Summary: | =dev-lang/php-5.3.7: crypt() returns only the salt for MD5 (CVE-2011-3189) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | php-bugs |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://secunia.com/advisories/45678/ | ||
Whiteboard: | A3 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 372745 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2011-08-22 17:50:19 UTC
The fix is in their svn repo. A new release from PHP is expected tomorrow, so I expect to have an ebuild by wednesday. Please see bug #376735 Sorry, that should have been bug #372745 adding bug 372745 as a depend as Tim suggest. CVE-2011-3189 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3189): The crypt function in PHP 5.3.7, when the MD5 hash type is used, returns the value of the salt argument instead of the hashed string, which might allow remote attackers to bypass authentication via an arbitrary password, a different vulnerability than CVE-2011-2483. Fixed in 5.3.8, which is already stable by now. 5.3.7 wasn't stable, but nevertheless added to the GLSA draft now. This issue was resolved and addressed in GLSA 201110-06 at http://security.gentoo.org/glsa/glsa-201110-06.xml by GLSA coordinator Tobias Heinlein (keytoaster). |