ID CVE-2015-7503
Summary Zend Framework before 2.4.9, zend-framework/zend-crypt 2.4.x before 2.4.9, and 2.5.x before 2.5.2 allows remote attackers to recover the RSA private key.
References
Vulnerable Configurations
  • Zend Framework 2.4.0
    cpe:2.3:a:zend:zend_framework:2.4.0
  • Zend Framework 2.4.1
    cpe:2.3:a:zend:zend_framework:2.4.1
  • Zend Framework 2.4.2
    cpe:2.3:a:zend:zend_framework:2.4.2
  • Zend Framework 2.4.3
    cpe:2.3:a:zend:zend_framework:2.4.3
  • Zend Framework 2.4.4
    cpe:2.3:a:zend:zend_framework:2.4.4
  • Zend Framework 2.4.5
    cpe:2.3:a:zend:zend_framework:2.4.5
  • cpe:2.3:a:zend:zend_framework:2.4.6
    cpe:2.3:a:zend:zend_framework:2.4.6
  • cpe:2.3:a:zend:zend_framework:2.4.7
    cpe:2.3:a:zend:zend_framework:2.4.7
  • cpe:2.3:a:zend:zend_framework:2.4.8
    cpe:2.3:a:zend:zend_framework:2.4.8
  • Zend Framework 2.5.0
    cpe:2.3:a:zend:zend_framework:2.5.0
  • Zend Framework 2.5.1
    cpe:2.3:a:zend:zend_framework:2.5.1
CVSS
Base: 5.0
Impact:
Exploitability:
CWE CWE-320
CAPEC
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-8952105D59.NASL
    description ## 2.4.10 (2016-05-09) - Fix HeaderValue throwing an exception on legal characters ## 2.4.9 (2015-11-23) ### SECURITY UPDATES - **ZF2015-09**: `Zend\Captcha\Word` generates a 'word' for a CAPTCHA challenge by selecting a sequence of random letters from a character set. Prior to this vulnerability announcement, the selection was performed using PHP's internal `array_rand()` function. This function does not generate sufficient entropy due to its usage of `rand()` instead of more cryptographically secure methods such as `openssl_pseudo_random_bytes()`. This could potentially lead to information disclosure should an attacker be able to brute force the random number generation. This release contains a patch that replaces the `array_rand()` calls to use `Zend\Math\Rand::getInteger()`, which provides better RNG. - **ZF2015-10**: `Zend\Crypt\PublicKey\Rsa\PublicKey` has a call to `openssl_public_encrypt()` which used PHP's default `$padding` argument, which specifies `OPENSSL_PKCS1_PADDING`, indicating usage of PKCS1v1.5 padding. This padding has a known vulnerability, the [Bleichenbacher's chosen-ciphertext attack](http://crypto.stackexchange.com/questions/12688/ can-you-explain-bleichenbachers-cca-attack-on-pkcs1-v1-5 ), which can be used to recover an RSA private key. This release contains a patch that changes the padding argument to use `OPENSSL_PKCS1_OAEP_PADDING`. Users upgrading to this version may have issues decrypting previously stored values, due to the change in padding. If this occurs, you can pass the constant `OPENSSL_PKCS1_PADDING` to a new `$padding` argument in `Zend\Crypt\PublicKey\Rsa::encrypt()` and `decrypt()` (though typically this should only apply to the latter) : ```php $decrypted = $rsa->decrypt($data, $key, $mode, OPENSSL_PKCS1_PADDING); ``` where `$rsa` is an instance of `Zend\Crypt\PublicKey\Rsa`. (The `$key` and `$mode` argument defaults are `null` and `Zend\Crypt\PublicKey\Rsa::MODE_AUTO`, if you were not using them previously.) We recommend re-encrypting any such values using the new defaults. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-02-01
    plugin id 92125
    published 2016-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92125
    title Fedora 23 : php-ZendFramework2 / php-zendframework-zendxml (2016-8952105d59)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-03C0ED3127.NASL
    description ## 2.4.10 (2016-05-09) - Fix HeaderValue throwing an exception on legal characters ## 2.4.9 (2015-11-23) ### SECURITY UPDATES - **ZF2015-09**: `Zend\Captcha\Word` generates a 'word' for a CAPTCHA challenge by selecting a sequence of random letters from a character set. Prior to this vulnerability announcement, the selection was performed using PHP's internal `array_rand()` function. This function does not generate sufficient entropy due to its usage of `rand()` instead of more cryptographically secure methods such as `openssl_pseudo_random_bytes()`. This could potentially lead to information disclosure should an attacker be able to brute force the random number generation. This release contains a patch that replaces the `array_rand()` calls to use `Zend\Math\Rand::getInteger()`, which provides better RNG. - **ZF2015-10**: `Zend\Crypt\PublicKey\Rsa\PublicKey` has a call to `openssl_public_encrypt()` which used PHP's default `$padding` argument, which specifies `OPENSSL_PKCS1_PADDING`, indicating usage of PKCS1v1.5 padding. This padding has a known vulnerability, the [Bleichenbacher's chosen-ciphertext attack](http://crypto.stackexchange.com/questions/12688/ can-you-explain-bleichenbachers-cca-attack-on-pkcs1-v1-5 ), which can be used to recover an RSA private key. This release contains a patch that changes the padding argument to use `OPENSSL_PKCS1_OAEP_PADDING`. Users upgrading to this version may have issues decrypting previously stored values, due to the change in padding. If this occurs, you can pass the constant `OPENSSL_PKCS1_PADDING` to a new `$padding` argument in `Zend\Crypt\PublicKey\Rsa::encrypt()` and `decrypt()` (though typically this should only apply to the latter) : ```php $decrypted = $rsa->decrypt($data, $key, $mode, OPENSSL_PKCS1_PADDING); ``` where `$rsa` is an instance of `Zend\Crypt\PublicKey\Rsa`. (The `$key` and `$mode` argument defaults are `null` and `Zend\Crypt\PublicKey\Rsa::MODE_AUTO`, if you were not using them previously.) We recommend re-encrypting any such values using the new defaults. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-02-01
    plugin id 92053
    published 2016-07-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92053
    title Fedora 22 : php-ZendFramework2 / php-zendframework-zendxml (2016-03c0ed3127)
refmap via4
confirm
Last major update 10-10-2017 - 12:29
Published 10-10-2017 - 12:29
Last modified 05-11-2017 - 16:23
Back to Top