Lucene search
K

420 matches found

securityvulns
securityvulns
added 2005/10/31 12:0 a.m.42 views

[Full-disclosure] Advisory 19/2005: PHP register_globals Activation Vulnerability in parse_str()

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: PHP registerglobals Activation Vulnerability in parsestr Release Date: 2005/10/31 Last Modified: 2005/10/31 Author: Stefan Esser [email protected] Application: PHP4 =...

Exploits0
NVD
NVD
added 2004/12/31 5:0 a.m.20 views

CVE-2004-0491

The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit...

2.1CVSS6.1AI score0.0036EPSS
Exploits0References8
Cvelist
Cvelist
added 2004/12/15 5:0 a.m.23 views

CVE-2004-1191

Race condition in SuSE Linux 8.1 through 9.2, when run on SMP systems that have more than 4GB of memory, could allow local users to read unauthorized memory from "foreign memory pages."...

7.3AI score0.0032EPSS
Exploits0References2
0day.today
0day.today
added 2004/11/27 12:0 a.m.19 views

PHP <= 4.3.7/ 5.0.0RC3 memory_limit Remote Exploit

Exploit for linux platform in category remote exploits ================================================== PHP = 4.3.7/ 5.0.0RC3 memorylimit Remote Exploit ================================================== / Remote exploit for the php memorylimit vulnerability found by Stefan Esser in php 4 = 4.3...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2004/11/27 12:0 a.m.47 views

PHP 4.3.7/5.0.0RC3 - &#039;memory_limit&#039; Remote Overflow

/ Remote exploit for the php memorylimit vulnerability found by Stefan Esser in php 4 include include include include include define IP "127.0.0.1" define PORT 80 int sock; struct sockaddrin s;...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.68 views

Debian DSA-531-1 : php4 - several vulnerabilities

Two vulnerabilities were discovered in php4 : - CAN-2004-0594 The memorylimit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when registerglobals is enabled, allows remote attackers to execute arbitrary code by triggering a memorylimit abort during...

6.8CVSS5.8AI score0.54856EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.47 views

GLSA-200407-13 : PHP: Multiple security vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200407-13 PHP: Multiple security vulnerabilities Several security vulnerabilities were found and fixed in version 4.3.8 of PHP. The striptags function, used to sanitize user input, could in certain cases allow tags containing \0...

6.8CVSS6.2AI score0.54856EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.30 views

Mandrake Linux Security Advisory : php (MDKSA-2004:068)

"Stefan Esser discovered a remotely exploitable vulnerability in PHP where a remote attacker could trigger a memorylimit request termination in places where an interruption is unsafe. This could be used to execute arbitrary code. As well, Stefan Esser also found a vulnerability in the handling of...

6.8CVSS5.8AI score0.54856EPSS
Exploits4References4
NVD
NVD
added 2004/07/27 4:0 a.m.21 views

CVE-2004-0594

The memorylimit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when registerglobals is enabled, allows remote attackers to execute arbitrary code by triggering a memorylimit abort during execution of the zendhashinit function and overwriting a...

5.1CVSS7.5AI score0.54856EPSS
Exploits1References19
Tenable Nessus
Tenable Nessus
added 2004/07/24 12:0 a.m.32 views

Fedora Core 1 : php-4.3.8-1.1 (2004-222)

This update includes the latest release of PHP 4, including fixes for security issues in memory limit handling CVE-2004-0594, and the striptags function CVE-2004-0595. CVE-2004-0595 is not known to be exploitable in the default configuration if using httpd 2.0.50, but can be triggered if the...

6.8CVSS5.4AI score0.54856EPSS
Exploits4References1
RedHat Linux
RedHat Linux
added 2004/07/23 9:26 a.m.4 views

security flaw

The memorylimit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when registerglobals is enabled, allows remote attackers to execute arbitrary code by triggering a memorylimit abort during execution of the zendhashinit function and overwriting a...

5.1CVSS6.3AI score0.54856EPSS
Exploits1References4
OSV
OSV
added 2004/07/20 12:0 a.m.35 views

DSA-531 php4 - several vulnerabilities

Bulletin has no description...

6.8CVSS5.9AI score0.54856EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2004/07/19 8:42 p.m.6 views

security flaw

The memorylimit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when registerglobals is enabled, allows remote attackers to execute arbitrary code by triggering a memorylimit abort during execution of the zendhashinit function and overwriting a...

5.1CVSS6.3AI score0.54856EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2004/07/19 3:24 p.m.51 views

Important: Red Hat Security Advisory: php security update

Updated php packages that fix various security issues are now available. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. Stefan Esser discovered a flaw when memorylimit configuration setting is enabled in versions of PHP 4 before 4.3.8. If a remote attacker...

6.8CVSS6.3AI score0.54856EPSS
Exploits4References2
Cvelist
Cvelist
added 2004/07/16 4:0 a.m.26 views

CVE-2004-0594

The memorylimit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when registerglobals is enabled, allows remote attackers to execute arbitrary code by triggering a memorylimit abort during execution of the zendhashinit function and overwriting a...

7.4AI score0.54856EPSS
Exploits1References19
Positive Technologies
Positive Technologies
added 2004/07/16 12:0 a.m.3 views

PT-2004-1690 · Php · Php

Name of the Vulnerable Software and Affected Versions: PHP versions 4.3.7 and prior PHP versions 5.0.0RC3 and prior Description: The issue allows remote attackers to execute arbitrary code under certain conditions, such as when register globals is enabled. This is achieved by triggering a memory...

5.1CVSS7.2AI score0.54856EPSS
Exploits1References26
securityvulns
securityvulns
added 2004/07/14 12:0 a.m.79 views

[Full-Disclosure] Advisory 11/2004: PHP memory_limit remote vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 e-matters GmbH www.e-matters.de -= Security Advisory =- Advisory: PHP memorylimit remote vulnerability Release Date: 2004/07/14 Last Modified: 2004/07/14 Author: Stefan Esser [email protected] Application: PHP = 4.3.7 PHP5 = 5.0.0RC3 Severity: A...

6.4CVSS6.5AI score0.84784EPSS
Exploits2
FreeBSD
FreeBSD
added 2004/07/07 12:0 a.m.58 views

php -- memory_limit related vulnerability

Stefan Esser of e-matters discovered a condition within PHP that may lead to remote execution of arbitrary code. The memorylimit facility is used to notify functions when memory contraints have been met. Under certain conditions, the entry into this facility is able to interrupt functions such as...

5.1CVSS6.9AI score0.54856EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.30 views

RHEL 2.1 : php (RHSA-2002:214)

PHP versions up to and including 4.2.2 contain vulnerabilities in the mail function, allowing local script authors to bypass safe mode restrictions and possibly allowing remote attackers to insert arbitrary mail headers or content. Updated 13 Jan 2003 Added fixed packages for the Itanium IA64...

7.5CVSS5.9AI score0.03039EPSS
Exploits0References6
NVD
NVD
added 1999/07/15 4:0 a.m.18 views

CVE-1999-1518

Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits e.g., as specified with rlimits using mmap or shmget to allocate memory and cause page faults...

5CVSS6.8AI score0.03073EPSS
Exploits1References3
Rows per page
Query Builder