Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-2961-1:86E28
HistoryJun 16, 2014 - 7:30 p.m.

[SECURITY] [DSA 2961-1] php5 security update

2014-06-1619:30:13
lists.debian.org
7

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

JSON

Debian Security Advisory DSA-2961-1 [email protected]
http://www.debian.org/security/ Salvatore Bonaccorso
June 16, 2014 http://www.debian.org/security/faq

Package : php5
CVE ID : CVE-2014-4049
Debian Bug : 751364

It was discovered that PHP, a general-purpose scripting language
commonly used for web application development, is vulnerable to a
heap-based buffer overflow in the DNS TXT record parsing. A malicious
server or man-in-the-middle attacker could possibly use this flaw to
execute arbitrary code as the PHP interpreter if a PHP application uses
dns_get_record() to perform a DNS query.

For the stable distribution (wheezy), this problem has been fixed in
version 5.4.4-14+deb7u11.

For the testing distribution (jessie), this problem has been fixed in
version 5.6.0~beta4+dfsg-3.

For the unstable distribution (sid), this problem has been fixed in
version 5.6.0~beta4+dfsg-3.

We recommend that you upgrade your php5 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian7amd64php5-odbc< 5.4.4-14+deb7u11php5-odbc_5.4.4-14+deb7u11_amd64.deb
Debian7s390xphp5-xmlrpc< 5.4.4-14+deb7u11php5-xmlrpc_5.4.4-14+deb7u11_s390x.deb
Debian7ia64php5-xsl< 5.4.4-14+deb7u11php5-xsl_5.4.4-14+deb7u11_ia64.deb
Debian7sparcphp5-pspell< 5.4.4-14+deb7u11php5-pspell_5.4.4-14+deb7u11_sparc.deb
Debian7powerpcphp5-intl< 5.4.4-14+deb7u11php5-intl_5.4.4-14+deb7u11_powerpc.deb
Debian7mipselphp5-gmp< 5.4.4-14+deb7u11php5-gmp_5.4.4-14+deb7u11_mipsel.deb
Debian7armelphp5-curl< 5.4.4-14+deb7u11php5-curl_5.4.4-14+deb7u11_armel.deb
Debian7powerpclibphp5-embed< 5.4.4-14+deb7u11libphp5-embed_5.4.4-14+deb7u11_powerpc.deb
Debian6amd64php5-cgi< 5.3.3-7+squeeze20php5-cgi_5.3.3-7+squeeze20_amd64.deb
Debian7s390libphp5-embed< 5.4.4-14+deb7u11libphp5-embed_5.4.4-14+deb7u11_s390.deb
Rows per page:
1-10 of 4481

Related

osv 4
debian 8
openvas 41
nessus 37
checkpoint_advisories 1
veracode 4
prion 2
cve 2
ubuntucve 2
suse 5
ubuntu 2
ibm 5
securityvulns 5
mageia 3
f5 4
amazon 3
oraclelinux 5
freebsd 1
slackware 1
redhat 4
centos 2
gentoo 1
rosalinux 1
osv
osv
php5 - security update
2014-06-27 00:00:00
php5 - security update
2014-06-16 00:00:00
php5 - security update
2014-09-30 00:00:00
debian
debian
[SECURITY] [DSA 2961-1] php5 security update
2014-06-16 19:30:13
php5 security update
2014-06-27 11:29:37
php5 security update
2014-06-27 11:30:03
openvas
openvas
Debian: Security Advisory (DSA-2961-1)
2014-06-15 00:00:00
Debian Security Advisory DSA 2961-1 (php5 - security update)
2014-06-16 00:00:00
Debian: Security Advisory (DLA-0010-1)
2023-03-08 00:00:00
nessus
nessus
openSUSE Security Update : php5 (openSUSE-SU-2014:0841-1)
2014-06-26 00:00:00
Debian DSA-2961-1 : php5 - security update
2014-06-17 00:00:00
SUSE SLES11 Security Update : PHP5 (SUSE-SU-2014:0868-1)
2015-05-20 00:00:00
checkpoint_advisories
checkpoint_advisories
PHP php_parserr DNS_TXT Heap Buffer Overflow (CVE-2014-4049)
2014-07-16 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:04:21
Denial Of Service (DoS)
2019-05-02 05:04:17
Denial Of Service (DoS)
2019-05-02 05:04:16
prion
prion
Heap overflow
2014-06-18 19:55:00
Buffer overflow
2014-08-23 01:55:00
cve
cve
CVE-2014-4049
2014-06-18 19:55:00
CVE-2014-3597
2014-08-23 01:55:00
ubuntucve
ubuntucve
CVE-2014-4049
2014-06-18 00:00:00
CVE-2014-3597
2014-08-22 00:00:00
suse
suse
Security update for PHP5 (important)
2014-07-04 00:04:20
Security update for php53 (important)
2014-07-04 01:04:18
Security update for PHP5 (important)
2014-07-07 19:04:42
ubuntu
ubuntu
PHP updates
2014-06-25 00:00:00
PHP vulnerabilities
2014-06-23 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in PHP affect IBM Chassis Management Module (CMM) (CVE-2013-4248, CVE-2013-6420, CVE-2014-2497, CVE-2014-4049)
2019-01-31 01:55:01
Security Bulletin: Vulnerabilities in php5 affect IBM Flex System Manager (FSM): (CVE-2013-4248 CVE-2013-6420 CVE-2014-2497 CVE-2014-4049)
2019-01-31 01:30:01
Security Bulletin: Multiple vulnerabilities in PHP as used by IBM QRadar Incident Forensics 7.2 MR2. (CVE-2014-3515, CVE-2014-4049, CVE-2014-3981, CVE-2014-0238, CVE-2014-0237, CVE-2014-4721)
2018-06-16 21:19:23
securityvulns
securityvulns
PHP security vulnerabilities
2014-06-17 00:00:00
APPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update 2014-004
2014-09-21 00:00:00
Apple Mac OS X / OS X Server multiple security vulnerabilities
2014-09-21 00:00:00
mageia
mageia
Updated php packages fix multiple security vulnerabilities
2014-09-05 13:07:37
Updated php packages fix multiple vulnerabilities
2014-07-09 02:30:04
Updated php packages fix multiple vulnerabilities
2014-07-09 02:29:20
f5
f5
SOL15761 - Multiple PHP 5.x vulnerabilities
2014-10-30 00:00:00
K15761 : Multiple PHP 5.x vulnerabilities
2015-09-17 00:00:00
SOL15498 - Multiple PHP vulnerabilities
2014-08-12 00:00:00
amazon
amazon
Medium: php
2014-08-21 11:15:00
Medium: php54
2014-07-09 16:24:00
Medium: php55
2014-07-09 16:42:00
oraclelinux
oraclelinux
php53 and php security update
2014-09-30 00:00:00
php security update
2014-08-06 00:00:00
php53 and php security update
2014-08-06 00:00:00
freebsd
freebsd
PHP multiple vulnerabilities
2014-08-14 00:00:00
slackware
slackware
[slackware-security] php
2014-07-12 03:48:04
redhat
redhat
(RHSA-2014:1013) Moderate: php security update
2014-08-06 00:00:00
(RHSA-2014:1012) Moderate: php53 and php security update
2014-08-06 00:00:00
(RHSA-2014:1766) Important: php55-php security update
2014-10-30 00:00:00
centos
centos
php security update
2014-08-06 14:38:20
php, php53 security update
2014-08-06 14:53:37
gentoo
gentoo
PHP: Multiple vulnerabilities
2014-08-29 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

JSON
Related for DEBIAN:DSA-2961-1:86E28
osv4debian8openvas41nessus37checkpoint_advisories1veracode4prion2cve2ubuntucve2suse5ubuntu2ibm5securityvulns5mageia3f54amazon3oraclelinux5freebsd1slackware1redhat4centos2gentoo1rosalinux1