Debian: Security Advisory (DSA-1282-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 020-1 (php4)

The remote host is missing an update to php4 announced via advisory DSA 020-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 531-1 (php4)

The remote host is missing an update to php4 announced via advisory DSA 531-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1206-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1296-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1331-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 5.04 / 5.10 / 6.06 LTS : php4, php5 vulnerabilities (USN-362-1)

The stripos function did not check for invalidly long or empty haystack strings. In an application that uses this function on arbitrary untrusted data this could be exploited to crash the PHP interpreter. CVE-2006-4485 An integer overflow was discovered in the PHP memory allocation handling. On...

Ubuntu 5.04 : php4 regression (USN-320-2)

USN-320-2 fixed several vulnerabilities in PHP. James Manning discovered that the Ubuntu 5.04 update introduced a regression, the function tempnam caused a crash of the PHP interpreter in some circumstances. The updated packages fix this. We apologize for the inconvenience. Note that Tenable...

Design/Logic Flaw

Unspecified vulnerability in the XOOPS uploader class in Xoops 2.0.17.1-RC1 and earlier allows remote attackers to upload arbitrary files via unspecified vectors related to improper upload configuration settings in class/uploader.php and class/mimetypes.inc.php, possibly an incomplete blacklist...

CVE-2007-5188

Unspecified vulnerability in the XOOPS uploader class in Xoops 2.0.17.1-RC1 and earlier allows remote attackers to upload arbitrary files via unspecified vectors related to improper upload configuration settings in class/uploader.php and class/mimetypes.inc.php, possibly an incomplete blacklist...

Unfixed XSS vulnerability at demo-php4.uttx.net

Security researcher zuppergazi, has submitted on 08/03/2007 a cross-site-scripting XSS vulnerability affecting demo-php4.uttx.net, which at the time of submission ranked 62296 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 08/03/2007. It is...

SUSE-SA:2007:020: php4,php5

The remote host is missing the patch for the advisory SUSE-SA:2007:020 php4,php5. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This plugin text was extracted from SuSE Security Advisory SUSE-SA:2007:020 if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc...

SUSE-SA:2007:032: php4,php5

The remote host is missing the patch for the advisory SUSE-SA:2007:032 php4,php5. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This plugin text was extracted from SuSE Security Advisory SUSE-SA:2007:032 if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc...

DTSA-40-1 php4 - several vulnerabilities

Bulletin has no description...

Debian DSA-1296-1 : php4 - missing input sanitising

It was discovered that the ftp extension of PHP, a server-side, HTML-embedded scripting language performs insufficient input sanitising, which permits an attacker to execute arbitrary FTP commands. This requires the attacker to already have access to the FTP server. %NASLMINLEVEL 70300 C Tenable...

[SECURITY] [DSA 1296-1] New php4 packages fix privilege escalation

-------------------------------------------------------------------------- Debian Security Advisory DSA 1296-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 21st, 2007 http://www.debian.org/security/faq -...

CentOS 3 / 4 / 5 : squirrelmail (CESA-2007:0358)

A new squirrelmail package that fixes security issues is now available for Red Hat Enterprise Linux 3, 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based webmail package written in PHP4. Several HTML...

squirrelmail security update

CentOS Errata and Security Advisory CESA-2007:0358 A new squirrelmail package that fixes security issues is now available for Red Hat Enterprise Linux 3, 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based...

Moderate: Red Hat Security Advisory: squirrelmail security update

A new squirrelmail package that fixes security issues is now available for Red Hat Enterprise Linux 3, 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based webmail package written in PHP4. Several HTML...

[SECURITY] Fedora Core 6 Update: squirrelmail-1.4.10a-1.fc6

SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 with no Javascript for maximum compatibility across browsers. It has very few requirements and is very easy to configure and instal...