Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 620
Alerts This Week
Warning Icon 1 620

Ubuntu 16.04 LTS: USN-7171-1 critical: phpunit remote code execution

ubuntu
Calendar Grey December 18, 2024
Dist Ubuntu Esm H88
PHPUnit 5.1.3-2 patch resolves a vulnerability enabling remote code execution on Ubuntu 20.04 via specially designed requests.
PHPUnit could be made to crash or run programs if it received specially crafted network traffic.

Summary

PHPUnit could be made to crash or run programs if it received specially

crafted network traffic.

Software Description:

- phpunit: Unit testing suite for PHP

Details:

It was discovered that PHPUnit incorrectly handled web requests if exposed

to the internet. An attacker could possibly use this issue to achive remote

code execution or obtain sensitive information.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS
   phpunit                         5.1.3-1+ubuntu3+esm1
                                   Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-7171-1

  CVE-2017-9841

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7171-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.