18 matches found
Fedora Update for php FEDORA-2013-12354
Check for the Version of php OpenVAS Vulnerability Test Fedora Update for php FEDORA-2013-12354 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
HP System Management Homepage < 7.2.1.0 Multiple Vulnerabilities (BEAST)
According to the web server's banner, the version of HP System Management Homepage SMH hosted on the remote web server is a version prior to 7.2.1.0. It is, therefore, affected by the following vulnerabilities : - An information disclosure vulnerability, known as BEAST, exists in the SSL 3.0 and...
[security bulletin] HPSBMU02900 rev.2 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03839862 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03839862 Version: 2 HPSBMU02900 rev....
Fedora Update for php FEDORA-2013-3927
Check for the Version of php OpenVAS Vulnerability Test Fedora Update for php FEDORA-2013-3927 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...
Fedora Update for php FEDORA-2013-3927
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PHP apache_request_headers Function Buffer Overflow (CVE-2012-2329)
A buffer overflow was reported in the apacherequestheaders function in PHP. The vulnerability is due to the insecure handling of the HTTP headers. An attacker can exploit this issue by sending a specially crafted HTTP request to the target server. Successful exploitation may allow the attacker to...
Fedora Update for php FEDORA-2012-10936
Check for the Version of php OpenVAS Vulnerability Test Fedora Update for php FEDORA-2012-10936 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Fedora Update for php FEDORA-2012-7628
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for maniadrive FEDORA-2012-7628
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for php FEDORA-2012-10936
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2012-2329
creationtimestamp| type| source ---|---|--- 2012-06-17 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/19231 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/phpapacherequestheadersbof.rb 2018-05-29...
Avoid underscore/tolower
Underscore/tolower Safe Encoder used to exploit CVE-2012-2329. It is a modified version of the 'Avoid UTF8/tolower' encoder by skape. Please check the documentation of the skape encoder before using it. As the original, this encoder expects ECX pointing to the start of the encoded payload. Also...
FreeBSD Ports: php5
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Fedora 17 : maniadrive-1.2-40.fc17 / php-5.4.3-1.fc17 (2012-7628)
The releases complete a fix for a vulnerability in CGI-based setups CVE-2012-2311. PHP 5.4.3 fixes a buffer overflow vulnerability in the apacherequestheaders CVE-2012-2329. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...
FreeBSD : php -- multiple vulnerabilities (59b68b1e-9c78-11e1-b5e0-000c299b62e1)
The PHP Development Team reports : The release of PHP 5.4.13 and 5.4.3 complete a fix for the vulnerability in CGI-based setups as originally described in CVE-2012-1823. CVE-2012-2311 Note: modphp and php-fpm are not vulnerable to this attack. PHP 5.4.3 fixes a buffer overflow vulnerability in th...
CVE-2012-2329
CVE-2012-2329 affects PHP 5.4.x prior to 5.4.3, where a buffer overflow in the apache_request_headers function (sapi/cgi/cgi_main.c) can be triggered by a long HTTP header string, enabling remote denial of service (application crash). The issue is fixed in PHP 5.4.3 (ChangeLog-5.php#5.4.3).
CVE-2012-2329 PHP Apache Request Headers
Buffer overflow in the apacherequestheaders function in sapi/cgi/cgimain.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service application crash via a long string in the header of an HTTP request. Recent assessments: wchen-r7 at September 12, 2019 6:07pm UTC reported: —...
Another Set of PHP Releases Pushed Out to Fix CVE-2012-1823 Flaw
For the second time in less than a week, the developers of PHP have released new versions of the language that include a fix for the remotely exploitable vulnerability that was disclosed last week. The group is encouraging users to upgrade to PHP 5.4.3 or 5.3.13 immediately. The vulnerability...