Details of VAR-202002-0084

ID

VAR-202002-0084

CVE

CVE-2011-3336

TITLE

regcomp of BSD implementation Resource exhaustion vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2011-005609

DESCRIPTION

regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion. PHP is prone to an 'open_basedir' restriction-bypass vulnerability because of a design error. Successful exploits could allow an attacker to read and write files in unauthorized locations. This vulnerability would be an issue in shared-hosting configurations where multiple users can create and execute arbitrary PHP script code. In such cases, 'open_basedir' restrictions are expected to isolate users from each other. PHP 5.2.11 and 5.3.0 are vulnerable; other versions may also be affected. Successful exploits will allow attackers to make the applications that use the affected library, unresponsive, denying service to legitimate users. The libc library of the following platforms are affected: NetBSD 5.1 OpenBSD 5.0 FreeBSD 8.2 Apple Mac OSX Other versions may also be affected. NetBSD is a free and open source Unix-like operating system developed by the NetBSD Foundation

Trust: 2.25

sources: NVD: CVE-2011-3336 // JVNDB: JVNDB-2011-005609 // BID: 37032 // BID: 50541 // VULHUB: VHN-51281

AFFECTED PRODUCTS

vendor:	freebsd	model:	freebsd	scope:	eq	version:	8.2	Trust: 1.3
vendor:	openbsd	model:	openbsd	scope:	eq	version:	5.0	Trust: 1.0
vendor:	php	model:	php	scope:	lte	version:	5.3.10	Trust: 1.0
vendor:	php	model:	php	scope:	gte	version:	5.3.0	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	gte	version:	10.6.0	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lte	version:	10.7.2	Trust: 1.0
vendor:	freebsd	model:	freebsd	scope:	-	version:	-	Trust: 0.8
vendor:	openbsd	model:	openbsd	scope:	-	version:	-	Trust: 0.8
vendor:	the php group	model:	php	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	-	version:	-	Trust: 0.8
vendor:	php	model:	php	scope:	eq	version:	5.3	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.3.3	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.3.4	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.3.10	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.3.1	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.3.6	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.3.8	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.3.5	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.3.7	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.3.2	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.3.9	Trust: 0.6
vendor:	php	model:	rc1	scope:	eq	version:	5.3.4	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.2.11	Trust: 0.3
vendor:	php	model:	php	scope:	eq	version:	5.2.12	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.6	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7	Trust: 0.3
vendor:	netbsd	model:	netbsd	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.8	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.7	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.3	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.4	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.3	Trust: 0.3

sources: BID: 37032 // BID: 50541 // JVNDB: JVNDB-2011-005609 // NVD: CVE-2011-3336

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-3336
value:	HIGH
Trust: 1.0
NVD:	JVNDB-2011-005609
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201111-154
value:	HIGH
Trust: 0.6
VULHUB:	VHN-51281
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2011-3336
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	JVNDB-2011-005609
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-51281
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2011-3336
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	JVNDB-2011-005609
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-51281 // JVNDB: JVNDB-2011-005609 // CNNVD: CNNVD-201111-154 // NVD: CVE-2011-3336

PROBLEMTYPE DATA

problemtype:

CWE-400

Trust: 1.9

sources: VULHUB: VHN-51281 // JVNDB: JVNDB-2011-005609 // NVD: CVE-2011-3336

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201111-154

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201111-154

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-005609

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-51281

PATCH

title:	Top Page	url:	https://www.apple.com/	Trust: 0.8
title:	Top Page	url:	https://www.freebsd.org/	Trust: 0.8
title:	Top Page	url:	https://www.openbsd.org/	Trust: 0.8
title:	Top Page	url:	https://www.php.net/	Trust: 0.8
title:	NetBSD/OpenBSD/FreeBSD/Apple Multiple vendors libc Library Stack Lost Denial of Service Vulnerability Fixes	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=108022	Trust: 0.6

sources: JVNDB: JVNDB-2011-005609 // CNNVD: CNNVD-201111-154

EXTERNAL IDS

db:	NVD	id:	CVE-2011-3336	Trust: 2.8
db:	BID	id:	50541	Trust: 2.0
db:	CXSECURITY	id:	WLB-2011110082	Trust: 1.7
db:	JVNDB	id:	JVNDB-2011-005609	Trust: 0.8
db:	CNNVD	id:	CNNVD-201111-154	Trust: 0.7
db:	CXSECURITY	id:	WLB-2012030272	Trust: 0.6
db:	BID	id:	37032	Trust: 0.3
db:	EXPLOIT-DB	id:	36288	Trust: 0.1
db:	PACKETSTORM	id:	106589	Trust: 0.1
db:	VULHUB	id:	VHN-51281	Trust: 0.1

sources: VULHUB: VHN-51281 // BID: 37032 // BID: 50541 // JVNDB: JVNDB-2011-005609 // CNNVD: CNNVD-201111-154 // NVD: CVE-2011-3336

REFERENCES

url:	https://www.securityfocus.com/archive/1/520390	Trust: 2.5
url:	http://www.securityfocus.com/bid/50541	Trust: 1.7
url:	http://seclists.org/fulldisclosure/2014/mar/166	Trust: 1.7
url:	https://cxsecurity.com/issue/wlb-2011110082	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3336	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3336	Trust: 0.8
url:	http://cxsecurity.com/issue/wlb-2012030272	Trust: 0.6
url:	http://securityreason.com/achievement_securityalert/70	Trust: 0.3
url:	http://securityreason.com/achievement_exploitalert/14	Trust: 0.3
url:	http://www.php.net/	Trust: 0.3
url:	http://securityreason.com/achievement_securityalert/102	Trust: 0.3
url:	/archive/1/520390	Trust: 0.3

sources: VULHUB: VHN-51281 // BID: 37032 // BID: 50541 // JVNDB: JVNDB-2011-005609 // CNNVD: CNNVD-201111-154 // NVD: CVE-2011-3336

CREDITS

Maksymilian Arciemowicz

Trust: 1.2

sources: BID: 37032 // BID: 50541 // CNNVD: CNNVD-201111-154

SOURCES

db:	VULHUB	id:	VHN-51281
db:	BID	id:	37032
db:	BID	id:	50541
db:	JVNDB	id:	JVNDB-2011-005609
db:	CNNVD	id:	CNNVD-201111-154
db:	NVD	id:	CVE-2011-3336

LAST UPDATE DATE

2024-08-14T13:44:25.151000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-51281	date:	2020-02-18T00:00:00
db:	BID	id:	37032	date:	2015-03-19T08:39:00
db:	BID	id:	50541	date:	2014-03-17T11:35:00
db:	JVNDB	id:	JVNDB-2011-005609	date:	2020-03-03T00:00:00
db:	CNNVD	id:	CNNVD-201111-154	date:	2021-07-12T00:00:00
db:	NVD	id:	CVE-2011-3336	date:	2020-02-18T19:49:54.197

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-51281	date:	2020-02-12T00:00:00
db:	BID	id:	37032	date:	2009-11-13T00:00:00
db:	BID	id:	50541	date:	2011-11-04T00:00:00
db:	JVNDB	id:	JVNDB-2011-005609	date:	2020-03-03T00:00:00
db:	CNNVD	id:	CNNVD-201111-154	date:	1900-01-01T00:00:00
db:	NVD	id:	CVE-2011-3336	date:	2020-02-12T20:15:13.353