Slackware Linux update for php
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2018-5712 CVE-2018-10549 CVE-2018-10546 CVE-2018-10548 CVE-2018-10547 |
| CWE-ID | CWE-79 CWE-119 CWE-835 CWE-300 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #3 is available. |
| Vulnerable software Subscribe |
Slackware Linux Operating systems & Components / Operating system |
| Vendor | Slackware |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Reflected cross-site scripting
EUVDB-ID: #VU10389
Risk: Low
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-5712
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists on the PHAR 404 error page due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
Update the affected package php.
Vulnerable software versionsSlackware Linux: 14.0 - 14.2
CPE2.3- cpe:2.3:o:slackware:slackware_linux:14.2:*:*:*:*:*:*:
- cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:
- cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.411881
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Memory corruption
EUVDB-ID: #VU12258
Risk: Low
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-10549
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in exif_read_data() function due to an out-of-bounds read while processing crafted JPEG data. A remote attacker can supply a specially image file, trigger heap-based buffer overflow in exif_iif_add_value and cause the service to crash.
Update the affected package php.
Vulnerable software versionsSlackware Linux: 14.0 - 14.2
CPE2.3- cpe:2.3:o:slackware:slackware_linux:14.2:*:*:*:*:*:*:
- cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:
- cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.411881
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Infinite loop
EUVDB-ID: #VU12257
Risk: Low
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-10546
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to infinite loop. A remote attacker can use a stream filter with convert.iconv and not enough input bytes, trigger an infinite loop, one CPU Core at 100% and cause the service to crash.
Update the affected package php.
Vulnerable software versionsSlackware Linux: 14.0 - 14.2
CPE2.3- cpe:2.3:o:slackware:slackware_linux:14.2:*:*:*:*:*:*:
- cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:
- cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.411881
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
4) Man-in-the-middle attack
EUVDB-ID: #VU12256
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-10548
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the ext/ldap/ldap.c source code file due to improper handling of return values from the ldap_get_dn function. A remote attacker can use man-in-the middle techniques to trigger ldap_get_dn() to return a NULL pointer and cause ldap_get_entries() because add_assoc_string() to crash.
Update the affected package php.
Vulnerable software versionsSlackware Linux: 14.0 - 14.2
CPE2.3- cpe:2.3:o:slackware:slackware_linux:14.2:*:*:*:*:*:*:
- cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:
- cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.411881
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Cross-site scripting
EUVDB-ID: #VU12327
Risk: Low
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-10547
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists in the phar_do_404() and phar_do_403() functions due to insufficient sanitization of user-supplied data processed by the phar_do_404() and phar_do_403() functions, as defined in the ext/phar/phar_object.c source code file. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
The vulnerability exists due to an incomplete fix for CVE-2018-5712.
MitigationUpdate the affected package php.
Vulnerable software versionsSlackware Linux: 14.0 - 14.2
CPE2.3- cpe:2.3:o:slackware:slackware_linux:14.2:*:*:*:*:*:*:
- cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:
- cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.411881
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
