Ubuntu: Security Advisory (USN-5300-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15: apache2-mod_php7 / php7 / php7-bcmath / php7-bz2 / php7-calendar / etc (SUSE-SU-2022:0679-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0679-1 advisory. - CVE-2021-21703: Fixed local privilege escalation via PHP-FPM bsc1192050. - CVE-2021-21707: Fixed special character breaks path in...

SUSE: Security Advisory (SUSE-SU-2022:0679-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for php7 (openSUSE-SU-2022:0679-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2022:0679-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2021-21703: Fixed local privilege escalation via PHP-FPM bsc1192050. - CVE-2021-21707: Fixed special character breaks path in xml parsing bsc1193041. - CVE-2017-8923: Fixed denial of service application crash when using .= with a long string...

Security update for php7 (moderate)

openSUSE Security Update: Security update for php7 Announcement ID: openSUSE-SU-2022:0679-1 Rating: moderate References: 1038980 1081790 1192050 1193041 Cross-References: CVE-2015-9253 CVE-2017-8923 CVE-2021-21703 CVE-2021-21707 CVSS scores: CVE-2015-9253 NVD : 6.5...

SUSE: Security Advisory (SUSE-SU-2022:0577-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM API Connect is affected by PHP (CVE-2015-9253) and nginx (CVE-2016-0746) vulnerabilities

Summary IBM API Connect Developer Portal has addressed the following vulnerabilities. PHP is vulnerable to a denial of service, caused by an endless loop in the php-fpm main process. A remote attacker could exploit this vulnerability to exhaust CPU and disk space resources. Nginx is vulnerable to...

Ubuntu 16.04 LTS : PHP regression (USN-4279-2)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4279-2 advisory. USN-4279-1 fixed vulnerabilities in PHP. The updated packages caused a regression. This update fixes the problem. We apologize for the inconvenience. Tenable has...

Ubuntu: Security Advisory (USN-4279-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4279-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. CVE-2015-9253 It was discovered that PHP incorrectly handled certain inputs. An...

USN-4279-1 php5, php7.0, php7.2, php7.3 vulnerabilities

It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. CVE-2015-9253 It was discovered that PHP incorrectly handled certain inputs. An...

Ubuntu: Security Advisory (USN-3766-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3766-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled restarting certain child processes when php-fpm is used. A remote attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 18.04 LTS. CVE-2015-9253 It was discovered that PHP incorrectly handled...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : PHP vulnerabilities (USN-3766-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3766-1 advisory. It was discovered that PHP incorrectly handled restarting certain child processes when php-fpm is used. A remote attacker could...

CVE-2015-9253

CVE-2015-9253 affects PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and earlier than 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, system) with a non-blocking STDIN stream, causing the m...

CVE-2015-9253

An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions e.g., passthru, exec, shellexec, or system with a non-blocking STDIN stream, causing this...