Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2017-5630

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PECL in the download utility class in the Installer in PEAR Base System v1.10.1 does not validate file types and filenames after a redirect, which allows remote...

7.5CVSS6.8AI score0.12513EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.21 views

RHEL 5 : php-pear (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - php-pear: File overwrite by malicious server CVE-2017-5630 Note that Nessus has not tested for this issue but has...

7.5CVSS7.3AI score0.12513EPSS
Exploits5References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.17 views

RHEL 7 : php-pear (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - php-pear: Unsafe deserialization of data in ArchiveTar class CVE-2018-1000888 - PECL in the download...

7.5CVSS7.7AI score0.18286EPSS
Exploits10References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.18 views

RHEL 6 : php-pear (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - php-pear: Unsafe deserialization of data in ArchiveTar class CVE-2018-1000888 - PECL in the download...

7.5CVSS8.7AI score0.18286EPSS
Exploits10References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.25 views

RHEL 7 : php-pear (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - php-pear: File overwrite by malicious server CVE-2017-5630 - In ArchiveTar before 1.4.14, symlinks can...

8.2AI score0.73377EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.19 views

RHEL 6 : php-pear (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - php-pear: File overwrite by malicious server CVE-2017-5630 - In ArchiveTar before 1.4.14, symlinks can...

8.2AI score0.73377EPSS
Exploits5References2
NVD
NVD
added 2017/02/01 11:59 p.m.21 views

CVE-2017-5630

PECL in the download utility class in the Installer in PEAR Base System v1.10.1 does not validate file types and filenames after a redirect, which allows remote HTTP servers to overwrite files via crafted responses, as demonstrated by a .htaccess overwrite...

7.5CVSS7.4AI score0.12513EPSS
Exploits5References3
OSV
OSV
added 2017/02/01 11:59 p.m.9 views

CVE-2017-5630

PECL in the download utility class in the Installer in PEAR Base System v1.10.1 does not validate file types and filenames after a redirect, which allows remote HTTP servers to overwrite files via crafted responses, as demonstrated by a .htaccess overwrite...

7.5CVSS7.4AI score
Exploits0References3
Debian CVE
Debian CVE
added 2017/02/01 11:0 p.m.27 views

CVE-2017-5630

PECL in the download utility class in the Installer in PEAR Base System v1.10.1 does not validate file types and filenames after a redirect, which allows remote HTTP servers to overwrite files via crafted responses, as demonstrated by a .htaccess overwrite...

7.5CVSS5.6AI score0.12513EPSS
Exploits5
CVE
CVE
added 2017/02/01 11:0 p.m.85 views

CVE-2017-5630

CVE-2017-5630 affects PEAR Base System v1.10.1; PECL in the Installer’s download utility does not validate file types/filenames after redirects, allowing remote HTTP servers to overwrite files via crafted responses (e.g., .htaccess). Documented impact is file overwrite; no patch/remediation detai...

7.5CVSS7.2AI score0.12513EPSS
Exploits5References3Affected Software1
seebug.org
seebug.org
added 2017/02/01 12:0 a.m.64 views

PHP PEAR 1.10.1 - arbitrary File Download Vulnerability (CVE-2017-5630)

Author: mapl0 Vulnerability details In the PEAR Base System The 1. 10. 1 version of the installer, can be in after the redirect does not verify file type and file name, and then allows the remote http server via a specially crafted request to overwrite the hacked server files, such as. htaccess i...

5CVSS7.3AI score0.12513EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/01/30 12:0 a.m.80 views

PHP PEAR 1.10.1 - Arbitrary File Download

Credits / Discovery: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/PEAR-ARBITRARY-FILE-DOWNLOAD.txt + ISR: ApparitionSEC + Vendor: ============ pear.php.net Product: =================================== PEAR Base System v1.10.1...

7.5CVSS7.5AI score0.12513EPSS
Exploits5
0day.today
0day.today
added 2017/01/30 12:0 a.m.82 views

PHP PEAR 1.10.1 - Arbitrary File Download Vulnerability

Exploit for php platform in category web applications + + Credits / Discovery: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/PEAR-ARBITRARY-FILE-DOWNLOAD.txt + ISR: ApparitionSEC + Vendor: ============ pear.php.net Product:...

5CVSS7.5AI score0.12513EPSS
Exploits5
exploitpack
exploitpack
added 2017/01/30 12:0 a.m.89 views

PHP PEAR 1.10.1 - Arbitrary File Download

PHP PEAR 1.10.1 - Arbitrary File Download + + Credits / Discovery: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/PEAR-ARBITRARY-FILE-DOWNLOAD.txt + ISR: ApparitionSEC + Vendor: ============ pear.php.net Product:...

5CVSS7.5AI score0.12513EPSS
Exploits5
Rows per page
Query Builder