Ecosyste.ms: Advisories

Security Advisories: GSA_kwCzR0hTQS13OXBoLXE0aDktcndxNs4AAYu2

CodeIgniter and Kohana vulnerable to PHP Object Injection

CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through 3.3.2 make it easier for remote attackers to spoof session cookies and consequently conduct PHP object injection attacks by leveraging use of standard string comparison operators to compare cryptographic hashes.

Permalink: https://github.com/advisories/GHSA-w9ph-q4h9-rwq6
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS13OXBoLXE0aDktcndxNs4AAYu2
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Critical
Classification: General
Published: almost 2 years ago
Updated: 9 months ago

CVSS Score: 9.8
CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Identifiers: GHSA-w9ph-q4h9-rwq6, CVE-2014-8684
References:

• https://nvd.nist.gov/vuln/detail/CVE-2014-8684
• https://github.com/kohana/core/pull/492
• http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html
• http://seclists.org/fulldisclosure/2014/May/54
• https://github.com/kohana/core/commit/66b409a6da2960130888989534ff1799532b8f32
• https://github.com/bcit-ci/CodeIgniter/blob/2.2.6/system/libraries/Session.php#L159
• https://web.archive.org/web/20140802041151/https://scott.arciszewski.me/research/full/php-framework-timing-attacks-object-injection
• https://github.com/advisories/GHSA-w9ph-q4h9-rwq6

Repository: https://github.com/kohana/core
Blast Radius: 26.9

Affected Packages