Mandrake Security Advisory MDVSA-2009:065 (php4)

The remote host is missing an update to php4 announced via advisory MDVSA-2009:065. OpenVAS Vulnerability Test $Id: mdksa2009065.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:065 php4 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Mambo Component SimpleBoard <= 1.0.1 Arbitrary File Upload Exploit

No description provided by source. !/usr/bin/perl use warnings; use strict; use LWP::UserAgent; use HTTP::Request::Common; my $fname = rand99999 . ".php"; no int print INTRO; - SimpleBoard Mambo Component = 1.0.1 - - Remote Arbitrary File Upload Exploit - Discovered && Coded by: t0pP8uZz Discover...

PHP多个函数'safe_mode_exec_dir'和'open_basedir'限制绕过漏洞

BUGTRAQ ID: 31064 CNCAN ID：CNCAN-2008090906 PHP是一款流行的网络编程语言。 PHP 5.2.5存在'safemodeexecdir'和'openbasedir'限制绕过问题，本地攻击者可以利用漏洞以应用程序权限执行任意PHP代码。 从本地调用函数"exec", "system", "shellexec", "passthru", "popen"，PHP没有进行正确检查，可导致绕过"openbasedir"和"safemodeexecdir"限制。 PHP 5.2.5 目前没有解决方案提供： http://www.php.net/ ?php...

PHP 5.2.5 - Multiple functions safe_mode_exec_dir open_basedir Restriction Bypass Vulnerabilities

PHP 5.2.5 - Multiple functions safemodeexecdir openbasedir Restriction Bypass Vulnerabilities source: https://www.securityfocus.com/bid/31064/info PHP is prone to 'safemodeexecdir' and 'openbasedir' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to execute arbitra...

PHP 5.2.5 - Multiple functions 'safe_mode_exec_dir' / 'open_basedir' Restriction Bypass Vulnerabilities

source: https://www.securityfocus.com/bid/31064/info PHP is prone to 'safemodeexecdir' and 'openbasedir' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to execute arbitrary code. These vulnerabilities would be an issue in shared-hosting configurations where multip...

PHP < 4.4.9 Multiple Vulnerabilities

According to its banner, the version of PHP installed on the remote host is older than 4.4.9. Such versions may be affected by several security issues : - There are unspecified issues in the bundled PCRE library fixed by version 7.7. - A buffer overflow in the 'imageloadfont' function in...

USN-628-1: PHP vulnerabilities

It was discovered that PHP did not properly check the length of the string parameter to the fnmatch function. An attacker could cause a denial of service in the PHP interpreter if a script passed untrusted input to the fnmatch function. CVE-2007-4782 Maksymilian Arciemowicz discovered a flaw in t...

CVE-2007-4850

curl/interface.c in the cURL library aka libcurl in PHP 5.2.4 and 5.2.5 allows context-dependent attackers to bypass safemode and openbasedir restrictions and read arbitrary files via a file:// request containing a \x00 sequence, a different vulnerability than CVE-2006-2563...

CVE-2007-4850

CVE-2007-4850 affects PHP with libcurl (curl/interface.c) in PHP 5.2.4 and 5.2.5, where a file:// request containing a NULL sequence can bypass safe_mode and open_basedir and read arbitrary files. The vulnerability is linked to PHP’s libcurl handling and is reflected in OpenVAS entries for PHP

CVE-2008-0145

Unspecified vulnerability in glob in PHP before 4.4.8, when openbasedir is enabled, has unknown impact and attack vectors. NOTE: this issue reportedly exists because of a regression related to CVE-2007-4663...

CVE-2008-0145

Unspecified vulnerability in glob in PHP before 4.4.8, when openbasedir is enabled, has unknown impact and attack vectors. NOTE: this issue reportedly exists because of a regression related to CVE-2007-4663...

Design/Logic Flaw

Unspecified vulnerability in glob in PHP before 4.4.8, when openbasedir is enabled, has unknown impact and attack vectors. NOTE: this issue reportedly exists because of a regression related to CVE-2007-4663...

CVE-2008-0145

CVE-2008-0145 involves PHP before 4.4.8 with open_basedir enabled. The description notes an unspecified vulnerability in glob and cites a regression related to CVE-2007-4663, but the exact impact and attack vectors are not disclosed in the provided documents.

PHP 5.x COM functions safe_mode and disable_function bypass

No description provided by source. ?php //PHP 5.x COM functions safemode and disablefunction bypass //author: shinnai //mail: shinnaiatautisticidotorg //site: http://shinnai.altervista.org //dork: intitle:phpinfo intext:"php version" +windows thanks to rgod...

openSUSE 10 Security Update : php5 (php5-3745)

The following issues have been fixed in PHP, which were spotted by the MOPB project or fixed in PHP 5.2.3 release : - missing openbasedir and safemode restriction CVE-2007-3007 - chunksplit integer overflow CVE-2007-2872 - DoS condition in libgd's image processing CVE-2007-2756 - possible...

PHP: Multiple vulnerabilities

Background PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Description Several vulnerabilities were found in PHP. Mattias Bengtsson and Philip Olausson reported integer overflows in the gdImageCreate and...

CVE-2007-4889

The CVE-2007-4889 entry relates to PHP’s MySQL extension in PHP 5.2.4 and earlier, where remote attackers could bypass safe_mode and open_basedir restrictions using MySQL functions (LOAD_FILE, INTO DUMPFILE, INTO OUTFILE). Affected component: PHP MySQL extension (versions

FreeBSD : php -- multiple vulnerabilities (71d903fc-602d-11dc-898c-001921ab2fa4)

The PHP development team reports : Security Enhancements and Fixes in PHP 5.2.4 : - Fixed a floating point exception inside wordwrap Reported by Mattias Bengtsson - Fixed several integer overflows inside the GD extension Reported by Mattias Bengtsson - Fixed size calculation in chunksplit Reporte...

PHP MySQL/MySQLi扩展绕过安全限制漏洞

CVECAN ID: CVE-2007-3997 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 PHP的MySQL和MySQLi扩展在处理畸形数据的SQL请求时，远程攻击者可能利用此漏洞执行SQL注入攻击。 PHP的MySQL和MySQLi扩展没有正确地处理包含有LOCAL INFILE的SQL查询请求，如果远程攻击者向安装了这些扩展的服务器提交了恶意SQL请求的话，就可以绕过openbasedir和safemode安全限制，执行非授权操作。请注意不要依赖于共享主机MySQLd local-infile=0选项，因为这个选项是服务器选项，因此不会影响客户...

CVE-2007-4663

Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass openbasedir restrictions via unspecified vectors involving the glob function...