what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

CVE-2019-11043

Status Candidate

Overview

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.

Related Files

Red Hat Security Advisory 2020-2835-01
Posted Jul 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2835-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include an underflow vulnerability.

tags | advisory, web, php
systems | linux, redhat
advisories | CVE-2019-11043
SHA-256 | 55475f2ac05404b0dbd6c71ae701acb5dd0454b103210a1d65fd0819888efc0c
PHP-FPM 7.x Remote Code Execution
Posted Mar 5, 2020
Authored by cdelafuente-r7, neex | Site metasploit.com

This Metasploit module exploits an underflow vulnerability in PHP-FPM versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 of PHP-FPM on Nginx. Only servers with certain Nginx + PHP-FPM configurations are exploitable. This is a port of the original neex's exploit code (see refs). First, it detects the correct parameters (Query String Length and custom header length) needed to trigger code execution. This step determines if the target is actually vulnerable (Check method). Then, the exploit sets a series of PHP INI directives to create a file locally on the target, which enables code execution through a query string parameter. This is used to execute normal payload stagers. Finally, this module does some cleanup by killing local PHP-FPM workers (those are spawned automatically once killed) and removing the created local file.

tags | exploit, local, php, code execution
advisories | CVE-2019-11043
SHA-256 | b0bb267ae212db3146c03348b75e67574095c1e4c6cca10f25f575609f95bc2f
Red Hat Security Advisory 2020-0322-01
Posted Feb 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0322-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue has been addressed.

tags | advisory, web, php
systems | linux, redhat
advisories | CVE-2019-11043
SHA-256 | a1c38984a4435788f9f0d68d91fc83d60cbdb85dc60caa75b11e46439038a806
Apple Security Advisory 2020-1-28-2
Posted Jan 29, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-1-28-2 - macOS Catalina 10.15.3, Security Update 2020-001 Mojave, and Security Update 2020-001 High Sierra are now available and address buffer overflow, bypass, and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2019-11043, CVE-2019-18634, CVE-2020-3826, CVE-2020-3827, CVE-2020-3829, CVE-2020-3830, CVE-2020-3835, CVE-2020-3836, CVE-2020-3837, CVE-2020-3838, CVE-2020-3839, CVE-2020-3840, CVE-2020-3842, CVE-2020-3843, CVE-2020-3845, CVE-2020-3846, CVE-2020-3847, CVE-2020-3848, CVE-2020-3849, CVE-2020-3850, CVE-2020-3853, CVE-2020-3854, CVE-2020-3855, CVE-2020-3856, CVE-2020-3857, CVE-2020-3866, CVE-2020-3870, CVE-2020-3871
SHA-256 | 6dc59a831c4eeb00f22a91e88c410f4413de1117cf660dac3d76799ab2d9c97d
Red Hat Security Advisory 2019-3736-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3736-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue has been addressed.

tags | advisory, web, php
systems | linux, redhat
advisories | CVE-2019-11043
SHA-256 | 3e83ef8d59cc3ac49c6d59a04f8152ac4b4398da00833b9d03ae1ee6feb3c871
Red Hat Security Advisory 2019-3735-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3735-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue has been addressed.

tags | advisory, web, php
systems | linux, redhat
advisories | CVE-2019-11043
SHA-256 | 624abb506015accc80e0752d93ee44dea5f50efced00a29ac0e44c15f417418e
Red Hat Security Advisory 2019-3724-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3724-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue has been addressed.

tags | advisory, web, php
systems | linux, redhat
advisories | CVE-2019-11043
SHA-256 | 58de720d43ab7b6589a4078d3c96306a524a845d8924149dc7b56a9f89e51794
Red Hat Security Advisory 2019-3300-01
Posted Nov 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3300-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue was addressed.

tags | advisory, web, php
systems | linux, redhat
advisories | CVE-2019-11043
SHA-256 | beb6b1d77b9bcf9f9ef10db39d78327f2328e4335e115b82bd7b15c5a0f34690
Red Hat Security Advisory 2019-3299-01
Posted Nov 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3299-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and information leakage vulnerabilities.

tags | advisory, web, overflow, php, vulnerability
systems | linux, redhat
advisories | CVE-2016-10166, CVE-2018-20783, CVE-2019-11034, CVE-2019-11035, CVE-2019-11036, CVE-2019-11038, CVE-2019-11039, CVE-2019-11040, CVE-2019-11041, CVE-2019-11042, CVE-2019-11043, CVE-2019-6977, CVE-2019-9020, CVE-2019-9021, CVE-2019-9022, CVE-2019-9023, CVE-2019-9024, CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9640
SHA-256 | 3e6fa23a90586dc864b7d2f66f36956feb884ebbfb6236d5061b8a831b9c3da8
Red Hat Security Advisory 2019-3286-01
Posted Nov 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3286-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue was addressed.

tags | advisory, web, php
systems | linux, redhat
advisories | CVE-2019-11043
SHA-256 | 7304dc47b76c864680b043fc336ccda597671bf04477f555432ebebabf62b6e2
Red Hat Security Advisory 2019-3287-01
Posted Nov 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3287-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue was addressed.

tags | advisory, web, php
systems | linux, redhat
advisories | CVE-2019-11043
SHA-256 | f2c619fb3e7bb7d49ee0cc9dabfe17e54252f5e593fd2fe152d53a87081f5b36
Ubuntu Security Notice USN-4166-2
Posted Oct 29, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4166-2 - USN-4166-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that PHP incorrectly handled certain paths when being used in FastCGI configurations. A remote attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2019-11043
SHA-256 | 22ce5d9536099a62be238f172d1aa7be1a8a0dd24d9ff596e34568e558b800ad
Ubuntu Security Notice USN-4166-1
Posted Oct 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4166-1 - It was discovered that PHP incorrectly handled certain paths when being used in FastCGI configurations. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2019-11043
SHA-256 | e143091751be9bfe1dfc212b61e56fc89b156a66fdac6f4080c1243bdbc409c0
Gentoo Linux Security Advisory 201910-01
Posted Oct 28, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201910-1 - A vulnerability in PHP might allow an attacker to execute arbitrary code. Versions less than 7.1.33 are affected.

tags | advisory, arbitrary, php
systems | linux, gentoo
advisories | CVE-2019-11043
SHA-256 | a6d82ade737db57082fff3a1c19c65c1890fcde1110a0bf7f1952217ef2a3e9d
PHP-FPM Remote Code Execution
Posted Oct 24, 2019
Authored by Emil Lerner, d90pwn

This is a newer method to exploit php-fpm to achieve remote code execution when certain nginx with php-fpm configurations exist.

tags | exploit, remote, php, code execution
advisories | CVE-2019-11043
SHA-256 | 8df57ba35c7fedb82e321a6da3798beb103782ba91f10bc8e528fd4217ddfa67
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    15 Files
  • 28
    Jun 28th
    14 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close