Information Disclosure

PHP is vulnerable to information disclosure. It has dumpable FPM child processes which allow bypassing opcache access controls because fpmunix.c calls PRSETDUMPABLE prctl...

PHP 5.6.x < 5.6.35 Security Bypass Vulnerability

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.35. It is, therefore, affected by a security bypass vulnerability. Dumpable FPM child processes allow bypassing opcache access controls because fpmunix.c makes a PRSETDUMPABLE prctl call, allowing o...

Debian: Security Advisory (DSA-4240-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : PHP vulnerabilities (USN-3646-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3646-1 advisory. It was discovered that PHP incorrectly handled opcache access controls when configured to use PHP-FPM. A local user could possibl...

CVE-2018-10545

An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpmunix.c makes a PRSETDUMPABLE prctl call, allowing one user in a multiuser environment to obtain sensitive...

Updated php packages fix security vulnerability

Dumpable FPM child processes allow bypassing opcache access controls php75605...

MGASA-2018-0191 Updated php packages fix security vulnerability

Dumpable FPM child processes allow bypassing opcache access controls php75605...