openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-5934)

This update of php5 fixes a directory traversal bug in ZipArchive CVE-2008-5658 and a buffer overflow in the mstring extension CVE-2008-5557. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-5787)

This update fixes a buffer overflow in phpimap.c that uses an old IMAP API. This bug can be exploited to execute arbitrary code remotely via long IMAP requests. CVE-2008-2829 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-5546)

CVE-2008-3658, CVE-2008-3659 and CVE-2008-3660 have been fixed in the php5 update. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update apache2-modphp5-5546. The text description of this plugin is ...

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-5379)

This update of php5 fixes : - possible stack-based buffer overflow CVE-2008-2050 - incomplete escapeshellcmd CVE-2008-2051 - printf integer overflow CVE-2008-1384 - insecure GENERATESEED macro CVE-2008-2107 - timezone update for DST in Pakistan %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-4810)

This update fixes multiple bugs in php : - use system pcre library to fix several pcre vulnerabilities CVE-2007-1659, CVE-2006-7230, CVE-2007-1660, CVE-2006-7227 CVE-2005-4872, CVE-2006-7228 - Flaws in processing multi byte sequences in htmlentities/htmlspecialchars CVE-2007-5898 - overly long...

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-2039)

the CURL module lacked checks for control characters CVE-2006-2563 - strrepeat contained an integer overflow - ext/wddx contained a buffer overflow - memorylimit lacked checks for integer overflows - a bug in sscanf could potentially be exploited to execute arbitrary code CVE-2006-4020 - an...

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-2153)

The inirestore method could be exploited to reset options set in the webserver config to their default values CVE-2006-4625. The memory handling routines contained an integer overflow CVE-2006-4812. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in th...

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-3978)

This update fixes multiple bugs in php : - predictable generaton of an initialization vector IV in the mcrypt extension - additional cookie attributes could be injected via a session id - specially crafted files could cause integer overflows in gd and leverage them to at least crash gd based...

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-3979)

This update fixes multiple bugs in php : - predictable generaton of an initialization vector IV in the mcrypt extension - additional cookie attributes could be injected via a session id - specially crafted files could cause integer overflows in gd and leverage them to at least crash gd based...

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-2238)

This update fixes the following security problems in the PHP scripting language : - CVE-2006-5465: Various buffer overflows in htmlentities/htmlspecialchars internal routines could be used to crash the PHP interpreter or potentially execute code, depending on the PHP application used. - A missing...

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-3288)

This Update fixes numerous vulnerabilities in PHP. Most of them were made public during the 'Month of PHP Bugs'. The vulnerabilities potentially lead to crashes, information leaks or even execution of malicious code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...