Published: 11/08/2023 Updated: 27/10/2023

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

In PHP version 8.0.* prior to 8.0.30, 8.1.* prior to 8.1.22, and 8.2.* prior to 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.

Vulnerable Product	Search on Vulmon	Subscribe to Product
php php
fedoraproject fedora 38
debian debian linux 10.0

Debian Bug report logs - #1043477 php82: CVE-2023-3823 CVE-2023-3824 Package: src:php82; Maintainer for src:php82 is Debian PHP Maintainers <team+pkg-php@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 11 Aug 2023 21:39:01 UTC Severity: grave Tags: security, upstream Found in ...

Synopsis Important: php security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for php is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having a security ...

Synopsis Important: php:80 security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the php:80 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update a ...

Synopsis Moderate: php:81 security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the php:81 module is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as ...

GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP NOTE: Fixed in 827, 8120, 8029NOTE: githubcom/php/php-src/security/advisories/GHSA-76gg-c692-v2mwNOTE: githubcom/php/php-src/commit/ac4254ad764c70cb1f05c9270d8d12689fc3aeb6 (php-8029)NOTE: githubcom/php/ph ...

My personal repository

Hi 👋, I'm Tran Ngoc Tam Latest Blog Posts State Machines in Practice: Implementing Solutions for Real Challenges How to do Canary Deployments on EKS how to use skeleton loading next 13 with shadcn ui Memory leaks in Go Array methods in reactjs Latest stack oveflow activity TitleLink Getting error "Plugin 'InnoDB' registration as a STORAGE ENGI

Vulnerability in PHP Phar files, due to buffer overflow, arises from insufficient length checks on file names within the Phar archive. Malicious actors can craft Phar files with long file names, leading to buffer overflow and potential execution of malicious code or data leakage. This vulnerability can be exploited for code execution CVE-2023-3824

PHP Malicious Phar File PoC (CVE-2023-3824) Description This Proof of Concept (PoC) demonstrates how to create a malicious Phar file in PHP and trigger a buffer overflow vulnerability Usage Creating the Malicious Phar File Create a new PHP file (eg, create_pharphp) and add the following code: <?php $phar = new Phar('maliciousphar'); $phar->startBu

FBI hacked Lockbit use this exploit.

CVE-2023-3824-PHP-to-RCE FBI hacked Lockbit use this exploit Greetings to anyone interested in how several LockBit sites were hacked by PHP CVE-2023-3824 Now I write this POC in Python 39 This POC is fully finalized and functional I'm willing to share this exploit for a nominal fee to avoid mass distribution and hacking of most sites written in PHP Download Download

Research of CVE-2023-3824 (NCA - Lockbit)

Research of CVE-2023-3824 (NCA - Lockbit) Research of CVE-2023-3824 (NCA - Lockbit) by NewLockbit (2024/03/09) The vulnerability is related to improper buffer handling in the phar_dir_read() function in the PHP phar extension This can lead to a buffer overflow and a buffer overread later The buffer overflow occurs due to the incorrect condition in the line if (to_read == 0 ||

CVE-2023-3824-POC----RCE-National-Crime-Agency-LEAK-

CVE-2023-3824-PHP-to-RCE-LockBit-LEAK Greetings to anyone interested in how several LockBit sites were hacked by PHP CVE-2023-3824 (download exploit below) Now I write this POC in Python 39 This POC is fully finalized and functional I'm willing to share this exploit for a nominal fee to avoid mass distribution and hacking of most sites written in PHP Download Download

LockBit ransomware returns, restores servers after police disruption

BleepingComputer • Ionut Ilascu • 25 Feb 2024

LockBit ransomware returns, restores servers after police disruption By Ionut Ilascu February 25, 2024 02:41 PM 0 The LockBit gang is relaunching its ransomware operation on a new infrastructure less than a week after law enforcement hacked their servers, and is threatening to focus more of their attacks on the government sector. In a message under a mock-up FBI leak - specifically to draw attention, the gang published a lengthy message about their negligence enabling the breach and the plans fo...

CVE-2023-3824

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect