PHP DNS TXT Record Handling CVE-2014-3597 Heap Buffer Overflow Vulnerability

Bugtraq ID:	69322
Class:	Boundary Condition Error
CVE:	CVE-2014-3597
Remote:	Yes
Local:	No
Published:	Aug 21 2014 12:00AM
Updated:	May 07 2015 05:33PM
Credit:	David Kutalek from Red Hat
Vulnerable:	Ubuntu Ubuntu Linux 14.04 LTS Ubuntu Ubuntu Linux 12.04 LTS i386 Ubuntu Ubuntu Linux 12.04 LTS amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 Slackware Slackware Linux 14.1 Slackware Slackware Linux 14.0 Slackware Slackware Linux 13.37 Slackware Slackware Linux 13.1 Slackware Slackware Linux 13.0 PHP PHP 5.4.31 Oracle Enterprise Linux 7 Oracle Enterprise Linux 6.2 Oracle Enterprise Linux 6 Mandriva Business Server 1 X86 64 Mandriva Business Server 1 IBM Security Network Intrusion Prevention System GX7800 4.6.2 IBM Security Network Intrusion Prevention System GX7800 4.6.1 IBM Security Network Intrusion Prevention System GX7800 4.6 IBM Security Network Intrusion Prevention System GX7800 4.5 IBM Security Network Intrusion Prevention System GX7800 4.4 IBM Security Network Intrusion Prevention System GX7800 4.3 IBM Security Network Intrusion Prevention System GX7412-10 4.6.2 IBM Security Network Intrusion Prevention System GX7412-10 4.6.1 IBM Security Network Intrusion Prevention System GX7412-10 4.6 IBM Security Network Intrusion Prevention System GX7412-10 4.5 IBM Security Network Intrusion Prevention System GX7412-10 4.4 IBM Security Network Intrusion Prevention System GX7412-10 4.3 IBM Security Network Intrusion Prevention System GX7412-05 4.6.2 IBM Security Network Intrusion Prevention System GX7412-05 4.6.1 IBM Security Network Intrusion Prevention System GX7412-05 4.6 IBM Security Network Intrusion Prevention System GX7412-05 4.5 IBM Security Network Intrusion Prevention System GX7412-05 4.4 IBM Security Network Intrusion Prevention System GX7412-05 4.3 IBM Security Network Intrusion Prevention System GX7412 4.6.2 IBM Security Network Intrusion Prevention System GX7412 4.6.1 IBM Security Network Intrusion Prevention System GX7412 4.6 IBM Security Network Intrusion Prevention System GX7412 4.5 IBM Security Network Intrusion Prevention System GX7412 4.4 IBM Security Network Intrusion Prevention System GX7412 4.3 IBM Security Network Intrusion Prevention System GX6116 4.6.2 IBM Security Network Intrusion Prevention System GX6116 4.6.1 IBM Security Network Intrusion Prevention System GX6116 4.6 IBM Security Network Intrusion Prevention System GX6116 4.5 IBM Security Network Intrusion Prevention System GX6116 4.4 IBM Security Network Intrusion Prevention System GX6116 4.3 IBM Security Network Intrusion Prevention System GX5208-v2 4.6.2 IBM Security Network Intrusion Prevention System GX5208-v2 4.6.1 IBM Security Network Intrusion Prevention System GX5208-v2 4.6 IBM Security Network Intrusion Prevention System GX5208-v2 4.5 IBM Security Network Intrusion Prevention System GX5208-v2 4.4 IBM Security Network Intrusion Prevention System GX5208-v2 4.3 IBM Security Network Intrusion Prevention System GX5208 4.6.2 IBM Security Network Intrusion Prevention System GX5208 4.6.1 IBM Security Network Intrusion Prevention System GX5208 4.6 IBM Security Network Intrusion Prevention System GX5208 4.5 IBM Security Network Intrusion Prevention System GX5208 4.4 IBM Security Network Intrusion Prevention System GX5208 4.3 IBM Security Network Intrusion Prevention System GX5108-v2 4.6.2 IBM Security Network Intrusion Prevention System GX5108-v2 4.6.1 IBM Security Network Intrusion Prevention System GX5108-v2 4.6 IBM Security Network Intrusion Prevention System GX5108-v2 4.5 IBM Security Network Intrusion Prevention System GX5108-v2 4.4 IBM Security Network Intrusion Prevention System GX5108-v2 4.3 IBM Security Network Intrusion Prevention System GX5108 4.6.2 IBM Security Network Intrusion Prevention System GX5108 4.6.1 IBM Security Network Intrusion Prevention System GX5108 4.6 IBM Security Network Intrusion Prevention System GX5108 4.5 IBM Security Network Intrusion Prevention System GX5108 4.4 IBM Security Network Intrusion Prevention System GX5108 4.3 IBM Security Network Intrusion Prevention System GX5008-v2 4.6.2 IBM Security Network Intrusion Prevention System GX5008-v2 4.6.1 IBM Security Network Intrusion Prevention System GX5008-v2 4.6 IBM Security Network Intrusion Prevention System GX5008-v2 4.5 IBM Security Network Intrusion Prevention System GX5008-v2 4.4 IBM Security Network Intrusion Prevention System GX5008-v2 4.3 IBM Security Network Intrusion Prevention System GX5008 4.6.2 IBM Security Network Intrusion Prevention System GX5008 4.6.1 IBM Security Network Intrusion Prevention System GX5008 4.6 IBM Security Network Intrusion Prevention System GX5008 4.5 IBM Security Network Intrusion Prevention System GX5008 4.4 IBM Security Network Intrusion Prevention System GX5008 4.3 IBM Security Network Intrusion Prevention System GX4004-v2 4.6.2 IBM Security Network Intrusion Prevention System GX4004-v2 4.6.1 IBM Security Network Intrusion Prevention System GX4004-v2 4.6 IBM Security Network Intrusion Prevention System GX4004-v2 4.5 IBM Security Network Intrusion Prevention System GX4004-v2 4.4 IBM Security Network Intrusion Prevention System GX4004-v2 4.3 IBM Security Network Intrusion Prevention System GX4004 4.6.2 IBM Security Network Intrusion Prevention System GX4004 4.6.1 IBM Security Network Intrusion Prevention System GX4004 4.6 IBM Security Network Intrusion Prevention System GX4004 4.5 IBM Security Network Intrusion Prevention System GX4004 4.4 IBM Security Network Intrusion Prevention System GX4004 4.3 IBM Security Network Intrusion Prevention System GX4002 4.6.2 IBM Security Network Intrusion Prevention System GX4002 4.6.1 IBM Security Network Intrusion Prevention System GX4002 4.6 IBM Security Network Intrusion Prevention System GX4002 4.5 IBM Security Network Intrusion Prevention System GX4002 4.4 IBM Security Network Intrusion Prevention System GX4002 4.3 IBM Security Network Intrusion Prevention System GX3002 4.6.2 IBM Security Network Intrusion Prevention System GX3002 4.6.1 IBM Security Network Intrusion Prevention System GX3002 4.6 IBM Security Network Intrusion Prevention System GX3002 4.5 IBM Security Network Intrusion Prevention System GX3002 4.4 IBM Security Network Intrusion Prevention System GX3002 4.3 IBM Security Network Intrusion Prevention System GV200 4.6.2 IBM Security Network Intrusion Prevention System GV200 4.6.1 IBM Security Network Intrusion Prevention System GV200 4.6 IBM Security Network Intrusion Prevention System GV200 4.5 IBM Security Network Intrusion Prevention System GV200 4.4 IBM Security Network Intrusion Prevention System GV200 4.3 IBM Security Network Intrusion Prevention System GV1000 4.6.2 IBM Security Network Intrusion Prevention System GV1000 4.6.1 IBM Security Network Intrusion Prevention System GV1000 4.6 IBM Security Network Intrusion Prevention System GV1000 4.5 IBM Security Network Intrusion Prevention System GV1000 4.4 IBM Security Network Intrusion Prevention System GV1000 4.3 Gentoo Linux Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 CentOS CentOS 6 Avaya IP Office Server Edition 9.0 Avaya IP Office Server Edition 8.1 Avaya IP Office Application Server 9.0 Avaya Aura Session Manager 5.2.4 Avaya Aura Session Manager 5.2.1 Avaya Aura Session Manager 5.2 SP2 Avaya Aura Session Manager 5.2 SP1 Avaya Aura Session Manager 5.2 Avaya Aura Session Manager 5.0 Avaya Aura Experience Portal 6.0.2 + Avaya Communication Manager Server DEFINITY Server SI/CS + Avaya Communication Manager Server S8100 + Avaya Communication Manager Server S8300 + Avaya Communication Manager Server S8500 + Avaya Communication Manager Server S8700 Avaya Aura Experience Portal 6.0.1 Avaya Aura Experience Portal 7.0 Avaya Aura Experience Portal 6.0 + Avaya Communication Manager Server DEFINITY Server SI/CS + Avaya Communication Manager Server S8100 + Avaya Communication Manager Server S8300 + Avaya Communication Manager Server S8500 + Avaya Communication Manager Server S8700 Avaya Aura Conferencing 8.0 Avaya Aura Communication Manager Utility Services 6.3 Avaya Aura Communication Manager Utility Services 6.2.5.0.15 Avaya Aura Communication Manager Utility Services 6.2.4.0.15 Avaya Aura Communication Manager Utility Services 6.2 Avaya Aura Communication Manager Utility Services 6.1.0.9.8 Avaya Aura Communication Manager Utility Services 6.1 SP 6.1.0.9.8 Avaya Aura Communication Manager Utility Services 6.1 + Avaya Communication Manager Server DEFINITY Server SI/CS + Avaya Communication Manager Server S8100 + Avaya Communication Manager Server S8300 + Avaya Communication Manager Server S8500 + Avaya Communication Manager Server S8700 Avaya Aura Communication Manager Utility Services 6.0 Apple Mac OS X 10.9.5 Apple Mac OS X 10.8.5 Apple Mac OS X 10.10.2 Apple Mac OS X 10.10.1 Apple Mac OS X 10.10
Not Vulnerable:	Apple Mac Os X 10.10.3

PHP DNS TXT Record Handling CVE-2014-3597 Heap Buffer Overflow Vulnerability

PHP is prone to a remote heap-based buffer-overflow vulnerability because it fails to adequately bounds check user-supplied data before copying it into an insufficiently sized buffer.

Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions.

Note: This issue is the result of an incomplete fix for the issue described in 68007 (PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability).

PHP DNS TXT Record Handling CVE-2014-3597 Heap Buffer Overflow Vulnerability

References:

• PHP Homepage (PHP)
  
• Sec Bug #67717 segfault in dns_get_record (PHP)
  
• php53 and php security update (RHSA-2014-1326) (Avaya)
  
• Security Bulletin: Network Intrusion Prevention System is affected by multiple D (IBM)