiple VulnerabilitiesNessusCGI abuses
high
78336Amazon Linux AMI : php (ALAS-2014-393)NessusAmazon Linux Local Security Checks
high
78315Amazon Linux AMI : php55 (ALAS-2014-372)NessusAmazon Linux Local Security Checks
high
78310Amazon Linux AMI : php54 (ALAS-2014-367)NessusAmazon Linux Local Security Checks
high
8394Mac OS X < 10.9.5 Multiple Vulnerabilities (Security Update 2014-004)Nessus Network MonitorWeb Clients
critical
77748Mac OS X 10.9.x < 10.9.5 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
77742SuSE 11.3 Security Update : php53 (SAT Patch Number 9718)NessusSuSE Local Security Checks
medium
77720openSUSE Security Update : php5 (openSUSE-SU-2014:1133-1)NessusSuSE Local Security Checks
medium
77455GLSA-201408-11 : PHP: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
77285PHP 5.3.x < 5.3.29 Multiple VulnerabilitiesNessusCGI abuses
high
77241FreeBSD : PHP multiple vulnerabilities (d2a892b9-2605-11e4-9da0-00a0986f28c4)NessusFreeBSD Local Security Checks
high
77047Scientific Linux Security Update : php53 and php on SL5.x, SL6.x i386/x86_64 (20140806)NessusScientific Linux Local Security Checks
high
77044Oracle Linux 7 : php (ELSA-2014-1013)NessusOracle Linux Local Security Checks
high
77043Oracle Linux 5 / 6 : php / php53 (ELSA-2014-1012)NessusOracle Linux Local Security Checks
high
77033CentOS 7 : php (CESA-2014:1013)NessusCentOS Local Security Checks
high
77032CentOS 5 / 6 : php / php53 (CESA-2014:1012)NessusCentOS Local Security Checks
high
77016RHEL 7 : php (RHSA-2014:1013)NessusRed Hat Local Security Checks
high
77015RHEL 5 / 6 : php53 and php (RHSA-2014:1012)NessusRed Hat Local Security Checks
high
76476Slackware 14.0 / 14.1 / current : php (SSA:2014-192-01)NessusSlackware Local Security Checks
high
76438Mandriva Linux Security Advisory : php (MDVSA-2014:130)NessusMandriva Local Security Checks
high
76367SuSE 11.3 Security Update : php53 (SAT Patch Number 9450)NessusSuSE Local Security Checks
medium
8320PHP 5.4.x < 5.4.30 / 5.5.x < 5.5.14 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
critical
76282PHP 5.5.x < 5.5.14 Multiple VulnerabilitiesNessusCGI abuses
high
76281PHP 5.4.x < 5.4.30 Multiple VulnerabilitiesNessusCGI abuses
high
76249Ubuntu 13.10 / 14.04 LTS : php5 updates (USN-2254-2)NessusUbuntu Local Security Checks
high
76230openSUSE Security Update : php5 (openSUSE-SU-2014:0841-1)NessusSuSE Local Security Checks
medium
76201Ubuntu 10.04 LTS / 12.04 LTS / 13.10 / 14.04 LTS : php5 vulnerabilities (USN-2254-1)NessusUbuntu Local Security Checks
high
76082Debian DSA-2961-1 : php5 - security updateNessusDebian Local Security Checks
medium