Ubuntu: Security Advisory (USN-66-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 4.10 : php4 vulnerabilities (USN-66-1)

FraMe from kernelpanik.org reported that the cURL module does not respect openbasedir restrictions. As a result, scripts which used cURL to open files with an user-specified path could read arbitrary local files outside of the openbasedir directory. Stefano Di Paola discovered a vulnerability in...

Ubuntu 4.10 : php4 vulnerabilities (USN-99-1)

Stefano Di Paola discovered integer overflows in PHP's pack and unpack functions. A malicious PHP script could exploit these to break out of safe mode and execute arbitrary code with the privileges of the PHP interpreter. CAN-2004-1018 Note: The second part of CAN-2004-1018 buffer overflow in the...

USN-66-1: PHP vulnerabilities

FraMe from kernelpanik.org reported that the cURL module does not respect openbasedir restrictions. As a result, scripts which used cURL to open files with an user-specified path could read arbitrary local files outside of the openbasedir directory. Stefano Di Paola discovered a vulnerability in...

security flaw

Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via 1 a negative offset value to the shmopwrite function, 2 an "integer overflow/underflow" in the pack function, or 3 an "integer...

CVE-2004-1018

CVE-2004-1018 affects PHP versions before 4.3.10, due to integer handling errors in shmop_write, pack, and unpack. These flaws could allow a remote attacker to bypass safe mode restrictions, cause denial of service, or execute arbitrary code. Several advisories (Ubuntu USN-99-1, Red Hat RHSA advi...