Mandrake Linux Security Advisory : php (MDKSA-2007:048)

A number of vulnerabilities were discovered in PHP language. Many buffer overflow flaws were discovered in the PHP session extension, the strreplace function, and the imapmailcompose function. An attacker able to use a PHP application using any of these functions could trigger these flaws and...

Important: Red Hat Security Advisory: php security update

Updated PHP packages that fix several security issues are now available for Red Hat Application Stack v1.1. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web serve...

security flaw

Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors...

USN-424-1: PHP vulnerabilities

Multiple buffer overflows have been discovered in various PHP modules. If a PHP application processes untrusted data with functions of the session or zip module, or various string functions, a remote attacker could exploit this to execute arbitrary code with the privileges of the web server...

CentOS 3 / 4 : php (CESA-2007:0076)

Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...

security flaw

Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors...

Important: Red Hat Security Advisory: php security update

Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...

Powerschool 4.3.6/5.1.2 - JavaScript File Request Information Disclosure

source: https://www.securityfocus.com/bid/22611/info Powerschool is prone to an information-disclosure vulnerability because the application discloses information about administrative session variables. An attacker can exploit these issue to obtain sensitive information that may aid in other...

Design/Logic Flaw

The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges, probably via modified $mysql'pass' and $gbpass variables...

Design/Logic Flaw

Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function...

CVE-2007-0910

Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors...

CVE-2007-0910

Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors...

Code injection

Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors...

CVE-2007-0910

CVE-2007-0910 refers to an unspecified vulnerability in PHP prior to 5.2.1 that allows an attacker to clobber certain super-global variables via unspecified vectors. The connected OpenVAS entries corroborate that PHP

[PHP-DEV] PHP 5.2.1 crashing Apache/IIS...

Heads up! Installed the latest Win32 binaries of thread-safe PHP 5.2.1 on Win32 Apache and IIS. PHP started crashing definitely PHP - php5ts.dll when I went to access the MyProBB web forum. Win32 Apache flat out crashes, IIS bails with HTTP 500 errors. Forum crashes PHP 5.2.1:...

Exploits "ps" command (also /usr/ucb/ps) on HP OSF1 v5.1 Alpha

No description provided by source. !/bin/ksh osf1tru64ps.ksh exploit Tested on OSF1 V5.1 1885 alpha ps executable - information leak Author: Andrea "bunker" Purificato http://rawlab.mindcreations.com the "ps" command also /usr/ucb/ps on HP OSF1 v5.1 Alpha,...

CVE-2007-0805

The ps /usr/ucb/ps command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to CVE-1999-1587...

CVE-2007-0805

The ps /usr/ucb/ps command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive information, including environment variables of arbitrary processes, via the "auxewww" argument, a similar issue to CVE-1999-1587...

HP Tru64 Alpha OSF1 v5.1 (ps) Information Leak Exploit

No description provided by source. !/bin/ksh osf1tru64ps.ksh exploit Tested on OSF1 V5.1 1885 alpha ps executable - information leak Author: Andrea "bunker" Purificato http://rawlab.mindcreations.com the "ps" command also /usr/ucb/ps on HP OSF1 v5.1 Alpha, developed without an eye to security,...

OSF/1 ps information leak

ps show environment variables for all processes...