#VU529 Arbitrary code execution in PHP-Nuke - CVE-2016-7411

Cybersecurity Help s.r.o.

Published: 2016-09-19 | Updated: 2016-09-20

Vulnerability identifier: #VU529

Vulnerability risk: High

CVSSv4.0: 7.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Amber]

CVE-ID: CVE-2016-7411

CWE-ID: CWE-284

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
PHP-Nuke
Web applications / CMS

Vendor: Phpnuke.org

Description
The vulnerability allows a remote or local user to cause arbitrary code execution on the target system.
The weakness is caused by deserialized object destruction that may result in memory corruption error and allows a malicious user to execute arbitrary code.
Successful explotation of the vulnerability may result in arbitrary code execution on the vulnerable system.

Mitigation
Update to 5.6.26.
http://php.net/ChangeLog-5.php#5.6.26
Update to 7.0.11.
http://php.net/ChangeLog-7.php#7.0.11

Vulnerable software versions

PHP-Nuke: 5.6

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

SUSE Linux update for php5

Arbitrary code execution in php (Alpine package)

OpenSUSE Linux update for php5

SUSE Linux update for php5

SUSE Linux update for php53

OpenSUSE Linux update for php5

Slackware Linux update for php

Arch Linux update for php