10 matches found
K15903: Multiple PHP vulnerabilities
Security Advisory Description Description CVE-2012-3365 The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the openbasedir protection mechanism via unspecified vectors. CVE-2012-2329 Buffer overflow in the apacherequestheaders function in sapi/cgi/cgimain.c in PHP 5.4...
SUSE CVE-2012-2143
The cryptdes aka DES-based crypt function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an...
The vulnerability of the crypt_des function in the FreeBSD operating system, which allows a hacker to increase their privileges
The vulnerability of the cryptdes function in the PostgreSQL database management system, the FreeBSD operating system, and the PHP programming language interpreter is related to errors in processing fully open text passwords when the password contains the character 0x80. Exploiting this...
Authentication Bypass
postgresql is vulnerable to authentication bypass attacks. The vulnerability exists as the cryptdes aka DES-based crypt function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80...
Amazon Linux: Security Advisory (ALAS-2012-95)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : postgresql9 (ALAS-2012-91)
The cryptdes aka DES-based crypt function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an...
FreeBSD Ports: FreeBSD
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2012-2143
CVE-2012-2143 : The crypt_des (DES-based crypt) function in FreeBSD, as used by PHP, PostgreSQL, and other products, does not process the complete cleartext password when the password contains a 0x80 byte. This can allow context-dependent attackers to obtain access via an authentication attempt t...
Medium: postgresql9
Issue Overview: The cryptdes aka DES-based crypt function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain...
CVE-2012-2143
The cryptdes aka DES-based crypt function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an...