Lucene search
K

41 matches found

securityvulns
securityvulns
added 2008/11/21 12:0 a.m.56 views

SecurityReason : PHP 5.2.6 (error_log) safe_mode bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SecurityReason.com PHP 5.2.6 errorlog safemode bypass Author: Maksymilian Arciemowicz cXIb8O3 securityreason.com Date: - - Written: 10.11.2008 - - Public: 20.11.2008 SecurityReason Research SecurityAlert Id: 57 CWE: CWE-264 SecurityRisk: Medium Affect...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2008/11/20 12:0 a.m.37 views

php526-bypass.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SecurityReason.com PHP 5.2.6 errorlog safemode bypass Author: Maksymilian Arciemowicz cXIb8O3 securityreason.com Date: - - Written: 10.11.2008 - - Public: 20.11.2008 SecurityReason Research SecurityAlert Id: 57 CWE: CWE-264 SecurityRisk: Medium Affect...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/11/20 12:0 a.m.77 views

PHP 5.2.6 - error_log Safe_mode Bypass

PHP 5.2.6 - errorlog Safemode Bypass SecurityReason.com PHP 5.2.6 errorlog safemode bypass Author: Maksymilian Arciemowicz cXIb8O3 securityreason.com Date: - - Written: 10.11.2008 - - Public: 20.11.2008 SecurityReason Research SecurityAlert Id: 57 CWE: CWE-264 SecurityRisk: Medium Affected...

Exploits0
OpenVAS
OpenVAS
added 2008/11/19 12:0 a.m.50 views

Gentoo Security Advisory GLSA 200811-05 (php)

The remote host is missing updates announced in advisory GLSA 200811-05. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

10CVSS1.1AI score0.13923EPSS
Exploits21
seebug.org
seebug.org
added 2008/09/27 12:0 a.m.98 views

PHP 'create_function()'代码注入漏洞

BUGTRAQ ID: 31398 CNCAN ID:CNCAN-2008092610 PHP是一款流行的WEB编程语言。 PHP不正确过滤传递给'createfunction'的输入,远程攻击者可以利用漏洞以特权应用程序权限执行任意代码。 PHP使用createfunction函数用于CREATE一个匿名函数: 1,使用createfunction建立一个匿名函数: ?php $newfunc = createfunction'$a,$b', 'return "ln$a + ln$b = " . log$a $b;'; echo "New anonymous function:...

6.9AI score
Exploits0
exploitpack
exploitpack
added 2008/09/25 12:0 a.m.103 views

PHP 5.2.6 - create_function() Code Injection (1)

PHP 5.2.6 - createfunction Code Injection 1 source: https://www.securityfocus.com/bid/31398/info PHP is prone to a code-injection weakness because it fails to sufficiently sanitize input to 'createfunction'. Note that the anonymous function returned need not be called for the supplied code to be...

7.9AI score
Exploits0
Exploit DB
Exploit DB
added 2008/09/25 12:0 a.m.93 views

PHP 5.2.6 - 'create_function()' Code Injection (1)

source: https://www.securityfocus.com/bid/31398/info PHP is prone to a code-injection weakness because it fails to sufficiently sanitize input to 'createfunction'. Note that the anonymous function returned need not be called for the supplied code to be executed. An attacker who can exploit this...

7.4AI score
Exploits0
NVD
NVD
added 2008/09/18 5:59 p.m.31 views

CVE-2008-4107

The 1 rand and 2 mtrand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows attackers to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset functionality in Joomla! 1.5.x an...

5.1CVSS9.4AI score0.03013EPSS
Exploits0References19
UbuntuCve
UbuntuCve
added 2008/09/18 5:59 p.m.37 views

CVE-2008-4107

The 1 rand and 2 mtrand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows attackers to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset functionality in Joomla! 1.5.x an...

5.1CVSS5.9AI score0.03013EPSS
Exploits0References1
Cvelist
Cvelist
added 2008/08/15 12:0 a.m.22 views

CVE-2008-3658

Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted font file...

8.9AI score0.06847EPSS
Exploits1References40
RedHat Linux
RedHat Linux
added 2008/07/02 1:15 p.m.67 views

Moderate: Red Hat Security Advisory: Red Hat Application Stack v2.1 security and enhancement update

Red Hat Application Stack v2.1 is now available. This update fixes various security issues and adds several enhancements. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Red Hat Application Stack is an integrated open source application...

10CVSS7.2AI score0.10918EPSS
Exploits7References10
NVD
NVD
added 2008/06/23 8:41 p.m.14 views

CVE-2008-2829

phpimap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete API calls that allow context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a long IMAP request, which triggers an "rfc822.c legacy routine buffer overflow" error message, related...

5CVSS9AI score0.05265EPSS
Exploits1References28
seebug.org
seebug.org
added 2008/06/23 12:0 a.m.68 views

PHP 5 'chdir()'和'ftok()' 'safe_mode'安全绕过漏洞

BUGTRAQ ID: 29796 CVE ID:CVE-2008-2666 CNCVE ID:CNCVE-20082666 PHP 5是一款开放源代码的网络编程语言。 PHP 5 'chdir'和'ftok'函数存在'safemode绕过问题,远程攻击者可以利用漏洞在未授权位置检测文件是否存在等敏感信息。 问题代码如下: - --- PHPFUNCTIONchdir char str; int ret, strlen; if zendparseparametersZENDNUMARGS TSRMLSCC, "s", &str, &strlen == FAILURE RETURNFALS...

5CVSS6.3AI score0.13923EPSS
Exploits2
seebug.org
seebug.org
added 2008/06/22 12:0 a.m.14 views

PHP rfc822_write_address()函数缓冲区溢出漏洞

BUGTRAQ ID: 29829 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP的phpimap.c文件中的rfc822writeaddress函数将返回地址列表的全部长度限定在16383字节,但没有考虑缓冲区大小。如果用户在To:或Cc:字段提供了超长的地址列表的话,就可能触发缓冲区溢出,导致PHP出现SIGABRT而崩溃。 PHP 5.2.6 PHP --- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.php.net...

6.9AI score
Exploits0
NVD
NVD
added 2008/06/20 1:41 a.m.19 views

CVE-2008-2665

Directory traversal vulnerability in the posixaccess function in PHP 5.2.6 and earlier allows remote attackers to bypass safemode restrictions via a .. dot dot in an http URL, which results in the URL being canonicalized to a local filename after the safemode check has successfully run...

5CVSS7.5AI score0.03377EPSS
Exploits4References17
UbuntuCve
UbuntuCve
added 2008/06/20 1:41 a.m.30 views

CVE-2008-2665

Directory traversal vulnerability in the posixaccess function in PHP 5.2.6 and earlier allows remote attackers to bypass safemode restrictions via a .. dot dot in an http URL, which results in the URL being canonicalized to a local filename after the safemode check has successfully run...

5CVSS7.1AI score0.03377EPSS
Exploits4References1
Cvelist
Cvelist
added 2008/06/20 1:0 a.m.35 views

CVE-2008-2665

Directory traversal vulnerability in the posixaccess function in PHP 5.2.6 and earlier allows remote attackers to bypass safemode restrictions via a .. dot dot in an http URL, which results in the URL being canonicalized to a local filename after the safemode check has successfully run...

8.3AI score0.03377EPSS
Exploits4References17
seebug.org
seebug.org
added 2008/05/29 12:0 a.m.17 views

PHP 5.2.6 sleep() Local Memory Exhaust Exploit

No description provided by source. ?php sleep9999999; echo 'Hello World'; ? Will print hello world after 9999999 seconds... so maxexecutiontime simply dosnt work :P Why? we can find in manual:...

7.1AI score
Exploits0
0day.today
0day.today
added 2008/05/27 12:0 a.m.27 views

PHP 5.2.6 sleep() Local Memory Exhaust Exploit

Exploit for multiple platform in category dos / poc ============================================== PHP 5.2.6 sleep Local Memory Exhaust Exploit ============================================== There is some kind of issue in PHP we can run out memory even on SAFEMODE script simply allocate maximum o...

7.1AI score
Exploits0
Prion
Prion
added 2008/05/05 5:20 p.m.16 views

Stack overflow

Stack-based buffer overflow in the FastCGI SAPI fastcgi.c in PHP before 5.2.6 has unknown impact and attack vectors...

10CVSS7.6AI score0.03441EPSS
Exploits1References26Affected Software1
Rows per page
Query Builder