CVE-2008-2050

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2008-2050
Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact and attack vectors.

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/fastcgi.c?r1=1.44&r2=1.45&diff_format=u Exploit
http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html
http://secunia.com/advisories/30048 Vendor Advisory
http://secunia.com/advisories/30083 Vendor Advisory
http://secunia.com/advisories/30158 Vendor Advisory
http://secunia.com/advisories/30345 Vendor Advisory
http://secunia.com/advisories/30967 Vendor Advisory
http://secunia.com/advisories/31200 Vendor Advisory
http://secunia.com/advisories/31326 Vendor Advisory
http://secunia.com/advisories/32746
http://security.gentoo.org/glsa/glsa-200811-05.xml
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176
http://www.debian.org/security/2008/dsa-1572 Patch
http://www.mandriva.com/security/advisories?name=MDVSA-2009:022
http://www.mandriva.com/security/advisories?name=MDVSA-2009:023
http://www.openwall.com/lists/oss-security/2008/05/02/2
http://www.php.net/ChangeLog-5.php Patch Vendor Advisory
http://www.securityfocus.com/archive/1/492535/100/0/threaded
http://www.securityfocus.com/bid/29009 Patch
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.488951
http://www.ubuntu.com/usn/usn-628-1
http://www.vupen.com/english/advisories/2008/1412 Vendor Advisory
http://www.vupen.com/english/advisories/2008/2268 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/42133
https://issues.rpath.com/browse/RPL-2503
http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/fastcgi.c?r1=1.44&r2=1.45&diff_format=u Exploit
http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html
http://secunia.com/advisories/30048 Vendor Advisory
http://secunia.com/advisories/30083 Vendor Advisory
http://secunia.com/advisories/30158 Vendor Advisory
http://secunia.com/advisories/30345 Vendor Advisory
http://secunia.com/advisories/30967 Vendor Advisory
http://secunia.com/advisories/31200 Vendor Advisory
http://secunia.com/advisories/31326 Vendor Advisory
http://secunia.com/advisories/32746
http://security.gentoo.org/glsa/glsa-200811-05.xml
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176
http://www.debian.org/security/2008/dsa-1572 Patch
http://www.mandriva.com/security/advisories?name=MDVSA-2009:022
http://www.mandriva.com/security/advisories?name=MDVSA-2009:023
http://www.openwall.com/lists/oss-security/2008/05/02/2
http://www.php.net/ChangeLog-5.php Patch Vendor Advisory
http://www.securityfocus.com/archive/1/492535/100/0/threaded
http://www.securityfocus.com/bid/29009 Patch
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.488951
http://www.ubuntu.com/usn/usn-628-1
http://www.vupen.com/english/advisories/2008/1412 Vendor Advisory
http://www.vupen.com/english/advisories/2008/2268 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/42133
https://issues.rpath.com/browse/RPL-2503
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*
History

21 Nov 2024, 00:45

Type Values Removed Values Added
References () http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/fastcgi.c?r1=1.44&r2=1.45&diff_format=u - Exploit () http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/fastcgi.c?r1=1.44&r2=1.45&diff_format=u - Exploit
References () http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html - () http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html -
References () http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html - () http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html -
References () http://secunia.com/advisories/30048 - Vendor Advisory () http://secunia.com/advisories/30048 - Vendor Advisory
References () http://secunia.com/advisories/30083 - Vendor Advisory () http://secunia.com/advisories/30083 - Vendor Advisory
References () http://secunia.com/advisories/30158 - Vendor Advisory () http://secunia.com/advisories/30158 - Vendor Advisory
References () http://secunia.com/advisories/30345 - Vendor Advisory () http://secunia.com/advisories/30345 - Vendor Advisory
References () http://secunia.com/advisories/30967 - Vendor Advisory () http://secunia.com/advisories/30967 - Vendor Advisory
References () http://secunia.com/advisories/31200 - Vendor Advisory () http://secunia.com/advisories/31200 - Vendor Advisory
References () http://secunia.com/advisories/31326 - Vendor Advisory () http://secunia.com/advisories/31326 - Vendor Advisory
References () http://secunia.com/advisories/32746 - () http://secunia.com/advisories/32746 -
References () http://security.gentoo.org/glsa/glsa-200811-05.xml - () http://security.gentoo.org/glsa/glsa-200811-05.xml -
References () http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176 - () http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176 -
References () http://www.debian.org/security/2008/dsa-1572 - Patch () http://www.debian.org/security/2008/dsa-1572 - Patch
References () http://www.mandriva.com/security/advisories?name=MDVSA-2009:022 - () http://www.mandriva.com/security/advisories?name=MDVSA-2009:022 -
References () http://www.mandriva.com/security/advisories?name=MDVSA-2009:023 - () http://www.mandriva.com/security/advisories?name=MDVSA-2009:023 -
References () http://www.openwall.com/lists/oss-security/2008/05/02/2 - () http://www.openwall.com/lists/oss-security/2008/05/02/2 -
References () http://www.php.net/ChangeLog-5.php - Patch, Vendor Advisory () http://www.php.net/ChangeLog-5.php - Patch, Vendor Advisory
References () http://www.securityfocus.com/archive/1/492535/100/0/threaded - () http://www.securityfocus.com/archive/1/492535/100/0/threaded -
References () http://www.securityfocus.com/bid/29009 - Patch () http://www.securityfocus.com/bid/29009 - Patch
References () http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.488951 - () http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.488951 -
References () http://www.ubuntu.com/usn/usn-628-1 - () http://www.ubuntu.com/usn/usn-628-1 -
References () http://www.vupen.com/english/advisories/2008/1412 - Vendor Advisory () http://www.vupen.com/english/advisories/2008/1412 - Vendor Advisory
References () http://www.vupen.com/english/advisories/2008/2268 - Vendor Advisory () http://www.vupen.com/english/advisories/2008/2268 - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/42133 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/42133 -
References () https://issues.rpath.com/browse/RPL-2503 - () https://issues.rpath.com/browse/RPL-2503 -
Information

Published : 2008-05-05 17:20

Updated : 2024-11-21 00:45

NVD link : CVE-2008-2050

Mitre link : CVE-2008-2050

CVE.ORG link : CVE-2008-2050

JSON object : View

Products Affected

php

  • php
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024