CVE-2016-10397
Published: 10 July 2017
In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:80#@good.example.com/ and evil.example.com:80?@good.example.com/ inputs to the parse_url function (implemented in the php_url_parse_ex function in ext/standard/url.c).
Priority
Medium
CVSS 3 base score: 7.5
Status
| Package | Release | Status |
|---|---|---|
|
php5 Launchpad, Ubuntu, Debian |
Upstream |
Released
(5.6.28)
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Does not exist
|
|
| Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Released
(5.5.9+dfsg-1ubuntu4.22)
|
|
|
Patches: Upstream: http://git.php.net/?p=php-src.git;a=commit;h=b061fa909de77085d3822a89ab901b934d0362c4 Upstream: http://git.php.net/?p=php-src.git;a=commit;h=2d19c92fc2f14aa97db9094eaa0b67d1c3b12409 (regression?) |
||
|
php7.0 Launchpad, Ubuntu, Debian |
Upstream |
Released
(7.0.13)
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Does not exist
|
|
| Ubuntu 16.04 LTS (Xenial Xerus) |
Not vulnerable
(7.0.18-0ubuntu0.16.04.1)
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
|
php7.1 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Not vulnerable
(7.1.6-2ubuntu1)
|
|
| Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
|
Notes
| Author | Note |
|---|---|
| sbeattie | PEAR issues should go against php-pear as of xenial |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10397
- http://openwall.com/lists/oss-security/2017/07/10/6
- http://php.net/ChangeLog-5.php
- http://php.net/ChangeLog-7.php
- https://usn.ubuntu.com/usn/usn-3382-1
- https://usn.ubuntu.com/usn/usn-3382-2
- NVD
- Launchpad
- Debian