CVE-2019-11043

Name
CVE-2019-11043
Description
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
NVD Severity
high
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Exploit https://github.com/neex/phuip-fpizdam
Exploit https://bugs.php.net/bug.php?id=78599
Third Party Advisory https://usn.ubuntu.com/4166-1/
Third Party Advisory https://usn.ubuntu.com/4166-2/
Third Party Advisory https://www.debian.org/security/2019/dsa-4553
Third Party Advisory https://www.debian.org/security/2019/dsa-4552
CONFIRM https://support.f5.com/csp/article/K75408500?utm_source=f5support&utm_medium=RSS
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/
CONFIRM https://security.netapp.com/advisory/ntap-20191031-0003/
REDHAT https://access.redhat.com/errata/RHSA-2019:3287
REDHAT https://access.redhat.com/errata/RHSA-2019:3286
REDHAT https://access.redhat.com/errata/RHSA-2019:3299
REDHAT https://access.redhat.com/errata/RHSA-2019:3300
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/
SUSE http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html
REDHAT https://access.redhat.com/errata/RHSA-2019:3724
REDHAT https://access.redhat.com/errata/RHSA-2019:3735
REDHAT https://access.redhat.com/errata/RHSA-2019:3736
CONFIRM https://www.synology.com/security/advisory/Synology_SA_19_36
SUSE http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html
CONFIRM https://support.apple.com/kb/HT210919
BUGTRAQ https://seclists.org/bugtraq/2020/Jan/44
FULLDISC http://seclists.org/fulldisclosure/2020/Jan/40
REDHAT https://access.redhat.com/errata/RHSA-2020:0322
MISC http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html
CONFIRM https://www.tenable.com/security/tns-2021-14

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:php:php:*:*:*:*:*:*:*:* php >= 7.1.0 < 7.1.33
cpe:2.3:a:php:php:*:*:*:*:*:*:*:* php >= 7.3.0 < 7.3.11
cpe:2.3:a:php:php:*:*:*:*:*:*:*:* php >= 7.2.0 < 7.2.24

Vulnerable and fixed packages

Source package Branch Version Maintainer Status