AmazonALAS-2018-1019Medium: php56, php70, php71
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.921 High
EPSS
Percentile
98.9%
Issue Overview:
Null pointer dereference due to mishandling of ldap_get_dn return value allows denial-of-service by malicious LDAP server or man-in-the-middle attacker
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.(CVE-2018-10548)
Infinite loop in ext/iconv/iconv.c when using stream filter with convert.incov on invalid sequence leads to denial-of-service
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.(CVE-2018-10546)
Reflected XSS vulnerability on PHAR 403 and 404 error pages
An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712.(CVE-2018-10547)
Out-of-bounds read in ext/exif/exif.c:exif_read_data() when reading crafted JPEG data
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exif_read_data in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exif_iif_add_value mishandles the case of a MakerNote that lacks a final ‘\0’ character.(CVE-2018-10549)
Affected Packages:
php56, php70, php71
Issue Correction:
Run yum update php56 to update your system.
Run yum update php70 to update your system.
Run yum update php71 to update your system.
New Packages:
i686:
php56-enchant-5.6.36-1.138.amzn1.i686
php56-tidy-5.6.36-1.138.amzn1.i686
php56-fpm-5.6.36-1.138.amzn1.i686
php56-mbstring-5.6.36-1.138.amzn1.i686
php56-xmlrpc-5.6.36-1.138.amzn1.i686
php56-imap-5.6.36-1.138.amzn1.i686
php56-snmp-5.6.36-1.138.amzn1.i686
php56-opcache-5.6.36-1.138.amzn1.i686
php56-intl-5.6.36-1.138.amzn1.i686
php56-xml-5.6.36-1.138.amzn1.i686
php56-gd-5.6.36-1.138.amzn1.i686
php56-debuginfo-5.6.36-1.138.amzn1.i686
php56-dbg-5.6.36-1.138.amzn1.i686
php56-recode-5.6.36-1.138.amzn1.i686
php56-mysqlnd-5.6.36-1.138.amzn1.i686
php56-embedded-5.6.36-1.138.amzn1.i686
php56-bcmath-5.6.36-1.138.amzn1.i686
php56-dba-5.6.36-1.138.amzn1.i686
php56-cli-5.6.36-1.138.amzn1.i686
php56-gmp-5.6.36-1.138.amzn1.i686
php56-pdo-5.6.36-1.138.amzn1.i686
php56-mssql-5.6.36-1.138.amzn1.i686
php56-pgsql-5.6.36-1.138.amzn1.i686
php56-ldap-5.6.36-1.138.amzn1.i686
php56-soap-5.6.36-1.138.amzn1.i686
php56-mcrypt-5.6.36-1.138.amzn1.i686
php56-process-5.6.36-1.138.amzn1.i686
php56-common-5.6.36-1.138.amzn1.i686
php56-pspell-5.6.36-1.138.amzn1.i686
php56-5.6.36-1.138.amzn1.i686
php56-odbc-5.6.36-1.138.amzn1.i686
php56-devel-5.6.36-1.138.amzn1.i686
php71-dba-7.1.17-1.32.amzn1.i686
php71-gmp-7.1.17-1.32.amzn1.i686
php71-ldap-7.1.17-1.32.amzn1.i686
php71-xmlrpc-7.1.17-1.32.amzn1.i686
php71-opcache-7.1.17-1.32.amzn1.i686
php71-pdo-dblib-7.1.17-1.32.amzn1.i686
php71-mysqlnd-7.1.17-1.32.amzn1.i686
php71-cli-7.1.17-1.32.amzn1.i686
php71-xml-7.1.17-1.32.amzn1.i686
php71-fpm-7.1.17-1.32.amzn1.i686
php71-enchant-7.1.17-1.32.amzn1.i686
php71-mcrypt-7.1.17-1.32.amzn1.i686
php71-bcmath-7.1.17-1.32.amzn1.i686
php71-7.1.17-1.32.amzn1.i686
php71-dbg-7.1.17-1.32.amzn1.i686
php71-recode-7.1.17-1.32.amzn1.i686
php71-snmp-7.1.17-1.32.amzn1.i686
php71-pgsql-7.1.17-1.32.amzn1.i686
php71-embedded-7.1.17-1.32.amzn1.i686
php71-intl-7.1.17-1.32.amzn1.i686
php71-imap-7.1.17-1.32.amzn1.i686
php71-pspell-7.1.17-1.32.amzn1.i686
php71-json-7.1.17-1.32.amzn1.i686
php71-tidy-7.1.17-1.32.amzn1.i686
php71-common-7.1.17-1.32.amzn1.i686
php71-process-7.1.17-1.32.amzn1.i686
php71-devel-7.1.17-1.32.amzn1.i686
php71-odbc-7.1.17-1.32.amzn1.i686
php71-soap-7.1.17-1.32.amzn1.i686
php71-gd-7.1.17-1.32.amzn1.i686
php71-mbstring-7.1.17-1.32.amzn1.i686
php71-debuginfo-7.1.17-1.32.amzn1.i686
php71-pdo-7.1.17-1.32.amzn1.i686
php70-common-7.0.30-1.29.amzn1.i686
php70-dbg-7.0.30-1.29.amzn1.i686
php70-mysqlnd-7.0.30-1.29.amzn1.i686
php70-recode-7.0.30-1.29.amzn1.i686
php70-bcmath-7.0.30-1.29.amzn1.i686
php70-mcrypt-7.0.30-1.29.amzn1.i686
php70-enchant-7.0.30-1.29.amzn1.i686
php70-xml-7.0.30-1.29.amzn1.i686
php70-embedded-7.0.30-1.29.amzn1.i686
php70-fpm-7.0.30-1.29.amzn1.i686
php70-pspell-7.0.30-1.29.amzn1.i686
php70-xmlrpc-7.0.30-1.29.amzn1.i686
php70-pdo-7.0.30-1.29.amzn1.i686
php70-gmp-7.0.30-1.29.amzn1.i686
php70-dba-7.0.30-1.29.amzn1.i686
php70-gd-7.0.30-1.29.amzn1.i686
php70-7.0.30-1.29.amzn1.i686
php70-zip-7.0.30-1.29.amzn1.i686
php70-pdo-dblib-7.0.30-1.29.amzn1.i686
php70-debuginfo-7.0.30-1.29.amzn1.i686
php70-odbc-7.0.30-1.29.amzn1.i686
php70-json-7.0.30-1.29.amzn1.i686
php70-pgsql-7.0.30-1.29.amzn1.i686
php70-snmp-7.0.30-1.29.amzn1.i686
php70-intl-7.0.30-1.29.amzn1.i686
php70-soap-7.0.30-1.29.amzn1.i686
php70-ldap-7.0.30-1.29.amzn1.i686
php70-imap-7.0.30-1.29.amzn1.i686
php70-cli-7.0.30-1.29.amzn1.i686
php70-process-7.0.30-1.29.amzn1.i686
php70-tidy-7.0.30-1.29.amzn1.i686
php70-mbstring-7.0.30-1.29.amzn1.i686
php70-devel-7.0.30-1.29.amzn1.i686
php70-opcache-7.0.30-1.29.amzn1.i686
src:
php56-5.6.36-1.138.amzn1.src
php71-7.1.17-1.32.amzn1.src
php70-7.0.30-1.29.amzn1.src
x86_64:
php56-opcache-5.6.36-1.138.amzn1.x86_64
php56-embedded-5.6.36-1.138.amzn1.x86_64
php56-dba-5.6.36-1.138.amzn1.x86_64
php56-odbc-5.6.36-1.138.amzn1.x86_64
php56-intl-5.6.36-1.138.amzn1.x86_64
php56-tidy-5.6.36-1.138.amzn1.x86_64
php56-mysqlnd-5.6.36-1.138.amzn1.x86_64
php56-devel-5.6.36-1.138.amzn1.x86_64
php56-gd-5.6.36-1.138.amzn1.x86_64
php56-5.6.36-1.138.amzn1.x86_64
php56-bcmath-5.6.36-1.138.amzn1.x86_64
php56-fpm-5.6.36-1.138.amzn1.x86_64
php56-soap-5.6.36-1.138.amzn1.x86_64
php56-mbstring-5.6.36-1.138.amzn1.x86_64
php56-pspell-5.6.36-1.138.amzn1.x86_64
php56-recode-5.6.36-1.138.amzn1.x86_64
php56-pdo-5.6.36-1.138.amzn1.x86_64
php56-xml-5.6.36-1.138.amzn1.x86_64
php56-common-5.6.36-1.138.amzn1.x86_64
php56-snmp-5.6.36-1.138.amzn1.x86_64
php56-imap-5.6.36-1.138.amzn1.x86_64
php56-cli-5.6.36-1.138.amzn1.x86_64
php56-dbg-5.6.36-1.138.amzn1.x86_64
php56-ldap-5.6.36-1.138.amzn1.x86_64
php56-pgsql-5.6.36-1.138.amzn1.x86_64
php56-debuginfo-5.6.36-1.138.amzn1.x86_64
php56-xmlrpc-5.6.36-1.138.amzn1.x86_64
php56-mcrypt-5.6.36-1.138.amzn1.x86_64
php56-enchant-5.6.36-1.138.amzn1.x86_64
php56-mssql-5.6.36-1.138.amzn1.x86_64
php56-gmp-5.6.36-1.138.amzn1.x86_64
php56-process-5.6.36-1.138.amzn1.x86_64
php71-soap-7.1.17-1.32.amzn1.x86_64
php71-debuginfo-7.1.17-1.32.amzn1.x86_64
php71-json-7.1.17-1.32.amzn1.x86_64
php71-7.1.17-1.32.amzn1.x86_64
php71-opcache-7.1.17-1.32.amzn1.x86_64
php71-mysqlnd-7.1.17-1.32.amzn1.x86_64
php71-pgsql-7.1.17-1.32.amzn1.x86_64
php71-pdo-dblib-7.1.17-1.32.amzn1.x86_64
php71-gd-7.1.17-1.32.amzn1.x86_64
php71-dba-7.1.17-1.32.amzn1.x86_64
php71-embedded-7.1.17-1.32.amzn1.x86_64
php71-gmp-7.1.17-1.32.amzn1.x86_64
php71-intl-7.1.17-1.32.amzn1.x86_64
php71-recode-7.1.17-1.32.amzn1.x86_64
php71-imap-7.1.17-1.32.amzn1.x86_64
php71-dbg-7.1.17-1.32.amzn1.x86_64
php71-pdo-7.1.17-1.32.amzn1.x86_64
php71-fpm-7.1.17-1.32.amzn1.x86_64
php71-pspell-7.1.17-1.32.amzn1.x86_64
php71-mbstring-7.1.17-1.32.amzn1.x86_64
php71-common-7.1.17-1.32.amzn1.x86_64
php71-devel-7.1.17-1.32.amzn1.x86_64
php71-xmlrpc-7.1.17-1.32.amzn1.x86_64
php71-mcrypt-7.1.17-1.32.amzn1.x86_64
php71-bcmath-7.1.17-1.32.amzn1.x86_64
php71-enchant-7.1.17-1.32.amzn1.x86_64
php71-xml-7.1.17-1.32.amzn1.x86_64
php71-process-7.1.17-1.32.amzn1.x86_64
php71-cli-7.1.17-1.32.amzn1.x86_64
php71-snmp-7.1.17-1.32.amzn1.x86_64
php71-odbc-7.1.17-1.32.amzn1.x86_64
php71-tidy-7.1.17-1.32.amzn1.x86_64
php71-ldap-7.1.17-1.32.amzn1.x86_64
php70-gmp-7.0.30-1.29.amzn1.x86_64
php70-debuginfo-7.0.30-1.29.amzn1.x86_64
php70-mysqlnd-7.0.30-1.29.amzn1.x86_64
php70-pspell-7.0.30-1.29.amzn1.x86_64
php70-7.0.30-1.29.amzn1.x86_64
php70-soap-7.0.30-1.29.amzn1.x86_64
php70-common-7.0.30-1.29.amzn1.x86_64
php70-imap-7.0.30-1.29.amzn1.x86_64
php70-recode-7.0.30-1.29.amzn1.x86_64
php70-enchant-7.0.30-1.29.amzn1.x86_64
php70-tidy-7.0.30-1.29.amzn1.x86_64
php70-xml-7.0.30-1.29.amzn1.x86_64
php70-zip-7.0.30-1.29.amzn1.x86_64
php70-process-7.0.30-1.29.amzn1.x86_64
php70-mcrypt-7.0.30-1.29.amzn1.x86_64
php70-cli-7.0.30-1.29.amzn1.x86_64
php70-json-7.0.30-1.29.amzn1.x86_64
php70-ldap-7.0.30-1.29.amzn1.x86_64
php70-dbg-7.0.30-1.29.amzn1.x86_64
php70-intl-7.0.30-1.29.amzn1.x86_64
php70-snmp-7.0.30-1.29.amzn1.x86_64
php70-fpm-7.0.30-1.29.amzn1.x86_64
php70-gd-7.0.30-1.29.amzn1.x86_64
php70-pgsql-7.0.30-1.29.amzn1.x86_64
php70-opcache-7.0.30-1.29.amzn1.x86_64
php70-odbc-7.0.30-1.29.amzn1.x86_64
php70-embedded-7.0.30-1.29.amzn1.x86_64
php70-pdo-7.0.30-1.29.amzn1.x86_64
php70-dba-7.0.30-1.29.amzn1.x86_64
php70-xmlrpc-7.0.30-1.29.amzn1.x86_64
php70-pdo-dblib-7.0.30-1.29.amzn1.x86_64
php70-devel-7.0.30-1.29.amzn1.x86_64
php70-bcmath-7.0.30-1.29.amzn1.x86_64
php70-mbstring-7.0.30-1.29.amzn1.x86_64
Additional References
Red Hat: CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549
Mitre: CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Amazon Linux | 1 | i686 | php56-enchant | < 5.6.36-1.138.amzn1 | php56-enchant-5.6.36-1.138.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | php56-tidy | < 5.6.36-1.138.amzn1 | php56-tidy-5.6.36-1.138.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | php56-fpm | < 5.6.36-1.138.amzn1 | php56-fpm-5.6.36-1.138.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | php56-mbstring | < 5.6.36-1.138.amzn1 | php56-mbstring-5.6.36-1.138.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | php56-xmlrpc | < 5.6.36-1.138.amzn1 | php56-xmlrpc-5.6.36-1.138.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | php56-imap | < 5.6.36-1.138.amzn1 | php56-imap-5.6.36-1.138.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | php56-snmp | < 5.6.36-1.138.amzn1 | php56-snmp-5.6.36-1.138.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | php56-opcache | < 5.6.36-1.138.amzn1 | php56-opcache-5.6.36-1.138.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | php56-intl | < 5.6.36-1.138.amzn1 | php56-intl-5.6.36-1.138.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | php56-xml | < 5.6.36-1.138.amzn1 | php56-xml-5.6.36-1.138.amzn1.i686.rpm |
Related
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.921 High
EPSS
Percentile
98.9%