13 matches found
Slackware Advisory SSA:2010-024-02 php
The remote host is missing an update as announced via advisory SSA:2010-024-02. OpenVAS Vulnerability Test $Id: esoftslkssa201002402.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...
Slackware: Security Advisory (SSA:2010-024-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PHP < 5.3.1 Multiple Vulnerabilities
PHP is prone to multiple vulnerabilities. Copyright C 2012 NopSec Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or...
Mandriva Linux Security Advisory : php (MDVSA-2009:302)
Some vulnerabilities were discovered and corrected in php-5.3.1 : - Added maxfileuploads INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion. Ilia - Added missing sanity checks around exif...
[slackware-security] php
New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2009-3557 https://vulners.com/cve/CVE-2009-3558...
Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / current : php (SSA:2010-024-02)
New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2010-024-02. The text itself ...
FreeBSD Ports: php5
The remote host is missing an update to the system as announced in the referenced advisory. VID 39a25a63-eb5c-11de-b650-00215c6a37bb OpenVAS Vulnerability Test $ Description: Auto generated from VID 39a25a63-eb5c-11de-b650-00215c6a37bb Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Mandriva Security Advisory MDVSA-2009:324 (php)
The remote host is missing an update to php announced via advisory MDVSA-2009:324. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...
Mandriva Security Advisory MDVSA-2009:303 (php)
The remote host is missing an update to php announced via advisory MDVSA-2009:303. OpenVAS Vulnerability Test $Id: mdksa2009303.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:303 php Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Mandriva Security Advisory MDVSA-2009:303 (php)
The remote host is missing an update to php announced via advisory MDVSA-2009:303. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...
Ubuntu: Security Advisory (USN-862-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PHP tempname()函数绕过safe_mode安全限制漏洞
BUGTRAQ ID: 36555 CVE ID: CVE-2009-3557 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP的tempnam中的错误可能允许绕过safemode限制。以下是ext/standard/file.c中的有漏洞代码段: PHPFUNCTIONtempnam char dir, prefix; int dirlen, prefixlen; sizet plen; char openedpath; char p; int fd; if zendparseparametersZENDNUMARGS TSRMLSCC, "ss"...
CVE-2009-3557
The CVE-2009-3557 vulnerability affects PHP 5.2.11 and earlier, and 5.3.x before 5.3.1. It concerns the tempnam function in ext/standard/file.c, which can bypass safe_mode restrictions and allow creation of files in group-writable or world-writable directories via the dir and prefix arguments. Th...