Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2050

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-2050
Last Modified 30 Oct 2012 10:56:38
Published 05 May 2008 01:20:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2050

Summary

Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact and attack vectors.

Vulnerable Systems

Application

  • Php 5.0.0

  • Php 5.0.1

  • Php 5.0.2

  • Php 5.0.3

  • Php 5.0.4

  • Php 5.0.5

  • Php 5.1.0

  • Php 5.1.1

  • Php 5.1.2

  • Php 5.1.3

  • Php 5.1.4

  • Php 5.1.5

  • Php 5.1.6

  • Php 5.2.0

  • Php 5.2.1

  • Php 5.2.2

  • Php 5.2.3

  • Php 5.2.4

  • Php 5.2.5


References

BID - 29009

CONFIRM - http://www.php.net/ChangeLog-5.php

DEBIAN - DSA-1572

CONFIRM - https://issues.rpath.com/browse/RPL-2503

XF - php-fastcgisapi-bo(42133)

VUPEN - ADV-2008-2268

VUPEN - ADV-2008-1412

UBUNTU - USN-628-1

BUGTRAQ - 20080523 rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl

MLIST - [oss-security] 20080502 CVE Request (PHP)

MANDRIVA - MDVSA-2009:023

MANDRIVA - MDVSA-2009:022

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176

SECUNIA - 31326

SECUNIA - 31200

SECUNIA - 30967

SECUNIA - 30345

SECUNIA - 30158

SECUNIA - 30083

SECUNIA - 30048

SLACKWARE - SSA:2008-128-01

SUSE - SUSE-SR:2008:014

APPLE - APPLE-SA-2008-07-31

CONFIRM - http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/fastcgi.c?r1=1.44&r2=1.45&diff_format=u

GENTOO - GLSA-200811-05

SECUNIA - 32746

Related Patches

Apple 2008-07-31 Security Update 2008-005 (PPC)

Apple 2008-07-31 Security Update 2008-005 Server (PPC)

Apple 2008-07-31 Security Update 2008-005 (Leopard)

Apple 2008-07-31 Security Update 2008-005 (Intel)

Apple 2008-07-31 Security Update 2008-005 Server (Intel)


Last Updated: 27 May 2016 10:47:18