14 matches found
EUVD-2006-0482
Malware in sbrugna...
php-ping Count Parameter Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9309/info It has been reported that php-ping may be prone to a remote command execution vulnerability that may allow remote attackers to execute commands on vulnerable systems. The problem exists due to insufficient...
CVE-2006-0475
PHP-Ping 1.3 does not properly validate ping counts, which allows remote attackers to cause a denial of service ping flood via a negative count parameter...
Code injection
PHP-Ping 1.3 does not properly validate ping counts, which allows remote attackers to cause a denial of service ping flood via a negative count parameter...
CVE-2006-0475
CVE-2006-0475 describes a vulnerability in PHP-Ping 1.3 where ping counts are not properly validated. An attacker can trigger a denial-of-service (ping flood) by supplying a negative count parameter. The NVD entry lists a CVSS v2 base score of 5.0 (Medium) with network access, no authentication r...
CVE-2006-0475
PHP-Ping 1.3 does not properly validate ping counts, which allows remote attackers to cause a denial of service ping flood via a negative count parameter...
phpping.txt
ppp-design found the following design error in php-ping: Details ------- Product: php-ping Affected Version: no version information included in the script Immune Version: latest version OS affected: all OS with php Vendor-URL: http://www.theworldsend.net/ Vendor-Status: informed, new version...
[Full-Disclosure] php-ping: Executing arbritary commands
ppp-design found the following design error in php-ping: Details ------- Product: php-ping Affected Version: no version information included in the script Immune Version: latest version OS affected: all OS with php Vendor-URL: http://www.theworldsend.net/ Vendor-Status: informed, new version...
PHP-ping - 'Count' Command Execution
source: https://www.securityfocus.com/bid/9309/info It has been reported that php-ping may be prone to a remote command execution vulnerability that may allow remote attackers to execute commands on vulnerable systems. The problem exists due to insufficient sanitization of shell metacharacters vi...
PHP-ping - Count Command Execution
PHP-ping - Count Command Execution source: https://www.securityfocus.com/bid/9309/info It has been reported that php-ping may be prone to a remote command execution vulnerability that may allow remote attackers to execute commands on vulnerable systems. The problem exists due to insufficient...
PHP-Ping php-ping.php count Parameter Arbitrary Command Execution
The remote host appears to be running 'php-ping.php' from TheWorldsEnd.NET. The remote version of this script does not properly sanitize the 'count' parameter and allows attackers to execute arbitrary commands or read arbitrary files on the remote host subject to the privileges of the web server...
SCSA009.txt
Security Corporation Security Advisory SCSA-009 PROGRAM: PHP Ping HOMEPAGE: http://www.phpapps.org/ VULNERABLE VERSIONS: v0.1 and prior DESCRIPTION PHP ping "will allow you, provided that your server turns under Windows, to realize a "ping" on the host of your choice." direct quote from PHP Ping...
[SCSA-009] Remote Command Execution Vulnerability in PHP Ping
Security Corporation Security Advisory SCSA-009 PROGRAM: PHP Ping HOMEPAGE: http://www.phpapps.org/ VULNERABLE VERSIONS: v0.1 and prior DESCRIPTION PHP ping "will allow you, provided that your server turns under Windows, to realize a "ping" on the host of your choice." direct quote from PHP Ping...
PHP-Ping index.php pingto Parameter Arbitrary Code Execution
It is possible to make the remote host execute arbitrary DOS commands using the CGI phpping. An attacker may use this flaw to gain a shell with the privileges of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: Message-ID: From: "Gregory Le Bras | Security Corporation" To...