← back
CVE-2017-5358

CVE-2017-5358

EPSS 12.1%
Stack-based buffer overflows in php_Easycom5_3_0.dll in EasyCom for PHP 4.0.0.29 allows remote attackers to execute arbitrary code via the server argument to the (1) i5_connect, (2) i5_pconnect, or (3) i5_private_connect API function.
Affected products
n/a · n/a
public PoCs found3
cve_referencepacketstormsecurity.com/files/141299/EasyCom-AS400-PHP-API-Buffer-Overflow.htmlunverifiedcve_referencewww.exploit-db.com/exploits/41425/unverifiedexploitdbwww.exploit-db.com/exploits/41425unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://hyp3rlinx.altervista.org/advisories/EASYCOM-PHP-API-BUFFER-OVERFLOW.txthttp://packetstormsecurity.com/files/141299/EasyCom-AS400-PHP-API-Buffer-Overflow.htmlhttp://seclists.org/fulldisclosure/2017/Feb/60https://www.exploit-db.com/exploits/41425/http://www.securityfocus.com/bid/96419