Mandriva Linux Security Advisory : php (MDVSA-2012:093)

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing one or more security
updates.

Description :

Multiple vulnerabilities has been identified and fixed in php :

There is a programming error in the DES implementation used in crypt()
in ext/standard/crypt_freesec.c when handling input which contains
characters that can not be represented with 7-bit ASCII. When the
input contains characters with only the most significant bit set
(0x80), that character and all characters after it will be ignored
(CVE-2012-2143).

An integer overflow, leading to heap-based buffer overflow was found
in the way Phar extension of the PHP scripting language processed
certain fields by manipulating TAR files. A remote attacker could
provide a specially crafted TAR archive file, which once processed in
an PHP application using the Phar extension could lead to denial of
service (application crash), or, potentially arbitary code execution
with the privileges of the user running the application
(CVE-2012-2386).

The updated php packages have been upgraded to the 5.3.14 version
which is not vulnerable to these issues.

See also :

http://secunia.com/advisories/44335
http://www.php.net/ChangeLog-5.php#5.3.14

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.9
(CVSS2#E:POC/RL:OF/RC:ND)
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 59519 ()

Bugtraq ID: 47545
53729

CVE ID: CVE-2012-2143
CVE-2012-2386

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now