CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
93.2%
Maksymilian Arciemowicz discovered that PHP did not properly validate
arguments to the dba_replace function. If a script passed untrusted input
to the dba_replace function, an attacker could truncate the database. This
issue only applied to Ubuntu 6.06 LTS, 8.04 LTS, and 8.10. (CVE-2008-7068)
It was discovered that PHP’s php_openssl_apply_verification_policy
function did not correctly handle SSL certificates with zero bytes in the
Common Name. A remote attacker could exploit this to perform a
machine-in-the-middle attack to view sensitive information or alter
encrypted communications. (CVE-2009-3291)
It was discovered that PHP did not properly handle certain malformed images
when being parsed by the Exif module. A remote attacker could exploit this
flaw and cause the PHP server to crash, resulting in a denial of service.
(CVE-2009-3292)
Grzegorz Stachowiak discovered that PHP did not properly enforce
restrictions in the tempnam function. An attacker could exploit this issue
to bypass safe_mode restrictions. (CVE-2009-3557)
Grzegorz Stachowiak discovered that PHP did not properly enforce
restrictions in the posix_mkfifo function. An attacker could exploit this
issue to bypass open_basedir restrictions. (CVE-2009-3558)
Bogdan Calin discovered that PHP did not limit the number of temporary
files created when handling multipart/form-data POST requests. A remote
attacker could exploit this flaw and cause the PHP server to consume all
available resources, resulting in a denial of service. (CVE-2009-4017)
ATTENTION: This update changes previous PHP behaviour by limiting the
number of files in a POST request to 50. This may be increased by adding a
“max_file_uploads” directive to the php.ini configuration file.
It was discovered that PHP did not properly enforce restrictions in the
proc_open function. An attacker could exploit this issue to bypass
safe_mode_protected_env_vars restrictions and possibly execute arbitrary
code with application privileges. (CVE-2009-4018)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 9.10 | noarch | libapache2-mod-php5 | < 5.2.10.dfsg.1-2ubuntu6.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | libapache2-mod-php5filter | < 5.2.10.dfsg.1-2ubuntu6.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | php5-cgi | < 5.2.10.dfsg.1-2ubuntu6.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | php5-cli | < 5.2.10.dfsg.1-2ubuntu6.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | php5-common | < 5.2.10.dfsg.1-2ubuntu6.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | php5-curl | < 5.2.10.dfsg.1-2ubuntu6.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | php5-dbg | < 5.2.10.dfsg.1-2ubuntu6.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | php5-dev | < 5.2.10.dfsg.1-2ubuntu6.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | php5-gd | < 5.2.10.dfsg.1-2ubuntu6.3 | UNKNOWN |
Ubuntu | 9.10 | noarch | php5-gmp | < 5.2.10.dfsg.1-2ubuntu6.3 | UNKNOWN |