Executive Summary
Summary | |
---|---|
Title | HP Secure Web Server (SWS) for OpenVMS running PHP, Remote Denial of Service (DoS), Unauthorized Access, Privilege escalation, Unauthorized Disclosure of Information, Unauthorized Modification |
Informations | |||
---|---|---|---|
Name | HPSBOV02763 SSRT100826 | First vendor Publication | 2012-04-16 |
Vendor | HP | Last vendor Modification | 2012-04-16 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, privilege escalation, unauthorized disclosure of information, or unauthorized modifications. |
Original Source
Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03281867 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-200 | Information Exposure |
19 % | CWE-399 | Resource Management Errors |
19 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
19 % | CWE-20 | Improper Input Validation |
7 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
4 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11939 | |||
Oval ID: | oval:org.mitre.oval:def:11939 | ||
Title: | Stack-based buffer overflow in the GD extension in PHP before 5.2.15 and 5.3.x before 5.3.4 | ||
Description: | Stack-based buffer overflow in the GD extension in PHP before 5.2.15 and 5.3.x before 5.3.4 allows context-dependent attackers to cause a denial of service (application crash) via a large number of anti-aliasing steps in an argument to the imagepstext function. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4698 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | PHP |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12016 | |||
Oval ID: | oval:org.mitre.oval:def:12016 | ||
Title: | Security bypass vulnerability in the extract function in PHP before 5.2.15 | ||
Description: | The extract function in PHP before 5.2.15 does not prevent use of the EXTR_OVERWRITE parameter to overwrite (1) the GLOBALS superglobal array and (2) the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended to depend on external input, a related issue to CVE-2005-2691 and CVE-2006-3758. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0752 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | PHP |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12156 | |||
Oval ID: | oval:org.mitre.oval:def:12156 | ||
Title: | DSA-2266-2 php5 -- several | ||
Description: | The update for CVE-2010-2531 for the old stable distribution introduced a regression, which lead to additional output being written to stdout. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2266-2 CVE-2010-2531 CVE-2011-0420 CVE-2011-0421 CVE-2011-0708 CVE-2011-1153 CVE-2011-1466 CVE-2011-1471 CVE-2011-2202 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | php5 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12388 | |||
Oval ID: | oval:org.mitre.oval:def:12388 | ||
Title: | DSA-2266-1 php5 -- several | ||
Description: | Several vulnerabilities were discovered in PHP, which could lead to denial of service or potentially the execution of arbitrary code. CVE-2010-2531 An information leak was found in the var_export function. CVE-2011-0421 The Zip module could crash. CVE-2011-0708 An integer overflow was discovered in the Exif module. CVE-2011-1466 An integer overflow was discovered in the Calendar module. CVE-2011-1471 The Zip module was prone to denial of service through malformed archives. CVE-2011-2202 Path names in form based file uploads were incorrectly validated. This update also fixes two bugs, which are not treated as security issues, but fixed nonetheless, see README.Debian.security for details on the scope of security support for PHP. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2266-1 CVE-2010-2531 CVE-2011-0420 CVE-2011-0421 CVE-2011-0708 CVE-2011-1153 CVE-2011-1466 CVE-2011-1471 CVE-2011-2202 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | php5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12489 | |||
Oval ID: | oval:org.mitre.oval:def:12489 | ||
Title: | Denial of service vulnerability in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 in IMAP extension | ||
Description: | Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4150 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | PHP |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12528 | |||
Oval ID: | oval:org.mitre.oval:def:12528 | ||
Title: | Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 | ||
Description: | Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of __set, __get, __isset, and __unset methods on objects accessed by a reference. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4697 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | PHP |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12569 | |||
Oval ID: | oval:org.mitre.oval:def:12569 | ||
Title: | NULL byte injection vulnerability in PHP before 5.3.4 | ||
Description: | PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-7243 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | PHP |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12808 | |||
Oval ID: | oval:org.mitre.oval:def:12808 | ||
Title: | DSA-2195-1 php5 -- several | ||
Description: | Stephane Chazelas discovered that the cronjob of the PHP 5 package in Debian suffers from a race condition which might be used to remove arbitrary files from a system. When upgrading your php5-common package take special care to _accept_ the changes to the /etc/cron.d/php5 file. Ignoring them would leave the system vulnerable. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2195-1 CVE-2011-0441 CVE-2010-3709 CVE-2010-3710 CVE-2010-3870 CVE-2010-4150 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | php5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19494 | |||
Oval ID: | oval:org.mitre.oval:def:19494 | ||
Title: | HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass | ||
Description: | PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2006-7243 | Version: | 10 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21065 | |||
Oval ID: | oval:org.mitre.oval:def:21065 | ||
Title: | USN-1231-1 -- php5 vulnerabilities | ||
Description: | Several security issues were fixed in PHP. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1231-1 CVE-2011-1938 CVE-2011-2202 CVE-2011-2483 CVE-2011-3182 CVE-2011-3267 CVE-2011-1657 CVE-2010-1914 CVE-2010-2484 | Version: | 5 |
Platform(s): | Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.10 Ubuntu 10.04 Ubuntu 8.04 | Product(s): | php5 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2012-01-03 | PHP Hash Table Collision Proof Of Concept |
2012-01-01 | PHP Hashtables Denial of Service |
2011-07-04 | PHP 5.3.6 Buffer Overflow PoC (ROP) CVE-2011-1938 |
2011-05-25 | PHP <= 5.3.5 socket_connect() Buffer Overflow Vulnerability |
2011-03-18 | libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5) |
2011-03-12 | PHP <= 5.3.6 shmop_read() Integer Overflow DoS |
2010-11-05 | PHP 5.3.3/5.2.14 ZipArchive::getArchiveComment NULL Pointer Deference |
OpenVAS Exploits
Date | Description |
---|---|
2012-12-13 | Name : SuSE Update for update openSUSE-SU-2012:0426-1 (update) File : nvt/gb_suse_2012_0426_1.nasl |
2012-09-26 | Name : Gentoo Security Advisory GLSA 201209-03 (php) File : nvt/glsa_201209_03.nasl |
2012-09-10 | Name : Slackware Advisory SSA:2011-210-01 libpng File : nvt/esoft_slk_ssa_2011_210_01.nasl |
2012-09-10 | Name : Slackware Advisory SSA:2011-237-01 php File : nvt/esoft_slk_ssa_2011_237_01.nasl |
2012-08-03 | Name : Mandriva Update for php MDVSA-2012:065 (php) File : nvt/gb_mandriva_MDVSA_2012_065.nasl |
2012-07-30 | Name : CentOS Update for php53 CESA-2011:0196 centos5 x86_64 File : nvt/gb_CESA-2011_0196_php53_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for php53 CESA-2011:1423 centos5 x86_64 File : nvt/gb_CESA-2011_1423_php53_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for php53 CESA-2012:0019 centos5 File : nvt/gb_CESA-2012_0019_php53_centos5.nasl |
2012-07-30 | Name : CentOS Update for php CESA-2012:0019 centos6 File : nvt/gb_CESA-2012_0019_php_centos6.nasl |
2012-07-30 | Name : CentOS Update for php CESA-2012:0033 centos5 File : nvt/gb_CESA-2012_0033_php_centos5.nasl |
2012-07-30 | Name : CentOS Update for php CESA-2012:0071 centos4 File : nvt/gb_CESA-2012_0071_php_centos4.nasl |
2012-07-30 | Name : CentOS Update for php53 CESA-2012:0092 centos5 File : nvt/gb_CESA-2012_0092_php53_centos5.nasl |
2012-07-30 | Name : CentOS Update for php CESA-2012:0093 centos4 File : nvt/gb_CESA-2012_0093_php_centos4.nasl |
2012-07-30 | Name : CentOS Update for php CESA-2012:0093 centos5 File : nvt/gb_CESA-2012_0093_php_centos5.nasl |
2012-07-30 | Name : CentOS Update for php CESA-2012:0093 centos6 File : nvt/gb_CESA-2012_0093_php_centos6.nasl |
2012-06-21 | Name : PHP version smaller than 5.2.14 File : nvt/nopsec_php_5_2_14.nasl |
2012-06-21 | Name : PHP 5.2 < 5.2.15 File : nvt/nopsec_php_5_2_15.nasl |
2012-06-21 | Name : PHP version smaller than 5.3.3 File : nvt/nopsec_php_5_3_3.nasl |
2012-06-21 | Name : PHP version smaller than 5.3.4 File : nvt/nopsec_php_5_3_4.nasl |
2012-06-14 | Name : PHP version 5.3< 5.3.6 File : nvt/nopsec_php_5_3_6.nasl |
2012-06-14 | Name : PHP versoin < 5.3.9 File : nvt/nopsec_php_5_3_9.nasl |
2012-06-05 | Name : RedHat Update for php RHSA-2011:0195-01 File : nvt/gb_RHSA-2011_0195-01_php.nasl |
2012-05-18 | Name : Mac OS X Multiple Vulnerabilities (2012-002) File : nvt/gb_macosx_su12-002.nasl |
2012-04-02 | Name : Fedora Update for maniadrive FEDORA-2011-11464 File : nvt/gb_fedora_2011_11464_maniadrive_fc16.nasl |
2012-04-02 | Name : Fedora Update for maniadrive FEDORA-2012-0504 File : nvt/gb_fedora_2012_0504_maniadrive_fc16.nasl |
2012-04-02 | Name : Fedora Update for php FEDORA-2012-0504 File : nvt/gb_fedora_2012_0504_php_fc16.nasl |
2012-04-02 | Name : Fedora Update for maniadrive FEDORA-2012-1262 File : nvt/gb_fedora_2012_1262_maniadrive_fc16.nasl |
2012-04-02 | Name : Fedora Update for php FEDORA-2012-1262 File : nvt/gb_fedora_2012_1262_php_fc16.nasl |
2012-03-19 | Name : Fedora Update for php-eaccelerator FEDORA-2011-11464 File : nvt/gb_fedora_2011_11464_php-eaccelerator_fc16.nasl |
2012-03-19 | Name : Fedora Update for php FEDORA-2011-11464 File : nvt/gb_fedora_2011_11464_php_fc16.nasl |
2012-03-19 | Name : Fedora Update for php-eaccelerator FEDORA-2012-0504 File : nvt/gb_fedora_2012_0504_php-eaccelerator_fc16.nasl |
2012-03-19 | Name : Fedora Update for php-eaccelerator FEDORA-2012-1262 File : nvt/gb_fedora_2012_1262_php-eaccelerator_fc16.nasl |
2012-03-12 | Name : Debian Security Advisory DSA 2408-1 (php5) File : nvt/deb_2408_1.nasl |
2012-02-21 | Name : Fedora Update for maniadrive FEDORA-2012-1301 File : nvt/gb_fedora_2012_1301_maniadrive_fc15.nasl |
2012-02-21 | Name : Fedora Update for php-eaccelerator FEDORA-2012-1301 File : nvt/gb_fedora_2012_1301_php-eaccelerator_fc15.nasl |
2012-02-21 | Name : Fedora Update for php FEDORA-2012-1301 File : nvt/gb_fedora_2012_1301_php_fc15.nasl |
2012-02-21 | Name : Ubuntu Update for php5 USN-1358-2 File : nvt/gb_ubuntu_USN_1358_2.nasl |
2012-02-13 | Name : Ubuntu Update for php5 USN-1358-1 File : nvt/gb_ubuntu_USN_1358_1.nasl |
2012-02-12 | Name : Debian Security Advisory DSA 2399-1 (php5) File : nvt/deb_2399_1.nasl |
2012-02-12 | Name : Debian Security Advisory DSA 2399-2 (php5) File : nvt/deb_2399_2.nasl |
2012-02-12 | Name : FreeBSD Ports: php5 File : nvt/freebsd_php514.nasl |
2012-02-12 | Name : FreeBSD Ports: php5, php5-exif File : nvt/freebsd_php515.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-06 (php) File : nvt/glsa_201110_06.nasl |
2012-02-06 | Name : Mac OS X Multiple Vulnerabilities (2012-001) File : nvt/gb_macosx_su12-001.nasl |
2012-02-03 | Name : RedHat Update for php53 RHSA-2012:0092-01 File : nvt/gb_RHSA-2012_0092-01_php53.nasl |
2012-02-03 | Name : RedHat Update for php RHSA-2012:0093-01 File : nvt/gb_RHSA-2012_0093-01_php.nasl |
2012-02-01 | Name : RedHat Update for php RHSA-2012:0071-01 File : nvt/gb_RHSA-2012_0071-01_php.nasl |
2012-02-01 | Name : Fedora Update for maniadrive FEDORA-2012-0420 File : nvt/gb_fedora_2012_0420_maniadrive_fc15.nasl |
2012-02-01 | Name : Fedora Update for php-eaccelerator FEDORA-2012-0420 File : nvt/gb_fedora_2012_0420_php-eaccelerator_fc15.nasl |
2012-02-01 | Name : Fedora Update for php FEDORA-2012-0420 File : nvt/gb_fedora_2012_0420_php_fc15.nasl |
2012-01-20 | Name : RedHat Update for php RHSA-2012:0033-01 File : nvt/gb_RHSA-2012_0033-01_php.nasl |
2012-01-13 | Name : RedHat Update for php53 and php RHSA-2012:0019-01 File : nvt/gb_RHSA-2012_0019-01_php53_and_php.nasl |
2012-01-03 | Name : PHP Web Form Hash Collision Denial of Service Vulnerability (Win) File : nvt/gb_php_web_form_hash_collision_dos_vuln_win.nasl |
2012-01-02 | Name : Mandriva Update for php MDVSA-2011:197 (php) File : nvt/gb_mandriva_MDVSA_2011_197.nasl |
2011-11-08 | Name : Mandriva Update for php MDVSA-2011:165 (php) File : nvt/gb_mandriva_MDVSA_2011_165.nasl |
2011-11-03 | Name : CentOS Update for php53 CESA-2011:1423 centos5 i386 File : nvt/gb_CESA-2011_1423_php53_centos5_i386.nasl |
2011-11-03 | Name : RedHat Update for php53 and php RHSA-2011:1423-01 File : nvt/gb_RHSA-2011_1423-01_php53_and_php.nasl |
2011-10-21 | Name : Ubuntu Update for php5 USN-1231-1 File : nvt/gb_ubuntu_USN_1231_1.nasl |
2011-10-20 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006) File : nvt/gb_macosx_su11-006.nasl |
2011-09-21 | Name : FreeBSD Ports: php5, php5-sockets File : nvt/freebsd_php513.nasl |
2011-09-20 | Name : Fedora Update for maniadrive FEDORA-2011-11528 File : nvt/gb_fedora_2011_11528_maniadrive_fc15.nasl |
2011-09-20 | Name : Fedora Update for php-eaccelerator FEDORA-2011-11528 File : nvt/gb_fedora_2011_11528_php-eaccelerator_fc15.nasl |
2011-09-20 | Name : Fedora Update for php FEDORA-2011-11528 File : nvt/gb_fedora_2011_11528_php_fc15.nasl |
2011-09-20 | Name : Fedora Update for maniadrive FEDORA-2011-11537 File : nvt/gb_fedora_2011_11537_maniadrive_fc14.nasl |
2011-09-20 | Name : Fedora Update for php-eaccelerator FEDORA-2011-11537 File : nvt/gb_fedora_2011_11537_php-eaccelerator_fc14.nasl |
2011-09-20 | Name : Fedora Update for php FEDORA-2011-11537 File : nvt/gb_fedora_2011_11537_php_fc14.nasl |
2011-09-07 | Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) File : nvt/gb_macosx_su10-007.nasl |
2011-08-26 | Name : Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001) File : nvt/secpod_macosx_su11-001.nasl |
2011-08-09 | Name : CentOS Update for php CESA-2010:0919 centos5 i386 File : nvt/gb_CESA-2010_0919_php_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for php53 CESA-2011:0196 centos5 i386 File : nvt/gb_CESA-2011_0196_php53_centos5_i386.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2262-2 (php5) File : nvt/deb_2262_2.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2266-1 (php5) File : nvt/deb_2266_1.nasl |
2011-07-01 | Name : PHP SAPI_POST_HANDLER_FUNC() Security Bypass Vulnerability File : nvt/secpod_php_sapi_post_handle_security_bypass_vuln_win.nasl |
2011-06-03 | Name : Mandriva Update for libzip MDVSA-2011:099 (libzip) File : nvt/gb_mandriva_MDVSA_2011_099.nasl |
2011-06-02 | Name : PHP 'socket_connect()' Buffer Overflow Vulnerability File : nvt/secpod_php_bof_vuln_win.nasl |
2011-05-12 | Name : Debian Security Advisory DSA 2195-1 (php5) File : nvt/deb_2195_1.nasl |
2011-05-12 | Name : FreeBSD Ports: php5-exif File : nvt/freebsd_php5-exif.nasl |
2011-05-12 | Name : FreeBSD Ports: php5-zip File : nvt/freebsd_php5-zip0.nasl |
2011-05-10 | Name : Ubuntu Update for php5 USN-1126-1 File : nvt/gb_ubuntu_USN_1126_1.nasl |
2011-05-10 | Name : Ubuntu Update for php5 USN-1126-2 File : nvt/gb_ubuntu_USN_1126_2.nasl |
2011-04-11 | Name : Fedora Update for maniadrive FEDORA-2011-3636 File : nvt/gb_fedora_2011_3636_maniadrive_fc14.nasl |
2011-04-11 | Name : Fedora Update for php-eaccelerator FEDORA-2011-3636 File : nvt/gb_fedora_2011_3636_php-eaccelerator_fc14.nasl |
2011-04-11 | Name : Fedora Update for php FEDORA-2011-3636 File : nvt/gb_fedora_2011_3636_php_fc14.nasl |
2011-04-11 | Name : Fedora Update for maniadrive FEDORA-2011-3666 File : nvt/gb_fedora_2011_3666_maniadrive_fc13.nasl |
2011-04-11 | Name : Fedora Update for php-eaccelerator FEDORA-2011-3666 File : nvt/gb_fedora_2011_3666_php-eaccelerator_fc13.nasl |
2011-04-11 | Name : Fedora Update for php FEDORA-2011-3666 File : nvt/gb_fedora_2011_3666_php_fc13.nasl |
2011-03-25 | Name : Mandriva Update for php MDVSA-2011:052 (php) File : nvt/gb_mandriva_MDVSA_2011_052.nasl |
2011-03-25 | Name : Mandriva Update for php MDVSA-2011:053 (php) File : nvt/gb_mandriva_MDVSA_2011_053.nasl |
2011-03-22 | Name : PHP 'substr_replace()' Use After Free Vulnerability File : nvt/secpod_php_use_after_free_vuln.nasl |
2011-03-09 | Name : PHP 'shmop_read()' Remote Integer Overflow Vulnerability File : nvt/gb_php_46786.nasl |
2011-02-07 | Name : PHP 'extract()' Function Security Bypass Vulnerability File : nvt/gb_php_sec_bypass_vuln.nasl |
2011-02-04 | Name : RedHat Update for php53 RHSA-2011:0196-01 File : nvt/gb_RHSA-2011_0196-01_php53.nasl |
2011-02-01 | Name : PHP Multiple Security Bypass Vulnerabilities File : nvt/gb_php_mult_sec_bypass_vuln.nasl |
2011-02-01 | Name : PHP Zend and GD Multiple Denial of Service Vulnerabilities File : nvt/gb_php_zend_mult_dos_vuln.nasl |
2011-01-31 | Name : PHP 'ext/imap/php_imap.c' Use After Free Denial of Service Vulnerability File : nvt/gb_php_imap_do_open_dos_vuln.nasl |
2011-01-24 | Name : FreeBSD Ports: php5-filter File : nvt/freebsd_php5-filter.nasl |
2011-01-24 | Name : FreeBSD Ports: php5-imap File : nvt/freebsd_php5-imap1.nasl |
2011-01-24 | Name : FreeBSD Ports: php5-zip File : nvt/freebsd_php5-zip.nasl |
2011-01-24 | Name : FreeBSD Ports: php5 File : nvt/freebsd_php57.nasl |
2011-01-24 | Name : FreeBSD Ports: php5 File : nvt/freebsd_php58.nasl |
2011-01-24 | Name : FreeBSD Ports: php5 File : nvt/freebsd_php59.nasl |
2011-01-24 | Name : Fedora Update for maniadrive-data FEDORA-2011-0321 File : nvt/gb_fedora_2011_0321_maniadrive-data_fc13.nasl |
2011-01-24 | Name : Fedora Update for maniadrive FEDORA-2011-0321 File : nvt/gb_fedora_2011_0321_maniadrive_fc13.nasl |
2011-01-24 | Name : Fedora Update for php-eaccelerator FEDORA-2011-0321 File : nvt/gb_fedora_2011_0321_php-eaccelerator_fc13.nasl |
2011-01-24 | Name : Fedora Update for php FEDORA-2011-0321 File : nvt/gb_fedora_2011_0321_php_fc13.nasl |
2011-01-24 | Name : Fedora Update for maniadrive-data FEDORA-2011-0329 File : nvt/gb_fedora_2011_0329_maniadrive-data_fc14.nasl |
2011-01-24 | Name : Fedora Update for maniadrive FEDORA-2011-0329 File : nvt/gb_fedora_2011_0329_maniadrive_fc14.nasl |
2011-01-24 | Name : Fedora Update for php-eaccelerator FEDORA-2011-0329 File : nvt/gb_fedora_2011_0329_php-eaccelerator_fc14.nasl |
2011-01-24 | Name : Fedora Update for php FEDORA-2011-0329 File : nvt/gb_fedora_2011_0329_php_fc14.nasl |
2011-01-14 | Name : Ubuntu Update for php5 vulnerabilities USN-1042-1 File : nvt/gb_ubuntu_USN_1042_1.nasl |
2011-01-11 | Name : Fedora Update for maniadrive FEDORA-2010-18976 File : nvt/gb_fedora_2010_18976_maniadrive_fc14.nasl |
2011-01-11 | Name : Fedora Update for php-eaccelerator FEDORA-2010-18976 File : nvt/gb_fedora_2010_18976_php-eaccelerator_fc14.nasl |
2011-01-11 | Name : Fedora Update for php FEDORA-2010-18976 File : nvt/gb_fedora_2010_18976_php_fc14.nasl |
2011-01-11 | Name : Fedora Update for maniadrive FEDORA-2010-19011 File : nvt/gb_fedora_2010_19011_maniadrive_fc13.nasl |
2011-01-11 | Name : Fedora Update for php-eaccelerator FEDORA-2010-19011 File : nvt/gb_fedora_2010_19011_php-eaccelerator_fc13.nasl |
2011-01-11 | Name : Fedora Update for php FEDORA-2010-19011 File : nvt/gb_fedora_2010_19011_php_fc13.nasl |
2011-01-10 | Name : PHP 'zend_strtod()' Function Floating-Point Value Denial of Service Vulnerabi... File : nvt/gb_php_45668.nasl |
2010-12-28 | Name : Mandriva Update for php MDVSA-2010:254 (php) File : nvt/gb_mandriva_MDVSA_2010_254.nasl |
2010-12-09 | Name : CentOS Update for php CESA-2010:0919 centos4 i386 File : nvt/gb_CESA-2010_0919_php_centos4_i386.nasl |
2010-12-09 | Name : RedHat Update for php RHSA-2010:0919-01 File : nvt/gb_RHSA-2010_0919-01_php.nasl |
2010-11-23 | Name : Mandriva Update for php MDVSA-2010:239 (php) File : nvt/gb_mandriva_MDVSA_2010_239.nasl |
2010-11-23 | Name : PHP 'filter_var()' function Stack Consumption Vulnerability File : nvt/gb_php_stack_consumption_vuln.nasl |
2010-11-16 | Name : Mandriva Update for php MDVSA-2010:218 (php) File : nvt/gb_mandriva_MDVSA_2010_218.nasl |
2010-11-16 | Name : Mandriva Update for php MDVSA-2010:224 (php) File : nvt/gb_mandriva_MDVSA_2010_224.nasl |
2010-11-10 | Name : PHP 'xml_utf8_decode()' UTF-8 Input Validation Vulnerability File : nvt/gb_php_44605.nasl |
2010-09-22 | Name : Ubuntu Update for php5 vulnerabilities USN-989-1 File : nvt/gb_ubuntu_USN_989_1.nasl |
2010-08-30 | Name : Fedora Update for maniadrive FEDORA-2010-11428 File : nvt/gb_fedora_2010_11428_maniadrive_fc12.nasl |
2010-08-30 | Name : Fedora Update for php-eaccelerator FEDORA-2010-11428 File : nvt/gb_fedora_2010_11428_php-eaccelerator_fc12.nasl |
2010-08-30 | Name : Fedora Update for php FEDORA-2010-11428 File : nvt/gb_fedora_2010_11428_php_fc12.nasl |
2010-08-30 | Name : Fedora Update for maniadrive FEDORA-2010-11481 File : nvt/gb_fedora_2010_11481_maniadrive_fc13.nasl |
2010-08-30 | Name : Fedora Update for php-eaccelerator FEDORA-2010-11481 File : nvt/gb_fedora_2010_11481_php-eaccelerator_fc13.nasl |
2010-08-30 | Name : Fedora Update for php FEDORA-2010-11481 File : nvt/gb_fedora_2010_11481_php_fc13.nasl |
2010-08-02 | Name : PHP Versions Prior to 5.3.3/5.2.14 Multiple Vulnerabilities File : nvt/gb_php_41991.nasl |
2010-07-30 | Name : Mandriva Update for php MDVSA-2010:139 (php) File : nvt/gb_mandriva_MDVSA_2010_139.nasl |
2010-07-30 | Name : Mandriva Update for php MDVSA-2010:140 (php) File : nvt/gb_mandriva_MDVSA_2010_140.nasl |
2010-06-21 | Name : PHP 'SplObjectStorage' Unserializer Arbitrary Code Execution Vulnerability File : nvt/gb_php_40948.nasl |
2010-06-15 | Name : PHP Multiple Information Disclosure Vulnerabilities File : nvt/gb_php_mult_info_disc_vuln.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2010-240-04 php File : nvt/esoft_slk_ssa_2010_240_04.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2010-357-01 php File : nvt/esoft_slk_ssa_2010_357_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2011-010-01 php File : nvt/esoft_slk_ssa_2011_010_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
78115 | PHP Hash Collission Form Parameter Parsing Remote DoS PHP contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends multiple crafted parameters which trigger hash collisions, and will result in loss of availability for the program via CPU consumption. |
74728 | PHP extract() Function EXTR_OVERWRITE Parameter Variable Overwriting |
73218 | PHP substr_replace Function Repeated Argument Variable Memory Corruption |
73113 | PHP main/rfc1867.c rfc1867_post_handler Function Traversal Upload File Path I... |
72644 | PHP ext/sockets/sockets.c socket_connect Function UNIX Socket Pathname Overflow |
72533 | PHP ZIP Extension zip_name_locate.c _zip_name_locate Function Malformed ZIP A... |
72531 | PHP strval Function Numerical Argument Handling DoS |
71598 | PHP ext/shmop/shmop.c shmop_read Function Overflow |
71597 | PHP Exif Extension (exif.c) Image File Directory (IFD) Parsing DoS |
70608 | PHP GD Extension imagepstext Function Anti-aliasing Overflow DoS PHP is prone to an overflow condition. The GD extension fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. This may allow a context-dependent attacker to cause a denial of service via vectors related to invalid anti-aliasing and the imagepstext function. |
70607 | PHP Zend Engine Multiple Method Object Reference Access Use-after-free DoS PHP contains a flaw that may allow a context-dependent denial of service. The issue is triggered when a use-after-free error in the Zend engine occurs, allowing a context-dependent attacker to use vectors related to the '__set', '__get', '__isset' and '__unset' methods to cause a denial of service, or possibly have other unspecified impact. |
70606 | PHP Pathname \0 Character file_exists Function Access Restriction Bypass PHP contains a flaw related to the accepting of the \0 character in a pathname. This may allow a context-dependent attacker to bypass access restrictions by combining this character with a safe file extension, such as .php\0.jpg. |
70370 | PHP strtod.c zend_strtod Function x87 FPU Register DoS PHP contains a flaw in strtod.c, as used in the function 'zend_strtod' that may allow a context-dependent denial of service. This may allow an attacker to cause an infinite loop denial of service via a certain floating-point value in scientific notation, which x87 FPU registers fail to handle properly. |
69660 | PHP ext/imap/php_imap.c imap_do_open Function Double-free Memory Corruption A memory corruption flaw exists in PHP. The 'imap_do_open' function in the IMAP extension 'ext/imap/php_imap.c' fails to sanitize provided user credentials when opening the user mailbox folder resulting in memory corruption. With maliciously crafted user credentials, a local attacker can execute arbitrary code. |
69230 | PHP utf8_decode Function UTF-8 Encoding / Data Crafted String Protection Mech... |
69109 | PHP ZipArchive::getArchiveComment Function Crafted ZIP Archive NULL Dereferen... PHP contains a flaw related to the ZipArchive::getArchiveComment function that may allow a context-dependent denial of service. The issue is triggered via a maliciously crafted ZIP archive, and will result in loss of availability. |
68597 | PHP ext/filter/logical_filters.c php_filter_validate_email() Function Overflo... PHP is prone to an overflow condition. The 'php_filter_validate_email()' function in 'ext/filter/logical_filters.c' fails to properly sanitize user-supplied input resulting in a stack overflow. With a specially crafted overly long e-mail address string, a remote attacker can potentially cause a denial of service. |
66805 | PHP var_export() Function Fata Error Information Disclosure |
66804 | PHP strrchr() Function Interruption Array Leak Memory Disclosure |
66106 | PHP parse_str Function Userspace Interuption Memory Corruption |
66105 | PHP preg_match Function Userspace Interuption Memory Corruption |
66104 | PHP unpack / pack Functions Userspace Interuption Memory Corruption |
66103 | PHP ZEND_FETCH_RW Opcodes Userspace Interuption Memory Corruption |
66102 | PHP ZEND_*CONCAT Opcodes Userspace Interuption Memory Corruption |
66101 | PHP ArrayObject::uasort Method Userspace Interuption Memory Corruption |
66100 | PHP trim / ltrim / rtrim Functions Userspace Interuption Arbitrary Memory Con... |
66099 | PHP substr_replace Function Userspace Interuption Arbitrary Memory Content Di... |
66098 | PHP setcookie Function Userspace Interuption Arbitrary Memory Content Disclosure |
66097 | PHP strip_tags Function Userspace Interuption Arbitrary Memory Content Disclo... |
66096 | PHP wordwrap Function Userspace Interuption Arbitrary Memory Content Disclosure |
66095 | PHP Multiple str* Functions Userspace Interuption Arbitrary Memory Content Di... |
66094 | PHP http_build_query Function Userspace Interuption Arbitrary Memory Disclosure |
66093 | PHP htmlentities / htmlspecialchars Functions Userspace Interuption Arbitrary... |
66087 | PHP iconv_* Functions Userspace Interuption Arbitrary Memory Disclosure |
65755 | PHP SplObjectStorage Unserializer Use-after-free Arbitrary Code Execution |
64546 | PHP html_entity_decode Function Internal Call Userspace Interruption Memory D... |
64544 | PHP chunk_split Function Internal Function Userspace Interruption Memory Disc... |
64322 | PHP addcslashes() Function Userspace Interruption Information Disclosure |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | socket_connect buffer overflow attempt RuleID : 24195 - Revision : 7 - Type : SERVER-WEBAPP |
2014-01-10 | socket_connect buffer overflow attempt RuleID : 24194 - Revision : 4 - Type : SERVER-WEBAPP |
2014-01-10 | socket_connect buffer overflow attempt RuleID : 24193 - Revision : 4 - Type : SERVER-WEBAPP |
2014-01-10 | socket_connect buffer overflow attempt RuleID : 24192 - Revision : 4 - Type : SERVER-WEBAPP |
2014-01-10 | empty zip file upload attempt RuleID : 23944 - Revision : 5 - Type : SERVER-WEBAPP |
2014-01-10 | exif invalid tag data buffer overflow attempt RuleID : 23796 - Revision : 4 - Type : SERVER-WEBAPP |
2014-01-10 | use-after-free in substr_replace attempt RuleID : 23793 - Revision : 4 - Type : SERVER-WEBAPP |
2014-01-10 | PHP use-after-free in substr_replace attempt RuleID : 23792 - Revision : 4 - Type : SERVER-WEBAPP |
2014-01-10 | PHP use-after-free in substr_replace attempt RuleID : 23791 - Revision : 4 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-08-29 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-1638-1.nasl - Type : ACT_GATHER_INFO |
2016-03-01 | Name : The remote Debian host is missing a security update. File : debian_DLA-444.nasl - Type : ACT_GATHER_INFO |
2016-01-22 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16993.nasl - Type : ACT_GATHER_INFO |
2015-09-08 | Name : The remote Debian host is missing a security update. File : debian_DLA-307.nasl - Type : ACT_GATHER_INFO |
2015-08-20 | Name : The remote application is affected by multiple vulnerabilities. File : securitycenter_php_5_4_41.nasl - Type : ACT_GATHER_INFO |
2015-06-12 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2015-162-02.nasl - Type : ACT_GATHER_INFO |
2015-05-29 | Name : The remote Fedora host is missing a security update. File : fedora_2015-8370.nasl - Type : ACT_GATHER_INFO |
2015-05-29 | Name : The remote Fedora host is missing a security update. File : fedora_2015-8383.nasl - Type : ACT_GATHER_INFO |
2015-05-27 | Name : The remote Fedora host is missing a security update. File : fedora_2015-8281.nasl - Type : ACT_GATHER_INFO |
2015-05-26 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_31de2e1300d211e5a072d050996490d0.nasl - Type : ACT_GATHER_INFO |
2015-05-18 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_4_41.nasl - Type : ACT_GATHER_INFO |
2015-05-18 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_5_25.nasl - Type : ACT_GATHER_INFO |
2015-05-18 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_6_9.nasl - Type : ACT_GATHER_INFO |
2014-11-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1307.nasl - Type : ACT_GATHER_INFO |
2014-11-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1615.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-7.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL12650.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL13519.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL13588.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-182.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_apache2-mod_php5-100812.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_apache2-mod_php5-101110.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_apache2-mod_php5-110309.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_apache2-mod_php5-110601.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_apache2-mod_php5-110907.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libzip-devel-110321.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_apache2-mod_php5-110601.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_apache2-mod_php5-110907.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libzip-devel-110321.nasl - Type : ACT_GATHER_INFO |
2014-03-20 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140318_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-03-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0311.nasl - Type : ACT_GATHER_INFO |
2014-03-19 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0311.nasl - Type : ACT_GATHER_INFO |
2014-03-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0311.nasl - Type : ACT_GATHER_INFO |
2013-12-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131121_php_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-11-27 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1615.nasl - Type : ACT_GATHER_INFO |
2013-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1615.nasl - Type : ACT_GATHER_INFO |
2013-10-11 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130930_php53_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-10-03 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1307.nasl - Type : ACT_GATHER_INFO |
2013-10-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1307.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-07.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-37.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-41.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0919.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0195.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0196.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1423.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0019.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0033.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0071.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0092.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0093.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0071.nasl - Type : ACT_GATHER_INFO |
2012-09-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201209-03.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101129_php_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110203_php53_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110203_php_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111102_php53_and_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120111_php53_and_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120118_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120130_php_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120202_php53_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120202_php_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-07-05 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_1_1_1.nasl - Type : ACT_GATHER_INFO |
2012-05-10 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_7_4.nasl - Type : ACT_GATHER_INFO |
2012-04-27 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-065.nasl - Type : ACT_GATHER_INFO |
2012-04-20 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_0_0_24.nasl - Type : ACT_GATHER_INFO |
2012-04-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-120309.nasl - Type : ACT_GATHER_INFO |
2012-03-26 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-8009.nasl - Type : ACT_GATHER_INFO |
2012-02-20 | Name : The remote web server uses a version of PHP that is affected by a code execut... File : php_5_3_9_ace.nasl - Type : ACT_ATTACK |
2012-02-15 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2012-1301.nasl - Type : ACT_GATHER_INFO |
2012-02-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2408.nasl - Type : ACT_GATHER_INFO |
2012-02-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1358-2.nasl - Type : ACT_GATHER_INFO |
2012-02-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1358-1.nasl - Type : ACT_GATHER_INFO |
2012-02-09 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2012-1262.nasl - Type : ACT_GATHER_INFO |
2012-02-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0092.nasl - Type : ACT_GATHER_INFO |
2012-02-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0093.nasl - Type : ACT_GATHER_INFO |
2012-02-03 | Name : The remote web server uses a version of PHP that is affected by a code execut... File : php_5_3_10.nasl - Type : ACT_GATHER_INFO |
2012-02-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0092.nasl - Type : ACT_GATHER_INFO |
2012-02-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0093.nasl - Type : ACT_GATHER_INFO |
2012-02-02 | Name : The remote host is missing a Mac OS X update that fixes several security vuln... File : macosx_10_7_3.nasl - Type : ACT_GATHER_INFO |
2012-02-02 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2012-001.nasl - Type : ACT_GATHER_INFO |
2012-02-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2399.nasl - Type : ACT_GATHER_INFO |
2012-01-31 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0071.nasl - Type : ACT_GATHER_INFO |
2012-01-27 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2012-0420.nasl - Type : ACT_GATHER_INFO |
2012-01-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0033.nasl - Type : ACT_GATHER_INFO |
2012-01-20 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2012-0504.nasl - Type : ACT_GATHER_INFO |
2012-01-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0033.nasl - Type : ACT_GATHER_INFO |
2012-01-13 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_3_9.nasl - Type : ACT_GATHER_INFO |
2012-01-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0019.nasl - Type : ACT_GATHER_INFO |
2012-01-12 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_d39218103c8011e197e800215c6a37bb.nasl - Type : ACT_GATHER_INFO |
2012-01-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0019.nasl - Type : ACT_GATHER_INFO |
2012-01-03 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-197.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-7393.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-7553.nasl - Type : ACT_GATHER_INFO |
2011-11-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-165.nasl - Type : ACT_GATHER_INFO |
2011-11-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1423.nasl - Type : ACT_GATHER_INFO |
2011-11-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1423.nasl - Type : ACT_GATHER_INFO |
2011-10-19 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1231-1.nasl - Type : ACT_GATHER_INFO |
2011-10-13 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_SecUpd2011-006.nasl - Type : ACT_GATHER_INFO |
2011-10-12 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-06.nasl - Type : ACT_GATHER_INFO |
2011-09-19 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-11528.nasl - Type : ACT_GATHER_INFO |
2011-09-19 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-11537.nasl - Type : ACT_GATHER_INFO |
2011-09-12 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-11464.nasl - Type : ACT_GATHER_INFO |
2011-08-26 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2011-237-01.nasl - Type : ACT_GATHER_INFO |
2011-08-22 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_3_7.nasl - Type : ACT_GATHER_INFO |
2011-08-20 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_057bf770cac411e0aea300215c6a37bb.nasl - Type : ACT_GATHER_INFO |
2011-08-01 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2011-210-01.nasl - Type : ACT_GATHER_INFO |
2011-07-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2266.nasl - Type : ACT_GATHER_INFO |
2011-06-17 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-110601.nasl - Type : ACT_GATHER_INFO |
2011-06-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-7554.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1126-1.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1126-2.nasl - Type : ACT_GATHER_INFO |
2011-05-25 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-099.nasl - Type : ACT_GATHER_INFO |
2011-05-09 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libzip-devel-110321.nasl - Type : ACT_GATHER_INFO |
2011-05-09 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_libzip1-110321.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_apache2-mod_php5-101105.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_apache2-mod_php5-101110.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_apache2-mod_php5-110309.nasl - Type : ACT_GATHER_INFO |
2011-04-22 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_6_3_0_22.nasl - Type : ACT_GATHER_INFO |
2011-04-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0196.nasl - Type : ACT_GATHER_INFO |
2011-04-07 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-3636.nasl - Type : ACT_GATHER_INFO |
2011-04-07 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-3666.nasl - Type : ACT_GATHER_INFO |
2011-04-04 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-110310.nasl - Type : ACT_GATHER_INFO |
2011-03-27 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-3614.nasl - Type : ACT_GATHER_INFO |
2011-03-27 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_cc3bfec656cd11e09668001fd0d616cf.nasl - Type : ACT_GATHER_INFO |
2011-03-27 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_fe85366656ce11e09668001fd0d616cf.nasl - Type : ACT_GATHER_INFO |
2011-03-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-052.nasl - Type : ACT_GATHER_INFO |
2011-03-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-053.nasl - Type : ACT_GATHER_INFO |
2011-03-22 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_6_7.nasl - Type : ACT_GATHER_INFO |
2011-03-22 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_SecUpd2011-001.nasl - Type : ACT_GATHER_INFO |
2011-03-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2195.nasl - Type : ACT_GATHER_INFO |
2011-03-18 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_3_6.nasl - Type : ACT_GATHER_INFO |
2011-02-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0195.nasl - Type : ACT_GATHER_INFO |
2011-02-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0196.nasl - Type : ACT_GATHER_INFO |
2011-01-24 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-0321.nasl - Type : ACT_GATHER_INFO |
2011-01-24 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-0329.nasl - Type : ACT_GATHER_INFO |
2011-01-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_1a0704e70edf11e0becc0022156e8794.nasl - Type : ACT_GATHER_INFO |
2011-01-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2a41233d10e711e0becc0022156e8794.nasl - Type : ACT_GATHER_INFO |
2011-01-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_3761df020f9c11e0becc0022156e8794.nasl - Type : ACT_GATHER_INFO |
2011-01-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_c623f05810e711e0becc0022156e8794.nasl - Type : ACT_GATHER_INFO |
2011-01-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1042-1.nasl - Type : ACT_GATHER_INFO |
2011-01-11 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2011-010-01.nasl - Type : ACT_GATHER_INFO |
2011-01-10 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2b6ed5c71a7f11e0b61d000c29d1636d.nasl - Type : ACT_GATHER_INFO |
2011-01-07 | Name : The remote web server uses a version of PHP that is affected by a denial of s... File : php_5_3_5.nasl - Type : ACT_GATHER_INFO |
2011-01-05 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-18976.nasl - Type : ACT_GATHER_INFO |
2011-01-05 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-19011.nasl - Type : ACT_GATHER_INFO |
2010-12-26 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-357-01.nasl - Type : ACT_GATHER_INFO |
2010-12-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-254.nasl - Type : ACT_GATHER_INFO |
2010-12-13 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_2_15.nasl - Type : ACT_GATHER_INFO |
2010-12-13 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_3_4.nasl - Type : ACT_GATHER_INFO |
2010-12-03 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-101105.nasl - Type : ACT_GATHER_INFO |
2010-12-03 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-7221.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0919.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-100805.nasl - Type : ACT_GATHER_INFO |
2010-11-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0919.nasl - Type : ACT_GATHER_INFO |
2010-11-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-239.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_5.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote host is missing a Mac OS X update that fixes security issues. File : macosx_SecUpd2010-007.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-224.nasl - Type : ACT_GATHER_INFO |
2010-11-01 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-218.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-7110.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_apache2-mod_php5-100928.nasl - Type : ACT_GATHER_INFO |
2010-09-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-989-1.nasl - Type : ACT_GATHER_INFO |
2010-09-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_apache2-mod_php5-100813.nasl - Type : ACT_GATHER_INFO |
2010-08-29 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-240-04.nasl - Type : ACT_GATHER_INFO |
2010-08-24 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-11428.nasl - Type : ACT_GATHER_INFO |
2010-08-24 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-11481.nasl - Type : ACT_GATHER_INFO |
2010-08-24 | Name : The remote host is missing a Mac OS X update that fixes security issues. File : macosx_SecUpd2010-005.nasl - Type : ACT_GATHER_INFO |
2010-08-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2089.nasl - Type : ACT_GATHER_INFO |
2010-08-04 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_2_14.nasl - Type : ACT_GATHER_INFO |
2010-08-04 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_3_3.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-139.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-140.nasl - Type : ACT_GATHER_INFO |