CentOS Update for postgresql CESA-2011:1377 centos5 i386

Check for the Version of postgresql OpenVAS Vulnerability Test CentOS Update for postgresql CESA-2011:1377 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

RedHat Update for postgresql RHSA-2011:1377-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for postgresql84 RHSA-2011:1378-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

postgresql84 security update

CentOS Errata and Security Advisory CESA-2011:1378 Updated postgresql84 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS ba...

postgresql security update

CentOS Errata and Security Advisory CESA-2011:1377 Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System...

USN-1231-1: PHP Vulnerabilities

Mateusz Kocielski, Marek Kroemeke and Filip Palian discovered that a stack-based buffer overflow existed in the socketconnect function's handling of long pathnames for AFUNIX sockets. A remote attacker might be able to exploit this to execute arbitrary code; however, the default compiler options...

Moderate: Red Hat Security Advisory: postgresql security update

Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

PHP 5.3.7 Security Bypass Vulnerability

PHP is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

CVE-2011-3268

Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483...

Buffer overflow

Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483...

CVE-2011-3268

Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483...

Authentication flaw

The crypt function in PHP 5.3.7, when the MD5 hash type is used, returns the value of the salt argument instead of the hashed string, which might allow remote attackers to bypass authentication via an arbitrary password, a different vulnerability than CVE-2011-2483...

CVE-2011-3189

The crypt function in PHP 5.3.7, when the MD5 hash type is used, returns the value of the salt argument instead of the hashed string, which might allow remote attackers to bypass authentication via an arbitrary password, a different vulnerability than CVE-2011-2483...

CVE-2011-3189

The crypt function in PHP 5.3.7, when the MD5 hash type is used, returns the value of the salt argument instead of the hashed string, which might allow remote attackers to bypass authentication via an arbitrary password, a different vulnerability than CVE-2011-2483...

CVE-2011-3189

CVE-2011-3189 affects PHP 5.3.7: when using the MD5 hash type in the crypt() function, it returns the salt value instead of the hashed password, potentially allowing authentication bypass with an arbitrary password. This is noted as a different issue from CVE-2011-2483; no further technical detai...

PHP 5.3.8 Released, Fixes Crypto Bug

A day after warning users about a serious bug in the cryptographic function in PHP 5.3.7 and telling them not to upgrade to that release, the maintainers of the scripting language pushed out version 5.3.8, which fixes the crypto problem as well as another security related issue. PHP 5.3.7, which...

PHP 5.3.7 crypt() MD5 Incorrect Return Value

According to its banner, PHP 5.3.7 is installed on the remote host. This version contains a bug in the crypt function when generating salted MD5 hashes. The function only returns the salt rather than the salt and hash. Any authentication mechanism that uses crypt could authorize all authenticatio...

PHP 5.3.x < 5.3.7 crypt() MD5 Incorrect Return Value

Binary data 6017.prm...

PHP &quot;crypt()&quot; MD5 Salt安全漏洞

PHP是流行的脚本语言环境。 PHP在"crypt"函数的实现上存在安全漏洞，远程攻击者可利用此漏洞绕过某些安全限制。 此漏洞源于"crypt"函数在生成有salt的MD5哈希时，仅返回salt PHP 5.3.x 厂商补丁： PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.php.net...

CVE-2007-2844

PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access...