Moderate: php security update

5.1.6-15.el5 - improve fix for CVE-2007-3997 278411 5.1.6-14.el5 - fix backport for CVE-2007-3996 278411 5.1.6-13.el5 - add security fixes for CVE-2007-2756, CVE-2007-2872, CVE-2007-3799, CVE-2007-3996, CVE-2007-3998, CVE-2007-4658, CVE-2007-4670 278411...

CVE-2007-4825

Directory traversal vulnerability in PHP 5.2.4 and earlier allows attackers to bypass openbasedir restrictions and possibly execute arbitrary code via a .. dot dot in the dl function...

CVE-2007-4660

Unspecified vulnerability in the chunksplit function in PHP before 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation...

EUVD-2007-3981

The 1 MySQL and 2 MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safemode and openbasedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE...

CVE-2007-4596

The perl extension in PHP does not follow safemode restrictions, which allows context-dependent attackers to execute arbitrary code via the Perl eval function. NOTE: this might only be a vulnerability in limited environments...

PHP 5.2.3 - PHP_win32sti Local Buffer Overflow (1)

PHP 5.2.3 - PHPwin32sti Local Buffer Overflow 1 7ffdf020 7c911005 7c9110ed 00000001 00000000 shoutz go to Kevin Finisterre / if!functionexists'winbrowsefile' die'win32std extension is not available'; $shellcode= "\x2b\xc9\xb1\x51\xba\xbb\xb2\xd5\x31\xda\xda\xd9\x74\x24\xf4"...

PHP 5.x - 'Win32service' Local 'Safe_Mode()' Bypass

$n,'display'=$n,'path'=$cmd,'params'="/c $command "$name""; win32startservice$n; win32stopservice$n; win32deleteservice$n; $exec=filegetcontents$name; unlink$name; echo "".htmlspecialchars$exec.""; ? milw0rm.com 2007-07-27...

PHP 5.2.3 Win32std - 'win_shell_execute' Safe Mode / disable_functions Bypass

milw0rm.com 2007-07-24...

PHP 5.2.3 - glob() Denial of Service

PHP 5.2.3 - glob Denial of Service milw0rm.com 2007-07-14...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

CVE-2007-3007

PHP 5 before 5.2.3 does not enforce the openbasedir or safemode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the realpath function...

CVE-2007-3007

PHP 5 before 5.2.3 does not enforce the openbasedir or safemode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the realpath function...

CVE-2007-2844

PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access...

Information disclosure

The substrcount function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain sensitive information via unspecified vectors, a different affected function than CVE-2007-1375...

Crlf injection

CRLF injection vulnerability in the ftpputcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands...

Important: php security update

4.3.9-3.22.5 - add security fix for CVE-2007-1864, FTP CRLF injection issue 239017...

Important: Red Hat Security Advisory: php security update for Stronghold

Updated PHP packages that fix several security issues are now available for Stronghold 4.0 for Enterprise Linux. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...

Fedora Core 6 : php-5.1.6-3.5.fc6 (2007-415)

This update fixes a number of security issues in PHP. A denial of service flaw was found in the way PHP processed a deeply nested array. A remote attacker could cause the PHP interpreter to crash by submitting an input variable with a deeply nested array. CVE-2007-1285 A flaw was found in the way...

CVE-2007-1883

PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via the iptcembed function, which calls certain...

CVE-2007-1883

The CVE-2007-1883 entry describes a PHP vulnerability across multiple branches (PHP 4.0.0–4.4.6 and 5.0.0–5.2.1) where an interruption triggering a userspace error handler can change a parameter to an arbitrary pointer, allowing context-dependent attackers to read arbitrary memory via the iptcemb...