Medium: php

Issue Overview: The upstream advisory describes this issue as follows: A memory-related vulnerability in PHP's filter handling system, particularly when processing input with convert.quoted-printable-decode filters, leads to a segmentation fault. This vulnerability is triggered through specific...

Debian: Security Advisory (DSA-2079-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-790-1 : mapserver security update

It was discovered that mapserver, a CGI-based framework for Internet map services, was vulnerable to a stack-based overflow. This issue allowed a remote user to crash the service, or potentially execute arbitrary code. For Debian 7 'Wheezy', these problems have been fixed in version...

[SECURITY] [DSA 3766-1] mapserver security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3766-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 19, 2017 https://www.debian.org/security/faq -...

Debian DLA-734-1 : mapserver security update

It was discovered that there was an information leakage vulnerability in mapserver, a CGI-based framework for Internet map services. For Debian 7 'Wheezy', this issue has been fixed in mapserver version 6.0.1-3.2+deb7u3. We recommend that you upgrade your mapserver packages. NOTE: Tenable Network...

mnoGoSearch Detection

The remote web server hosts mnoGoSearch, a CGI-based web search engine application formerly known as UdmSearch. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65901; scriptversion"1.4"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/06/01";...

Mandriva Update for php MDVSA-2012:068 (php)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 15 : maniadrive-1.2-32.fc15.5 / php-5.3.13-1.fc15 / php-eaccelerator-0.9.6.1-9.fc15.5 (2012-7567)

The releases complete a fix for a vulnerability in CGI-based setups CVE-2012-2311. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 16 : maniadrive-1.2-32.fc16.5 / php-5.3.13-1.fc16 / php-eaccelerator-0.9.6.1-9.fc16.5 (2012-7586)

The releases complete a fix for a vulnerability in CGI-based setups CVE-2012-2311. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 17 : maniadrive-1.2-40.fc17 / php-5.4.3-1.fc17 (2012-7628)

The releases complete a fix for a vulnerability in CGI-based setups CVE-2012-2311. PHP 5.4.3 fixes a buffer overflow vulnerability in the apacherequestheaders CVE-2012-2329. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...

FreeBSD : php -- multiple vulnerabilities (59b68b1e-9c78-11e1-b5e0-000c299b62e1)

The PHP Development Team reports : The release of PHP 5.4.13 and 5.4.3 complete a fix for the vulnerability in CGI-based setups as originally described in CVE-2012-1823. CVE-2012-2311 Note: modphp and php-fpm are not vulnerable to this attack. PHP 5.4.3 fixes a buffer overflow vulnerability in th...

Another Set of PHP Releases Pushed Out to Fix CVE-2012-1823 Flaw

For the second time in less than a week, the developers of PHP have released new versions of the language that include a fix for the remotely exploitable vulnerability that was disclosed last week. The group is encouraging users to upgrade to PHP 5.4.3 or 5.3.13 immediately. The vulnerability...

php -- multiple vulnerabilities

The PHP Development Team reports: The release of PHP 5.4.13 and 5.4.3 complete a fix for the vulnerability in CGI-based setups as originally described in CVE-2012-1823. CVE-2012-2311 Note: modphp and php-fpm are not vulnerable to this attack. PHP 5.4.3 fixes a buffer overflow vulnerability in the...

Mandriva Linux Security Advisory : php (MDVSA-2012:068-1)

A vulnerability has been found and corrected in php-cgi : PHP-CGI-based setups contain a vulnerability when parsing query string parameters from php files. A remote unauthenticated attacker could obtain sensitive information, cause a denial of service condition or may be able to execute arbitrary...

FreeBSD : php -- vulnerability in certain CGI-based setups (60de13d5-95f0-11e1-806a-001143cd36d8)

php development team reports : Security Enhancements and Fixes in PHP 5.3.12 : - Initial fix for cgi-bin ?-s cmdarg parse issue CVE-2012-1823 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database ...

PHP < 5.3.13, 5.4.x < 5.4.3 Multiple Vulnerabilities - Active Check

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.103482"...

php -- vulnerability in certain CGI-based setups

php development team reports: Security Enhancements and Fixes in PHP 5.3.12: Initial fix for cgi-bin ?-s cmdarg parse issue CVE-2012-1823...

Debian DSA-2285-1 : mapserver - several vulnerabilities

Several vulnerabilities have been discovered in mapserver, a CGI-based web framework to publish spatial data and interactive mapping applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-2703 Several instances of insufficient escaping of use...

DSA-2285-1 mapserver - several

Bulletin has no description...

[SECURITY] [DSA 2285-1] mapserver security update

-------------------------------------------------------------------------- Debian Security Advisory DSA-2285-1 [email protected] http://www.debian.org/security/ Nico Golde July 26, 2011 http://www.debian.org/security/faq -...