Zend Framework < 2.0.8 / 2.1.x < 2.1.4 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 9146
SynopsisThe remote host is using a version of Zend Framework that is vulnerable to multiple attack vectors.
DescriptionVersions of Zend Framework earlier than 2.0.8, or 2.1.x earlier than 2.1.4 are exposed to the following issues :
- A flaw exists that may allow an attacker to carry out an SQL injection attack. The issue is due to 'Zend\Db\Adapter\Platform' not properly sanitizing user-supplied input to the 'quoteValue()' and 'quoteValueList()' methods. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data. (OSVDB 91478)
- A flaw that is due to 'Zend\Validate\Csrf' using the cryptographically weak 'mt_rand' function as a way to generate predictable CSRF tokens. This may allow a remote attacker to conduct a seed recovery attack to more easily gain access to the application. (OSVDB 91479)
- A flaw exists in 'Zend\Mvc'. The issue is triggered during the parsing of query parameters, which may allow a remote attacker to change routing parameters already captured in RouteMatch. (OSVDB 91480)
SolutionUpgrade Zend Framework to version 2.1.4 or later. If version 2.1.x is not available, version 2.0.8 is also patched for these vulnerabilities.