16 matches found
SUSE CVE-2009-4143
PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to 1 interrupt corruption of the SESSION superglobal array and 2 the session.savepath directive...
Slackware Advisory SSA:2010-024-02 php
The remote host is missing an update as announced via advisory SSA:2010-024-02. OpenVAS Vulnerability Test $Id: esoftslkssa201002402.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...
Slackware: Security Advisory (SSA:2010-024-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[security bulletin] HPSBMA02568 SSRT100219 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), HTTP Response Splitting, and Other Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02512995 Version: 1 HPSBMA02568 SSRT100219 rev.1 - HP System Management Homepage SMH for Linux and Windows, Remote Cross Site Scripting XSS, HTTP Response Splitting, and Other Vulnerabilities...
Mandriva Linux Security Advisory : php (MDVSA-2010:045)
A vulnerability has been found and corrected in php : PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to 1 interrupt corruption of the SESSION superglobal array and 2 the session.savepath directive CVE-2009-4143. Packages for 2008.0...
Debian DSA-2002-1 : polipo - denial of service
Several denial of service vulnerabilities have been discovered in polipo, a small, caching web proxy. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3305 A malicous remote server could cause polipo to crash by sending an invalid Cache-Control heade...
[SECURITY] [DSA-2002-1] New polipo packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-2002-1 [email protected] http://www.debian.org/security/ Stefan Fritsch February 19, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA-2002-1] New polipo packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-2002-1 [email protected] http://www.debian.org/security/ Stefan Fritsch February 19, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA-2001-1] New php5 packages fix multiple vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-2001-1 [email protected] http://www.debian.org/security/ Raphael Geissert February 19, 2010 http://www.debian.org/security/faq -...
Mandriva Update for urpmi MDVA-2010:045 (urpmi)
Check for the Version of urpmi OpenVAS Vulnerability Test Mandriva Update for urpmi MDVA-2010:045 urpmi Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Mandriva Update for urpmi MDVA-2010:045 (urpmi)
Check for the Version of urpmi OpenVAS Vulnerability Test Mandriva Update for urpmi MDVA-2010:045 urpmi Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
[slackware-security] php
New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2009-3557 https://vulners.com/cve/CVE-2009-3558...
Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / current : php (SSA:2010-024-02)
New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2010-024-02. The text itself ...
Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : php5 vulnerabilities (USN-882-1)
Maksymilian Arciemowicz discovered that PHP did not properly handle the inirestore function. An attacker could exploit this issue to obtain random memory contents or to cause the PHP server to crash, resulting in a denial of service. CVE-2009-2626 It was discovered that the htmlspecialchars...
FreeBSD Ports: php5
The remote host is missing an update to the system as announced in the referenced advisory. VID 39a25a63-eb5c-11de-b650-00215c6a37bb OpenVAS Vulnerability Test $ Description: Auto generated from VID 39a25a63-eb5c-11de-b650-00215c6a37bb Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
CVE-2009-4143
CVE-2009-4143 affects PHP ≤ 5.2.11 (listed as 5.2.12 exclusion) where session data handling is improper, specifically interrupt corruption of the $_SESSION array and mismanagement of session.save_path. This is referenced in multiple advisories and included in HP/HPE SMH and Debian/OpenVAS records...