CVE-2017-7189

2019-07-1000:00:00

ubuntu.com

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.002

Percentile

55.1%

JSON

main/streams/xp_socket.c in PHP 7.x before 2017-03-07 misparses fsockopen
calls, such as by interpreting fsockopen(‘127.0.0.1:80’, 443) as if the
address/port were 127.0.0.1:80:443, which is later truncated to
127.0.0.1:80. This behavior has a security risk if the explicitly provided
port number (i.e., 443 in this example) is hardcoded into an application as
a security policy, but the hostname argument (i.e., 127.0.0.1:80 in this
example) is obtained from untrusted input.

Bugs

Notes

Author	Note
mdeslaur	the commit for this was later reverted as it introduced a regression. As of 2020-06-23, there is no upstream fix.
rodrigo-zaiden	As of 2022-02-04, there is still no upstream fix.

OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchphp5< anyUNKNOWN
ubuntu16.04noarchphp7.0< anyUNKNOWN
ubuntu18.04noarchphp7.2< anyUNKNOWN
ubuntu20.04noarchphp7.4< anyUNKNOWN
ubuntu22.04noarchphp8.1< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	14.04	noarch	php5	< any	UNKNOWN
ubuntu	16.04	noarch	php7.0	< any	UNKNOWN
ubuntu	18.04	noarch	php7.2	< any	UNKNOWN
ubuntu	20.04	noarch	php7.4	< any	UNKNOWN
ubuntu	22.04	noarch	php8.1	< any	UNKNOWN