PHP 4.x/5.0/5.1 with Sendmail Mail Function - 'additional_param' Arbitrary File Creation

source: https://www.securityfocus.com/bid/16878/info PHP is prone to multiple input-validation vulnerabilities that could allow 'safemode' and 'openbasedir' security settings to be bypassed. These issues reside in the 'mbsendmail' function, the 'mail' function, and various PHP IMAP functions...

PHP 4.x5.05.1 - mb_send_mail() Restriction Bypass

PHP 4.x5.05.1 - mbsendmail Restriction Bypass source: https://www.securityfocus.com/bid/16878/info PHP is prone to multiple input-validation vulnerabilities that could allow 'safemode' and 'openbasedir' security settings to be bypassed. These issues reside in the 'mbsendmail' function, the 'mail'...

PHP 4.x/5.0/5.1 - 'mb_send_mail()' Restriction Bypass

source: https://www.securityfocus.com/bid/16878/info PHP is prone to multiple input-validation vulnerabilities that could allow 'safemode' and 'openbasedir' security settings to be bypassed. These issues reside in the 'mbsendmail' function, the 'mail' function, and various PHP IMAP functions...

PHP Mail Function Header Spoofing Vulnerability

The remote host is running a version of PHP = 4.2.2. The mail function does not properly sanitize user input. This allows users to forge email to make it look like it is coming from a different source other than the server. Users can exploit this even if SAFEMODE is enabled. OpenVAS Vulnerability...

PHP Mail Function Header Spoofing Vulnerability

The remote host is running a version of PHP = 4.2.2. The mail function does not properly sanitize user input. SPDX-FileCopyrightText: 2002 [email protected] Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Debian DSA-168-1 : php - bypassing safe_mode, CRLF injection

Wojciech Purczynski found out that it is possible for scripts to pass arbitrary text to sendmail as commandline extension when sending a mail through PHP even when safemode is turned on. Passing 5th argument should be disabled if PHP is configured in safemode, which is the case for newer PHP...

CVE-2002-0986

The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."...

CVE-2002-0985

CVE-2002-0985 : Argument injection vulnerability in PHP 4.x mail() up to 4.2.2 may bypass safe_mode and alter the MTA command-line arguments (e.g., the 5th argument), potentially changing MTA behavior and enabling command execution. OpenVAS and Debian advisories confirm the issue affects PHP4.x a...

CVE-2002-0986

CVE-2002-0986 corresponds to a PHP 4.x vulnerability where mail() did not filter ASCII control characters from arguments, allowing remote attackers to modify mail content including headers and potentially use the server as a spam proxy. The OpenVAS entries confirm the issue arises on PHP

CVE-2002-0985

Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA e.g. sendmail in the 5th argument to mail, altering MTA behavior and possibly executing commands...

PHP < 4.2.3 Mail Function Header Spoofing

Binary data 1481.prm...

Mandrake Linux Security Advisory : php (MDKSA-2003:082-1)

A vulnerability was discovered in the transparent session ID support in PHP4 prior to version 4.3.2. It did not properly escape user- supplied input prior to inserting it in the generated web page. This could be exploited by an attacker to execute embedded scripts within the context of the...

RHEL 2.1 : php (RHSA-2002:129)

PHP versions earlier than 4.1.0 contain a vulnerability that could allow arbitrary commands to be executed. updated 22 Aug 2002 The initial set of errata packages contained an incorrect set of dependencies. This meant that a number of packages would need to be installed before php that were not...

RHEL 2.1 : php (RHSA-2002:214)

PHP versions up to and including 4.2.2 contain vulnerabilities in the mail function, allowing local script authors to bypass safe mode restrictions and possibly allowing remote attackers to insert arbitrary mail headers or content. Updated 13 Jan 2003 Added fixed packages for the Itanium IA64...

Important: Red Hat Security Advisory: : : : New PHP packages fix vulnerabilities

Updated PHP packages are available for Red Hat Linux on IBM iSeries and pSeries systems. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. The mail function in PHP 4.x to 4.2.2 may allow local script authors to bypass safe mode restrictions and modify command...

PHP Mail Function Header Spoofing

The remote host is running a version of PHP prior or equal to 4.2.2. The mail function does not properly sanitize user input. This allows users to forge email to make it look like it is coming from a different source other than the server. Users can exploit this even if SAFEMODE is enabled...

(RHSA-2002:214) php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. The mail function in PHP 4.x to 4.2.2 may allow local script authors to bypass safe mode restrictions and modify command line arguments to the MTA such as sendmail in the 5th argument to mail, altering MTA...

security flaw

The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."...

security flaw

Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA e.g. sendmail in the 5th argument to mail, altering MTA behavior and possibly executing commands...

security flaw

Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA e.g. sendmail in the 5th argument to mail, altering MTA behavior and possibly executing commands...