Web application abuses : PHP 'php_register_variable_ex()' Remote Code Execution Vulnerability (Windows)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.802590

Categoría: Web application abuses

Título: PHP 'php_register_variable_ex()' Remote Code Execution Vulnerability (Windows)

Resumen: PHP is prone to a remote arbitrary code execution vulnerability.

Descripción: Summary:
PHP is prone to a remote arbitrary code execution vulnerability.

Vulnerability Insight:
The flaw is due to a logic error within the 'php_register_variable_ex()'
function in php_variables.c when hashing form posts and updating a hash table,
which can be exploited to execute arbitrary code.

Vulnerability Impact:
Successful exploitation could allow remote attackers to execute arbitrary PHP
code on the system.

Affected Software/OS:
PHP Version 5.3.9 on windows.

Solution:
Update to PHP Version 5.3.10 or later.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: BugTraq ID: 51830
Common Vulnerability Exposure (CVE) ID: CVE-2012-0830
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
http://www.securityfocus.com/bid/51830
Debian Security Information: DSA-2403 (Google Search)
http://www.debian.org/security/2012/dsa-2403
HPdes Security Advisory: HPSBMU02786
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
HPdes Security Advisory: HPSBUX02791
http://marc.info/?l=bugtraq&m=134012830914727&w=2
HPdes Security Advisory: SSRT100856
HPdes Security Advisory: SSRT100877
http://thexploit.com/sec/critical-php-remote-vulnerability-introduced-in-fix-for-php-hashtable-collision-dos/
http://www.h-online.com/security/news/item/Critical-PHP-vulnerability-being-fixed-1427316.html
https://gist.github.com/1725489
http://openwall.com/lists/oss-security/2012/02/02/12
http://openwall.com/lists/oss-security/2012/02/03/1
http://www.osvdb.org/78819
RedHat Security Advisories: RHSA-2012:0092
http://rhn.redhat.com/errata/RHSA-2012-0092.html
http://securitytracker.com/id?1026631
http://secunia.com/advisories/47801
http://secunia.com/advisories/47806
http://secunia.com/advisories/47813
http://secunia.com/advisories/48668
SuSE Security Announcement: SUSE-SU-2012:0411 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html
SuSE Security Announcement: openSUSE-SU-2012:0426 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html
XForce ISS Database: php-phpregistervariableex-code-exec(72911)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72911

Copyright Copyright (C) 2012 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.802590
Categoría:	Web application abuses
Título:	PHP 'php_register_variable_ex()' Remote Code Execution Vulnerability (Windows)
Resumen:	PHP is prone to a remote arbitrary code execution vulnerability.
Descripción:	Summary: PHP is prone to a remote arbitrary code execution vulnerability. Vulnerability Insight: The flaw is due to a logic error within the 'php_register_variable_ex()' function in php_variables.c when hashing form posts and updating a hash table, which can be exploited to execute arbitrary code. Vulnerability Impact: Successful exploitation could allow remote attackers to execute arbitrary PHP code on the system. Affected Software/OS: PHP Version 5.3.9 on windows. Solution: Update to PHP Version 5.3.10 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	BugTraq ID: 51830 Common Vulnerability Exposure (CVE) ID: CVE-2012-0830 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://www.securityfocus.com/bid/51830 Debian Security Information: DSA-2403 (Google Search) http://www.debian.org/security/2012/dsa-2403 HPdes Security Advisory: HPSBMU02786 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 HPdes Security Advisory: HPSBUX02791 http://marc.info/?l=bugtraq&m=134012830914727&w=2 HPdes Security Advisory: SSRT100856 HPdes Security Advisory: SSRT100877 http://thexploit.com/sec/critical-php-remote-vulnerability-introduced-in-fix-for-php-hashtable-collision-dos/ http://www.h-online.com/security/news/item/Critical-PHP-vulnerability-being-fixed-1427316.html https://gist.github.com/1725489 http://openwall.com/lists/oss-security/2012/02/02/12 http://openwall.com/lists/oss-security/2012/02/03/1 http://www.osvdb.org/78819 RedHat Security Advisories: RHSA-2012:0092 http://rhn.redhat.com/errata/RHSA-2012-0092.html http://securitytracker.com/id?1026631 http://secunia.com/advisories/47801 http://secunia.com/advisories/47806 http://secunia.com/advisories/47813 http://secunia.com/advisories/48668 SuSE Security Announcement: SUSE-SU-2012:0411 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html SuSE Security Announcement: openSUSE-SU-2012:0426 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html XForce ISS Database: php-phpregistervariableex-code-exec(72911) https://exchange.xforce.ibmcloud.com/vulnerabilities/72911
Copyright	Copyright (C) 2012 Greenbone Networks GmbH