Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0185

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2014-0185
Last Modified 23 Sep 2014 01:41:51
Published 06 May 2014 06:44:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2014-0185

Summary

sapi/fpm/fpm/fpm_unix.c in the FastCGI Process Manager (FPM) in PHP before 5.4.28 and 5.5.x before 5.5.12 uses 0666 permissions for the UNIX socket, which allows local users to gain privileges via a crafted FastCGI client.

Vulnerable Systems

Application

  • Php 5.5.0

  • Php 5.5.1

  • Php 5.5.10

  • Php 5.5.11

  • Php 5.5.2

  • Php 5.5.3

  • Php 5.5.4

  • Php 5.5.5

  • Php 5.5.6

  • Php 5.5.7

  • Php 5.5.8

  • Php 5.5.9


References

MISC - https://hoffmann-christian.info/files/php-fpm/0001-Fix-bug-67060-use-default-mode-of-660.patch

CONFIRM - https://github.com/php/php-src/commit/35ceea928b12373a3b1e3eecdc32ed323223a40d

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1092815

CONFIRM - https://bugs.php.net/bug.php?id=67060

CONFIRM - https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1307027

CONFIRM - http://www.php.net/ChangeLog-5.php

CONFIRM - http://www.php.net/archive/2014.php#id2014-05-01-1

MLIST - [oss-security] 20140429 Fwd: [vs] php-fpm: privilege escalation due to insecure default config (CVE-2014-0185)

CONFIRM - http://support.apple.com/kb/HT6443

Related Patches

Apple 2014-09-17 Mac OS X 10.9.5 Update

Apple 2014-09-17 Mac OS X 10.9.5 Combo Update


Last Updated: 27 May 2016 11:05:11