11 matches found
SUSE CVE-2009-4024
Argument injection vulnerability in the ping function in Ping.php in the NetPing package before 2.4.5 for PEAR allows remote attackers to execute arbitrary shell commands via the host parameter. NOTE: this has also been reported as a shell metacharacter problem...
Debian DSA-1949-1 : php-net-ping - programming error
It was discovered that php-net-ping, a PHP PEAR module to execute ping independently of the Operating System, performs insufficient input sanitising, which might be used to inject arguments no CVE yet or execute arbitrary commands CVE-2009-4024 on a system that uses php-net-ping. %NASLMINLEVEL...
FreeBSD Ports: pear-Net_Ping
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Debian: Security Advisory (DSA-1949-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 1949-1] New php-net-ping packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1949-1 [email protected] http://www.debian.org/security/ Raphael Geissert December 12, 2009 http://www.debian.org/security/faq -...
DSA-1949-1 php-net-ping - arbitrary code execution
Bulletin has no description...
Fedora 10 : php-pear-Net-Ping-2.4.5-1.fc10 (2009-12156)
Upstream Changelog Version 2.4.5 - QA Release: Prevent command injection saltybeagle CVE-2009-4024 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
Fedora 11 : php-pear-Net-Ping-2.4.5-1.fc11 (2009-11613)
Upstream Changelog Version 2.4.5 - QA Release: Prevent command injection saltybeagle CVE-2009-4024 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
Fedora 12 : php-pear-Net-Ping-2.4.5-1.fc12 (2009-11523)
Upstream Changelog Version 2.4.5 - QA Release: Prevent command injection saltybeagle CVE-2009-4024 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
CVE-2009-4024
Argument injection vulnerability in the ping function in Ping.php in the NetPing package before 2.4.5 for PEAR allows remote attackers to execute arbitrary shell commands via the host parameter. NOTE: this has also been reported as a shell metacharacter problem...
CVE-2009-4024
CVE-2009-4024 affects php-net-ping (PEAR Net_Ping). The vulnerability is in Ping.php, where insufficient input sanitising allows remote attackers to inject commands via the host parameter, enabling remote code execution. Affected versions are prior to 2.4.5; multiple advisories (Debian DSA-1949-1...