25 matches found
Scientific Linux Security Update : php on SL3.x, SL4.x, SL5.x i386/x86_64
A heap-based buffer overflow flaw was found in PHP's mbstring extension. A remote attacker able to pass arbitrary input to a PHP script using mbstring conversion functions could cause the PHP interpreter to crash or, possibly, execute arbitrary code. CVE-2008-5557 A flaw was found in the handling...
PHP mbstring.func_overload Webserver本地拒绝服务漏洞
BUGTRAQ ID: 33542 CVE ID: CVE-2009-0754 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 运行在Apache上的PHP允许本地用户通过修改.htaccess中的mbstring.funcoverload设置来修改同一Web服务器上所承载的其他站点的行为,将设置应用到同一服务器的其他虚拟主机,导致无法正确的处理多字节字符串。 PHP PHP 5.1.6 PHP PHP 4.4.4 厂商补丁: PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://snaps.php.net/...
Gentoo Security Advisory GLSA 201001-03 (php)
The remote host is missing updates announced in advisory GLSA 201001-03. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-593)
php 5.1.9 fixes among other things some security issues : - Missing bounds checks of an error in the imageRotate function of the gd extension potentially allowed attackers to read portions of memory CVE-2008-5498. - the mbstring.funcoverload in .htaccess was applied to other virtual hosts on th...
openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-593)
php 5.1.9 fixes among other things some security issues : - Missing bounds checks of an error in the imageRotate function of the gd extension potentially allowed attackers to read portions of memory CVE-2008-5498. - the mbstring.funcoverload in .htaccess was applied to other virtual hosts on th...
Fedora Core 10 FEDORA-2009-3768 (maniadrive)
The remote host is missing an update to maniadrive announced via advisory FEDORA-2009-3768. OpenVAS Vulnerability Test $Id: fcore20093768.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-3768 maniadrive Authors: Thomas Reinke Copyright: Copyright c...
Fedora Core 9 FEDORA-2009-3848 (maniadrive)
The remote host is missing an update to maniadrive announced via advisory FEDORA-2009-3848. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...
Fedora Core 10 FEDORA-2009-3768 (maniadrive)
The remote host is missing an update to maniadrive announced via advisory FEDORA-2009-3768. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...
[SECURITY] [DSA 1789-1] New php5 packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1789-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst May 04, 2009 http://www.debian.org/security/faq -...
Ubuntu: Security Advisory (USN-761-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu USN-761-1 (php5)
The remote host is missing an update to php5 announced via advisory USN-761-1. OpenVAS Vulnerability Test $Id: ubuntu7611.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7611.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-761-1 php5 Authors: Thomas Reinke...
Mandriva Linux Security Advisory : php (MDVSA-2009:066)
PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.funcoverload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server...
RedHat Security Advisory RHSA-2009:0337
The remote host is missing updates announced in advisory RHSA-2009:0337. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A heap-based buffer overflow flaw was found in PHP's mbstring extension. A remote attacker able to pass arbitrary input to a PHP scrip...
RedHat Security Advisory RHSA-2009:0350
The remote host is missing updates announced in advisory RHSA-2009:0350. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A heap-based buffer overflow flaw was found in PHP SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted...
RHEL 5 : php (RHSA-2009:0338)
Updated php packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A...
CentOS 3 / 4 : php (CESA-2009:0337)
Updated php packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...
RHEL 3 / 4 : php (RHSA-2009:0337)
Updated php packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...
php security update
CentOS Errata and Security Advisory CESA-2009:0337 Updated php packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting...
Moderate: Red Hat Security Advisory: php security update
Updated php packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...
php security update
4.3.9-3.22.15 - fix merge of CVE-2008-3658 patch 4.3.9-3.22.14 - add security fixes for CVE-2008-3658, CVE-2008-3660, CVE-2008-5498, CVE-2008-5557, CVE-2009-0754 487360 - split out gd overflow2 and make global with sane symbol name...