MiracleLinux 4 : php-5.3.3-50.AXS4 (AXSA:2019-4373:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4373:01 advisory. php: underflow in envpathinfo in fpmmain.c CVE-2019-11043 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 7 : php-5.4.16-46.1.0.1.el7.AXS7 (AXSA:2019-4396:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4396:02 advisory. php: underflow in envpathinfo in fpmmain.c CVE-2019-11043 Tenable has extracted the preceding description block directly from the MiracleLinux security...

Critical: Red Hat Security Advisory: php security update

An update for php is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Critical: Red Hat Security Advisory: php:7.2 security update

An update for the php:7.2 module is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

php:7.2 security update

php 7.2.11-4 - fix underflow in envpathinfo in fpmmain.c CVE-2019-11043...

php:7.3 security update

php 7.3.5-5 - fix underflow in envpathinfo in fpmmain.c CVE-2019-11043...

FreeBSD : php -- env_path_info underflow in fpm_main.c can lead to RCE (6a7c2ab0-00dd-11ea-83ce-705a0f828759)

The PHP project reports : The PHP development team announces the immediate availability of PHP 7.3.11. This is a security release which also contains several bug fixes. The PHP development team announces the immediate availability of PHP 7.2.24. This is a security release which also contains...

ALSA-2019:3736 Critical: php:7.3 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: underflow in envpathinfo in fpmmain.c CVE-2019-11043 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to...

php:7.2 security update

An update is available for libzip, php-pear, php-pecl-apcu, php-pecl-zip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PHP is an HTML-embedded scripting...

openSUSE Security Update : php7 (openSUSE-2019-2441)

This update for php7 fixes the following issues : Security issue fixed : - CVE-2019-11043: Fixed possible remote code execution via envpathinfo underflow in fpmmain.c bsc1154999. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security,...

CentOS 7 : php (CESA-2019:3286)

An update for php is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

php: underflow in env_path_info in fpm_main.c

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution...

RHEL 6 : php (RHSA-2019:3287)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3287 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: underflow in envpathinfo in fpmmain.c...

Critical: Red Hat Security Advisory: php security update

An update for php is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

php: underflow in env_path_info in fpm_main.c

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution...

Critical: Red Hat Security Advisory: php security update

An update for php is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

php security update

5.4.16-46.1 - fix underflow in envpathinfo in fpmmain.c CVE-2019-11043...

php security update

5.3.3-50 - fix underflow in envpathinfo in fpmmain.c CVE-2019-11043...

GLSA-201910-01 : PHP: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201910-01 PHP: Arbitrary code execution A underflow in envpathinfo in PHP-FPM under certain configurations can be exploited to gain remote code execution. Impact : A remote attacker, by sending special crafted HTTP requests, could...