Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1018

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-1018
Last Modified 21 Aug 2010 12:21:39
Published 10 Jan 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1018

Summary

Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the pack function, or (3) an "integer overflow/underflow" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.

Vulnerable Systems


References

FEDORA - FLSA:2344

XF - php-shmopwrite-outofbounds-memory(18515)

BID - 12045

BUGTRAQ - 20041219 PHP shmop.c module permits write of arbitrary memory.

REDHAT - RHSA-2005:032

CONFIRM - http://www.php.net/release_4_3_10.php

MISC - http://www.hardened-php.net/advisories/012004.txt

HP - HPSBMA01212

REDHAT - RHSA-2005:816

OSVDB - 12411

MANDRAKE - MDKSA-2005:072

MANDRAKE - MDKSA-2004:151

UBUNTU - USN-99-1

BUGTRAQ - 20041215 Advisory 01/2004: Multiple vulnerabilities in PHP 4/5


Last Updated: 27 May 2016 10:38:51