HTTP: PHP phar_parse_tarfile method Integer Overflow
This signature detects attempts to exploit a known vulnerability in the PHP. A successful attack can lead to the disclosure of sensitive information from the server.
Extended Description
The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive.
Affected Products
Php php
References
CVE: CVE-2015-4021
Short Name
HTTP:PHP:PHAR-PARSE-TARFILE-ID
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2015-4021 Integer Overflow PHP method phar_parse_tarfile
Release Date
06/15/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Php
Apple
Redhat
CVSS Score
5.0