QID 38881
Date Published: 2022-11-29
QID 38881: Hypertext Preprocessor (PHP) Multiple Security Vulnerabilities (81726, 81727)
PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications.
Affected versions of PHP has multiple vulnerabilities:
CVE-2022-31628 : The vulnerability exists due to infinite loop within the phar uncompressor code when processing "quines" gzip files. A remote attacker can pass a specially crafted archive to the application, consume all available system resources and cause denial of service conditions.
CVE-2022-31629: The vulnerability exists due to the way PHP handles HTTP variable names. A remote attacker can set a standard insecure cookie in the victim's browser which is treated as a '__Host-' or '__Secure-' cookie by PHP applications.
Affected Versions:
PHP versions before 7.4.31
PHP versions 8.0.0 prior to 8.0.24
PHP versions 8.1.0 prior to 8.1.11
QID Detection Logic (Unauthenticated):
This QID checks the HTTP Server header to see if the server is running a vulnerable version of PHP.
Successful exploitation of this vulnerability allows a remote attacker to perform a denial of service (DoS) attack or bypass implemented security restrictions.
For more information please refer to Sec Bug 81726 and Sec Bug 81727 .
- 81726 -
bugs.php.net/81726 - 81727 -
bugs.php.net/81727
CVEs related to QID 38881
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| 81726 |
bugs.php.net/bug.php?id=81726 |
||
| 81727 |
bugs.php.net/bug.php?id=81727 |