Red Hat Security Advisory 2020-2835-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include an underflow vulnerability.
55475f2ac05404b0dbd6c71ae701acb5dd0454b103210a1d65fd0819888efc0cThis Metasploit module exploits an underflow vulnerability in PHP-FPM versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 of PHP-FPM on Nginx. Only servers with certain Nginx + PHP-FPM configurations are exploitable. This is a port of the original neex's exploit code (see refs). First, it detects the correct parameters (Query String Length and custom header length) needed to trigger code execution. This step determines if the target is actually vulnerable (Check method). Then, the exploit sets a series of PHP INI directives to create a file locally on the target, which enables code execution through a query string parameter. This is used to execute normal payload stagers. Finally, this module does some cleanup by killing local PHP-FPM workers (those are spawned automatically once killed) and removing the created local file.
b0bb267ae212db3146c03348b75e67574095c1e4c6cca10f25f575609f95bc2fRed Hat Security Advisory 2020-0322-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue has been addressed.
a1c38984a4435788f9f0d68d91fc83d60cbdb85dc60caa75b11e46439038a806Apple Security Advisory 2020-1-28-2 - macOS Catalina 10.15.3, Security Update 2020-001 Mojave, and Security Update 2020-001 High Sierra are now available and address buffer overflow, bypass, and code execution vulnerabilities.
6dc59a831c4eeb00f22a91e88c410f4413de1117cf660dac3d76799ab2d9c97dRed Hat Security Advisory 2019-3736-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue has been addressed.
3e83ef8d59cc3ac49c6d59a04f8152ac4b4398da00833b9d03ae1ee6feb3c871Red Hat Security Advisory 2019-3735-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue has been addressed.
624abb506015accc80e0752d93ee44dea5f50efced00a29ac0e44c15f417418eRed Hat Security Advisory 2019-3724-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue has been addressed.
58de720d43ab7b6589a4078d3c96306a524a845d8924149dc7b56a9f89e51794Red Hat Security Advisory 2019-3300-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue was addressed.
beb6b1d77b9bcf9f9ef10db39d78327f2328e4335e115b82bd7b15c5a0f34690Red Hat Security Advisory 2019-3299-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and information leakage vulnerabilities.
3e6fa23a90586dc864b7d2f66f36956feb884ebbfb6236d5061b8a831b9c3da8Red Hat Security Advisory 2019-3286-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue was addressed.
7304dc47b76c864680b043fc336ccda597671bf04477f555432ebebabf62b6e2Red Hat Security Advisory 2019-3287-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue was addressed.
f2c619fb3e7bb7d49ee0cc9dabfe17e54252f5e593fd2fe152d53a87081f5b36Ubuntu Security Notice 4166-2 - USN-4166-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that PHP incorrectly handled certain paths when being used in FastCGI configurations. A remote attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
22ce5d9536099a62be238f172d1aa7be1a8a0dd24d9ff596e34568e558b800adUbuntu Security Notice 4166-1 - It was discovered that PHP incorrectly handled certain paths when being used in FastCGI configurations. A remote attacker could possibly use this issue to execute arbitrary code.
e143091751be9bfe1dfc212b61e56fc89b156a66fdac6f4080c1243bdbc409c0Gentoo Linux Security Advisory 201910-1 - A vulnerability in PHP might allow an attacker to execute arbitrary code. Versions less than 7.1.33 are affected.
a6d82ade737db57082fff3a1c19c65c1890fcde1110a0bf7f1952217ef2a3e9dThis is a newer method to exploit php-fpm to achieve remote code execution when certain nginx with php-fpm configurations exist.
8df57ba35c7fedb82e321a6da3798beb103782ba91f10bc8e528fd4217ddfa67
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed