Ubuntu: Security Advisory (USN-1761-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : php5 vulnerability (USN-1761-1)

It was discovered that PHP incorrectly handled XML external entities in SOAP WSDL files. A remote attacker could use this flaw to read arbitrary files off the server. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenab...

Debian DSA-2639-1 : php5 - several vulnerabilities

Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2013-1635 If a PHP application accepted untrusted SOAP object input remotely from clients, an attacker could read system files...

Debian Security Advisory DSA 2639-1 (php5 - several vulnerabilities)

Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2013-1635 If a PHP application accepted untrusted SOAP object input remotely from clients, an attacker could read system files...

Debian: Security Advisory (DSA-2639-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

php5 -- Multiple vulnerabilities

The PHP development team reports: PHP does not validate the relationship between the soap.wsdlcachedir directive and the openbasedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory. The...

Kohana Framework v2.3.3 - Directory Traversal Vulnerability

Title: ====== Kohana Framework v2.3.3 - Directory Traversal Vulnerability Date: ===== 2013-01-27 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=841 VL-ID: ===== 837 Common Vulnerability Scoring System: ==================================== 7.1 Introduction: ============...

SuSE 11.1 Security Update : PHP5 (SAT Patch Number 6316)

PHP5 was updated with incremental fixes to the previous update : - Additional unsafe cgi wrapper scripts are also fixed now. CVE-2012-2335 - Even more commandline option handling is filtered, which could lead to crashes of the php interpreter. CVE-2012-2336 %NASLMINLEVEL 70300 C Tenable Network...

SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6251)

This update fixes several security issues in PHP5 : - A directory traversal bug has been fixed in PHP5. CVE-2012-1172 - A command injection was possible when PHP5 was operated in CGI mode using commandline options. This problem does not affect PHP5 in the normal Apache module mode setup...

SuSE 11.1 Security Update : PHP5 (SAT Patch Number 6252)

This update fixes several security issues in PHP5 : - A directory traversal bug has been fixed in PHP5. CVE-2012-1172 - A command injection was possible when PHP5 was operated in CGI mode using commandline options. This problem does not affect PHP5 in the normal apache module mode setup...

SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6634)

Three security bugs have been fixed in PHP5. - php5: potential overflow in phpstreamscandir. CVE-2012-2688 - openbasedir bypass via SQLite extension. CVE-2012-3365 - An out of band read sql denial of service has been fixed bnc769785. CVE-2012-3450 %NASLMINLEVEL 70300 C Tenable Network Security,...

SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6777)

This update fixes CVE-2011-1398 / CVE-2011-4388 header injection via CR. This update also changes the default configuration to use FilesMatch with 'SetHandler' rather than 'AddHandler' to protect weakly written web applications from content confusion. Since this is a hardening measure, no CVE was...

SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6634)

Three security bugs have been fixed in PHP5. - php5: potential overflow in phpstreamscandir. CVE-2012-2688 - openbasedir bypass via SQLite extension. CVE-2012-3365 - An out of band read sql denial of service has been fixed bnc769785. CVE-2012-3450 %NASLMINLEVEL 70300 C Tenable Network Security,...

SuSE 11.1 Security Update : php5 (SAT Patch Number 6627)

This update fixes two security issues of PHP5 : - Potential overflow in phpstreamscandir. CVE-2012-2688 - openbasedir bypass via SQLite extension. CVE-2012-3365 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11...

SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6440)

PHP5 was updated with incremental fixes to the previous update. - Additional unsafe cgi wrapper scripts are also fixed now. CVE-2012-2335 - Even more commandline option handling is filtered, which could lead to crashes of the php interpreter. CVE-2012-2336 - heap-based buffer overflow in php's ph...

SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6778)

This update fixes CVE-2011-1398 / CVE-2011-4388 header injection via CR. This update also changes the default configuration to use FilesMatch with 'SetHandler' rather than 'AddHandler' to protect weakly written web applications from content confusion. Since this is a hardening measure, no CVE was...

Ubuntu: Security Advisory (USN-1702-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for php5 USN-1702-1

Check for the Version of php5 OpenVAS Vulnerability Test $Id: gbubuntuUSN17021.nasl 8509 2018-01-24 06:57:46Z teissa $ Ubuntu Update for php5 USN-1702-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you...

Ubuntu 12.04 LTS : php5 vulnerability (USN-1702-1)

It was discovered that PHP incorrectly handled the opensslencrypt function when used with an empty string. An attacker could use this flaw to cause PHP to disclose arbitrary memory contents and possibly expose sensitive information. Note that Tenable Network Security has extracted the preceding...

openSUSE: Security Advisory for update (openSUSE-SU-2012:0426-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...