PHP -- multiple vulnerabilities

The remote host is missing an update to the system as announced in the referenced advisory. VID 6821a2db-4ab7-11da-932d-00055d790c25 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

GLSA-200804-19 : PHP Toolkit: Data disclosure and Denial of Service

The remote host is affected by the vulnerability described in GLSA-200804-19 PHP Toolkit: Data disclosure and Denial of Service Toni Arnold, David Sveningsson, Michal Bartoszkiewicz, and Joseph reported that php-select does not quote parameters passed to the 'tr' command, which could convert the...

Apache Prefork MPM vulnerabilities - Report

----- Apache Prefork MPM vulnerabilities ---------------------------------- PSNC Security Team http://security.psnc.pl/files/apachereport.pdf 1. Introduction This small case study is a result of source code analysis of Apache httpd server MPM modules. The main goal of this document is to show, wh...

[SECURITY] Fedora Core 5 Update: php-5.1.6-1.5

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

MOPB-15-2007:PHP shmop Functions Resource Verification Vulnerability

Summary The shared memory shmop functions fail to verify the type of the resource that is used when they are called from PHP. Therefore it is possible to call them with a wrong resource type that might contain user supplied data. By for example using a special prepared GD Image resource it is...

Zend Platform不安全文件访问权限漏洞

Zend Platform是企业级PHP应用的运行时平台环境。 Zend Platform的文件安装存在权限配置错误，本地攻击者可能利用此漏洞获取权限提升。 Zend Platform所安装的一些二进制程序和SHELL脚本没有设置安全的文件访问权限，导致Web服务器用户或安装Zend Platform的用户帐号错误地拥有了某些文件。如果入侵了Web服务器或安装Zend Platform的用户帐号的话，攻击者就可以通过替换或编辑文件获得权限提升，在下一次服务器重启时以root用户权限执行文件。 Zend Platform = 2.2.3 ----...

[SECURITY] Fedora Core 5 Update: php-5.1.6-1.4

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

FreeBSD : php -- multiple vulnerabilities (7fcf1727-be71-11db-b2ec-000c6ec775d9)

Multiple vulnerabilities have been found in PHP, including : buffer overflows, stack overflows, format string, and information disclosure vulnerabilities. The session extension contained safemode and openbasedir bypasses, but the FreeBSD Security Officer does not consider these real security...

CVE-2003-1307

Summary: CVE-2003-1307 affects the mod_php module of the Apache HTTP Server. Vulnerability: Local users with write access to PHP scripts can signal the server’s process group and manipulate server file descriptors, demonstrated by sending a STOP signal and intercepting connections on the server’s...

CVE-2003-1307

The modphp module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: th...

FreeBSD : PHP -- multiple vulnerabilities (6821a2db-4ab7-11da-932d-00055d790c25)

A Secunia Advisory reports : Some vulnerabilities have been reported in PHP, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and potentially compromise a vulnerable system. %NASLMINLEVEL 70300 C Tenable Network Security, In...

n13SQL.php.txt

.::KingOfSka N-13 News Remote PHP Shell Injection::. || http://contropotere.altervista.org || .::KingOfSka N-13 News PHP Shell Injection::. || Contro Potere Hacking Crew || ' ,0 ,0 ,0 ,0 INTO OUTFILE '$outfile"; $sql = urlencode$sql; $expurl= $url."?id=".$sql ; echo ' Click Here to Exploit '; ech...

N-13 News Remote SQL/PHP Shell injection

?php 0 day -- 29/11/2005 N-13 News Remote SQL / PHP-Shell Injection Just upload in a web-server with modphp and run it trhough your browser ; Affected Software : http://network-13.com/ N-13 News Version: All Exploit discovere and written by: KingOfSka @ http://contropotere.altervista.org Conditio...

CVE-2005-3319

The apache2handler SAPI sapiapache2.c in the Apache module modphp for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service segmentation fault via the session.savepath option in a .htaccess file or VirtualHost...

CVE-2005-3319

The apache2handler SAPI sapiapache2.c in the Apache module modphp for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service segmentation fault via the session.savepath option in a .htaccess file or VirtualHost...

CVE-2005-3319

The CVE-2005-3319 description applies to PHP 5.x before 5.1.0 final and PHP 4.4 before 4.4.1 final, specifically via the apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php). It allows a denial of service (segmentation fault) by manipulating the session.save_path option in a .htacc...

CVE-2004-0263

Technical details (affected product/version, root cause, impact, and remediation) are not publicly provided in the supplied connected documents. Monitor for updates.

CVE-2004-0529

The modified suexec program in cPanel, when configured for modphp and compiled for Apache 1.3.31 and earlier without modphpsuexec, allows local users to execute untrusted shared scripts and gain privileges, as demonstrated using untainted scripts such as 1 proftpdvhosts or 2 addalink.cgi, a...

CVE-2004-0529

The CVE-2004-0529 entries describe a local-privilege escalation in cPanel’s patched suexec when configured for mod_php and built for Apache 1.3.31 and earlier without mod_phpsuexec. The affected component is the modified suexec binary used with Apache+cPanel, which permits local users to execute ...

cPanel mod_php suEXEC Taint Vulnerability

SEVERITY: High, Arbitrary Execution as Arbitrary User PROBLEM DESCRIPTION: Flaws in how Apache's suexec binary has been patched by cPanel when configured for modphp, in conjuction with cPanel's creation of some perl scripts that are not taint clean, allow for any user to execute arbitrary code as...