This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Trustix First view 2005-12-31
Product Secure Linux Last view 2007-02-13
Version 3.0 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:trustix:secure_linux

Activity : Overall

Related : CVE

  Date Alert Description
10 2007-02-13 CVE-2007-0910

Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors.

7.5 2007-02-13 CVE-2007-0909

Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function.

5 2007-02-13 CVE-2007-0907

Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified vectors involving the sapi_header_op function.

7.5 2007-02-13 CVE-2007-0906

Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user, and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885). NOTE: as of 20070411, vector (3) might involve the imap_mail_compose function (CVE-2007-1825).

7.5 2007-02-13 CVE-2007-0905

PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383.

5 2005-12-31 CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

10 2005-12-31 CVE-2005-3625

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

5 2005-12-31 CVE-2005-3624

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

CWE : Common Weakness Enumeration

%idName
50% (2) CWE-399 Resource Management Errors
25% (1) CWE-189 Numeric Errors
25% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Open Source Vulnerability Database (OSVDB)

id Description
34715 PHP ibase_modify_user() Function Unspecified Overflow
34714 PHP ibase_add_user() Function Unspecified Overflow
34713 PHP ibase_delete_user() Function Unspecified Overflow
34712 PHP mail() Function Unspecified Overflow
34711 PHP str_replace() Function Unspecified Overflow
34710 PHP stream Filters Unspecified Overflow
34709 PHP sqlite Extension Unspecified Overflow
34708 PHP imap Extension Unspecified Overflow
34707 PHP zip Extension Unspecified Overflow
34706 PHP Session Extension Unspecified Overflow
32768 PHP Session Extension Multiple Restriction Bypass
32767 PHP sapi_header_op Function Underflow DoS
32765 PHP odbc_result_all Function Format String
32764 PHP on 64-bit Multiple print Function Format String
32763 PHP Super-global Variable Unspecified Clobber
22235 Multiple Products Xpdf/kpdf Crafted FlateDecode Stream NULL Dereference DoS
22234 Multiple Products Xpdf/kpdf Crafted CCITTFaxDecode / DCTDecode Stream DoS
22233 Multiple Products Xpdf/kpdf Stream.cc CCITTFaxStream::CCITTFaxStream Function...

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-06-21 Name : PHP version smaller than 5.2.1
File : nvt/nopsec_php_5_2_1.nasl
2012-06-21 Name : PHP version smaller than 4.4.5
File : nvt/nopsec_php_4_4_5.nasl
2010-04-23 Name : PHP 5.2.0 and Prior Versions Multiple Vulnerabilities
File : nvt/gb_php_22496.nasl
2009-10-10 Name : SLES9: Security update for PHP4
File : nvt/sles9p5009300.nasl
2009-04-09 Name : Mandriva Update for php MDKSA-2007:048 (php)
File : nvt/gb_mandriva_MDKSA_2007_048.nasl
2009-03-23 Name : Ubuntu Update for php5 regression USN-424-2
File : nvt/gb_ubuntu_USN_424_2.nasl
2009-03-23 Name : Ubuntu Update for php5 vulnerabilities USN-424-1
File : nvt/gb_ubuntu_USN_424_1.nasl
2009-02-27 Name : Fedora Update for php FEDORA-2007-261
File : nvt/gb_fedora_2007_261_php_fc6.nasl
2009-02-27 Name : Fedora Update for php FEDORA-2007-526
File : nvt/gb_fedora_2007_526_php_fc5.nasl
2009-02-27 Name : Fedora Update for php FEDORA-2007-455
File : nvt/gb_fedora_2007_455_php_fc5.nasl
2009-02-27 Name : Fedora Update for php FEDORA-2007-287
File : nvt/gb_fedora_2007_287_php_fc5.nasl
2009-01-28 Name : SuSE Update for php4,php5 SUSE-SA:2007:020
File : nvt/gb_suse_2007_020.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200703-21 (php)
File : nvt/glsa_200703_21.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200601-17 (xpdf poppler gpdf libextractor pdfto...
File : nvt/glsa_200601_17.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200601-02 (kdegraphics, kpdf, koffice, kword)
File : nvt/glsa_200601_02.nasl
2008-09-04 Name : php -- multiple vulnerabilities
File : nvt/freebsd_php5-imap.nasl
2008-01-17 Name : Debian Security Advisory DSA 931-1 (xpdf)
File : nvt/deb_931_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 932-1 (xpdf)
File : nvt/deb_932_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 936-1 (libextractor)
File : nvt/deb_936_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 937-1 (tetex-bin)
File : nvt/deb_937_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 938-1 (koffice)
File : nvt/deb_938_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 940-1 (gpdf)
File : nvt/deb_940_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 950-1 (cupsys)
File : nvt/deb_950_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 961-1 (pdfkit.framework)
File : nvt/deb_961_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 962-1 (pdftohtml)
File : nvt/deb_962_1.nasl

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0076.nasl - Type: ACT_GATHER_INFO
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-011.nasl - Type: ACT_GATHER_INFO
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-010.nasl - Type: ACT_GATHER_INFO
2007-12-13 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_php5-3754.nasl - Type: ACT_GATHER_INFO
2007-12-13 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_apache2-mod_php5-2684.nasl - Type: ACT_GATHER_INFO
2007-11-10 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-424-2.nasl - Type: ACT_GATHER_INFO
2007-11-10 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-424-1.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_php5-2687.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_php5-3753.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_php5-3745.nasl - Type: ACT_GATHER_INFO
2007-05-25 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2007-0082.nasl - Type: ACT_GATHER_INFO
2007-04-02 Name: The remote web server uses a version of PHP that is affected by multiple flaws.
File: php_5_2_1.nasl - Type: ACT_GATHER_INFO
2007-04-02 Name: The remote web server uses a version of PHP that is affected by multiple flaws.
File: php_4_4_5.nasl - Type: ACT_GATHER_INFO
2007-03-26 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200703-21.nasl - Type: ACT_GATHER_INFO
2007-03-12 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1264.nasl - Type: ACT_GATHER_INFO
2007-02-27 Name: The remote Fedora Core host is missing a security update.
File: fedora_2007-287.nasl - Type: ACT_GATHER_INFO
2007-02-23 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2007-0081.nasl - Type: ACT_GATHER_INFO
2007-02-23 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2007-048.nasl - Type: ACT_GATHER_INFO
2007-02-23 Name: The remote Fedora Core host is missing a security update.
File: fedora_2007-261.nasl - Type: ACT_GATHER_INFO
2007-02-23 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2007-053-01.nasl - Type: ACT_GATHER_INFO
2007-02-21 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2007-0076.nasl - Type: ACT_GATHER_INFO
2007-02-21 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2007-0076.nasl - Type: ACT_GATHER_INFO
2007-02-18 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_7fcf1727be7111dbb2ec000c6ec775d9.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-931.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-932.nasl - Type: ACT_GATHER_INFO