7 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-3981
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the...
Gratipay: PHP 5.4.45 is Outdated and Full of Preformance Interupting Arbitrary Code Execution Bugs
Your PHP version is affected by quite a few remote arbitrary code execution, remote file renaming, and remote file rewriting bugs that require no authentication and can cause big problems, from performance interruptions and messing with server files to DoS attacks. These are not related to any...
Gentoo Security Advisory GLSA 201408-11
Gentoo Linux Local Security Checks GLSA 201408-11 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
PHP 5.6.0 Multiple Vulnerabilities
According to its banner, the version of PHP installed on the remote host is a development version of 5.6.0. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not attempted to exploit this issue but has instead relied only on application's self-reported version number...
Slackware 14.0 / 14.1 / current : php (SSA:2014-192-01)
New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2014-192-01. The text itself is copyright C...
[slackware-security] php
New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/php-5.4.30-i486-1slack14.1.txz: Upgraded. This update fixes bugs and security issues. For more information, see:...
CVE-2014-3981
CVE-2014-3981 affects PHP 5.5.13 and earlier. The vulnerability arises from the acinclude.m4 usage in the configure script, enabling a local user to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. Impact is local privilege-related, enabling file tampering. The provi...