PHP 5 < 5.2.7 Multiple Vulnerabilities

According to its banner, the version of PHP installed on the remote host is prior to 5.2.7. It is, therefore, affected by multiple vulnerabilities : - There is a buffer overflow flaw in the bundled PCRE library that allows a denial of service attack. CVE-2008-2371 - Multiple directory traversal...

PHP FastCGI模块文件扩展拒绝服务漏洞

BUGTRAQ ID: 31612 CVE ID：CVE-2008-3660 CNCVE ID：CNCVE-20083660 PHP FastCGI是一款用于提高PHP性能的模块。 PHP FastCGI不正确处理部分文件请求，远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 1，ext/gd's imageloadfont函数存在溢出。 2，PHP内部memnstr函数作为explode函数导出到用户空间存在溢出。 这些函数接收部分webapps中用户提供的数据，可远程利用。 S.u.S.E. UnitedLinux 1.0 S.u.S.E. SuSE Linux Standard...

DSA-1647-1 php5 - several vulnerabilities

Bulletin has no description...

lighttpd mod_fastcgi HTTP Request Header Remote Overflow

The remote web server appears to be lighttpd running with the FastCGI module modfastcgi. The version of the FastCGI module on the remote host is affected by a buffer overflow vulnerability. A remote attacker can exploit this, by sending a specially crafted request with a long header, to add or...

DEBIAN-CVE-2007-3950

lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the 1 modscgi, 2 modfastcgi, and 3 modwebdav modules...