645 matches found
Fedora 21 : php-5.6.6-1.fc21 (2015-2315)
19 Feb 2015, PHP 5.6.6 Core : - Removed support for multi-line headers, as the are deprecated by RFC 7230. Stas - Fixed bug 67068 getClosure returns somethings that's not a closure. Danack at basereality dot com - Fixed bug 68942 Use after free vulnerability in unserialize with DateTimeZone...
Code injection
FastCGI aka fcgi and libfcgi 2.4.0 allows remote attackers to cause a denial of service segmentation fault and crash via a large number of connections...
CVE-2012-6687
FastCGI aka fcgi and libfcgi 2.4.0 allows remote attackers to cause a denial of service segmentation fault and crash via a large number of connections...
CVE-2012-6687
FastCGI aka fcgi and libfcgi 2.4.0 allows remote attackers to cause a denial of service segmentation fault and crash via a large number of connections...
DEBIAN-CVE-2012-6687
FastCGI aka fcgi and libfcgi 2.4.0 allows remote attackers to cause a denial of service segmentation fault and crash via a large number of connections...
CVE-2012-6687
FastCGI aka fcgi and libfcgi 2.4.0 allows remote attackers to cause a denial of service segmentation fault and crash via a large number of connections...
AZL-6418 CVE-2012-6687 affecting package fcgi for versions less than 2.4.0-7
FastCGI aka fcgi and libfcgi 2.4.0 allows remote attackers to cause a denial of service segmentation fault and crash via a large number of connections...
AZL-34685 CVE-2012-6687 affecting package fcgi for versions less than 2.4.0-7
FastCGI aka fcgi and libfcgi 2.4.0 allows remote attackers to cause a denial of service segmentation fault and crash via a large number of connections...
CVE-2012-6687
FastCGI aka fcgi and libfcgi 2.4.0 allows remote attackers to cause a denial of service segmentation fault and crash via a large number of connections...
CVE-2012-6687
FastCGI aka fcgi and libfcgi 2.4.0 allows remote attackers to cause a denial of service segmentation fault and crash via a large number of connections...
CVE-2012-6687
CVE-2012-6687 affects FastCGI (fcgi/libfcgi) 2.4.0, where remote attackers can cause a denial of service (segmentation fault/crash) by opening a large number of connections. The underlying cause is discussed in Mageia MGASA-2016-0089: fcgi does not perform range checks for file descriptors before...
PT-2015-3536 · Openbsd +1 · Fastcgi +1
Name of the Vulnerable Software and Affected Versions: FastCGI versions 2.4.0 Description: The issue allows remote attackers to cause a denial of service, resulting in a segmentation fault and crash, by establishing a large number of connections. Recommendations: For FastCGI version 2.4.0, consid...
Amazon Linux AMI : httpd24 (ALAS-2015-483)
modlua.c in the modlua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access...
Oracle Solaris Third-Party Patch Update : lighttpd (cve_2014_2469_denial_of)
The remote Solaris system is missing necessary patches to address security updates : - lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service memory consumption by breaking a request into...
DEBIAN-CVE-2014-3583
The handleheaders function in modproxyfcgi.c in the modproxyfcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service buffer over-read and daemon crash via long response headers...
CVE-2014-3583
The handleheaders function in modproxyfcgi.c in the modproxyfcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service buffer over-read and daemon crash via long response headers...
CVE-2014-3583
The handleheaders function in modproxyfcgi.c in the modproxyfcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service buffer over-read and daemon crash via long response headers...
UBUNTU-CVE-2014-3583
The handleheaders function in modproxyfcgi.c in the modproxyfcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service buffer over-read and daemon crash via long response headers...
Mail.ru: Выполнение кода PHP через FastCGI
Здравствуйте, Уязвимость существует на http://bw.mail.ru/ любой файл можно воспроизвести как php http://bw.mail.ru/robots.txt http://bw.mail.ru/robots.txt/c37hun.php http://bw.mail.ru/layout/all//img/imgmailru.gif http://bw.mail.ru/layout/all//img/imgmailru.gif/c37hun.php А для исправления Вам...
FreeBSD : rt42 -- vulnerabilities related to shellshock (81e2b308-4a6c-11e4-b711-6805ca0b3d42)
Best Practical reports : RT 4.2.0 and above may be vulnerable to arbitrary execution of code by way of CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, or CVE-2014-6271 -- collectively known as 'Shellshock.' This vulnerability requires a privileged user with access to an RT instance...