what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2008-2108

Status Candidate

Overview

The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force attacks against protection mechanisms that use the rand and mt_rand functions.

Related Files

Debian Linux Security Advisory 1789-1
Posted May 5, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1789-1 - Several remote vulnerabilities have been discovered in the PHP 5 hypertext preprocessor.

tags | advisory, remote, php, vulnerability
systems | linux, debian
advisories | CVE-2008-2107, CVE-2008-2108, CVE-2008-5557, CVE-2008-5624, CVE-2008-5658, CVE-2008-5814, CVE-2009-0754, CVE-2009-1271
SHA-256 | 100a5040d4193726e6aaec8b6a7e78375f9a96e618e105219e44df555dd8498e
Gentoo Linux Security Advisory 200811-5
Posted Nov 17, 2008
Authored by Gentoo

Gentoo Linux Security Advisory GLSA 200811-05 - PHP contains several vulnerabilities including buffer and integer overflows which could lead to the remote execution of arbitrary code. Versions less than 5.2.6-r6 are affected.

tags | advisory, remote, overflow, arbitrary, php, vulnerability
systems | linux, gentoo
advisories | CVE-2008-0599, CVE-2008-0674, CVE-2008-1384, CVE-2008-2050, CVE-2008-2051, CVE-2008-2107, CVE-2008-2108, CVE-2008-2371, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660
SHA-256 | 30a9ea44a0f3a5cea3f6e349d238bdb1d46e22654727c091856a0da2f7e3c893
Ubuntu Security Notice 628-1
Posted Jul 23, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 628-1 - Over a dozen vulnerabilities in php5 have been addressed in Ubuntu.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-4782, CVE-2007-4850, CVE-2007-5898, CVE-2007-5899, CVE-2008-0599, CVE-2008-1384, CVE-2008-2050, CVE-2008-2051, CVE-2008-2107, CVE-2008-2108, CVE-2008-2371, CVE-2008-2829
SHA-256 | 3f4762bf322681e8f3484947ebc156f14c168b070b0d2ba92a048e740c8ac08f
Mandriva Linux Security Advisory 2008-130
Posted Jul 10, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - An integer overflow in the zip_read_entry() function in PHP prior to 4.4.5 allowed remote attackers to execute arbitrary code via a ZIP archive containing a certain type of entry that triggered a heap overflow. Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems. The updated packages have been patched to correct these issues.

tags | advisory, remote, overflow, arbitrary, php
systems | linux, mandriva
advisories | CVE-2007-1777, CVE-2008-2107, CVE-2008-2108
SHA-256 | 0edaea08014bc6c30ae3a3b2bcb1063f187d429361d166a693111557ccf96ac7
Mandriva Linux Security Advisory 2008-129
Posted Jul 10, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems. The updated packages have been patched to correct these issues.

tags | advisory, php
systems | linux, mandriva
advisories | CVE-2008-2107, CVE-2008-2108
SHA-256 | 36c685354707ed85c37d537fa3d18fa1b4cdf1dc975794ed6df7b5c8b8e59c42
Mandriva Linux Security Advisory 2008-128
Posted Jul 10, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - php-cgi in PHP prior to 5.2.6 does not properly calculate the length of PATH_TRANSLATED, which has unknown impact and attack vectors. The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown impact and context-dependent attack vectors related to incomplete multibyte characters. Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems. The IMAP module in PHP uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) via a long IMAP request. In addition, the updated packages provide a number of bug fixes. The updated packages have been patched to correct these issues.

tags | advisory, denial of service, cgi, php, imap
systems | linux, mandriva
advisories | CVE-2008-0599, CVE-2008-2051, CVE-2008-2107, CVE-2008-2108, CVE-2008-2829
SHA-256 | a957e83af46278fc9927d4b20a07a5126ff6e3efeacf1d3c314a8c6362e8f534
Mandriva Linux Security Advisory 2008-127
Posted Jul 10, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The htmlentities() and htmlspecialchars() functions in PHP prior to 5.2.5 accepted partial multibyte sequences, which has unknown impact and attack vectors. The output_add_rewrite_var() function in PHP prior to 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which could allow a remote attacker to obtain potentially sensitive information by reading the requests for this URL. php-cgi in PHP prior to 5.2.6 does not properly calculate the length of PATH_TRANSLATED, which has unknown impact and attack vectors. The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown impact and context-dependent attack vectors related to incomplete multibyte characters. Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems. The IMAP module in PHP uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) via a long IMAP request. In addition, this update also corrects an issue with some float to string conversions.

tags | advisory, remote, denial of service, local, cgi, php, imap
systems | linux, mandriva
advisories | CVE-2007-5898, CVE-2007-5899, CVE-2008-0599, CVE-2008-2051, CVE-2008-2107, CVE-2008-2108, CVE-2008-2829
SHA-256 | 983189b46f7172be5f967d2c4586512e100842f9151f6b89c51f240979f59cba
Mandriva Linux Security Advisory 2008-126
Posted Jul 10, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - PHP 5.2.1 would allow context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with 'S:', which did not properly track the number of input bytes being processed. A vulnerability in the chunk_split() function in PHP prior to 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation. The htmlentities() and htmlspecialchars() functions in PHP prior to 5.2.5 accepted partial multibyte sequences, which has unknown impact and attack vectors. The output_add_rewrite_var() function in PHP prior to 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which could allow a remote attacker to obtain potentially sensitive information by reading the requests for this URL. The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown impact and context-dependent attack vectors related to incomplete multibyte characters. Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems. CVE-2008-2108). The IMAP module in PHP uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) via a long IMAP request.

tags | advisory, remote, denial of service, local, php, imap
systems | linux, mandriva
advisories | CVE-2007-1649, CVE-2007-4660, CVE-2007-5898, CVE-2007-5899, CVE-2008-2051, CVE-2008-2107, CVE-2008-2108, CVE-2008-2829
SHA-256 | ce9b044b78980ef6d383b1f63b8399d81b2ddddbe899ab732db688d002d50709
Mandriva Linux Security Advisory 2008-125
Posted Jul 10, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A vulnerability in the chunk_split() function in PHP prior to 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation. The htmlentities() and htmlspecialchars() functions in PHP prior to 5.2.5 accepted partial multibyte sequences, which has unknown impact and attack vectors. The output_add_rewrite_var() function in PHP prior to 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which could allow a remote attacker to obtain potentially sensitive information by reading the requests for this URL. The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown impact and context-dependent attack vectors related to incomplete multibyte characters. Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems.

tags | advisory, remote, local, php
systems | linux, mandriva
advisories | CVE-2007-5898, CVE-2007-5899, CVE-2007-4660, CVE-2008-2051, CVE-2008-2107, CVE-2008-2108
SHA-256 | 462dab3e1f36a6a4ce46057d21433dea88b99d76289a74f98523fde4a31b12ba
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close