14 matches found
SUSE CVE-2007-2509
CRLF injection vulnerability in the ftpputcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands...
Mandriva Update for php MDKSA-2007:102 (php)
Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDKSA-2007:102 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Fedora Update for php FEDORA-2007-526
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Gentoo Security Advisory GLSA 200705-19 (php)
The remote host is missing updates announced in advisory GLSA 200705-19. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Debian Security Advisory DSA 1295-1 (php5)
The remote host is missing an update to php5 announced via advisory DSA 1295-1. OpenVAS Vulnerability Test $Id: deb12951.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1295-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
SuSE 10 Security Update : PHP5 (ZYPP Patch Number 3754)
The following issues have been fixed : - missing openbasedir and safemode restriction. CVE-2007-3007 - chunksplit integer overflow. CVE-2007-2872 - DoS condition in libgd's image processing. CVE-2007-2756 - possible super-global overwrite inside importrequestvariables. CVE-2007-1396 - buffer...
php security update
CentOS Errata and Security Advisory CESA-2007:0888-01 Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an embedded-HTML scripting...
openSUSE 10 Security Update : php5 (php5-3753)
The following issues have been fixed in PHP, which were spotted by the MOPB project or fixed in PHP 5.2.3 release : - missing openbasedir and safemode restriction CVE-2007-3007 - chunksplit integer overflow CVE-2007-2872 - DoS condition in libgd's image processing CVE-2007-2756 - possible...
CentOS 3 : php (CESA-2007:0889)
Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server...
[SECURITY] [DSA 1296-1] New php4 packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 1296-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 21st, 2007 http://www.debian.org/security/faq -...
Fedora Core 6 : php-5.1.6-3.6.fc6 (2007-503)
This update fixes a number of security issues in PHP. A heap buffer overflow flaw was found in the PHP 'xmlrpc' extension. A PHP script which implements an XML-RPC server using this extension could allow a remote attacker to execute arbitrary code as the 'apache' user. Note that this flaw does no...
Mandrake Linux Security Advisory : php (MDKSA-2007:102)
A heap buffer overflow flaw was found in the xmlrpc extension for PHP. A script that implements an XML-RPC server using this extension could allow a remote attacker to execute arbitrary code as the apache user. This flaw does not, however, affect PHP applications using the pure-PHP XMLRPC class...
php security update
CentOS Errata and Security Advisory CESA-2007:0349 Updated PHP packages that fix two security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language...
CVE-2007-2509
CVE-2007-2509 describes a CRLF injection vulnerability in PHP’s ftp_putcmd function that allows remote attackers to inject arbitrary FTP commands via CRLF sequences in parameters to earlier FTP commands. Public details in connected advisories confirm the issue affects PHP before 4.4.7 and 5.x bef...