74 matches found
openSUSE Security Update : php7 (openSUSE-2021-305)
This update for php7 fixes the following issues : - CVE-2021-21702 bsc1182049: NULL pointer dereference in SoapClient This update was imported from the SUSE:SLE-15-SP2:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fro...
SUSE-SU-2021:0522-1 Security update for php74
This update for php74 fixes the following issues: - CVE-2021-21702 bsc1182049: NULL pointer dereference in SoapClient...
OPENSUSE-SU-2021:0305-1 Security update for php7
This update for php7 fixes the following issues: - CVE-2021-21702 bsc1182049: NULL pointer dereference in SoapClient This update was imported from the SUSE:SLE-15-SP2:Update update project...
SUSE SLES12 Security Update : php72 (SUSE-SU-2021:0498-1)
This update for php72 fixes the following issues : CVE-2021-21702 bsc1182049: NULL pointer dereference in SoapClient Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format i...
SUSE SLED15 / SLES15 Security Update : php7 (SUSE-SU-2021:0494-1)
This update for php7 fixes the following issues : CVE-2021-21702 bsc1182049: NULL pointer dereference in SoapClient Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it...
Security update for php7 (important)
openSUSE Security Update: Security update for php7 Announcement ID: openSUSE-SU-2021:0305-1 Rating: important References: 1182049 Cross-References: CVE-2021-21702 CVSS scores: CVE-2021-21702 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.2 An update tha...
SUSE-SU-2021:0498-1 Security update for php72
This update for php72 fixes the following issues: - CVE-2021-21702 bsc1182049: NULL pointer dereference in SoapClient...
SUSE-SU-2021:0494-1 Security update for php7
This update for php7 fixes the following issues: - CVE-2021-21702 bsc1182049: NULL pointer dereference in SoapClient...
CVE-2021-21702 Null Dereference in SoapClient
In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP server could return malformed XML data as a response that would cause PHP to access a null pointer and thus cause a crash...
Updated php packages fix a security vulnerability
The php packages are updated to version 7.3.27 to fix a Null Dereference in SoapClient SOAP. CVE-2021-21702. Note also php packages version 7.4.15-1.mga7 are available in backports/updates...
MGASA-2021-0076 Updated php packages fix a security vulnerability
The php packages are updated to version 7.3.27 to fix a Null Dereference in SoapClient SOAP. CVE-2021-21702. Note also php packages version 7.4.15-1.mga7 are available in backports/updates...
[ASA-202102-15] php: denial of service
Arch Linux Security Advisory ASA-202102-15 ========================================== Severity: Medium Date : 2021-02-07 CVE-ID : CVE-2021-21702 Package : php Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1531 Summary ======= The package php before version 8.0.2-...
Denial Of Service (DoS)
php7 is vulnerable to denial of service. PHP will crash with a SIGSEGV whenever an XML is provided to the SoapClient query function without an existing field...
PHP < 7.3.27, 7.4.x < 7.4.15, 8.0.x < 8.0.2 NULL Deference Vulnerability (Feb 2021) - Linux
PHP is prone to a NULL dereference vulnerability in the SoapClient. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if...
PHP < 7.3.27, 7.4.x < 7.4.15, 8.0.x < 8.0.2 NULL Deference Vulnerability (Feb 2021) - Windows
PHP is prone to a NULL dereference vulnerability in the SoapClient. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if...
PHP Code Issues Vulnerabilities
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language jointly maintained by the PHP community. The language is primarily used for web development and supports a variety of databases and operating systems. A code issue exists in Php SoapClient, which can be...
NtlmRelayToEWS - Ntlm Relay Attack To Exchange Web Services
ntlmRelayToEWS is a tool for performing ntlm relay attacks on Exchange Web Services EWS. It spawns an SMBListener on port 445 and an HTTPListener on port 80, waiting for incoming connection from the victim. Once the victim connects to one of the listeners, an NTLM negociation occurs and is relaye...
PHP SoapClient Function Denial of Service Vulnerability
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...
CVE-2015-8835
The makehttpsoaprequest function in ext/soap/phphttp.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not properly retrieve keys, which allows remote attackers to cause a denial of service NULL pointer dereference, type confusion, and application crash or possibly execute...
CVE-2015-4600
The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the 1...