Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:PHP:PHPZIPURL

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 PHP ZIP URL Wrapper Stack Overflow

Release Date

 2009/03/12

Update Number

 1385

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: PHP ZIP URL Wrapper Stack Overflow


This signature detects attempts to exploit a known vulnerability in the PHP. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the affected application.

Extended Description

PHP is prone to a remote stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Exploiting this issue may allow attackers to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely result in a denial-of-service condition. This issue affects PHP 5.2.0 and PHP with PECL ZIP <= 1.8.3.

Affected Products

  • Debian Linux 4.0
  • Debian Linux 4.0 Alpha
  • Debian Linux 4.0 Amd64
  • Debian Linux 4.0 Arm
  • Debian Linux 4.0 Hppa
  • Debian Linux 4.0 Ia-32
  • Debian Linux 4.0 Ia-64
  • Debian Linux 4.0 M68k
  • Debian Linux 4.0 Mips
  • Debian Linux 4.0 Mipsel
  • Debian Linux 4.0 Powerpc
  • Debian Linux 4.0 S/390
  • Debian Linux 4.0 Sparc
  • Mandriva Corporate Server 3.0.0
  • Mandriva Corporate Server 3.0.0 X86 64
  • Mandriva Corporate Server 4.0
  • Mandriva Corporate Server 4.0.0 X86 64
  • Mandriva Linux Mandrake 2007.0
  • Mandriva Linux Mandrake 2007.0 X86 64
  • Mandriva Linux Mandrake 2007.1
  • Mandriva Linux Mandrake 2007.1 X86 64
  • Mandriva Multi Network Firewall 2.0.0
  • PHP PECL ZIP 1.8.3
  • PHP 5.2
  • SuSE Linux Personal 10.0.0 OSS
  • SuSE Linux Personal 10.1
  • SuSE Linux Personal 9.3.0
  • SuSE Linux Personal 9.3.0 X86 64
  • SuSE Linux Professional 10.0.0 OSS
  • SuSE Linux Professional 10.1
  • SuSE Linux Professional 9.3.0
  • SuSE Linux Professional 9.3.0 X86 64
  • SuSE Novell Linux Desktop 9.0.0
  • SuSE Open-Enterprise-Server
  • SuSE openSUSE 10.2
  • SuSE SUSE Linux Enterprise SDK 10
  • SuSE SUSE Linux Enterprise Server 10
  • SuSE SUSE Linux Enterprise Server 8
  • SuSE SUSE Linux Enterprise Server 9
  • SuSE SuSE Linux Openexchange Server 4.0.0
  • SuSE SUSE LINUX Retail Solution 8.0.0
  • SuSE SuSE Linux School Server for i386
  • SuSE SuSE Linux Standard Server 8.0.0
  • SuSE UnitedLinux 1.0.0

References

  • BugTraq: 22883
  • CVE: CVE-2007-1399
  • URL: http://www.php-security.org/MOPB/MOPB-16-2007.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out