CVE-2017-11144 : In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check th

In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative number in ext/openssl/openssl.c, and an OpenSSL documentation omission.

Published 2017-07-10 14:29:01

Updated 2018-05-04 01:29:03

Source MITRE

View at NVD, CVE.org

Threat overview for CVE-2017-11144

Top countries where our scanners detected CVE-2017-11144

Top open port discovered on systems with this issue 80

IPs affected by CVE-2017-11144 247,177

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2017-11144!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2017-11144

Probability of exploitation activity in the next 30 days: 1.61%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 86 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2017-11144

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial
7.5	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2017-11144

CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2017-11144

http://git.php.net/?p=php-src.git;a=commit;h=73cabfedf519298e1a11192699f44d53c529315e

208.43.231.11 Git - php-src.git/commit
Mailing List;Third Party Advisory
https://www.tenable.com/security/tns-2017-12

[R1] SecurityCenter 5.3.2, 5.4.0, 5.4.2, 5.4.5, 5.5.0, and 5.5.1 Fixes Multiple Vulnerabilities - Security Advisory | Tenable®

CVEs referencing this url
http://git.php.net/?p=php-src.git;a=commit;h=89637c6b41b510c20d262c17483f582f115c66d6

208.43.231.11 Git - php-src.git/commit
Third Party Advisory;Mailing List
http://openwall.com/lists/oss-security/2017/07/10/6

oss-security - Re: CVE IDs needed for PHP vulnerabilites (affects 5.6.30 and 7.0.20)
Mailing List

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2018:1296

RHSA-2018:1296 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://git.php.net/?p=php-src.git;a=commit;h=91826a311dd37f4c4e5d605fa7af331e80ddd4c3

208.43.231.11 Git - php-src.git/commit
Mailing List;Third Party Advisory
https://security.netapp.com/advisory/ntap-20180112-0001/

September 2017 PHP Vulnerabilities in NetApp Products | NetApp Product Security

CVEs referencing this url
https://www.debian.org/security/2018/dsa-4080

Debian -- Security Information -- DSA-4080-1 php7.0

CVEs referencing this url
https://www.debian.org/security/2018/dsa-4081

Debian -- Security Information -- DSA-4081-1 php5

CVEs referencing this url
https://bugs.php.net/bug.php?id=74651

PHP :: Sec Bug #74651 :: negative-size-param (-1) in memcpy in zif_openssl_seal()
Third Party Advisory
http://php.net/ChangeLog-7.php

PHP: PHP 7 ChangeLog
Release Notes;Vendor Advisory

CVEs referencing this url
http://php.net/ChangeLog-5.php

PHP: PHP 5 ChangeLog
Release Notes;Vendor Advisory

CVEs referencing this url

Products affected by CVE-2017-11144