14 DAY TRIAL // The PHP development team is considering recalling the recently released PHP 5.3.7 after a serious bug was identified in the crypt() function.
PHP 5.3.7 was released last week as an important security and stability update, developers urging users to upgrade as soon as possible at the time.
However, since the crypt() bug was identified they advise people against it, effectively reverting their previous recommendation.
If the crypt() function is used to validate passwords using salted MD5 hashes the operation fails, practically making authentication impossible.
"If crypt() only stores the salt then crypt($pw, $salt) will return the salt and comparing this to $pw is useless as the salt is a constant regardless of $pw," one developer explains.
The MD5 hashing algorithm is widely used because of its speed and small impact on system resources, however, since it is vulnerable to attacks, it is commonly used together with a salt, a key that encrypts the resulting hash.
Most applications which use MD5 hashing for authentication do so with a salt and are therefore affected by this bug. Applications that use other hashing algorithms like DES and BLOWFISH through crypt() are not impacted.
According to developers, some very recent update introduced the bug. PHP 5.3.7 patched a vulnerability in crypt() that could be exploited to cause a buffer overflow by providing an overly long salt to the function.
The bug has already been patched in SVN and developers are working on issuing a new stable update (5.3.7pl1 or 5.3.8) as soon as possible because many companies can't deploy SVN snapshots on production servers.
Returning to the previous version is also risky because the vulnerabilities patched in PHP 5.3.7 are now publicly known which increases the risk of attack.