Red Hat Security Advisory 2020-2835-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include an underflow vulnerability.
7d3efa23b778cb571c090b3a2406b404
This Metasploit module exploits an underflow vulnerability in PHP-FPM versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 of PHP-FPM on Nginx. Only servers with certain Nginx + PHP-FPM configurations are exploitable. This is a port of the original neex's exploit code (see refs). First, it detects the correct parameters (Query String Length and custom header length) needed to trigger code execution. This step determines if the target is actually vulnerable (Check method). Then, the exploit sets a series of PHP INI directives to create a file locally on the target, which enables code execution through a query string parameter. This is used to execute normal payload stagers. Finally, this module does some cleanup by killing local PHP-FPM workers (those are spawned automatically once killed) and removing the created local file.
bcbc7e0f55f9d8c8cc54d552dc319ffa
Red Hat Security Advisory 2020-0322-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue has been addressed.
3e1d8ddc4e85fd180e1d0cc71c21c4ef
Apple Security Advisory 2020-1-28-2 - macOS Catalina 10.15.3, Security Update 2020-001 Mojave, and Security Update 2020-001 High Sierra are now available and address buffer overflow, bypass, and code execution vulnerabilities.
b7ed3a864bedd652761c597b31e522a1
Red Hat Security Advisory 2019-3736-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue has been addressed.
f7aae271bc0791293c1bdcb48d0c78fa
Red Hat Security Advisory 2019-3735-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue has been addressed.
29b3ad7c82bcd6d2987d7e46cdcbccdd
Red Hat Security Advisory 2019-3724-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue has been addressed.
04147c22152bf5396f6d6a2a49fad314
Red Hat Security Advisory 2019-3300-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue was addressed.
ea89ba3e13dae1bcf3172b6046169d59
Red Hat Security Advisory 2019-3299-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and information leakage vulnerabilities.
0b3a743000a8d1ce9382590da63feba1
Red Hat Security Advisory 2019-3286-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue was addressed.
a411df94a49b4d272eceff9bbc0ef65d
Red Hat Security Advisory 2019-3287-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. An underflow issue was addressed.
6d6ec7c1a7537484209f9de4cb88fce8
Ubuntu Security Notice 4166-2 - USN-4166-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that PHP incorrectly handled certain paths when being used in FastCGI configurations. A remote attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
ef6238f8e5b72babf4cb9b04e3a3e34b
Ubuntu Security Notice 4166-1 - It was discovered that PHP incorrectly handled certain paths when being used in FastCGI configurations. A remote attacker could possibly use this issue to execute arbitrary code.
5cf1387d2922807d678f4fbcef9868b0
Gentoo Linux Security Advisory 201910-1 - A vulnerability in PHP might allow an attacker to execute arbitrary code. Versions less than 7.1.33 are affected.
29a50835bcd6457081d0c952655829f6
This is a newer method to exploit php-fpm to achieve remote code execution when certain nginx with php-fpm configurations exist.
4cbdb53c733266a5189ec2df70c12e1b