CVE-2010-0397
published 2010-03-16CVE-2010-0397: The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which…
PriorityP429medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
11.53%
95.5th percentile
The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| php | php | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat5.0MEDIUM
vendor_ubuntu5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-vqgq-wj7q-x376: The xmlrpc extension in PHP 5
ghsa_unreviewed·2022-05-02
CVE-2010-0397 [MEDIUM] GHSA-vqgq-wj7q-x376: The xmlrpc extension in PHP 5
The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument.
Ubuntu
PHP vulnerabilities
vendor_ubuntu·2010-09-20·CVSS 5.0
CVE-2010-0397 [MEDIUM] PHP vulnerabilities
Title: PHP vulnerabilities
Auke van Slooten discovered that PHP incorrectly handled certain xmlrpc
requests. An attacker could exploit this issue to cause the PHP server to
crash, resulting in a denial of service. This issue only affected Ubuntu
6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2010-0397)
It was discovered that the pseudorandom number generator in PHP did not
provide the expected entropy. An attacker could exploit this issue to
predict values that were intended to be random, such as session cookies.
This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10.
(CVE-2010-1128)
It was discovered that PHP did not properly handle directory pathnames that
lacked a trailing slash character. An attacker could exploit this issue to
bypass safe_mode restrictions. This issue only affe
Red Hat
php: NULL pointer dereference in XML-RPC extension
vendor_redhat·2010-03-12·CVSS 5.0
CVE-2010-0397 [MEDIUM] CWE-476 php: NULL pointer dereference in XML-RPC extension
php: NULL pointer dereference in XML-RPC extension
The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument.
Statement: This issue was addressed in the php packages as shipped with Red Hat Enterprise Linux 4 and 5 via: https://rhn.redhat.com/errata/RHSA-2010-0919.html
No detection rules found.
Exploit-DB
Subversion - Date Svnserve (Metasploit)
exploitdb·2010-08-07
CVE-2004-0397 Subversion - Date Svnserve (Metasploit)
Subversion - Date Svnserve (Metasploit)
---
##
# $Id: svnserve_date.rb 9971 2010-08-07 06:59:16Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
require 'msf/core/exploit/http/client'
class Metasploit3 'Subversion Date Svnserve',
'Description' => %q{
This is an exploit for the Subversion date parsing overflow. This
exploit is for the svnserve daemon (svn:// protocol) and will not work
for Subversion over webdav (http[s]://). This exploit should never
crash the daemon, and should be safe to do multi-hits.
**WARNING** This exploit seems to (not very of
Exploit-DB
PHP 5.3.2 'xmlrpc' Extension - Multiple Remote Denial of Service Vulnerabilities
exploitdb·2010-03-12
CVE-2010-0397 PHP 5.3.2 'xmlrpc' Extension - Multiple Remote Denial of Service Vulnerabilities
PHP 5.3.2 'xmlrpc' Extension - Multiple Remote Denial of Service Vulnerabilities
---
source: https://www.securityfocus.com/bid/38708/info
PHP's xmlrpc extension library is prone to multiple denial-of-service vulnerabilities because it fails to properly handle crafted XML-RPC requests.
Exploiting these issues allows remote attackers to cause denial-of-service conditions in the context of an application using the vulnerable library.
PHP 5.3.1 is vulnerable; other versions may also be affected.
';
$result = xmlrpc_decode_request( $req, $frop );
?>
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573573http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.htmlhttp://lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.htmlhttp://secunia.com/advisories/42410http://support.apple.com/kb/HT4312http://support.apple.com/kb/HT4435http://www.mandriva.com/security/advisories?name=MDVSA-2010:068http://www.openwall.com/lists/oss-security/2010/03/12/5http://www.redhat.com/support/errata/RHSA-2010-0919.htmlhttp://www.securityfocus.com/bid/38708http://www.vupen.com/english/advisories/2010/0724http://www.vupen.com/english/advisories/2010/3081http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573573http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.htmlhttp://lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.htmlhttp://secunia.com/advisories/42410http://support.apple.com/kb/HT4312http://support.apple.com/kb/HT4435http://www.mandriva.com/security/advisories?name=MDVSA-2010:068http://www.openwall.com/lists/oss-security/2010/03/12/5http://www.redhat.com/support/errata/RHSA-2010-0919.htmlhttp://www.securityfocus.com/bid/38708http://www.vupen.com/english/advisories/2010/0724http://www.vupen.com/english/advisories/2010/3081
2010-03-16
Published