FreeBSD : databases/postgresql*-server -- crypt vulnerabilities (a8864f8f-aa9e-11e1-a284-0023ae8e59f0)

The PostgreSQL Global Development Group reports : Today the PHP, OpenBSD and FreeBSD communities announced updates to patch a security hole involving their crypt hashing algorithms. This issue is described in CVE-2012-2143. This vulnerability also affects a minority of PostgreSQL users, and will ...

FreeBSD-SA-12:02.crypt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-12:02.crypt Security Advisory The FreeBSD Project Topic: Incorrect crypt hashing Category: core Module: libcrypt Announced: 2012-05-30 Credits: Rubin Xu, Joseph...

FreeBSD -- Incorrect crypt() hashing

Problem description: There is a programming error in the DES implementation used in crypt when handling input which contains characters that cannot be represented with 7-bit ASCII. When the input contains characters with only the most significant bit set 0x80, that character and all characters...

databases/postgresql*-server -- crypt vulnerabilities

The PostgreSQL Global Development Group reports: Today the PHP, OpenBSD and FreeBSD communities announced updates to patch a security hole involving their crypt hashing algorithms. This issue is described in CVE-2012-2143. This vulnerability also affects a minority of PostgreSQL users, and will b...

PHP "crypt()"函数安全限制绕过漏洞

BUGTRAQ ID: 49376 CVE ID: CVE-2011-3189 PHP是一种在电脑上运行的脚本语言，主要用途是在于处理动态网页，包含了命令行运行接口或者产生图形用户界面程序。 PHP在crypt函数的实现上存在安全漏洞，攻击者可利用此漏洞绕过某些安全限制。 0 PHP PHP 5.3.7 PHP PHP 5.3.6 PHP PHP 5.3.5 厂商补丁： PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.php.net HTTP Request: ==== POST...

DSA-2399-1 php5 - several

Bulletin has no description...

CentOS Update for postgresql CESA-2011:1377 centos4 i386

Check for the Version of postgresql OpenVAS Vulnerability Test CentOS Update for postgresql CESA-2011:1377 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

Moderate: Red Hat Security Advisory: php53 and php security update

Updated php53 and php packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...

Medium: postgresql

Issue Overview: A signedness issue was found in the way the crypt function in the PostgreSQL pgcrypto module handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character one with the high bit set had no effect on the hash...

CentOS Update for postgresql CESA-2011:1377 centos5 i386

Check for the Version of postgresql OpenVAS Vulnerability Test CentOS Update for postgresql CESA-2011:1377 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

Ubuntu Update for php5 USN-1231-1

Ubuntu Update for Linux kernel vulnerabilities USN-1231-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12311.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for php5 USN-1231-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...

RedHat Update for postgresql RHSA-2011:1377-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for postgresql CESA-2011:1377 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for postgresql84 CESA-2011:1378 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RedHat Update for postgresql84 RHSA-2011:1378-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : php5 vulnerabilities (USN-1231-1)

Mateusz Kocielski, Marek Kroemeke and Filip Palian discovered that a stack-based buffer overflow existed in the socketconnect function's handling of long pathnames for AFUNIX sockets. A remote attacker might be able to exploit this to execute arbitrary code; however, the default compiler options...

postgresql84 security update

CentOS Errata and Security Advisory CESA-2011:1378 Updated postgresql84 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS ba...

postgresql security update

CentOS Errata and Security Advisory CESA-2011:1377 Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System...

USN-1231-1: PHP Vulnerabilities

Mateusz Kocielski, Marek Kroemeke and Filip Palian discovered that a stack-based buffer overflow existed in the socketconnect function's handling of long pathnames for AFUNIX sockets. A remote attacker might be able to exploit this to execute arbitrary code; however, the default compiler options...

RHEL 6 : postgresql (RHSA-2011:1377)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:1377 advisory. PostgreSQL is an advanced object-relational database management system DBMS. A signedness issue was found in the way the crypt function in the...