Vulnerability Name:

CVE-2000-0967 (CCN-5359)

Assigned:2000-10-12
Published:2000-10-12
Updated:2018-05-03
Summary:PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: FREEBSD
Type: UNKNOWN
FreeBSD-SA-00:75

Source: CCN
Type: BugTraq Mailing List, Wed Oct 11 2000 - 18:26:11 CDT
PHP remote format string vulnerabilities

Source: BUGTRAQ
Type: UNKNOWN
20001012 Conectiva Linux Security Announcement - mod_php3

Source: CCN
Type: Conectiva Linux Announcement CLSA-2000:324
mod_php3: Logging format string vulnerability

Source: MITRE
Type: CNA
CVE-2000-0967

Source: CCN
Type: RHSA-2000-088
Updated apache

Source: ATSTAKE
Type: UNKNOWN
A101200-1

Source: CALDERA
Type: UNKNOWN
CSSA-2000-037.0

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2000:062

Source: CCN
Type: OSVDB ID: 434
PHP Error Log Format String Command Injection

Source: CCN
Type: PHP Downloads
Latest version of PHP 4.0

Source: REDHAT
Type: UNKNOWN
RHSA-2000:088

Source: REDHAT
Type: UNKNOWN
RHSA-2000:095

Source: BID
Type: Exploit, Patch, Vendor Advisory
1786

Source: CCN
Type: BID-1786
PHP Error Logging Format String Vulnerability

Source: CCN
Type: @stake, Inc. Security Advisory A101200-1
PHP3/PHP4 Logging Format String Vulnerability

Source: CCN
Type: MandrakeSoft Security Advisory MDKSA-2000:062
mod_php3

Source: XF
Type: UNKNOWN
php-logging-format-string(5359)

Source: XF
Type: UNKNOWN
php-logging-format-string(5359)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:php:php:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:php:php:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0:-:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:linux:6.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    php php 3.0
    php php 4.0
    php php 3.0
    php php 4.0 -
    redhat linux 6.2
    redhat linux 7
    redhat linux 7.1
    redhat linux 7.2
    redhat linux 7.3