exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2023-0567

Status Candidate

Overview

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid.

Related Files

Gentoo Linux Security Advisory 202408-32
Posted Aug 12, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202408-32 - Multiple vulnerabilities have been discovered in PHP, the worst of which can lead to a denial of service. Versions greater than or equal to 8.1.29:8.1 are affected.

tags | advisory, denial of service, php, vulnerability
systems | linux, gentoo
advisories | CVE-2022-31631, CVE-2023-0567, CVE-2023-0568, CVE-2023-0662, CVE-2023-3823, CVE-2023-3824, CVE-2024-2756, CVE-2024-2757, CVE-2024-3096, CVE-2024-4577, CVE-2024-5458, CVE-2024-5585
SHA-256 | cbf734f3a99c6d459c77601c00b0651913d26cb2c46b0dfcaf7fb250b9cac607
Red Hat Security Advisory 2024-0387-03
Posted Jan 25, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0387-03 - An update for the php:8.1 module is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, php
systems | linux, redhat
advisories | CVE-2023-0567
SHA-256 | 9e341b2e86799d9ac8b07a6ec52cc960f726908e4657fdedf47b8b3de3a9fd76
Red Hat Security Advisory 2023-5927-01
Posted Oct 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5927-01 - An update for the php:8.0 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, php
systems | linux, redhat
advisories | CVE-2023-0567
SHA-256 | 46c527bdcfb2145b61c0830ad98c9738174c2195ac8e1cd6200c84896fdfff5d
Red Hat Security Advisory 2023-5926-01
Posted Oct 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5926-01 - An update for php is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, php
systems | linux, redhat
advisories | CVE-2023-0567
SHA-256 | f7b3d25853c407b0835193e19c69c5d5226d02c94935df3692d13b2fede8c6ec
Ubuntu Security Notice USN-6053-1
Posted May 2, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6053-1 - It was discovered that PHP incorrectly handled certain invalid Blowfish password hashes. An invalid password hash could possibly allow applications to accept any password as valid, contrary to expectations.

tags | advisory, php
systems | linux, ubuntu
advisories | CVE-2023-0567
SHA-256 | 6a4bbd5373aa5388a4619a7fee3c74e536d2083b1d61ae7672757b7e3093a77d
Ubuntu Security Notice USN-5902-1
Posted Feb 28, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5902-1 - It was discovered that PHP incorrectly handled certain invalid Blowfish password hashes. An invalid password hash could possibly allow applications to accept any password as valid, contrary to expectations. It was discovered that PHP incorrectly handled resolving long paths. A remote attacker could possibly use this issue to obtain or modify sensitive information. It was discovered that PHP incorrectly handled a large number of parts in HTTP form uploads. A remote attacker could possibly use this issue to cause PHP to consume resources, leading to a denial of service.

tags | advisory, remote, web, denial of service, php
systems | linux, ubuntu
advisories | CVE-2023-0567, CVE-2023-0568, CVE-2023-0662
SHA-256 | d6874c5afe37c2500fc7824d66b24af765e7c0d843c7aa5688092c11c7e428fe
Debian Security Advisory 5363-1
Posted Feb 27, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5363-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in denial of service or incorrect validation of BCrypt hashes.

tags | advisory, denial of service, php
systems | linux, debian
advisories | CVE-2022-31631, CVE-2023-0567, CVE-2023-0568, CVE-2023-0662
SHA-256 | 7ae7c33c3e28b6f24a8453dc72dcd9277d8782ff1546367e81b1eee017a28724
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close