what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2023-0567

Status Candidate

Overview

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid.

Related Files

Gentoo Linux Security Advisory 202408-32
Posted Aug 12, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202408-32 - Multiple vulnerabilities have been discovered in PHP, the worst of which can lead to a denial of service. Versions greater than or equal to 8.1.29:8.1 are affected.

tags | advisory, denial of service, php, vulnerability
systems | linux, gentoo
advisories | CVE-2022-31631, CVE-2023-0567, CVE-2023-0568, CVE-2023-0662, CVE-2023-3823, CVE-2023-3824, CVE-2024-2756, CVE-2024-2757, CVE-2024-3096, CVE-2024-4577, CVE-2024-5458, CVE-2024-5585
SHA-256 | cbf734f3a99c6d459c77601c00b0651913d26cb2c46b0dfcaf7fb250b9cac607
Download | Favorite | View
Red Hat Security Advisory 2024-0387-03
Posted Jan 25, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0387-03 - An update for the php:8.1 module is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, php
systems | linux, redhat
advisories | CVE-2023-0567
SHA-256 | 9e341b2e86799d9ac8b07a6ec52cc960f726908e4657fdedf47b8b3de3a9fd76
Download | Favorite | View
Red Hat Security Advisory 2023-5927-01
Posted Oct 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5927-01 - An update for the php:8.0 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, php
systems | linux, redhat
advisories | CVE-2023-0567
SHA-256 | 46c527bdcfb2145b61c0830ad98c9738174c2195ac8e1cd6200c84896fdfff5d
Download | Favorite | View
Red Hat Security Advisory 2023-5926-01
Posted Oct 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5926-01 - An update for php is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, php
systems | linux, redhat
advisories | CVE-2023-0567
SHA-256 | f7b3d25853c407b0835193e19c69c5d5226d02c94935df3692d13b2fede8c6ec
Download | Favorite | View
Ubuntu Security Notice USN-6053-1
Posted May 2, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6053-1 - It was discovered that PHP incorrectly handled certain invalid Blowfish password hashes. An invalid password hash could possibly allow applications to accept any password as valid, contrary to expectations.

tags | advisory, php
systems | linux, ubuntu
advisories | CVE-2023-0567
SHA-256 | 6a4bbd5373aa5388a4619a7fee3c74e536d2083b1d61ae7672757b7e3093a77d
Download | Favorite | View
Ubuntu Security Notice USN-5902-1
Posted Feb 28, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5902-1 - It was discovered that PHP incorrectly handled certain invalid Blowfish password hashes. An invalid password hash could possibly allow applications to accept any password as valid, contrary to expectations. It was discovered that PHP incorrectly handled resolving long paths. A remote attacker could possibly use this issue to obtain or modify sensitive information. It was discovered that PHP incorrectly handled a large number of parts in HTTP form uploads. A remote attacker could possibly use this issue to cause PHP to consume resources, leading to a denial of service.

tags | advisory, remote, web, denial of service, php
systems | linux, ubuntu
advisories | CVE-2023-0567, CVE-2023-0568, CVE-2023-0662
SHA-256 | d6874c5afe37c2500fc7824d66b24af765e7c0d843c7aa5688092c11c7e428fe
Download | Favorite | View
Debian Security Advisory 5363-1
Posted Feb 27, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5363-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in denial of service or incorrect validation of BCrypt hashes.

tags | advisory, denial of service, php
systems | linux, debian
advisories | CVE-2022-31631, CVE-2023-0567, CVE-2023-0568, CVE-2023-0662
SHA-256 | 7ae7c33c3e28b6f24a8453dc72dcd9277d8782ff1546367e81b1eee017a28724
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close