Lucene search

K
threatpost
Dennis FisherTHREATPOST:3EEA9D9B7CBDC9687FD961AD1AF59EF5
HistoryMay 09, 2012 - 2:32 p.m.

Another Set of PHP Releases Pushed Out to Fix CVE-2012-1823 Flaw

2012-05-0914:32:23
Dennis Fisher
threatpost.com
23

0.975 High

EPSS

Percentile

100.0%

For the second time in less than a week, the developers of PHP have released new versions of the language that include a fix for the remotely exploitable vulnerability that was disclosed last week. The group is encouraging users to upgrade to PHP 5.4.3 or 5.3.13 immediately.

The vulnerability affects PHP sites in CGI-based setups and can enable an attacker to get access to the site’s source code by passing certain queries to the PHP binary as command-line arguments. The bug was disclosed last week before a patch was available through a mistake in the PHP Group’s internal bug-handling system.

“The PHP development team would like to announce the immediate availability of PHP 5.4.3 and PHP 5.3.13. All users are encouraged to upgrade to PHP 5.4.3 or PHP 5.3.13

The releases complete a fix for a vulnerability in CGI-based setups (CVE-2012-2311). _Note: mod_php and php-fpm are not vulnerable to this attack,” _the PHP developers said.

“PHP 5.4.3 fixes a buffer overflow vulnerability in the apache_request_headers() (CVE-2012-2329). The PHP 5.3 series is not vulnerable to this issue.”

The PHP Group released a fix for the bug late last week, but the researchers who discovered the flaw originally found that the new versions didn’t completely address the problem and still left vulnerable sites exposed to attack. There are mitigations available for the bug, as explained by the Eindbazen team that found the flaw, but users should upgrade their installations as soon as they can.

Be first who know about 0-days in popular software

Do not waste time on finding information in tons of articles. Subscribe yourself and your colleagues on news and articles about products you need and you use!

Subscribe on news

0.975 High

EPSS

Percentile

100.0%

Related for THREATPOST:3EEA9D9B7CBDC9687FD961AD1AF59EF5