439 matches found
Debian Security Advisory DSA 2438-1 (raptor)
The remote host is missing an update to raptor announced via advisory DSA 2438-1. OpenVAS Vulnerability Test $Id: deb24381.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2438-1 raptor Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
DSA-2438-1 raptor - programming error
Bulletin has no description...
Symfony 2 Unauthenticated Information Disclosure
Exploit for php platform in category web applications Vendor Notification Date. 24-Feb-2012 Product. Symfony2 Platform. PHP Affected versions. 2.0.x - 2.0.10 Severity Rating. Medium Impact. Exposure of sensitive information Attack Vector. Remote without authentication Solution Status. Vendor patc...
Symfony 2 Unauthenticated Information Disclosure
Sense of Security - Security Advisory - SOS-12-002 Release Date. 05-Mar-2012 Last Update. - Vendor Notification Date. 24-Feb-2012 Product. Symfony2 Platform. PHP Affected versions. 2.0.x - 2.0.10 Severity Rating. Medium Impact. Exposure of sensitive information Attack Vector. Remote without...
Symfony2 Local File Disclosure
Exploit for php platform in category web applications Release Date. 05-Mar-2012 Vendor Notification Date. 24-Feb-2012 Product. Symfony2 Platform. PHP Affected versions. 2.0.x - 2.0.10 Severity Rating. Medium Impact. Exposure of sensitive information Attack Vector. Remote without authentication...
Symfony2 - Local File Disclosure
Sense of Security - Security Advisory - SOS-12-002 Release Date. 05-Mar-2012 Last Update. - Vendor Notification Date. 24-Feb-2012 Product. Symfony2 Platform. PHP Affected versions. 2.0.x - 2.0.10 Severity Rating. Medium Impact. Exposure of sensitive information Attack Vector. Remote without...
Security Release: Symfony 2.0.11 released
Symfony 2.0.11 has just been released and it contains a security vulnerability fix for the Serializer Component. If you are using the Serializer component, you should upgrade as soon as possible. The security vulnerability has been reported this morning by Sense of Security: "The XMLEncoder...
CentOS Update for php CESA-2010:0919 centos4 i386
Check for the Version of php OpenVAS Vulnerability Test CentOS Update for php CESA-2010:0919 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
RedHat Update for php RHSA-2010:0919-01
Check for the Version of php OpenVAS Vulnerability Test RedHat Update for php RHSA-2010:0919-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
php security update
CentOS Errata and Security Advisory CESA-2010:0919 Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS...
php: session serializer session data injection vulnerability (MOPS-2010-060)
The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PSUNDEFMARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name...
Debian DSA-2089-1 : php5 - several vulnerabilities
Several remote vulnerabilities have been discovered in PHP 5, an hypertext preprocessor. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-1917 The fnmatch function can be abused to conduct denial of service attacks by crashing the interpreter by the...
CVE-2010-3065
The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PSUNDEFMARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name...
Default configuration
The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PSUNDEFMARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name...
CVE-2010-3065
CVE-2010-3065 affects PHP’s default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2, where PS_UNDEF_MARKER is not handled properly. This allows context-dependent attackers to modify arbitrary session variables via crafted session variable names. Several connected advisories and...
CVE-2010-3065
The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PSUNDEFMARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name...
CVE-2010-3065
The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PSUNDEFMARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name...
[SECURITY] [DSA-2089-1] New php5 packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-2089-1 [email protected] http://www.debian.org/security/ Raphael Geissert August 6, 2010 http://www.debian.org/security/faq -...
PHP 5.3 < 5.3.3 Multiple Vulnerabilities
According to its banner, the version of PHP 5.3 installed on the remote host is older than 5.3.3. Such versions may be affected by several security issues : - An error exists when processing invalid XML-RPC requests that can lead to a NULL pointer dereference. bug 51288 CVE-2010-0397 - An error...