Vulnerability Details : CVE-2008-0599
Potential exploit
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.
Vulnerability category: Execute code
Products affected by CVE-2008-0599
- cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*
Threat overview for CVE-2008-0599
Top countries where our scanners detected CVE-2008-0599
Top open port discovered on systems with this issue
80
IPs affected by CVE-2008-0599 16,513
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2008-0599!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2008-0599
70.69%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-0599
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST | 2024-02-02 |
CWE ids for CVE-2008-0599
-
The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2008-0599
-
Red Hat 2008-08-07Not vulnerable. This issue did not affect the versions of PHP as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5, and Red Hat Application Stack v1. For Red Hat Application Stack v2, issue was addressed via: https://rhn.redhat.com/errata/RHSA-2008-0505.html
References for CVE-2008-0599
-
http://secunia.com/advisories/31326
About Secunia Research | FlexeraBroken Link
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/42137
PHP init_request_info() code execution CVE-2008-0599 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://secunia.com/advisories/30345
About Secunia Research | FlexeraBroken Link;Vendor Advisory
-
http://www.vupen.com/english/advisories/2008/1810/references
Webmail: access your OVH emails on ovhcloud.com | OVHcloudBroken Link
-
http://marc.info/?l=bugtraq&m=124654546101607&w=2
'[security bulletin] HPSBUX02431 SSRT090085 rev.1 - HP-UX Running Apache Web Server Suite, Remote Den' - MARCMailing List
-
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html
[SECURITY] Fedora 8 Update: php-5.2.6-2.fc8Mailing List
-
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176
Broken Link
-
http://www.kb.cert.org/vuls/id/147027
VU#147027 - PHP path translation vulnerabilityThird Party Advisory;US Government Resource
-
http://marc.info/?l=bugtraq&m=125631037611762&w=2
'[security bulletin] HPSBUX02465 SSRT090192 rev.1 - HP-UX Running Apache-based Web Server, Remote Den' - MARCMailing List
-
http://secunia.com/advisories/30828
About Secunia Research | FlexeraBroken Link
-
http://secunia.com/advisories/30757
About Secunia Research | FlexeraBroken Link
-
http://secunia.com/advisories/30083
About Secunia Research | FlexeraBroken Link
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01476437
Broken Link
-
http://www.vupen.com/english/advisories/2008/2268
Webmail: access your OVH emails on ovhcloud.com | OVHcloudBroken Link
-
http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
Mailing List
-
http://secunia.com/advisories/30048
About Secunia Research | FlexeraBroken Link;Vendor Advisory
-
http://secunia.com/advisories/35650
About Secunia Research | FlexeraBroken Link
-
http://www.mandriva.com/security/advisories?name=MDVSA-2008:128
MandrivaBroken Link
-
http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.267.2.15.2.50.2.12&r2=1.267.2.15.2.50.2.13&diff_format=u
Broken Link;Exploit
-
http://security.gentoo.org/glsa/glsa-200811-05.xml
PHP: Multiple vulnerabilities (GLSA 200811-05) — Gentoo securityThird Party Advisory
-
https://issues.rpath.com/browse/RPL-2503
Broken Link
-
http://secunia.com/advisories/30616
About Secunia Research | FlexeraBroken Link
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5510
404 Not FoundBroken Link
-
http://www.securitytracker.com/id?1019958
Broken Link;Third Party Advisory;VDB Entry
-
http://www.mandriva.com/security/advisories?name=MDVSA-2008:127
MandrivaBroken Link
-
http://www.securityfocus.com/archive/1/492535/100/0/threaded
Broken Link;Third Party Advisory;VDB Entry
-
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.488951
The Slackware Linux Project: Slackware Security AdvisoriesBroken Link
-
http://www.openwall.com/lists/oss-security/2008/05/02/2
oss-security - CVE Request (PHP)Mailing List
-
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.html
[SECURITY] Fedora 9 Update: php-5.2.6-2.fc9Mailing List
-
http://www.php.net/ChangeLog-5.php
PHP: PHP 5 ChangeLogRelease Notes
-
http://www.ubuntu.com/usn/usn-628-1
USN-628-1: PHP vulnerabilities | Ubuntu security notices | UbuntuThird Party Advisory
-
http://www.vupen.com/english/advisories/2008/1412
Webmail: access your OVH emails on ovhcloud.com | OVHcloudBroken Link
-
http://www.securityfocus.com/bid/29009
Broken Link;Third Party Advisory;VDB Entry
-
http://secunia.com/advisories/32746
About Secunia Research | FlexeraBroken Link
-
http://secunia.com/advisories/31200
About Secunia Research | FlexeraBroken Link
-
http://www.redhat.com/support/errata/RHSA-2008-0505.html
SupportBroken Link
Jump to