PHP < 5.2.7 Multiple Vulnerabilities

PHP is prone to multiple vulnerabilities. Copyright C 2012 NopSec Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or...

HP-UX Update for Apache Web Server Suite HPSBUX02431

Check for the Version of Apache Web Server Suite OpenVAS Vulnerability Test HP-UX Update for Apache Web Server Suite HPSBUX02431 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

[slackware-security] php

New php packages are available for Slackware 12.0, 12.1, and -current to fix security issues, as well as make improvements and fix bugs. Here are the details from the Slackware 12.1 ChangeLog: patches/packages/php-5.2.7-i486-1slack12.1.tgz: Upgraded to php-5.2.7. In addition to improvements and b...

Slackware 12.0 / 12.1 / current : php (SSA:2008-339-01)

New php packages are available for Slackware 12.0, 12.1, and -current to fix security issues, as well as make improvements and fix bugs. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory...

Gentoo Security Advisory GLSA 200811-05 (php)

The remote host is missing updates announced in advisory GLSA 200811-05. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200811-05 (php)

The remote host is missing updates announced in advisory GLSA 200811-05. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PHP 5 'chdir()'和'ftok()' 'safe_mode'安全绕过漏洞

BUGTRAQ ID: 29796 CVE ID：CVE-2008-2666 CNCVE ID：CNCVE-20082666 PHP 5是一款开放源代码的网络编程语言。 PHP 5 'chdir'和'ftok'函数存在'safemode绕过问题，远程攻击者可以利用漏洞在未授权位置检测文件是否存在等敏感信息。 问题代码如下： - --- PHPFUNCTIONchdir char str; int ret, strlen; if zendparseparametersZENDNUMARGS TSRMLSCC, "s", &str, &strlen == FAILURE RETURNFALS...

PHP chdir()和ftok()函数绕过safe_mode限制漏洞

BUGTRAQ ID: 29796 CVECAN ID: CVE-2008-2666 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 PHP的chdir和ftok函数中存在多个绕过safemode限制漏洞。 在chdir函数中： - --- PHPFUNCTIONchdir char str; int ret, strlen; if zendparseparametersZENDNUMARGS TSRMLSCC, "s", &str, &strlen == FAILURE RETURNFALSE; if PGsafemode &&...

CVE-2008-2666

creationtimestamp| type| source ---|---|--- 2008-06-18 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/31937...