Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2051

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-2051
Last Modified 30 Oct 2012 10:56:39
Published 05 May 2008 01:20:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2051

Summary

The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."

Vulnerable Systems

Application

  • Php 5.0.0

  • Php 5.0.1

  • Php 5.0.2

  • Php 5.0.3

  • Php 5.0.4

  • Php 5.0.5

  • Php 5.1.0

  • Php 5.1.1

  • Php 5.1.2

  • Php 5.1.3

  • Php 5.1.4

  • Php 5.1.5

  • Php 5.1.6

  • Php 5.2.0

  • Php 5.2.1

  • Php 5.2.2

  • Php 5.2.3

  • Php 5.2.4

  • Php 5.2.5


References

FEDORA - FEDORA-2008-3606

FEDORA - FEDORA-2008-3864

VUPEN - ADV-2008-2268

VUPEN - ADV-2008-1412

UBUNTU - USN-628-1

BUGTRAQ - 20080527 rPSA-2008-0178-1 php php-mysql php-pgsql

REDHAT - RHSA-2008:0582

REDHAT - RHSA-2008:0546

REDHAT - RHSA-2008:0545

REDHAT - RHSA-2008:0544

REDHAT - RHSA-2008:0505

CONFIRM - http://www.php.net/ChangeLog-5.php

MANDRIVA - MDVSA-2008:128

MANDRIVA - MDVSA-2008:127

MANDRIVA - MDVSA-2008:126

MANDRIVA - MDVSA-2008:125

DEBIAN - DSA-1572

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178

SECUNIA - 31326

SECUNIA - 31200

SECUNIA - 31124

SECUNIA - 31119

SECUNIA - 30967

SECUNIA - 30828

SECUNIA - 30757

SECUNIA - 30411

SECUNIA - 30158

SECUNIA - 30083

SLACKWARE - SSA:2008-128-01

SUSE - SUSE-SR:2008:014

APPLE - APPLE-SA-2008-07-31

CONFIRM - https://issues.rpath.com/browse/RPL-2503

BID - 29009

BUGTRAQ - 20080523 rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl

MLIST - [oss-security] 20080502 CVE Request (PHP)

DEBIAN - DSA-1578

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176

SECUNIA - 30345

SECUNIA - 30288

SECUNIA - 30048

GENTOO - GLSA-200811-05

SECUNIA - 32746

Related Patches

Apple 2008-07-31 Security Update 2008-005 (PPC)

Apple 2008-07-31 Security Update 2008-005 Server (PPC)

Apple 2008-07-31 Security Update 2008-005 (Leopard)

Apple 2008-07-31 Security Update 2008-005 (Intel)

Apple 2008-07-31 Security Update 2008-005 Server (Intel)

Red Hat 2008:0544-06 RHSA Moderate: php security update for RHEL 5 x86


Last Updated: 27 May 2016 11:01:20