136 matches found
CVE-2016-5769
Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted length value,...
UBUNTU-CVE-2016-5769
Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted length value,...
Gentoo Security Advisory GLSA 201405-19
Gentoo Linux Local Security Checks GLSA 201405-19 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
FreeBSD : codeigniter -- multiple vulnerabilities (f838dcb4-656f-11e5-9909-002590263bf5)
The CodeIgniter changelog reports : Security: The xorencode method in the Encrypt Class has been removed. The Encrypt Class now requires the Mcrypt extension to be installed. Security: The Session Library now uses HMAC authentication instead of a simple MD5 checksum. %NASLMINLEVEL 70300 C Tenable...
Fedora 23 : php-5.6.13-1.fc23 (2015-14978)
03 Sep 2015, PHP 5.6.13 Core: Fixed bug 69900 Too long timeout on pipes. Anatol Fixed bug 69487 SAPI may truncate POST data. cmb Fixed bug 70198 Checking liveness does not work as expected. Shafreeck Sea, Anatol Belski Fixed bug 70172 Use After Free Vulnerability in unserialize. Stas Fixed bug...
Fedora 22 : php-5.6.13-1.fc22 (2015-14977)
03 Sep 2015, PHP 5.6.13 Core: Fixed bug 69900 Too long timeout on pipes. Anatol Fixed bug 69487 SAPI may truncate POST data. cmb Fixed bug 70198 Checking liveness does not work as expected. Shafreeck Sea, Anatol Belski Fixed bug 70172 Use After Free Vulnerability in unserialize. Stas Fixed bug...
ESPCMS的最新版后台登入绕过
简要描述: 8.25 V6.4.15.08.25 捡漏 详细说明: 在加密算法那 ,一般情况下我们是不能再还原出key了。 他加了这么一段代码 function eccode$string, $operation = 'DECODE', $key = '@LFK24s224%@safS3s%1f%', $mcrype = true $result = null; if $operation == 'ENCODE' if extensionloaded'mcrypt' && $mcrype $result = $this-encryptCookie$string, $key; else...
ESPCMS最新版后台登入绕过DEMO测试
简要描述: 漏网之鱼,同样是加解密函数,但又与以前不同。 详细说明: 看看加解密函数 function eccode$string, $operation = 'DECODE', $key = '@LFK24s224%@safS3s%1f%', $mcrype = true $result = null; if $operation == 'ENCODE' if extensionloaded'mcrypt' && $mcrype $result = $this-encryptCookie$string, $key; else for $i = 0; $i...
Fedora 20 : php-5.5.21-1.fc20 (2015-1101)
22 Jan 2014, PHP 5.5.21 Core : - Upgraded cryptblowfish to version 1.3. Leigh - Fixed bug 60704 unlink bug with some files path. - Fixed bug 65419 Inside trait, self::class != CLASS. Julien - Fixed bug 65576 Constructor from trait conflicts with inherited constructor. dunglas at gmail dot com -...
Fedora 19 : php-5.5.20-2.fc19 (2014-17276)
18 Dec 2014, PHP 5.5.20\r\n\r\nCore:\r\n Fixed bug 68091 Some Zend headers lack appropriate extern 'C' blocks. Adam\r\n Fixed bug 68185 'Inconsistent insteadof definition.'- incorrectly triggered. Julien\r\n Fixed bug 68370 'unset$this' can make the program crash. Laruence\r\n Fixed bug 68545 NUL...
Fedora 21 : php-5.6.4-2.fc21 (2014-17241)
18 Dec 2014, PHP 5.6.4\r\n\r\nCore:\r\n Fixed bug 68091 Some Zend headers lack appropriate extern 'C' blocks. Adam\r\n Fixed bug 68104 Segfault while pre-evaluating a disabled function. Laruence\r\n Fixed bug 68185 'Inconsistent insteadof definition.'- incorrectly triggered. Julien\r\n Fixed bug...
Code injection
The mcryptcreateiv function in hphp/runtime/ext/mcrypt/extmcrypt.cpp in Facebook HipHop Virtual Machine HHVM before 3.3.0 does not seed the random number generator, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging the use of a single...
Medium: php54
Issue Overview: acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. A denial of service flaw was found in the way the File Information fileinfo extension parsed certain...
mcrypt <= 2.5.8 Stack Based Overflow
No description provided by source. !/usr/bin/perl Title : mcrypt = 2.5.8 STACK based overflow Date : 23/11/2012 Exploit Author : Tosh CVE : CVE-2012-4409 Patch : http://www.openwall.com/lists/oss-security/2012/09/06/8 Tested on : Archlinux 3.6.6-1, without SSP This script exploit a stack based...
CodeIgniter <= 2.1.4 Session Decoding Vulnerability
Class Weak encryption Remote Yes Published 6th June 2014 Credit Robin Bailey of Dionach [email protected] Vulnerable CodeIgniter = 2.1.4 Session cookies created by the CodeIgniter PHP framework contain a number of variables in a serialized PHP array. To prevent users from tampering with this cook...
openSUSE Security Update : mcrypt (openSUSE-SU-2012:1354-1)
A buffer overflow in the mcrypt commandlinetool was fixed, when the user could be tricked into a prepared file. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-713. The text...
openSUSE Security Update : mcrypt (openSUSE-SU-2012:1440-1)
Some potential mcrypt buffer overflows in the commandline tool were fixed, which could lead to early aborts of mcrypt. Due to FORTIFYSOURCE catching such cases, it would have only aborted mcrypt with a buffer overflow backtrace. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
codeigniter -- multiple vulnerabilities
The CodeIgniter changelog reports: Security: The xorencode method in the Encrypt Class has been removed. The Encrypt Class now requires the Mcrypt extension to be installed. Security: The Session Library now uses HMAC authentication instead of a simple MD5 checksum...
GLSA-201405-19 : MCrypt: User-assisted execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-201405-19 MCrypt: User-assisted execution of arbitrary code Multiple vulnerabilities have been discovered in MCrypt: A boundary error in MCrypt could cause a stack-based buffer overflow CVE-2012-4409. MCrypt contains multiple form...
MCrypt: User-assisted execution of arbitrary code
Background MCrypt is a replacement of the old unix crypt1 utility. Description Multiple vulnerabilities have been discovered in MCrypt: A boundary error in MCrypt could cause a stack-based buffer overflow CVE-2012-4409. MCrypt contains multiple format string errors CVE-2012-4426. MCrypt does not...