Info

Disclosure

Aug 24, 2006

Discovery

Aug 21, 2006

Dates

Exploit

Unknown

Solution

Unknown

Description

A remote overflow exists in Zend Platform. The 'mod_cluster' module fails to handle PHP sessions with an overly long or a zero-length session identifier resulting in a buffer overflow. With a specially crafted request, an attacker can cause a arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown

Solution

Upgrade to version 2.2.1a or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Zend Technologies Ltd.

Zend Platform

2.2.1

References

CVE ID: 2006-4431 (see also: NVD)
Secunia Advisory ID: 21573
SCIP VulDB ID: 2492
Related OSVDB ID: 28230 28232 28233
VUPEN Advisory: ADV-2006-3388
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-08/0471.html
Other Advisory URL: http://www.hardened-php.net/advisory_052006.128.html
Vendor URL: http://www.zend.com/

Credit

Stefan Esser - sesserhardened-php.net - www.hardened-php.net

Direct URL: http://osvdb.org/28231