Debian Local Security Checks : Debian: Security Advisory (DLA-3345-1)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.893345

Category: Debian Local Security Checks

Title: Debian: Security Advisory (DLA-3345-1)

Summary: The remote host is missing an update for the Debian 'php7.3' package(s) announced via the DLA-3345-1 advisory.

Description: Summary:
The remote host is missing an update for the Debian 'php7.3' package(s) announced via the DLA-3345-1 advisory.

Vulnerability Insight:
Multiple security issues were found in PHP, a widely-used open source general purpose scripting language, which could result in denial of service or incorrect validation of BCrypt hashes.

CVE-2022-31631

Due to an uncaught integer overflow, PDO::quote() of PDO_SQLite may return an improperly quoted string. The exact details likely depend on the implementation of sqlite3_snprintf(), but with some versions it is possible to force the function to return a single apostrophe, if the function is called on user supplied input without any length restrictions in place.

CVE-2023-0567

Tim Dusterhus discovered that malformed BCrypt hashes that include a $ character within their salt part trigger a buffer overread and may erroneously validate any password as valid. (Password_verify() always returns true with such inputs.)

CVE-2023-0568

1-byte array overrun when appending slash to paths during path resolution.

CVE-2023-0662

Jakob Ackermann discovered a Denial of Service vulnerability when parsing multipart request body: the request body parsing in PHP allows any unauthenticated attacker to consume a large amount of CPU time and trigger excessive logging.

For Debian 10 buster, these problems have been fixed in version 7.3.31-1~
deb10u3.

We recommend that you upgrade your php7.3 packages.

For the detailed security status of php7.3 please refer to its security tracker page at: [link moved to references]

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: [link moved to references]

Affected Software/OS:
'php7.3' package(s) on Debian 10.

Solution:
Please install the updated package(s).

CVSS Score:
7.6

CVSS Vector:
AV:N/AC:H/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2022-31631
Common Vulnerability Exposure (CVE) ID: CVE-2023-0567
https://bugs.php.net/bug.php?id=81744
https://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4
Common Vulnerability Exposure (CVE) ID: CVE-2023-0568
https://bugs.php.net/bug.php?id=81746
Common Vulnerability Exposure (CVE) ID: CVE-2023-0662
https://github.com/php/php-src/security/advisories/GHSA-54hq-v5wp-fqgv

Copyright Copyright (C) 2023 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.893345
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DLA-3345-1)
Summary:	The remote host is missing an update for the Debian 'php7.3' package(s) announced via the DLA-3345-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'php7.3' package(s) announced via the DLA-3345-1 advisory. Vulnerability Insight: Multiple security issues were found in PHP, a widely-used open source general purpose scripting language, which could result in denial of service or incorrect validation of BCrypt hashes. CVE-2022-31631 Due to an uncaught integer overflow, PDO::quote() of PDO_SQLite may return an improperly quoted string. The exact details likely depend on the implementation of sqlite3_snprintf(), but with some versions it is possible to force the function to return a single apostrophe, if the function is called on user supplied input without any length restrictions in place. CVE-2023-0567 Tim Dusterhus discovered that malformed BCrypt hashes that include a $ character within their salt part trigger a buffer overread and may erroneously validate any password as valid. (Password_verify() always returns true with such inputs.) CVE-2023-0568 1-byte array overrun when appending slash to paths during path resolution. CVE-2023-0662 Jakob Ackermann discovered a Denial of Service vulnerability when parsing multipart request body: the request body parsing in PHP allows any unauthenticated attacker to consume a large amount of CPU time and trigger excessive logging. For Debian 10 buster, these problems have been fixed in version 7.3.31-1~ deb10u3. We recommend that you upgrade your php7.3 packages. For the detailed security status of php7.3 please refer to its security tracker page at: [link moved to references] Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: [link moved to references] Affected Software/OS: 'php7.3' package(s) on Debian 10. Solution: Please install the updated package(s). CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-31631 Common Vulnerability Exposure (CVE) ID: CVE-2023-0567 https://bugs.php.net/bug.php?id=81744 https://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4 Common Vulnerability Exposure (CVE) ID: CVE-2023-0568 https://bugs.php.net/bug.php?id=81746 Common Vulnerability Exposure (CVE) ID: CVE-2023-0662 https://github.com/php/php-src/security/advisories/GHSA-54hq-v5wp-fqgv
Copyright	Copyright (C) 2023 Greenbone AG