Lucene search
Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-455-1.NASLHistoryNov 10, 2007 - 12:00 a.m.
Ubuntu 6.06 LTS / 6.10 / 7.04 : php5 vulnerabilities (USN-455-1)
2007-11-1000:00:00
Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
25
Stefan Esser discovered multiple vulnerabilities in the ‘Month of PHP bugs’.
The substr_compare() function did not sufficiently verify its length argument. This might be exploited to read otherwise unaccessible memory, which might lead to information disclosure. (CVE-2007-1375)
The shared memory (shmop) functions did not verify resource types, thus they could be called with a wrong resource type that might contain user-supplied data. This could be exploited to read and write arbitrary memory addresses of the PHP interpreter. This issue does not affect Ubuntu 7.04. (CVE-2007-1376)
The php_binary handler of the session extension was missing a boundary check. When unserializing overly long variable names this could be exploited to read up to 126 bytes of memory, which might lead to information disclosure. (CVE-2007-1380)
The internal array_user_key_compare() function, as used for example by the PHP function uksort(), incorrectly handled memory unreferencing of its arguments. This could have been exploited to execute arbitrary code with the privileges of the PHP interpreter, and thus circumventing any disable_functions, open_basedir, or safe_mode restrictions. (CVE-2007-1484)
The session_regenerate_id() function did not properly clean up the former session identifier variable. This could be exploited to crash the PHP interpreter, possibly also remotely. (CVE-2007-1521)
Under certain conditions the mb_parse_str() could cause the register_globals configuration option to become permanently enabled.
This opened an attack vector for a large and common class of vulnerabilities. (CVE-2007-1583)
The session extension did not set the correct reference count value for the session variables. By unsetting _SESSION and HTTP_SESSION_VARS (or tricking a PHP script into doing that) this could be exploited to execute arbitrary code with the privileges of the PHP interpreter.
This issue does not affect Ubuntu 7.04. (CVE-2007-1700)
The mail() function did not correctly escape control characters in multiline email headers. This could be remotely exploited to inject arbitrary email headers. (CVE-2007-1718)
The php_stream_filter_create() function had an off-by-one buffer overflow in the handling of wildcards. This could be exploited to remotely crash the PHP interpreter. This issue does not affect Ubuntu 7.04. (CVE-2007-1824)
When calling the sqlite_udf_decode_binary() with special arguments, a buffer overflow happened. Depending on the application this could be locally or remotely exploited to execute arbitrary code with the privileges of the PHP interpreter. (CVE-2007-1887 CVE-2007-1888)
The FILTER_VALIDATE_EMAIL filter extension used a wrong regular expression that allowed injecting a newline character at the end of the email string. This could be exploited to inject arbitrary email headers. This issue only affects Ubuntu 7.04. (CVE-2007-1900).
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-455-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(28053);
script_version("1.17");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2007-1375", "CVE-2007-1376", "CVE-2007-1380", "CVE-2007-1484", "CVE-2007-1521", "CVE-2007-1583", "CVE-2007-1700", "CVE-2007-1717", "CVE-2007-1718", "CVE-2007-1824", "CVE-2007-1887", "CVE-2007-1888", "CVE-2007-1900");
script_bugtraq_id(22805, 22851, 22862, 22968, 22990, 23016, 23119, 23145, 23237, 23359);
script_xref(name:"USN", value:"455-1");
script_name(english:"Ubuntu 6.06 LTS / 6.10 / 7.04 : php5 vulnerabilities (USN-455-1)");
script_summary(english:"Checks dpkg output for updated packages.");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Ubuntu host is missing one or more security-related
patches."
);
script_set_attribute(
attribute:"description",
value:
"Stefan Esser discovered multiple vulnerabilities in the 'Month of PHP
bugs'.
The substr_compare() function did not sufficiently verify its length
argument. This might be exploited to read otherwise unaccessible
memory, which might lead to information disclosure. (CVE-2007-1375)
The shared memory (shmop) functions did not verify resource types,
thus they could be called with a wrong resource type that might
contain user-supplied data. This could be exploited to read and write
arbitrary memory addresses of the PHP interpreter. This issue does not
affect Ubuntu 7.04. (CVE-2007-1376)
The php_binary handler of the session extension was missing a boundary
check. When unserializing overly long variable names this could be
exploited to read up to 126 bytes of memory, which might lead to
information disclosure. (CVE-2007-1380)
The internal array_user_key_compare() function, as used for example by
the PHP function uksort(), incorrectly handled memory unreferencing of
its arguments. This could have been exploited to execute arbitrary
code with the privileges of the PHP interpreter, and thus
circumventing any disable_functions, open_basedir, or safe_mode
restrictions. (CVE-2007-1484)
The session_regenerate_id() function did not properly clean up the
former session identifier variable. This could be exploited to crash
the PHP interpreter, possibly also remotely. (CVE-2007-1521)
Under certain conditions the mb_parse_str() could cause the
register_globals configuration option to become permanently enabled.
This opened an attack vector for a large and common class of
vulnerabilities. (CVE-2007-1583)
The session extension did not set the correct reference count value
for the session variables. By unsetting _SESSION and HTTP_SESSION_VARS
(or tricking a PHP script into doing that) this could be exploited to
execute arbitrary code with the privileges of the PHP interpreter.
This issue does not affect Ubuntu 7.04. (CVE-2007-1700)
The mail() function did not correctly escape control characters in
multiline email headers. This could be remotely exploited to inject
arbitrary email headers. (CVE-2007-1718)
The php_stream_filter_create() function had an off-by-one buffer
overflow in the handling of wildcards. This could be exploited to
remotely crash the PHP interpreter. This issue does not affect Ubuntu
7.04. (CVE-2007-1824)
When calling the sqlite_udf_decode_binary() with special arguments, a
buffer overflow happened. Depending on the application this could be
locally or remotely exploited to execute arbitrary code with the
privileges of the PHP interpreter. (CVE-2007-1887 CVE-2007-1888)
The FILTER_VALIDATE_EMAIL filter extension used a wrong regular
expression that allowed injecting a newline character at the end of
the email string. This could be exploited to inject arbitrary email
headers. This issue only affects Ubuntu 7.04. (CVE-2007-1900).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://usn.ubuntu.com/455-1/"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php-pear");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-cgi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-cli");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-curl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-gd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-ldap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-mhash");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-mysqli");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-odbc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-pgsql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-pspell");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-recode");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-snmp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-sqlite");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-sybase");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-tidy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-xmlrpc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-xsl");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.06:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:7.04");
script_set_attribute(attribute:"patch_publication_date", value:"2007/04/27");
script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/10");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! ereg(pattern:"^(6\.06|6\.10|7\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 6.06 / 6.10 / 7.04", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
flag = 0;
if (ubuntu_check(osver:"6.06", pkgname:"libapache2-mod-php5", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php-pear", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-cgi", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-cli", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-common", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-curl", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-dev", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-gd", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-ldap", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-mhash", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-mysql", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-mysqli", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-odbc", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-pgsql", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-recode", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-snmp", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-sqlite", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-sybase", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-xmlrpc", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"php5-xsl", pkgver:"5.1.2-1ubuntu3.7")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"libapache2-mod-php5", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php-pear", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-cgi", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-cli", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-common", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-curl", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-dev", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-gd", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-ldap", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-mhash", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-mysql", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-mysqli", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-odbc", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-pgsql", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-recode", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-snmp", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-sqlite", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-sybase", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-xmlrpc", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"6.10", pkgname:"php5-xsl", pkgver:"5.1.6-1ubuntu2.4")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"libapache2-mod-php5", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php-pear", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-cgi", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-cli", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-common", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-curl", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-dev", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-gd", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-ldap", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-mhash", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-mysql", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-odbc", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-pgsql", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-pspell", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-recode", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-snmp", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-sqlite", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-sybase", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-tidy", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-xmlrpc", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (ubuntu_check(osver:"7.04", pkgname:"php5-xsl", pkgver:"5.2.1-0ubuntu1.1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libapache2-mod-php5 / php-pear / php5 / php5-cgi / php5-cli / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | libapache2-mod-php5 | p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5 |
| canonical | ubuntu_linux | php-pear | p-cpe:/a:canonical:ubuntu_linux:php-pear |
| canonical | ubuntu_linux | php5 | p-cpe:/a:canonical:ubuntu_linux:php5 |
| canonical | ubuntu_linux | php5-cgi | p-cpe:/a:canonical:ubuntu_linux:php5-cgi |
| canonical | ubuntu_linux | php5-cli | p-cpe:/a:canonical:ubuntu_linux:php5-cli |
| canonical | ubuntu_linux | php5-common | p-cpe:/a:canonical:ubuntu_linux:php5-common |
| canonical | ubuntu_linux | php5-curl | p-cpe:/a:canonical:ubuntu_linux:php5-curl |
| canonical | ubuntu_linux | php5-dev | p-cpe:/a:canonical:ubuntu_linux:php5-dev |
| canonical | ubuntu_linux | php5-gd | p-cpe:/a:canonical:ubuntu_linux:php5-gd |
| canonical | ubuntu_linux | php5-ldap | p-cpe:/a:canonical:ubuntu_linux:php5-ldap |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1375
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1376
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1380
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1484
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1521
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1583
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1700
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1717
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1718
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1824
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1887
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1888
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1900
usn.ubuntu.com/455-1/
Related
openvas
openvas
Ubuntu: Security Advisory (USN-455-1)
2009-03-23 00:00:00
Ubuntu Update for php5 vulnerabilities USN-455-1
2009-03-23 00:00:00
SLES9: Security update for PHP4
2009-10-10 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2007-04-27 00:00:00
nessus
nessus
SuSE 10 Security Update : PHP5 (ZYPP Patch Number 3290)
2007-12-13 00:00:00
Debian DSA-1283-1 : php5 - several vulnerabilities
2007-04-30 00:00:00
openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-3289)
2007-10-17 00:00:00
debian
debian
[SECURITY] [DSA 1283-1] New php5 packages fix several vulnerabilities
2007-04-29 20:16:06
[SECURITY] [DSA 1282-1] New php4 packages fix several vulnerabilities
2007-04-26 18:23:29
suse
suse
remote code execution in php4,php5
2007-05-23 13:16:49
remote code execution in php4,php5
2007-03-15 12:12:23
gentoo
gentoo
PHP: Multiple vulnerabilities
2007-05-26 00:00:00
PHP: Multiple vulnerabilities
2007-03-20 00:00:00
PHP: Multiple vulnerabilities
2007-10-07 00:00:00
securityvulns
securityvulns
Buffer overflow on in PHP sqlite_udf_decode_binary() function
2007-04-08 00:00:00
PHP mail() function invalid characters processing
2007-03-29 00:00:00
PHP multiple security vulnerabilities
2007-06-01 00:00:00
slackware
slackware
[slackware-security] php5
2007-06-01 21:19:18
redhat
redhat
(RHSA-2007:0153) Moderate: php security update
2007-04-20 00:00:00
(RHSA-2007:0162) Moderate: php security update
2007-04-16 00:00:00
(RHSA-2007:0155) Important: php security update
2007-04-16 00:00:00
centos
centos
php security update
2007-04-21 13:47:06
php security update
2007-04-16 16:16:21
php security update
2007-02-19 21:40:07
ubuntucve
ubuntucve
cve
cve
prion
prion
Buffer overflow
2007-04-02 23:19:00
Buffer overflow
2007-04-06 01:19:00
Buffer overflow
2007-04-06 01:19:00
redhatcve
redhatcve
debiancve
debiancve
CVE-2007-1888
2007-04-06 01:19:00
veracode
veracode
CRLF Injection
2020-04-10 00:15:23
Arbitrary Code Execution
2020-04-10 00:15:23
fedora
fedora
[SECURITY] Fedora Core 6 Update: php-5.1.6-3.5.fc6
2007-04-17 12:45:17
[SECURITY] Fedora Core 5 Update: php-5.1.6-1.5
2007-04-18 22:42:03
[SECURITY] Fedora Core 5 Update: php-5.1.6-1.6
2007-05-24 05:24:12
oraclelinux
oraclelinux
Important: php security update
2007-04-16 00:00:00
Important: php security update
2007-06-26 00:00:00
Important: php security update
2007-02-19 00:00:00
f5
f5
K7859 : Multiple PHP vulnerabilities
2013-03-19 00:00:00
SOL7859 - Multiple PHP vulnerabilities
2007-09-16 00:00:00
seebug
seebug
Mac OS X 2007-007更新修复多个安全漏洞
2007-08-02 00:00:00
Related for UBUNTU_USN-455-1.NASL