328 matches found
RHEL 4 : php (RHSA-2012:0071)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0071 advisory. - php: buffer over-read in Exif extension CVE-2011-0708 - php: Crash by converting serial day numbers SDN into Julian calendar CVE-2011-1466...
Fedora 16 : maniadrive-1.2-32.fc16 / php-5.3.8-1.fc16 / php-eaccelerator-0.9.6.1-9.fc16 (2011-11464)
Security Enhancements and Fixes : - Updated cryptblowfish to 1.2. CVE-2011-2483 - Fixed crash in errorlog. Reported by Mateusz Kocielski - Fixed buffer overflow on overlog salt in crypt. - Fixed bug 54939 File path injection vulnerability in RFC1867 File upload filename. Reported by Krzysztof...
[slackware-security] php (SSA:2011-237-01)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security php SSA:2011-237-01 New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: +--------------------------+...
php -- multiple vulnerabilities
PHP development team reports: Security Enhancements and Fixes in PHP 5.3.7: Updated cryptblowfish to 1.2. CVE-2011-2483 Fixed crash in errorlog. Reported by Mateusz Kocielski Fixed buffer overflow on overlog salt in crypt. Fixed bug 54939 File path injection vulnerability in RFC1867 File upload...
Path traversal
The rfc1867posthandler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request...
CVE-2011-2202
CVE-2011-2202 details (from provided sources): In PHP before 5.3.7, rfc1867_post_handler in main/rfc1867.c does not properly restrict filenames in multipart/form-data POST requests, enabling remote attackers to perform absolute path traversal via a crafted upload and possibly create or overwrite ...
VS-Link-Partner 2.1 - script_pfad Remote File Inclusion
VS-Link-Partner 2.1 - scriptpfad Remote File Inclusion VS-Link-Partner //'=============================================================================================== //'Script Name: VS-Link-Partner //'.... //'.. //'ERROR--------------------------------------------------------- // ajann,Turkey...
FreeBSD-SA-01:45.samba
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:45 Security Advisory FreeBSD, Inc. Topic: samba Category: ports Module: samba Announced: 2001-07-10 Credits: Michal Zalewski Affects: Ports collection prior to the...