Two recently discovered security flaws in PHP 5.4.4 and PHP 5.3.14 could allow an attacker to execute random code. The flaws are related to each other, with the primary issue being an insecure implementation of the DES within the crypt() function. In his eSecurityPlanet article about recent PHP security updates, Sean Michael Kerner provides the details of these two security flaws.
He writes:
“The [DES ] flaw is that certain keys were truncated before being DES digested, which could potentially have enabled an authentication bypass.”
“The second flaw, identified as CVE-2012-2386, is a vulnerability within the PHP phar extension. [Security firm] Secunia warned that successful exploitation of the Phar vulnerability may allow execution of arbitrary code.”
