OSVDB ID: 28230

Title: Zend Platform Session Clustering Daemon PHP Session Identifier Overflow

Info

Disclosure

Aug 24, 2006

Discovery

Aug 21, 2006

Dates

Exploit

Unknown

Solution

Unknown

Description

Zend Platform contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when the value in the 'PHPSESSID' variable is a 0 length session identifier or a very long session identifier. It is possible that the flaw may allow an attacker to execute arbitrary code resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown

Solution

Upgrade to version 2.2.1a or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Zend Technologies Ltd.

Zend Platform

2.2.1

References

CVE ID: 2006-4431 (see also: NVD)
Secunia Advisory ID: 21573
SCIP VulDB ID: 2492
Related OSVDB ID: 28231 28232 28233
VUPEN Advisory: ADV-2006-3388
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-08/0471.html
Other Advisory URL: http://www.hardened-php.net/advisory_052006.128.html
Vendor URL: http://www.zend.com/

Credit

Stefan Esser - sesserhardened-php.net - www.hardened-php.net

Direct URL: http://osvdb.org/28230