Vulnerability Details : CVE-2014-0185
Potential exploit
sapi/fpm/fpm/fpm_unix.c in the FastCGI Process Manager (FPM) in PHP before 5.4.28 and 5.5.x before 5.5.12 uses 0666 permissions for the UNIX socket, which allows local users to gain privileges via a crafted FastCGI client.
Products affected by CVE-2014-0185
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
Threat overview for CVE-2014-0185
Top countries where our scanners detected CVE-2014-0185
Top open port discovered on systems with this issue
80
IPs affected by CVE-2014-0185 214,936
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2014-0185!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2014-0185
0.08%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 25 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-0185
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2014-0185
-
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-0185
-
https://bugzilla.redhat.com/show_bug.cgi?id=1092815
1092815 – (CVE-2014-0185) CVE-2014-0185 php: insecure default permissions on the FPM unix socketIssue Tracking;Third Party Advisory
-
http://secunia.com/advisories/59329
Sign inThird Party Advisory
-
https://hoffmann-christian.info/files/php-fpm/0001-Fix-bug-67060-use-default-mode-of-660.patch
Patch;Third Party Advisory
-
https://github.com/php/php-src/commit/35ceea928b12373a3b1e3eecdc32ed323223a40d
Fix bug #67060: use default mode of 660 · php/php-src@35ceea9 · GitHubExploit;Patch;Third Party Advisory
-
http://support.apple.com/kb/HT6443
About the security content of OS X Mavericks v10.9.5 and Security Update 2014-004 - Apple SupportThird Party Advisory
-
http://www.openwall.com/lists/oss-security/2014/04/29/5
oss-security - Fwd: [vs] php-fpm: privilege escalation due to insecure default config (CVE-2014-0185)Mailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-updates/2015-10/msg00012.html
openSUSE-SU-2015:1685-1: moderate: Security update for froxlorMailing List;Third Party Advisory
-
https://bugs.php.net/bug.php?id=67060
PHP :: Sec Bug #67060 :: sapi/fpm: possible privilege escalation due to insecure default configurationVendor Advisory
-
https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1307027
Bug #1307027 “php5-fpm: Possible privilege escalation due to ins...” : Bugs : php5 package : UbuntuThird Party Advisory
-
http://secunia.com/advisories/59061
Sign inThird Party Advisory
-
http://www.php.net/archive/2014.php#id2014-05-01-1
PHP: News Archive - 2014Vendor Advisory
-
http://www.php.net/ChangeLog-5.php
PHP: PHP 5 ChangeLogVendor Advisory
Jump to