Detections
Analytics
PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities
medium Nessus Plugin ID 72511
Language:
Synopsis
The remote web server uses a version of PHP that is potentially affected by multiple vulnerabilities.Description
According to its banner, the version of PHP 5.5.x installed on the remote host is a version prior to 5.5.9. It is, therefore, potentially affected by the following vulnerabilities related to the GD extension :- A heap-based buffer overflow error exists related to the functions 'gdImageCrop' and 'imagecrop' that could allow denial of service attacks and possibly arbitrary code execution. (CVE-2013-7226)
- An error exists in the function 'gdImageCrop' related to return value checking that could lead to use of NULL pointers and denial of service attacks.
(CVE-2013-7327)
- Multiple integer signedness errors exist in the function 'gdImageCrop' that could allow denial of service attacks and information disclosure.
(CVE-2013-7328)
- A data type checking error exists that could allow information disclosure. (CVE-2014-2020)
Note that this plugin does not attempt to exploit these issues, but instead relies only on PHP's self-reported version number.
Solution
Upgrade to PHP version 5.5.9 or later.See Also
http://www.php.net/ChangeLog-5.php#5.5.9
http://www.nessus.org/u?6647cc34
Plugin Details
Severity: Medium
ID: 72511
File Name: php_5_5_9.nasl
Version: 1.19
Type: remote
Family: CGI abuses
Published: 2/14/2014
Updated: 11/22/2024
Configuration: Enable thorough checks
Supported Sensors: Nessus
Enable CGI Scanning: true
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2013-7327
Vulnerability Information
CPE: cpe:/a:php:php
Required KB Items: www/PHP
Exploit Ease: No exploit is required
Patch Publication Date: 2/6/2014
Vulnerability Publication Date: 2/6/2014
Reference Information
CVE: CVE-2013-7226, CVE-2013-7327, CVE-2013-7328, CVE-2014-2020