50 matches found
MundiMail 0.8.2 Remote Code Execution
No description provided by source. Reference: http://www.ccat.edu.mx/advisors/advisor5/advisor5.html Credits: Ccat Research Labs - México - Coatepec, Ver. www.ccat.edu.mx Software Link: http://sourceforge.net/projects/mundimail/ Tested on: Debian, Centos & Windows Server 2000 Preview: Code uses...
MundiMail 0.8.2 - Remote Code Execution
Reference: http://www.ccat.edu.mx/advisors/advisor5/advisor5.html Credits: Ccat Research Labs - México - Coatepec, Ver. www.ccat.edu.mx Software Link: http://sourceforge.net/projects/mundimail/ Tested on: Debian, Centos & Windows Server 2000 Preview: Code uses System and Exec without good practic...
openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-61)
This update of php5 fixes : - possible stack-based buffer overflow CVE-2008-2050 - incomplete escapeshellcmd CVE-2008-2051 - printf integer overflow CVE-2008-1384 - insecure GENERATESEED macro CVE-2008-2107 - timezone update for DST in Pakistan %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Mandriva Linux Security Advisory : php (MDVSA-2008:126)
A number of vulnerabilities have been found and corrected in PHP : PHP 5.2.1 would allow context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with 'S:', which did not properly track the number of input bytes being...
Mandriva Update for php MDVSA-2008:126 (php)
Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:126 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Mandriva Update for php MDVSA-2008:127 (php)
Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:127 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Mandriva Update for php MDVSA-2008:128 (php)
Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:128 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Mandriva Update for php MDVSA-2008:127 (php)
Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:127 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Mandriva Update for php MDVSA-2008:126 (php)
Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:126 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
CentOS Update for php CESA-2008:0544 centos3 x86_64
Check for the Version of php OpenVAS Vulnerability Test CentOS Update for php CESA-2008:0544 centos3 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
CentOS Update for php CESA-2008:0544 centos3 x86_64
Check for the Version of php OpenVAS Vulnerability Test CentOS Update for php CESA-2008:0544 centos3 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : php5 vulnerabilities (USN-628-1)
It was discovered that PHP did not properly check the length of the string parameter to the fnmatch function. An attacker could cause a denial of service in the PHP interpreter if a script passed untrusted input to the fnmatch function. CVE-2007-4782 Maksymilian Arciemowicz discovered a flaw in t...
USN-628-1: PHP vulnerabilities
It was discovered that PHP did not properly check the length of the string parameter to the fnmatch function. An attacker could cause a denial of service in the PHP interpreter if a script passed untrusted input to the fnmatch function. CVE-2007-4782 Maksymilian Arciemowicz discovered a flaw in t...
PHP multibyte shell escape flaw
The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."...
PHP multibyte shell escape flaw
The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."...
php escapeshellcmd multibyte encoding vulnerability analysis and extension-a vulnerability warning-the black bar safety net
漏洞 公告 在 http://www.sektioneins.de/advisories/SE-2008-03.txt PHP 5 = 5.2.5 PHP 4 = 4.4.8 Some allow as GBK, EUC-KR, SJIS, etc. wide byte character set systems may be affected by this impact, the impact is still very large, the domestic virtual host should be the pass to kill, in testing this...
PHP multibyte shell escape flaw
The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."...
openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-5379)
This update of php5 fixes : - possible stack-based buffer overflow CVE-2008-2050 - incomplete escapeshellcmd CVE-2008-2051 - printf integer overflow CVE-2008-1384 - insecure GENERATESEED macro CVE-2008-2107 - timezone update for DST in Pakistan %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
SuSE 10 Security Update : PHP5 (ZYPP Patch Number 5345)
This version upgrade php5 to 5.2.6 fixes several security vulnerabilities. - Fixed possible stack-based buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin. - Fixed integer overflow in printf identified by Maksymilian Aciemowicz. - Fixed security issue detailed in CVE-2008-0599...
Fedora 8 : php-5.2.6-2.fc8 (2008-3864)
This release updates PHP to the latest upstream version 5.2.6, fixing multiple bugs and security issues. See upstream release notes for further details: http://www.php.net/releases/525.php http://www.php.net/releases/526.php It was discovered that the PHP escapeshellcmd function did not properly...