EUVD-2005-3318

Malware in sbrugna...

EUVD-2009-4113

Malware in sbrugna...

CVE-2005-3319

The apache2handler SAPI sapiapache2.c in the Apache module modphp for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service segmentation fault via the session.savepath option in a .htaccess file or VirtualHost...

Mandriva Update for php MDVSA-2010:045 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2010:045 php Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

PHP session.save_path()函数任意命令执行漏洞

BUGTRAQ ID: 37390 CVE ID: CVE-2009-4143 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 PHP在处理会话信息的功能函数实现上存在漏洞，远程攻击者可能利用此漏洞以PHP进程的权限执行任意命令，导致权限提升。 PHP = 5.2.11 PHP 5.2.0 厂商补丁： PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.php.net...

Memory corruption

PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to 1 interrupt corruption of the SESSION superglobal array and 2 the session.savepath directive...

php -- multiple vulnerabilities

PHP developers reports: This release focuses on improving the stability of the PHP 5.2.x branch with over 60 bug fixes, some of which are security related. All users of PHP 5.2 are encouraged to upgrade to this release. Security Enhancements and Fixes in PHP 5.2.12: Fixed a safemode bypass in...

FreeBSD : php -- multiple vulnerabilities (71d903fc-602d-11dc-898c-001921ab2fa4)

The PHP development team reports : Security Enhancements and Fixes in PHP 5.2.4 : - Fixed a floating point exception inside wordwrap Reported by Mattias Bengtsson - Fixed several integer overflows inside the GD extension Reported by Mattias Bengtsson - Fixed size calculation in chunksplit Reporte...

php -- multiple vulnerabilities

The PHP development team reports: Security Enhancements and Fixes in PHP 5.2.4: Fixed a floating point exception inside wordwrap Reported by Mattias Bengtsson Fixed several integer overflows inside the GD extension Reported by Mattias Bengtsson Fixed size calculation in chunksplit Reported by...

PHP 5.2.1 - Session.Save_Path() TMPDIR open_basedir Restriction Bypass

PHP 5.2.1 - Session.SavePath TMPDIR openbasedir Restriction Bypass source: https://www.securityfocus.com/bid/23183/info PHP is prone to a 'openbasedir' restriction-bypass vulnerability due to a design error. Successful exploits could allow an attacker to access sensitive information or to write...

PHP: Multiple vulnerabilities

Background PHP is a general-purpose scripting language widely used to develop web-based applications. It can run inside a web server using the modphp module or the CGI version and also stand-alone in a CLI. Description Multiple vulnerabilities have been found and fixed in PHP: a possible $GLOBALS...

CVE-2005-3319

The apache2handler SAPI sapiapache2.c in the Apache module modphp for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service segmentation fault via the session.savepath option in a .htaccess file or VirtualHost...

CVE-2005-3319

The apache2handler SAPI sapiapache2.c in the Apache module modphp for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service segmentation fault via the session.savepath option in a .htaccess file or VirtualHost...

[Full-disclosure] php < 4.4.1 htaccess apache dos

Hello, Here under some stuff to dos apache + php just through an htaccess. With .htaccess method : If you have into your php.ini - safemode = On Simply put a .htaccess file on the root directory of your website with this content : phpvalue session.savepath /var/www/somewherehowexist Apache segfau...