EUVD-2013-6304

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2013-6501

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The default soap.wsdlcachedir setting in 1 php.ini-production and 2 php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier...

PHP 5.4.x < 5.4.40 / 5.5.x < 5.5.24 / 5.6.x < 5.6.8 'php_sdl.c' WSDL Injection

Binary data 8789.prm...

CVE-2013-6501

The default soap.wsdlcachedir setting in 1 php.ini-production and 2 php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the getsdl...

CVE-2013-6501

The default soap.wsdlcachedir setting in 1 php.ini-production and 2 php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the getsdl...

Design/Logic Flaw

The default soap.wsdlcachedir setting in 1 php.ini-production and 2 php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the getsdl...

CVE-2013-6501

CVE-2013-6501 affects PHP before 5.6.7 where the default soap.wsdl_cache_dir in php.ini-production and php.ini-development points to /tmp, enabling local users to perform WSDL injection by creating a predictable file name used by get_sdl in ext/soap/php_sdl.c. Consequence described as easier loca...