Think you have a false positive on this rule?

Sid 1-31460

Message

SERVER-WEBAPP PHP DNS parsing heap overflow attempt

Summary

Heap-based buffer overflow in the phpparserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record, related to the dnsget_record function.

Impact

CVSS base score 5.1 CVSS impact score 6.4 CVSS exploitability score 4.9 confidentialityImpact PARTIAL integrityImpact PARTIAL availabilityImpact PARTIAL

CVE-2014-4049:

CVSS base score 5.1

CVSS impact score 6.4

CVSS exploitability score 4.9

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Detailed information

CVE-2014-4049: Heap-based buffer overflow in the phpparserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record, related to the dnsget_record function.

Affected systems

  • php php 5.6.0
  • novell opensuse 11.3

Ease of attack

CVE-2014-4049:

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

False positives

None known

False negatives

None known

Corrective action

Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References

  • bugs.php.net/bug.php?id=67432