PHP 'socket_connect()' Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is installed with PHP and is prone to stack buffer overflow vulnerability.

Impact

Successful exploitation could allow remote attackers to execute arbitrary code or to cause denial of service condition. Impact Level: Application

Solution

Upgrade to version 5.3.7 or later, For updates refer to http://php.net/downloads.php

Insight

The flaw is due to an error in the 'socket_connect()' function within socket module. It uses memcpy to copy path from addr to s_un without checking addr length in case when AF_UNIX socket is used.

Affected

PHP Version 5.3.5 and prior on windows.

References

http://packetstormsecurity.org/files/view/101665/cve20111938.txt
http://seclists.org/fulldisclosure/2011/May/472
http://www.bugsearch.net/en/11873/php-535-socketconnect-buffer-overflow-vulnerability-cve-2011-1938.html?ref=3

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1938
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Alleycode HTML Editor Buffer Overflow Vulnerabilities
Buffer Overflow Vulnerability in Adobe Acrobat and Reader (Win)
Dell Webcam 'crazytalk4.ocx' ActiveX Multiple BOF Vulnerabilities
AIMP ID3 Tag Buffer Overflow Vulnerability
Adobe Reader 'mailListIsPdf' Buffer Overflow Vulnerability (Linux)

Take action and discover your vulnerabilities