11 matches found
EUVD-2006-4469
Malware in sbrugna...
SUSE CVE-2006-4481
The 1 fileexists and 2 imapreopen functions in PHP before 5.1.5 do not check for the safemode and openbasedir settings, which allows local users to bypass the settings. NOTE: the errorlog function is covered by CVE-2006-3011, and the imapopen function is covered by CVE-2006-1017...
CVE-2006-4481
The 1 fileexists and 2 imapreopen functions in PHP before 5.1.5 do not check for the safemode and openbasedir settings, which allows local users to bypass the settings. NOTE: the errorlog function is covered by CVE-2006-3011, and the imapopen function is covered by CVE-2006-1017...
PHP 5.1.x < 5.1.5 Multiple Vulnerabilities
According to its banner, the version of PHP 5.x installed on the remote host is older than 5.1.5. Such versions may be affected by the following vulnerabilities : - The c-client library 2000, 2001, or 2004 for PHP does not check the safemode or openbasedir functions. CVE-2006-1017 - A buffer...
Mandrake Linux Security Advisory : php (MDKSA-2006:162)
The 1 fileexists and 2 imapreopen functions in PHP before 5.1.5 do not check for the safemode and openbasedir settings, which allows local users to bypass the settings CVE-2006-4481. Buffer overflow in the LWZReadByte function in ext/gd/libgd/gdgifin.c in the GD extension in PHP before 5.1.5 allo...
PHP多个安全漏洞.
PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP中存在多个安全漏洞,具体如下: 1 fileexists、imapopen和imapreopen函数中缺少safemode和openbasedir验证; 2 在64位系统上strrepeat和wordwrap函数存在边界错误; 3 可通过cURL扩展和realpath缓存绕过openbasedir和safemode保护机制; 4 GD扩展处理畸形GIF图形时存在边界条件错误; 5 stripos函数中的错误可能导致界外内存读取; 6 64位系统上存在错误的memorylimit限制。...
[Full-disclosure] [ MDKSA-2006:162 ] - Updated php packages fix vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:162 http://www.mandriva.com/security/ Package : php Date : September 7, 2006 Affected: 2006.0, Corporate 3.0, Multi Network Firewall 2.0 Problem Description: The 1 fileexists and 2 imapreopen functions in PH...
CVE-2006-4481
The 1 fileexists and 2 imapreopen functions in PHP before 5.1.5 do not check for the safemode and openbasedir settings, which allows local users to bypass the settings. NOTE: the errorlog function is covered by CVE-2006-3011, and the imapopen function is covered by CVE-2006-1017...
CVE-2006-4481
The 1 fileexists and 2 imapreopen functions in PHP before 5.1.5 do not check for the safemode and openbasedir settings, which allows local users to bypass the settings. NOTE: the errorlog function is covered by CVE-2006-3011, and the imapopen function is covered by CVE-2006-1017...
CVE-2006-4481
The 1 fileexists and 2 imapreopen functions in PHP before 5.1.5 do not check for the safemode and openbasedir settings, which allows local users to bypass the settings. NOTE: the errorlog function is covered by CVE-2006-3011, and the imapopen function is covered by CVE-2006-1017...
CVE-2006-4481
CVE-2006-4481 affects PHP prior to 5.1.5. The vulnerability lies in the file_exists and imap_reopen functions not enforcing safe_mode or open_basedir, enabling local bypass of these restrictions. Exploitation details are not provided in the supplied documents. Affected component: PHP core (file_e...