Vulnerability-Lookup

CVE-2009-4017 (GCVE-0-2009-4017)

Vulnerability from cvelistv5 – Published: 2009-11-24 00:00 – Updated: 2024-08-07 06:45

Summary

PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.php.net/releases/5_2_12.php	x_refsource_CONFIRM
	http://secunia.com/advisories/37482	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/40262	third-party-advisoryx_refsource_SECUNIA
	http://news.php.net/php.announce/79	mailing-listx_refsource_MLIST
	http://marc.info/?l=bugtraq&m=127680701405735&w=2	vendor-advisoryx_refsource_HP
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://secunia.com/advisories/37821	third-party-advisoryx_refsource_SECUNIA
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://www.securityfocus.com/archive/1/507982/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/41490	third-party-advisoryx_refsource_SECUNIA
	http://www.itrc.hp.com/service/cki/docDisplay.do?…	vendor-advisoryx_refsource_HP
	http://www.acunetix.com/blog/websecuritynews/php-…	x_refsource_MISC
	http://www.debian.org/security/2009/dsa-1940	vendor-advisoryx_refsource_DEBIAN
	http://www.php.net/ChangeLog-5.php	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2009/11/20/7	mailing-listx_refsource_MLIST
	http://support.apple.com/kb/HT4077	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2009/11/20/2	mailing-listx_refsource_MLIST
	http://www.php.net/releases/5_3_1.php	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2009/3593	vdb-entryx_refsource_VUPEN
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.itrc.hp.com/service/cki/docDisplay.do?…	vendor-advisoryx_refsource_HP
	http://secunia.com/advisories/41480	third-party-advisoryx_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=127680701405735&w=2	vendor-advisoryx_refsource_HP
	http://seclists.org/fulldisclosure/2009/Nov/228	mailing-listx_refsource_FULLDISC
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:45:50.952Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:6667",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6667"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/releases/5_2_12.php"
          },
          {
            "name": "37482",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37482"
          },
          {
            "name": "40262",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40262"
          },
          {
            "name": "[php-announce] 20091119 5.3.1 Release announcement",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://news.php.net/php.announce/79"
          },
          {
            "name": "HPSBUX02543",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=127680701405735\u0026w=2"
          },
          {
            "name": "MDVSA-2009:305",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:305"
          },
          {
            "name": "37821",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37821"
          },
          {
            "name": "APPLE-SA-2010-03-29-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
          },
          {
            "name": "20091120 PHP \"multipart/form-data\" denial of service",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/507982/100/0/threaded"
          },
          {
            "name": "41490",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41490"
          },
          {
            "name": "HPSBMA02568",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.acunetix.com/blog/websecuritynews/php-multipartform-data-denial-of-service/"
          },
          {
            "name": "DSA-1940",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1940"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/ChangeLog-5.php"
          },
          {
            "name": "[oss-security] 20091120 Re: CVE request: php 5.3.1 update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/11/20/7"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4077"
          },
          {
            "name": "[oss-security] 20091120 CVE request: php 5.3.1 update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/11/20/2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/releases/5_3_1.php"
          },
          {
            "name": "ADV-2009-3593",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3593"
          },
          {
            "name": "oval:org.mitre.oval:def:10483",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10483"
          },
          {
            "name": "SSRT100219",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
          },
          {
            "name": "41480",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41480"
          },
          {
            "name": "SSRT100152",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=127680701405735\u0026w=2"
          },
          {
            "name": "20091120 PHP \"multipart/form-data\" denial of service",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2009/Nov/228"
          },
          {
            "name": "MDVSA-2009:303",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:303"
          },
          {
            "name": "php-multipart-formdata-dos(54455)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54455"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-11-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:6667",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6667"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/releases/5_2_12.php"
        },
        {
          "name": "37482",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37482"
        },
        {
          "name": "40262",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40262"
        },
        {
          "name": "[php-announce] 20091119 5.3.1 Release announcement",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://news.php.net/php.announce/79"
        },
        {
          "name": "HPSBUX02543",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=127680701405735\u0026w=2"
        },
        {
          "name": "MDVSA-2009:305",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:305"
        },
        {
          "name": "37821",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37821"
        },
        {
          "name": "APPLE-SA-2010-03-29-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
        },
        {
          "name": "20091120 PHP \"multipart/form-data\" denial of service",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/507982/100/0/threaded"
        },
        {
          "name": "41490",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41490"
        },
        {
          "name": "HPSBMA02568",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.acunetix.com/blog/websecuritynews/php-multipartform-data-denial-of-service/"
        },
        {
          "name": "DSA-1940",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1940"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/ChangeLog-5.php"
        },
        {
          "name": "[oss-security] 20091120 Re: CVE request: php 5.3.1 update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/11/20/7"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4077"
        },
        {
          "name": "[oss-security] 20091120 CVE request: php 5.3.1 update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/11/20/2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/releases/5_3_1.php"
        },
        {
          "name": "ADV-2009-3593",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3593"
        },
        {
          "name": "oval:org.mitre.oval:def:10483",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10483"
        },
        {
          "name": "SSRT100219",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
        },
        {
          "name": "41480",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41480"
        },
        {
          "name": "SSRT100152",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=127680701405735\u0026w=2"
        },
        {
          "name": "20091120 PHP \"multipart/form-data\" denial of service",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2009/Nov/228"
        },
        {
          "name": "MDVSA-2009:303",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:303"
        },
        {
          "name": "php-multipart-formdata-dos(54455)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54455"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-4017",
    "datePublished": "2009-11-24T00:00:00.000Z",
    "dateReserved": "2009-11-20T00:00:00.000Z",
    "dateUpdated": "2024-08-07T06:45:50.952Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2009-AVI-510

Vulnerability from certfr_avis - Published: 2009-11-23 - Updated: 2009-11-27

Plusieurs vulnérabilités affectant PHP ont été corrigées. Elles permettent, entre autre, de contourner la politique de sécurité.

Description

Plusieurs vulnérabilités dans PHP permettant, entre autre, le contournement de la politique de sécurité ont été corrigées. Une personne malveillante peut par exemple, à l'aide d'un fichier spécialement réalisé, créer des fichiers dans les répertoires autorisés en écriture.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Les versions de PHP antérieures à la 5.3.1.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de mise à jour de PHP 5.3.1	None	vendor-advisory
Bulletin de sécurité Debian DSA-1940 du 13 novembre 2009 :	-	other
Bulletin de mise à jour de PHP 3.5.1 :	-	other
Bulletin de sécurité SuSE SUSE-SR:2009:017 du 26 octobre 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eLes versions de PHP ant\u00e9rieures \u00e0 la  5.3.1.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s dans PHP permettant, entre autre, le\ncontournement de la politique de s\u00e9curit\u00e9 ont \u00e9t\u00e9 corrig\u00e9es. Une\npersonne malveillante peut par exemple, \u00e0 l\u0027aide d\u0027un fichier\nsp\u00e9cialement r\u00e9alis\u00e9, cr\u00e9er des fichiers dans les r\u00e9pertoires autoris\u00e9s\nen \u00e9criture.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-3292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3292"
    },
    {
      "name": "CVE-2009-3558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3558"
    },
    {
      "name": "CVE-2009-3557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3557"
    },
    {
      "name": "CVE-2009-4017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4017"
    }
  ],
  "initial_release_date": "2009-11-23T00:00:00",
  "last_revision_date": "2009-11-27T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-1940 du 13 novembre 2009 :",
      "url": "http://www.debian.org/security/2009/dsa-1940"
    },
    {
      "title": "Bulletin de mise \u00e0 jour de PHP 3.5.1 :",
      "url": "http://www.php.net/releases/5_3_1.php"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SR:2009:017 du 26 octobre    2009 :",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html"
    }
  ],
  "reference": "CERTA-2009-AVI-510",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-11-23T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences CVE et des bulletins de s\u00e9curit\u00e9 Debian et SuSE.",
      "revision_date": "2009-11-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s affectant PHP ont \u00e9t\u00e9 corrig\u00e9es. Elles\npermettent, entre autre, de contourner la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans PHP",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de mise \u00e0 jour de PHP 5.3.1",
      "url": null
    }
  ]
}

CERTA-2009-AVI-553

Vulnerability from certfr_avis - Published: 2009-12-18 - Updated: 2009-12-18

De multiples vulnérabilités ont été découvertes dans PHP. L'exploitation de ces vulnérabilités permet de réaliser des actions diverses dont le déni de service à distance ou la contournement de certains mécanismes de sécurité.

Description

Cinq vulnérabilités ont été découvertes dans PHP :

la première est due à une erreur dans la fonction tempnam(), permettant de contourner le mécanisme de safe_mode ;
la deuxième est due à une erreur dans la fonction posix_mkfifo(), permettant de contourner la fonctionalité open_basedir ;
la troisième est due à une erreur dans la gestion du chargement de certaines données et peut être utilisée afin de provoquer un déni de service ;
la quatrième est due à une mauvaise gestion des sessions (l'impact n'est pas connu) ;
la dernière est due à une erreur au niveau de la fonction htmlspecialchars() et permet à un utilisateur mal intentionné de réaliser une injection de code indirecte.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

PHP versions 5.2.11 et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Notes de mise à jour PHP 5.2.12

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003ePHP versions 5.2.11 et ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nCinq vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans PHP :\n\n-   la premi\u00e8re est due \u00e0 une erreur dans la fonction tempnam(),\n    permettant de contourner le m\u00e9canisme de safe_mode ;\n-   la deuxi\u00e8me est due \u00e0 une erreur dans la fonction posix_mkfifo(),\n    permettant de contourner la fonctionalit\u00e9 open_basedir ;\n-   la troisi\u00e8me est due \u00e0 une erreur dans la gestion du chargement de\n    certaines donn\u00e9es et peut \u00eatre utilis\u00e9e afin de provoquer un d\u00e9ni de\n    service ;\n-   la quatri\u00e8me est due \u00e0 une mauvaise gestion des sessions (l\u0027impact\n    n\u0027est pas connu) ;\n-   la derni\u00e8re est due \u00e0 une erreur au niveau de la fonction\n    htmlspecialchars() et permet \u00e0 un utilisateur mal intentionn\u00e9 de\n    r\u00e9aliser une injection de code indirecte.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-4142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4142"
    },
    {
      "name": "CVE-2009-3558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3558"
    },
    {
      "name": "CVE-2009-3557",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3557"
    },
    {
      "name": "CVE-2009-4143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4143"
    },
    {
      "name": "CVE-2009-4017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4017"
    }
  ],
  "initial_release_date": "2009-12-18T00:00:00",
  "last_revision_date": "2009-12-18T00:00:00",
  "links": [],
  "reference": "CERTA-2009-AVI-553",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-12-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans PHP. L\u0027exploitation\nde ces vuln\u00e9rabilit\u00e9s permet de r\u00e9aliser des actions diverses dont le\nd\u00e9ni de service \u00e0 distance ou la contournement de certains m\u00e9canismes de\ns\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s de PHP",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Notes de mise \u00e0 jour PHP 5.2.12",
      "url": "http://www.php.net/releases/5_2_12.php"
    }
  ]
}

FKIE_CVE-2009-4017

Vulnerability from fkie_nvd - Published: 2009-11-24 00:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html	Mailing List
secalert@redhat.com	http://marc.info/?l=bugtraq&m=127680701405735&w=2	Third Party Advisory
secalert@redhat.com	http://news.php.net/php.announce/79	Mailing List, Release Notes
secalert@redhat.com	http://seclists.org/fulldisclosure/2009/Nov/228	Mailing List, Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/37482	Broken Link
secalert@redhat.com	http://secunia.com/advisories/37821	Broken Link
secalert@redhat.com	http://secunia.com/advisories/40262	Broken Link
secalert@redhat.com	http://secunia.com/advisories/41480	Broken Link
secalert@redhat.com	http://secunia.com/advisories/41490	Broken Link
secalert@redhat.com	http://support.apple.com/kb/HT4077	Third Party Advisory
secalert@redhat.com	http://www.acunetix.com/blog/websecuritynews/php-multipartform-data-denial-of-service/	Third Party Advisory
secalert@redhat.com	http://www.debian.org/security/2009/dsa-1940	Mailing List, Third Party Advisory
secalert@redhat.com	http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995	Broken Link
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2009:303	Broken Link
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2009:305	Broken Link
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2009/11/20/2	Mailing List, Patch
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2009/11/20/7	Mailing List
secalert@redhat.com	http://www.php.net/ChangeLog-5.php	Release Notes, Vendor Advisory
secalert@redhat.com	http://www.php.net/releases/5_2_12.php	Release Notes
secalert@redhat.com	http://www.php.net/releases/5_3_1.php	Release Notes, Vendor Advisory
secalert@redhat.com	http://www.securityfocus.com/archive/1/507982/100/0/threaded	Broken Link, Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.vupen.com/english/advisories/2009/3593	Broken Link
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/54455	Third Party Advisory, VDB Entry
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10483	Broken Link
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6667	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=127680701405735&w=2	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://news.php.net/php.announce/79	Mailing List, Release Notes
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2009/Nov/228	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/37482	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/37821	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/40262	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/41480	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/41490	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4077	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.acunetix.com/blog/websecuritynews/php-multipartform-data-denial-of-service/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2009/dsa-1940	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2009:303	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2009:305	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2009/11/20/2	Mailing List, Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2009/11/20/7	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://www.php.net/ChangeLog-5.php	Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.php.net/releases/5_2_12.php	Release Notes
af854a3a-2127-422b-91ae-364da2661108	http://www.php.net/releases/5_3_1.php	Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/507982/100/0/threaded	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/3593	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/54455	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10483	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6667	Broken Link

Impacted products

Vendor	Product	Version
php	php	*
php	php	5.3.0
php	php	5.3.0
php	php	5.3.0
php	php	5.3.0
php	php	5.3.0
php	php	5.3.0
php	php	5.3.0
php	php	5.3.0
php	php	5.3.0
apple	mac_os_x	10.6.3
debian	debian_linux	4.0
debian	debian_linux	5.0
debian	debian_linux	6.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2304370-EDAF-4417-B624-498C427EBF53",
              "versionEndExcluding": "5.2.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.3.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "A315BCF0-71F5-4664-B25B-019B8A1075BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.3.0:alpha1:*:*:*:*:*:*",
              "matchCriteriaId": "1DF14239-64E0-46F0-A8DE-8BB11EEC2F1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.3.0:alpha2:*:*:*:*:*:*",
              "matchCriteriaId": "BDC814D7-52A0-4610-B812-1F47C08BEF8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.3.0:alpha3:*:*:*:*:*:*",
              "matchCriteriaId": "9E66A080-A759-41BA-99A6-70074DF2A1E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.3.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "F9D343FF-1DC6-477C-8DBA-D3C309D1B9BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.3.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "1F397590-70B4-43B9-9F5B-BC1020393A68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.3.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "17586008-7FBC-4238-B208-4563040D1982",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.3.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "F5D02F98-10F7-4F7B-A31E-7C28EC034BBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:5.3.0:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "8F021309-38E4-4D19-B1EB-975D9F42F4F3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive."
    },
    {
      "lang": "es",
      "value": "PHP v5.2.11, y v5.3.x antes de v5.3.1, no restringen el n\u00famero de archivos temporales creados al manipular una solicitud POST multipart/form-data, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (por agotamiento de recursos), y facilita a los atacantes remotos aprovecharse de las vulnerabilidades de inclusi\u00f3n de archivos locales, a trav\u00e9s de m\u00faltiples peticiones, en relaci\u00f3n a la falta de apoyo a la directiva max_file_uploads."
    }
  ],
  "id": "CVE-2009-4017",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-11-24T00:30:00.500",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=127680701405735\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Release Notes"
      ],
      "url": "http://news.php.net/php.announce/79"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2009/Nov/228"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/37482"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/37821"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/40262"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/41480"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/41490"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT4077"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.acunetix.com/blog/websecuritynews/php-multipartform-data-denial-of-service/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1940"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:303"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:305"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2009/11/20/2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2009/11/20/7"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "http://www.php.net/ChangeLog-5.php"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Release Notes"
      ],
      "url": "http://www.php.net/releases/5_2_12.php"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "http://www.php.net/releases/5_3_1.php"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/507982/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3593"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54455"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10483"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6667"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=127680701405735\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Release Notes"
      ],
      "url": "http://news.php.net/php.announce/79"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2009/Nov/228"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/37482"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/37821"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/40262"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/41480"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/41490"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT4077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.acunetix.com/blog/websecuritynews/php-multipartform-data-denial-of-service/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:305"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2009/11/20/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2009/11/20/7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "http://www.php.net/ChangeLog-5.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ],
      "url": "http://www.php.net/releases/5_2_12.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "http://www.php.net/releases/5_3_1.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/507982/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3593"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54455"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10483"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6667"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2009-4017

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2009-4017

Aliases

CVE-2009-4017

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-4017",
    "description": "PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive.",
    "id": "GSD-2009-4017",
    "references": [
      "https://www.suse.com/security/cve/CVE-2009-4017.html",
      "https://access.redhat.com/errata/RHSA-2010:0040",
      "https://linux.oracle.com/cve/CVE-2009-4017.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-4017"
      ],
      "details": "PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive.",
      "id": "GSD-2009-4017",
      "modified": "2023-12-13T01:19:44.987525Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2009-4017",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html",
            "refsource": "MISC",
            "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
          },
          {
            "name": "http://support.apple.com/kb/HT4077",
            "refsource": "MISC",
            "url": "http://support.apple.com/kb/HT4077"
          },
          {
            "name": "http://www.php.net/ChangeLog-5.php",
            "refsource": "MISC",
            "url": "http://www.php.net/ChangeLog-5.php"
          },
          {
            "name": "http://secunia.com/advisories/41480",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/41480"
          },
          {
            "name": "http://secunia.com/advisories/41490",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/41490"
          },
          {
            "name": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995",
            "refsource": "MISC",
            "url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
          },
          {
            "name": "http://marc.info/?l=bugtraq\u0026m=127680701405735\u0026w=2",
            "refsource": "MISC",
            "url": "http://marc.info/?l=bugtraq\u0026m=127680701405735\u0026w=2"
          },
          {
            "name": "http://news.php.net/php.announce/79",
            "refsource": "MISC",
            "url": "http://news.php.net/php.announce/79"
          },
          {
            "name": "http://secunia.com/advisories/37821",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/37821"
          },
          {
            "name": "http://secunia.com/advisories/40262",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/40262"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:303",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:303"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2009/11/20/2",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2009/11/20/2"
          },
          {
            "name": "http://www.php.net/releases/5_2_12.php",
            "refsource": "MISC",
            "url": "http://www.php.net/releases/5_2_12.php"
          },
          {
            "name": "http://www.php.net/releases/5_3_1.php",
            "refsource": "MISC",
            "url": "http://www.php.net/releases/5_3_1.php"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2009/3593",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2009/3593"
          },
          {
            "name": "http://seclists.org/fulldisclosure/2009/Nov/228",
            "refsource": "MISC",
            "url": "http://seclists.org/fulldisclosure/2009/Nov/228"
          },
          {
            "name": "http://secunia.com/advisories/37482",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/37482"
          },
          {
            "name": "http://www.acunetix.com/blog/websecuritynews/php-multipartform-data-denial-of-service/",
            "refsource": "MISC",
            "url": "http://www.acunetix.com/blog/websecuritynews/php-multipartform-data-denial-of-service/"
          },
          {
            "name": "http://www.debian.org/security/2009/dsa-1940",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2009/dsa-1940"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:305",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:305"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2009/11/20/7",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2009/11/20/7"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/507982/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/507982/100/0/threaded"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54455",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54455"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10483",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10483"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6667",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6667"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "F2304370-EDAF-4417-B624-498C427EBF53",
                    "versionEndExcluding": "5.2.12",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:php:php:5.3.0:-:*:*:*:*:*:*",
                    "matchCriteriaId": "A315BCF0-71F5-4664-B25B-019B8A1075BD",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:php:php:5.3.0:alpha1:*:*:*:*:*:*",
                    "matchCriteriaId": "1DF14239-64E0-46F0-A8DE-8BB11EEC2F1F",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:php:php:5.3.0:alpha2:*:*:*:*:*:*",
                    "matchCriteriaId": "BDC814D7-52A0-4610-B812-1F47C08BEF8C",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:php:php:5.3.0:alpha3:*:*:*:*:*:*",
                    "matchCriteriaId": "9E66A080-A759-41BA-99A6-70074DF2A1E0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:php:php:5.3.0:beta1:*:*:*:*:*:*",
                    "matchCriteriaId": "F9D343FF-1DC6-477C-8DBA-D3C309D1B9BF",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:php:php:5.3.0:rc1:*:*:*:*:*:*",
                    "matchCriteriaId": "1F397590-70B4-43B9-9F5B-BC1020393A68",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:php:php:5.3.0:rc2:*:*:*:*:*:*",
                    "matchCriteriaId": "17586008-7FBC-4238-B208-4563040D1982",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:php:php:5.3.0:rc3:*:*:*:*:*:*",
                    "matchCriteriaId": "F5D02F98-10F7-4F7B-A31E-7C28EC034BBD",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:php:php:5.3.0:rc4:*:*:*:*:*:*",
                    "matchCriteriaId": "8F021309-38E4-4D19-B1EB-975D9F42F4F3",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*",
                    "matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive."
          },
          {
            "lang": "es",
            "value": "PHP v5.2.11, y v5.3.x antes de v5.3.1, no restringen el n\u00famero de archivos temporales creados al manipular una solicitud POST multipart/form-data, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (por agotamiento de recursos), y facilita a los atacantes remotos aprovecharse de las vulnerabilidades de inclusi\u00f3n de archivos locales, a trav\u00e9s de m\u00faltiples peticiones, en relaci\u00f3n a la falta de apoyo a la directiva max_file_uploads."
          }
        ],
        "id": "CVE-2009-4017",
        "lastModified": "2024-02-15T21:16:16.510",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "MEDIUM",
              "cvssData": {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              "exploitabilityScore": 10.0,
              "impactScore": 2.9,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ]
        },
        "published": "2009-11-24T00:30:00.500",
        "references": [
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Mailing List"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=127680701405735\u0026w=2"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Mailing List",
              "Release Notes"
            ],
            "url": "http://news.php.net/php.announce/79"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "http://seclists.org/fulldisclosure/2009/Nov/228"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Broken Link"
            ],
            "url": "http://secunia.com/advisories/37482"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Broken Link"
            ],
            "url": "http://secunia.com/advisories/37821"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Broken Link"
            ],
            "url": "http://secunia.com/advisories/40262"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Broken Link"
            ],
            "url": "http://secunia.com/advisories/41480"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Broken Link"
            ],
            "url": "http://secunia.com/advisories/41490"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://support.apple.com/kb/HT4077"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://www.acunetix.com/blog/websecuritynews/php-multipartform-data-denial-of-service/"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1940"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Broken Link"
            ],
            "url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Broken Link"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:303"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Broken Link"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:305"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Mailing List",
              "Patch"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/11/20/2"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Mailing List"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/11/20/7"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Release Notes",
              "Vendor Advisory"
            ],
            "url": "http://www.php.net/ChangeLog-5.php"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Release Notes"
            ],
            "url": "http://www.php.net/releases/5_2_12.php"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Release Notes",
              "Vendor Advisory"
            ],
            "url": "http://www.php.net/releases/5_3_1.php"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Broken Link",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://www.securityfocus.com/archive/1/507982/100/0/threaded"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Broken Link"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3593"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54455"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Broken Link"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10483"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Broken Link"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6667"
          }
        ],
        "sourceIdentifier": "secalert@redhat.com",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-770"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

GHSA-79RP-C2FH-G5J7

Vulnerability from github – Published: 2022-05-02 03:50 – Updated: 2024-02-15 21:31

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-4017"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-770"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-11-24T00:30:00Z",
    "severity": "MODERATE"
  },
  "details": "PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive.",
  "id": "GHSA-79rp-c2fh-g5j7",
  "modified": "2024-02-15T21:31:24Z",
  "published": "2022-05-02T03:50:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4017"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54455"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10483"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6667"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=127680701405735\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://news.php.net/php.announce/79"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2009/Nov/228"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/37482"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/37821"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/40262"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/41480"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/41490"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4077"
    },
    {
      "type": "WEB",
      "url": "http://www.acunetix.com/blog/websecuritynews/php-multipartform-data-denial-of-service"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2009/dsa-1940"
    },
    {
      "type": "WEB",
      "url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:303"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:305"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2009/11/20/2"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2009/11/20/7"
    },
    {
      "type": "WEB",
      "url": "http://www.php.net/ChangeLog-5.php"
    },
    {
      "type": "WEB",
      "url": "http://www.php.net/releases/5_2_12.php"
    },
    {
      "type": "WEB",
      "url": "http://www.php.net/releases/5_3_1.php"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/507982/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/3593"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2009-4017 (GCVE-0-2009-4017)

CERTA-2009-AVI-510

Description

Solution

CERTA-2009-AVI-553

Description

Solution

FKIE_CVE-2009-4017

GSD-2009-4017

GHSA-79RP-C2FH-G5J7

Tags

Sightings

Nomenclature