Vulnerability CVE-2017-11143

Vulnerability Name:

CVE-2017-11143 (CCN-129130)

Assigned:

2017-07-06

Published:

2017-07-06

Updated:

2018-05-04

Summary:

In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wddx/wddx.c.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-502
CWE-416

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2017-11143

Source: CCN
Type: oss-sec Mailing List, Mon, 10 Jul 2017 13:33:53 +0200
Re: CVE IDs needed for PHP vulnerabilites (affects 5.6.30 and 7.0.20)

Source: CONFIRM
Type: Mailing List, Patch, Third Party Advisory
http://openwall.com/lists/oss-security/2017/07/10/6

Source: CCN
Type: PHP Web site
Version 5.6.31

Source: CONFIRM
Type: Release Notes, Vendor Advisory
http://php.net/ChangeLog-5.php

Source: CCN
Type: PHP Web site
Version 7.1.7

Source: BID
Type: UNKNOWN
99553

Source: CCN
Type: BID-99553
PHP CVE-2017-11143 Denial of Service Vulnerability

Source: REDHAT
Type: UNKNOWN
RHSA-2018:1296

Source: CCN
Type: PHP Sec Bug #74145
wddx parsing empty boolean tag leads to SIGSEGV

Source: CONFIRM
Type: Issue Tracking, Patch, Vendor Advisory
https://bugs.php.net/bug.php?id=74145

Source: XF
Type: UNKNOWN
php-cve201711143-dos(129130)

Source: CONFIRM
Type: Issue Tracking, Patch, Third Party Advisory
https://git.php.net/?p=php-src.git;a=commit;h=2aae60461c2ff7b7fbcdd194c789ac841d0747d7

Source: CONFIRM
Type: UNKNOWN
https://security.netapp.com/advisory/ntap-20180112-0001/

Source: DEBIAN
Type: UNKNOWN
DSA-4081

Source: CONFIRM
Type: UNKNOWN
https://www.tenable.com/security/tns-2017-12

Vulnerable Configuration:

Configuration 1:

cpe:/a:php:php:*:*:*:*:*:*:*:* (Version <= 5.6.30)

Configuration CCN 1:

cpe:/a:php:php:5.6.30:-:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201711143	V	CVE-2017-11143	2022-09-02
oval:org.opensuse.security:def:10438	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:10371	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:38680	P	Security update for OpenEXR (Moderate)	2021-12-01
oval:org.opensuse.security:def:10169	P	Security update for Salt (Moderate)	2021-10-27
oval:org.opensuse.security:def:10147	P	Security update for xerces-c (Important)	2021-09-02
oval:org.opensuse.security:def:11120	P	Security update for libspf2 (Critical)	2021-08-25
oval:org.opensuse.security:def:10139	P	Security update for djvulibre (Important)	2021-08-20
oval:org.opensuse.security:def:14267	P	libopus0-1.1-3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14086	P	apache2-mod_nss-1.0.14-18.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14929	P	jakarta-taglibs-standard-1.1.1-255.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14020	P	python-requests-2.8.1-6.11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14223	P	libfreebl3-3.29.5-57.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14278	P	libproxy1-0.4.13-16.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13930	P	libmspack0-0.4-14.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14105	P	cpio-2.11-35.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14951	P	libX11-6-1.6.2-12.5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14068	P	xorg-x11-server-7.6_1.18.3-57.34 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13922	P	libldap-2_4-2-2.4.41-18.25.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14291	P	libspice-server1-0.12.8-1.17 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13952	P	libruby2_1-2_1-2.1.2-12.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14198	P	libXp6-1.0.2-3.57 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:11098	P	Security update for claws-mail (Moderate)	2021-07-16
oval:org.opensuse.security:def:10296	P	Security update for go1.15 (Important)	2021-06-30
oval:org.opensuse.security:def:10277	P	Security update for spice-gtk (Moderate)	2021-06-10
oval:org.opensuse.security:def:17291	P	pidgin-plugin-otr-4.0.2-1.29 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124640	P	php5-devel-5.5.14-109.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17033	P	pulseaudio-module-bluetooth-5.0-2.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17283	P	libvpx1-32bit-1.3.0-3.3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17206	P	libvdpau1-32bit-1.1.1-6.73 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17118	P	libfbembed2_5-2.5.2.26539-13.42 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16999	P	empathy-3.10.3-1.131 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16634	P	php5-devel-5.5.14-109.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17242	P	gwenhywfar-lang-4.9.0beta-3.3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17175	P	java-1_7_0-openjdk-plugin-1.6.2-2.8.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10262	P	Security update for curl (Moderate)	2021-05-31
oval:org.opensuse.security:def:10215	P	Security update for python-cryptography (Important)	2021-03-03
oval:org.opensuse.security:def:10396	P	Security update for php7 (Important)	2021-02-24
oval:org.opensuse.security:def:16991	P	zlib-devel-1.2.11-9.42 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17352	P	libnewt0_52-0.52.16-1.83 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17325	P	gstreamer-0_10-plugins-good-0.10.31-16.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17384	P	raptor-2.0.10-3.67 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17534	P	Security update for cups, cups154 (Moderate)	2020-12-01
oval:org.opensuse.security:def:39429	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:17475	P	Security update for freetype2 (Important)	2020-12-01
oval:org.opensuse.security:def:38162	P	cvs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10447	P	gnome-settings-daemon-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38631	P	krb5-appl-clients on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18431	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17467	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:38747	P	libxml2-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17441	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:37941	P	libpng15-15 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38412	P	logwatch on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17767	P	Security update for ldb, samba, talloc, tdb, tevent (Important)	2020-12-01
oval:org.opensuse.security:def:17644	P	Security update for elfutils (Moderate)	2020-12-01
oval:org.opensuse.security:def:39471	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:18113	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:38264	P	libXvMC1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10460	P	lhasa-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17733	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:37929	P	libopenssl-1_0_0-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17498	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:38791	P	rpcbind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17453	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:38025	P	perl-Config-IniFiles on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38572	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18405	P	Security update for nasm (Moderate)	2020-12-01
oval:org.opensuse.security:def:17410	P	Security update for the Linux Kernel (Live Patch 24 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:38719	P	libpython3_4m1_0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17676	P	Security update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:37930	P	libopenssl-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18139	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:38322	P	liblzo2-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17745	P	Security update for spice (Moderate)	2020-12-01
oval:com.ubuntu.artful:def:201711143000	V	CVE-2017-11143 on Ubuntu 17.10 (artful) - medium.	2017-07-10
oval:com.ubuntu.xenial:def:2017111430000000	V	CVE-2017-11143 on Ubuntu 16.04 LTS (xenial) - medium.	2017-07-10
oval:com.ubuntu.trusty:def:201711143000	V	CVE-2017-11143 on Ubuntu 14.04 LTS (trusty) - medium.	2017-07-10
oval:com.ubuntu.xenial:def:201711143000	V	CVE-2017-11143 on Ubuntu 16.04 LTS (xenial) - medium.	2017-07-10

BACK