Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | PHP: Multiple vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | GLSA-201001-03 | First vendor Publication | 2010-01-05 |
| Vendor | Gentoo | Last vendor Modification | 2010-01-05 |
| Severity (Vendor) | High | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Synopsis Multiple vulnerabilities were found in PHP, the worst of which leading to the remote execution of arbitrary code. Background Description Impact A remote attacker could also cause a Denial of Service via a malformed string passed to the json_decode() function, via a specially crafted ZIP file passed to the php_zip_make_relative_path() function, via a malformed JPEG image passed to the exif_read_data() function, or via temporary file exhaustion. It is also possible for an attacker to spoof certificates, bypass various safe_mode and open_basedir restrictions when certain criteria are met, perform Cross-site scripting attacks, more easily perform SQL injection attacks, manipulate settings of other virtual hosts on the same server via a malicious .htaccess entry when running on Apache, disclose memory portions, and write arbitrary files via a specially crafted ZIP archive. Some vulnerabilities with unknown impact and attack vectors have been reported as well. Workaround Resolution References Availability http://security.gentoo.org/glsa/glsa-201001-03.xml |
Original Source
| Url : http://security.gentoo.org/glsa/glsa-201001-03.xml |
CAPEC : Common Attack Pattern Enumeration & Classification
| Id | Name |
|---|---|
| CAPEC-82 | Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi... |
| CAPEC-99 | XML Parser Attack |
| CAPEC-119 | Resource Depletion |
| CAPEC-121 | Locate and Exploit Test APIs |
| CAPEC-125 | Resource Depletion through Flooding |
| CAPEC-130 | Resource Depletion through Allocation |
| CAPEC-147 | XML Ping of Death |
| CAPEC-197 | XEE (XML Entity Expansion) |
| CAPEC-227 | Denial of Service through Resource Depletion |
| CAPEC-228 | Resource Depletion through DTD Injection in a SOAP Message |
| CAPEC-229 | XML Attribute Blowup |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 28 % | CWE-264 | Permissions, Privileges, and Access Controls |
| 17 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 17 % | CWE-20 | Improper Input Validation |
| 11 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
| 6 % | CWE-770 | Allocation of Resources Without Limits or Throttling |
| 6 % | CWE-200 | Information Exposure |
| 6 % | CWE-134 | Uncontrolled Format String (CWE/SANS Top 25) |
| 6 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
| 6 % | CWE-16 | Configuration |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:12644 | |||
| Oval ID: | oval:org.mitre.oval:def:12644 | ||
| Title: | DSA-1775-1 php-json-ext -- denial of service | ||
| Description: | It was discovered that php-json-ext, a JSON serialiser for PHP, is prone to a denial of service attack, when receiving a malformed string via the json_decode function. For the oldstable distribution, this problem has been fixed in version 1.2.1-3.2+etch1. The stable distribution does not contain a separate php-json-ext package, but includes it in the php5 packages, which will be fixed soon. The testing distribution and the unstable distribution do not contain a separate php-json-ext package, but include it in the php5 packages. We recommend that you upgrade your php-json-ext packages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1775-1 CVE-2009-1271 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | php-json-ext |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:13099 | |||
| Oval ID: | oval:org.mitre.oval:def:13099 | ||
| Title: | DSA-1936-1 libgd2 -- several | ||
| Description: | Several vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-0455 Kees Cook discovered a buffer overflow in libgd2's font renderer. An attacker could cause denial of service and possibly execute arbitrary code via a crafted string with a JIS encoded font. This issue only affects the oldstable distribution. CVE-2009-3546 Tomas Hoger discovered a boundary error in the "_gdGetColors" function. An attacker could conduct a buffer overflow or buffer over-read attacks via a crafted GD file. For the oldstable distribution, these problems have been fixed in version 2.0.33-5.2etch2. For the stable distribution, these problems have been fixed in version 2.0.36~rc1~dfsg-3+lenny1. For the upcoming stable distribution and the unstable distribution ion, these problems have been fixed in version 2.0.36~rc1~dfsg-3.1. We recommend that you upgrade your libgd2 packages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1936-1 CVE-2007-0455 CVE-2009-3546 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | libgd2 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:13556 | |||
| Oval ID: | oval:org.mitre.oval:def:13556 | ||
| Title: | DSA-2002-1 polipo -- denial of service | ||
| Description: | Several denial of service vulnerabilities have been discovered in polipo, a small, caching web proxy. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3305 A malicious remote sever could cause polipo to crash by sending an invalid Cache-Control header. CVE-2009-4143 A malicious client could cause polipo to crash by sending a large Content-Length value. This upgrade also fixes some other bugs that could lead to a daemon crash or an infinite loop and may be triggerable remotely. For the stable distribution, these problems have been fixed in version 1.0.4-1+lenny1. For the testing distribution and the unstable distribution, these problems have been fixed in version 1.0.4-3. We recommend that you upgrade your polipo packages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2002-1 CVE-2009-3305 CVE-2009-4413 CVE-2009-4143 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | polipo |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22090 | |||
| Oval ID: | oval:org.mitre.oval:def:22090 | ||
| Title: | RHSA-2010:0003: gd security update (Moderate) | ||
| Description: | The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2010:0003-01 CESA-2010:0003 CVE-2009-3546 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | gd |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22668 | |||
| Oval ID: | oval:org.mitre.oval:def:22668 | ||
| Title: | ELSA-2010:0003: gd security update (Moderate) | ||
| Description: | The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2010:0003-01 CVE-2009-3546 | Version: | 6 |
| Platform(s): | Oracle Linux 5 | Product(s): | gd |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6655 | |||
| Oval ID: | oval:org.mitre.oval:def:6655 | ||
| Title: | HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS) | ||
| Description: | The exif_read_data function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service (crash) via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-2687 | Version: | 11 |
| Platform(s): | HP-UX 11 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:6667 | |||
| Oval ID: | oval:org.mitre.oval:def:6667 | ||
| Title: | HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS) | ||
| Description: | PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-4017 | Version: | 11 |
| Platform(s): | HP-UX 11 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7047 | |||
| Oval ID: | oval:org.mitre.oval:def:7047 | ||
| Title: | HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS) | ||
| Description: | Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect "sanity check for the color index." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-3293 | Version: | 11 |
| Platform(s): | HP-UX 11 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7085 | |||
| Oval ID: | oval:org.mitre.oval:def:7085 | ||
| Title: | HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS) | ||
| Description: | The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-4142 | Version: | 11 |
| Platform(s): | HP-UX 11 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7394 | |||
| Oval ID: | oval:org.mitre.oval:def:7394 | ||
| Title: | HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS) | ||
| Description: | The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-3291 | Version: | 11 |
| Platform(s): | HP-UX 11 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7396 | |||
| Oval ID: | oval:org.mitre.oval:def:7396 | ||
| Title: | HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS) | ||
| Description: | The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-3557 | Version: | 11 |
| Platform(s): | HP-UX 11 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7439 | |||
| Oval ID: | oval:org.mitre.oval:def:7439 | ||
| Title: | HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS) | ||
| Description: | PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-4143 | Version: | 11 |
| Platform(s): | HP-UX 11 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7445 | |||
| Oval ID: | oval:org.mitre.oval:def:7445 | ||
| Title: | DSA-2002 polipo -- denial of service | ||
| Description: | Several denial of service vulnerabilities have been discovered in polipo, a small, caching web proxy. The Common Vulnerabilities and Exposures project identifies the following problems: A malicous remote sever could cause polipo to crash by sending an invalid Cache-Control header. A malicous client could cause polipo to crash by sending a large Content-Length value. This upgrade also fixes some other bugs that could lead to a daemon crash or an infinite loop and may be triggerable remotely. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2002 CVE-2009-3305 CVE-2009-4413 CVE-2009-4143 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | polipo |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7652 | |||
| Oval ID: | oval:org.mitre.oval:def:7652 | ||
| Title: | HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS) | ||
| Description: | Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-3292 | Version: | 11 |
| Platform(s): | HP-UX 11 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:8225 | |||
| Oval ID: | oval:org.mitre.oval:def:8225 | ||
| Title: | DSA-1936 libgd2 -- several vulnerabilities | ||
| Description: | Several vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation. The Common Vulnerabilities and Exposures project identifies the following problems: Kees Cook discovered a buffer overflow in libgd2's font renderer. An attacker could cause denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. This issue only affects the oldstable distribution (etch). Tomas Hoger discovered a boundary error in the "_gdGetColors()" function. An attacker could conduct a buffer overflow or buffer over-read attacks via a crafted GD file. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1936 CVE-2007-0455 CVE-2009-3546 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | libgd2 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:8239 | |||
| Oval ID: | oval:org.mitre.oval:def:8239 | ||
| Title: | DSA-1775 php-json-ext -- denial of service | ||
| Description: | It was discovered that php-json-ext, a JSON serialiser for PHP, is prone to a denial of service attack, when receiving a malformed string via the json_decode function. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1775 CVE-2009-1271 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | php-json-ext |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
ExploitDB Exploits
| id | Description |
|---|---|
| 2009-01-02 | PHP <= 5.2.8 gd library - imageRotate() Information Leak Vulnerability |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-08-30 | Name : Fedora Update for gd FEDORA-2012-9298 File : nvt/gb_fedora_2012_9298_gd_fc17.nasl |
| 2012-07-03 | Name : Fedora Update for gd FEDORA-2012-9314 File : nvt/gb_fedora_2012_9314_gd_fc16.nasl |
| 2012-06-21 | Name : PHP < 4.4.9 File : nvt/nopsec_php_4_4_9.nasl |
| 2012-06-21 | Name : PHP version smaller than 5.2.11 File : nvt/nopsec_php_5_2_11.nasl |
| 2012-06-21 | Name : PHP version smaller than 5.2.7 File : nvt/nopsec_php_5_2_7.nasl |
| 2012-06-21 | Name : PHP version smaller than 5.2.8 File : nvt/nopsec_php_5_2_8.nasl |
| 2012-06-21 | Name : PHP version smaller than 5.2.9 File : nvt/nopsec_php_5_2_9.nasl |
| 2012-06-21 | Name : PHP version smaller than 5.3.1 File : nvt/nopsec_php_5_3_1.nasl |
| 2011-08-09 | Name : CentOS Update for php CESA-2009:0337 centos3 i386 File : nvt/gb_CESA-2009_0337_php_centos3_i386.nasl |
| 2011-08-09 | Name : CentOS Update for php CESA-2009:0337 centos4 i386 File : nvt/gb_CESA-2009_0337_php_centos4_i386.nasl |
| 2011-08-09 | Name : CentOS Update for php CESA-2009:0338 centos5 i386 File : nvt/gb_CESA-2009_0338_php_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for gd CESA-2010:0003 centos5 i386 File : nvt/gb_CESA-2010_0003_gd_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for php CESA-2010:0040 centos5 i386 File : nvt/gb_CESA-2010_0040_php_centos5_i386.nasl |
| 2011-03-09 | Name : Gentoo Security Advisory GLSA 201006-16 (gd) File : nvt/glsa_201006_16.nasl |
| 2010-06-23 | Name : HP-UX Update for Apache with PHP HPSBUX02543 File : nvt/gb_hp_ux_HPSBUX02543.nasl |
| 2010-05-12 | Name : Mac OS X Security Update 2009-005 File : nvt/macosx_secupd_2009-005.nasl |
| 2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
| 2010-05-12 | Name : Mac OS X 10.6.2 Update / Mac OS X Security Update 2009-006 File : nvt/macosx_upd_10_6_2_secupd_2009-006.nasl |
| 2010-05-12 | Name : Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002 File : nvt/macosx_upd_10_6_3_secupd_2010-002.nasl |
| 2010-04-19 | Name : PHP 'exif_read_data()' JPEG Image Processing Denial Of Service Vulnerability File : nvt/gb_php_35440.nasl |
| 2010-03-02 | Name : Fedora Update for maniadrive FEDORA-2010-0495 File : nvt/gb_fedora_2010_0495_maniadrive_fc11.nasl |
| 2010-03-02 | Name : Fedora Update for php FEDORA-2010-0495 File : nvt/gb_fedora_2010_0495_php_fc11.nasl |
| 2010-03-02 | Name : Mandriva Update for php MDVSA-2010:045 (php) File : nvt/gb_mandriva_MDVSA_2010_045.nasl |
| 2010-01-29 | Name : Mandriva Update for urpmi MDVA-2010:045 (urpmi) File : nvt/gb_mandriva_MDVA_2010_045.nasl |
| 2010-01-19 | Name : CentOS Update for gd CESA-2010:0003 centos4 i386 File : nvt/gb_CESA-2010_0003_gd_centos4_i386.nasl |
| 2010-01-19 | Name : CentOS Update for gd CESA-2010:0003 centos4 x86_64 File : nvt/gb_CESA-2010_0003_gd_centos4_x86_64.nasl |
| 2010-01-19 | Name : CentOS Update for php CESA-2010:0040 centos3 i386 File : nvt/gb_CESA-2010_0040_php_centos3_i386.nasl |
| 2010-01-19 | Name : CentOS Update for php CESA-2010:0040 centos3 x86_64 File : nvt/gb_CESA-2010_0040_php_centos3_x86_64.nasl |
| 2010-01-19 | Name : CentOS Update for php CESA-2010:0040 centos4 i386 File : nvt/gb_CESA-2010_0040_php_centos4_i386.nasl |
| 2010-01-19 | Name : CentOS Update for php CESA-2010:0040 centos4 x86_64 File : nvt/gb_CESA-2010_0040_php_centos4_x86_64.nasl |
| 2010-01-19 | Name : RedHat Update for php RHSA-2010:0040-01 File : nvt/gb_RHSA-2010_0040-01_php.nasl |
| 2010-01-19 | Name : Mandriva Update for php MDVSA-2010:008 (php) File : nvt/gb_mandriva_MDVSA_2010_008.nasl |
| 2010-01-19 | Name : Mandriva Update for php MDVSA-2010:009 (php) File : nvt/gb_mandriva_MDVSA_2010_009.nasl |
| 2010-01-19 | Name : Ubuntu Update for php5 vulnerabilities USN-882-1 File : nvt/gb_ubuntu_USN_882_1.nasl |
| 2010-01-15 | Name : RedHat Update for gd RHSA-2010:0003-01 File : nvt/gb_RHSA-2010_0003-01_gd.nasl |
| 2010-01-07 | Name : Gentoo Security Advisory GLSA 201001-03 (php) File : nvt/glsa_201001_03.nasl |
| 2009-12-30 | Name : FreeBSD Ports: php5 File : nvt/freebsd_php56.nasl |
| 2009-12-30 | Name : Mandriva Security Advisory MDVSA-2009:146-1 (imap) File : nvt/mdksa_2009_146_1.nasl |
| 2009-12-18 | Name : PHP < 5.2.12 Multiple Vulnerabilities File : nvt/php_dec_2009.nasl |
| 2009-12-10 | Name : Fedora Core 12 FEDORA-2009-12017 (maniadrive) File : nvt/fcore_2009_12017.nasl |
| 2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:284-1 (gd) File : nvt/mdksa_2009_284_1.nasl |
| 2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:305 (php) File : nvt/mdksa_2009_305.nasl |
| 2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:324 (php) File : nvt/mdksa_2009_324.nasl |
| 2009-12-04 | Name : PHP Multiple Vulnerabilities Dec-09 File : nvt/gb_php_mult_vuln_dec09.nasl |
| 2009-12-03 | Name : Gentoo Security Advisory GLSA 200911-03 (c-client uw-imap) File : nvt/glsa_200911_03.nasl |
| 2009-12-03 | Name : Mandriva Security Advisory MDVSA-2009:303 (php) File : nvt/mdksa_2009_303.nasl |
| 2009-12-03 | Name : Ubuntu USN-862-1 (php5) File : nvt/ubuntu_862_1.nasl |
| 2009-11-23 | Name : Debian Security Advisory DSA 1936-1 (libgd2) File : nvt/deb_1936_1.nasl |
| 2009-11-23 | Name : Ubuntu USN-854-1 (libgd2) File : nvt/ubuntu_854_1.nasl |
| 2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
| 2009-11-11 | Name : FreeBSD Ports: gd File : nvt/freebsd_gd1.nasl |
| 2009-10-27 | Name : Mandrake Security Advisory MDVSA-2009:284 (gd) File : nvt/mdksa_2009_284.nasl |
| 2009-10-27 | Name : Mandrake Security Advisory MDVSA-2009:285 (php) File : nvt/mdksa_2009_285.nasl |
| 2009-10-27 | Name : SLES10: Security update for PHP5 File : nvt/sles10_apache2-mod_php4.nasl |
| 2009-10-27 | Name : SuSE Security Summary SUSE-SR:2009:017 File : nvt/suse_sr_2009_017.nasl |
| 2009-10-23 | Name : GD Graphics Library '_gdGetColors()' Buffer Overflow Vulnerability (Linux) File : nvt/gb_gd_graphics_library_bof_vuln_lin.nasl |
| 2009-10-23 | Name : PHP '_gdGetColors()' Buffer Overflow Vulnerability File : nvt/gb_php_gdGetColors_bof_vuln.nasl |
| 2009-10-22 | Name : HP-UX Update for Apache-based Web Server HPSBUX02465 File : nvt/gb_hp_ux_HPSBUX02465.nasl |
| 2009-10-19 | Name : FreeBSD Ports: php5 File : nvt/freebsd_php55.nasl |
| 2009-10-19 | Name : SLES11: Security update for PHP5 File : nvt/sles11_apache2-mod_php1.nasl |
| 2009-10-13 | Name : SLES10: Security update for PHP5 File : nvt/sles10_apache2-mod_php.nasl |
| 2009-10-13 | Name : SLES10: Security update for PHP5 File : nvt/sles10_apache2-mod_php0.nasl |
| 2009-10-13 | Name : SLES10: Security update for PHP5 File : nvt/sles10_apache2-mod_php3.nasl |
| 2009-10-11 | Name : SLES11: Security update for PHP5 File : nvt/sles11_apache2-mod_php.nasl |
| 2009-10-11 | Name : SLES11: Security update for PHP5 File : nvt/sles11_apache2-mod_php0.nasl |
| 2009-10-10 | Name : SLES9: Security update for PHP4 File : nvt/sles9p5046240.nasl |
| 2009-09-29 | Name : PHP Multiple Vulnerabilities - Sep09 File : nvt/secpod_php_mult_vuln_sep09.nasl |
| 2009-09-28 | Name : RedHat Security Advisory RHSA-2009:1461 File : nvt/RHSA_2009_1461.nasl |
| 2009-09-28 | Name : Mandrake Security Advisory MDVSA-2009:246 (php) File : nvt/mdksa_2009_246.nasl |
| 2009-09-28 | Name : Mandrake Security Advisory MDVSA-2009:247 (php) File : nvt/mdksa_2009_247.nasl |
| 2009-09-28 | Name : Mandrake Security Advisory MDVSA-2009:248 (php) File : nvt/mdksa_2009_248.nasl |
| 2009-09-02 | Name : PHP Security Bypass Vulnerability - Aug09 File : nvt/secpod_php_sec_bypass_vuln_aug09.nasl |
| 2009-09-02 | Name : Ubuntu USN-824-1 (php5) File : nvt/ubuntu_824_1.nasl |
| 2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:166 (c-client) File : nvt/mdksa_2009_166.nasl |
| 2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:167 (php) File : nvt/mdksa_2009_167.nasl |
| 2009-07-17 | Name : HP-UX Update for Apache Web Server Suite HPSBUX02431 File : nvt/gb_hp_ux_HPSBUX02431.nasl |
| 2009-07-06 | Name : Mandrake Security Advisory MDVSA-2009:145 (php) File : nvt/mdksa_2009_145.nasl |
| 2009-07-06 | Name : Mandrake Security Advisory MDVSA-2009:146 (imap) File : nvt/mdksa_2009_146.nasl |
| 2009-07-06 | Name : SuSE Security Summary SUSE-SR:2009:012 File : nvt/suse_sr_2009_012.nasl |
| 2009-06-05 | Name : Fedora Core 10 FEDORA-2009-3768 (maniadrive) File : nvt/fcore_2009_3768.nasl |
| 2009-06-05 | Name : Fedora Core 9 FEDORA-2009-3848 (maniadrive) File : nvt/fcore_2009_3848.nasl |
| 2009-06-05 | Name : Ubuntu USN-719-1 (libpam-krb5) File : nvt/ubuntu_719_1.nasl |
| 2009-06-05 | Name : Ubuntu USN-720-1 (php5) File : nvt/ubuntu_720_1.nasl |
| 2009-06-05 | Name : Ubuntu USN-723-1 (git-core) File : nvt/ubuntu_723_1.nasl |
| 2009-06-05 | Name : Ubuntu USN-761-2 (php5) File : nvt/ubuntu_761_2.nasl |
| 2009-06-05 | Name : Ubuntu USN-767-1 (freetype) File : nvt/ubuntu_767_1.nasl |
| 2009-06-05 | Name : Ubuntu USN-769-1 (libwmf) File : nvt/ubuntu_769_1.nasl |
| 2009-06-05 | Name : Ubuntu USN-776-2 (kvm) File : nvt/ubuntu_776_2.nasl |
| 2009-05-11 | Name : Debian Security Advisory DSA 1789-1 (php5) File : nvt/deb_1789_1.nasl |
| 2009-04-28 | Name : Debian Security Advisory DSA 1775-1 (php-json-ext) File : nvt/deb_1775_1.nasl |
| 2009-04-28 | Name : Ubuntu USN-761-1 (php5) File : nvt/ubuntu_761_1.nasl |
| 2009-04-23 | Name : Denial Of Service Vulnerability in PHP April-09 File : nvt/gb_php_dos_vuln_apr09.nasl |
| 2009-04-16 | Name : PHP 5.2.8 and Prior Versions Multiple Vulnerabilities File : nvt/php_cve_2009_1271.nasl |
| 2009-04-15 | Name : RedHat Security Advisory RHSA-2009:0337 File : nvt/RHSA_2009_0337.nasl |
| 2009-04-15 | Name : RedHat Security Advisory RHSA-2009:0338 File : nvt/RHSA_2009_0338.nasl |
| 2009-04-15 | Name : RedHat Security Advisory RHSA-2009:0350 File : nvt/RHSA_2009_0350.nasl |
| 2009-04-15 | Name : Mandrake Security Advisory MDVSA-2009:090 (php) File : nvt/mdksa_2009_090.nasl |
| 2009-04-15 | Name : CentOS Security Advisory CESA-2009:0337 (php) File : nvt/ovcesa2009_0337.nasl |
| 2009-04-15 | Name : CentOS Security Advisory CESA-2009:0338 (php) File : nvt/ovcesa2009_0338.nasl |
| 2009-04-06 | Name : SuSE Security Summary SUSE-SR:2009:008 File : nvt/suse_sr_2009_008.nasl |
| 2009-03-20 | Name : FreeBSD Ports: php4-mbstring File : nvt/freebsd_php4-mbstring.nasl |
| 2009-03-17 | Name : PHP 'mbstring.func_overload' DoS Vulnerability File : nvt/gb_php_mbstring_func_overload_dos_vuln.nasl |
| 2009-03-07 | Name : Mandrake Security Advisory MDVSA-2009:065 (php4) File : nvt/mdksa_2009_065.nasl |
| 2009-03-07 | Name : Mandrake Security Advisory MDVSA-2009:066 (php) File : nvt/mdksa_2009_066.nasl |
| 2009-03-07 | Name : Ubuntu USN-726-1 (curl) File : nvt/ubuntu_726_1.nasl |
| 2009-03-07 | Name : Ubuntu USN-726-2 (curl) File : nvt/ubuntu_726_2.nasl |
| 2009-03-07 | Name : Ubuntu USN-727-1 (network-manager-applet) File : nvt/ubuntu_727_1.nasl |
| 2009-03-07 | Name : Ubuntu USN-727-2 (network-manager) File : nvt/ubuntu_727_2.nasl |
| 2009-02-23 | Name : Mandrake Security Advisory MDVSA-2009:045 (php) File : nvt/mdksa_2009_045.nasl |
| 2009-02-18 | Name : SuSE Security Summary SUSE-SR:2009:004 File : nvt/suse_sr_2009_004.nasl |
| 2009-01-26 | Name : Fedora Core 9 FEDORA-2009-0371 (uw-imap) File : nvt/fcore_2009_0371.nasl |
| 2009-01-26 | Name : Fedora Core 10 FEDORA-2009-0413 (uw-imap) File : nvt/fcore_2009_0413.nasl |
| 2009-01-26 | Name : Mandrake Security Advisory MDVSA-2009:021 (php) File : nvt/mdksa_2009_021.nasl |
| 2009-01-26 | Name : Mandrake Security Advisory MDVSA-2009:022 (php) File : nvt/mdksa_2009_022.nasl |
| 2009-01-26 | Name : Mandrake Security Advisory MDVSA-2009:023 (php) File : nvt/mdksa_2009_023.nasl |
| 2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 11.1) File : nvt/suse_sr_2009_001.nasl |
| 2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 11.0) File : nvt/suse_sr_2009_001a.nasl |
| 2009-01-20 | Name : SuSE Security Summary SUSE-SR:2009:001 (OpenSuSE 10.3) File : nvt/suse_sr_2009_001b.nasl |
| 2009-01-13 | Name : FreeBSD Ports: imap-uw File : nvt/freebsd_imap-uw1.nasl |
| 2009-01-13 | Name : FreeBSD Ports: imap-uw File : nvt/freebsd_imap-uw2.nasl |
| 2009-01-08 | Name : PHP display_errors Cross-Site Scripting Vulnerability File : nvt/gb_php_display_errors_xss_vuln.nasl |
| 2009-01-08 | Name : FILTER_UNSAFE_RAW SQL Injection Vulnerability in PHP File : nvt/gb_php_sql_inj_vuln.nasl |
| 2009-01-07 | Name : FreeBSD Ports: php5-gd File : nvt/freebsd_php5-gd.nasl |
| 2008-12-31 | Name : PHP 'imageRotate()' Memory Information Disclosure Vulnerability File : nvt/secpod_php_imagerotate_info_disc_vuln.nasl |
| 2008-12-31 | Name : Heap-based buffer overflow in 'mbstring' extension for PHP File : nvt/secpod_php_mbstring_ext_bof_vuln.nasl |
| 2008-12-26 | Name : PHP Security Bypass and File Writing Vulnerability - Dec08 File : nvt/secpod_php_sec_bypass_n_file_write_vuln_900184.nasl |
| 2008-12-10 | Name : FreeBSD Ports: php5 File : nvt/freebsd_php53.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2009-098-02 php File : nvt/esoft_slk_ssa_2009_098_02.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2009-276-02 php File : nvt/esoft_slk_ssa_2009_276_02.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2010-024-02 php File : nvt/esoft_slk_ssa_2010_024_02.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 61209 | PHP htmlspecialchars() Invalid Byte Sequence XSS |
| 61208 | PHP $_SESSION Interrupt Corruption Unspecified Issue |
| 60654 | PHP zend_ini.c zend_restore_ini_entry_cb Function Memory Content Information ... |
| 60451 | PHP File Upload Crafted multipart/form-data Temporary File Exhaustion Remote DoS |
| 60435 | PHP ext/posix/posix.c posix_mkfifo() Function open_basedir Bypass |
| 60434 | PHP ext/standard/file.c tempnam() Function safe_mode Bypass |
| 59071 | PHP gd_gd.c _gdGetColors Function colorsTotal Structure Remote Overflow Weakness |
| 58187 | PHP imagecolortransparent Color Index Handling Unspecified Issue |
| 58186 | PHP exif Processing Unspecified Issue |
| 58185 | PHP php_openssl_apply_verification_policy Certificate Validation Unspecified ... |
| 57261 | PHP Multiple Function open_basedir / safe_mode_exec_dir Access Restriction By... |
| 55222 | PHP exif_read_data() Function JPG Handling DoS |
| 53574 | PHP on Apache .htaccess mbstring.func_overload Setting Cross Hosted Site Beha... |
| 53532 | PHP Unspecified XSS |
| 53440 | PHP php_zip.c php_zip_make_relative_path Function ZIP File Handling DoS |
| 52905 | UW-imapd c-client Library RFC822BUFFER Routines rfc822_output_char Function O... |
| 52486 | PHP json_decode() Function Malformed String Handling Remote DoS |
| 52207 | PHP SAPI php_getuid() Function Security Restriction Bypass |
| 52205 | PHP error_log php_admin_flag Safe Mode Bypass |
| 51477 | PHP mbstring Extension ext/mbstring/libmbfl/filters/mbfilter_htmlent.c Multip... |
| 51031 | PHP imageRotate Function Indexed Image Crafted Argument Arbitrary Memory Access |
| 50587 | PHP Regression filter.default_flags Setting magic_quotes_gpc Bypass |
| 50480 | PHP ZipArchive::extractTo() ZIP File Traversal Arbitrary File Overwrite |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2018-05-01 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2018-120-01.nasl - Type : ACT_GATHER_INFO |
| 2015-10-29 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-604.nasl - Type : ACT_GATHER_INFO |
| 2015-07-16 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_ca139c7f2a8c11e5a4a5002590263bf5.nasl - Type : ACT_GATHER_INFO |
| 2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL9761.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0337.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0338.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0003.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0040.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090406_php_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100104_gd_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100113_php_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
| 2012-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2012-9298.nasl - Type : ACT_GATHER_INFO |
| 2012-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2012-9314.nasl - Type : ACT_GATHER_INFO |
| 2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6536.nasl - Type : ACT_GATHER_INFO |
| 2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6847.nasl - Type : ACT_GATHER_INFO |
| 2010-09-17 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_6_2_0_12.nasl - Type : ACT_GATHER_INFO |
| 2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-248.nasl - Type : ACT_GATHER_INFO |
| 2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-302.nasl - Type : ACT_GATHER_INFO |
| 2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-303.nasl - Type : ACT_GATHER_INFO |
| 2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-009.nasl - Type : ACT_GATHER_INFO |
| 2010-07-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-0495.nasl - Type : ACT_GATHER_INFO |
| 2010-06-04 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201006-16.nasl - Type : ACT_GATHER_INFO |
| 2010-04-27 | Name : The remote web server has multiple vulnerabilities. File : hpsmh_6_0_0_95.nasl - Type : ACT_GATHER_INFO |
| 2010-03-29 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_3.nasl - Type : ACT_GATHER_INFO |
| 2010-03-29 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2010-002.nasl - Type : ACT_GATHER_INFO |
| 2010-02-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201001-03.nasl - Type : ACT_GATHER_INFO |
| 2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1936.nasl - Type : ACT_GATHER_INFO |
| 2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1940.nasl - Type : ACT_GATHER_INFO |
| 2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2001.nasl - Type : ACT_GATHER_INFO |
| 2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2002.nasl - Type : ACT_GATHER_INFO |
| 2010-02-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-045.nasl - Type : ACT_GATHER_INFO |
| 2010-02-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_apache2-mod_php5-100212.nasl - Type : ACT_GATHER_INFO |
| 2010-02-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_apache2-mod_php5-100212.nasl - Type : ACT_GATHER_INFO |
| 2010-02-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_apache2-mod_php5-100215.nasl - Type : ACT_GATHER_INFO |
| 2010-02-23 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-100212.nasl - Type : ACT_GATHER_INFO |
| 2010-02-23 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6846.nasl - Type : ACT_GATHER_INFO |
| 2010-01-25 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-024-02.nasl - Type : ACT_GATHER_INFO |
| 2010-01-18 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-008.nasl - Type : ACT_GATHER_INFO |
| 2010-01-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0040.nasl - Type : ACT_GATHER_INFO |
| 2010-01-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0040.nasl - Type : ACT_GATHER_INFO |
| 2010-01-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-882-1.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0338.nasl - Type : ACT_GATHER_INFO |
| 2010-01-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0003.nasl - Type : ACT_GATHER_INFO |
| 2010-01-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0003.nasl - Type : ACT_GATHER_INFO |
| 2009-12-18 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_39a25a63eb5c11deb65000215c6a37bb.nasl - Type : ACT_GATHER_INFO |
| 2009-12-18 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_2_12.nasl - Type : ACT_GATHER_INFO |
| 2009-12-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-324.nasl - Type : ACT_GATHER_INFO |
| 2009-12-07 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-12017.nasl - Type : ACT_GATHER_INFO |
| 2009-11-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200911-03.nasl - Type : ACT_GATHER_INFO |
| 2009-11-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-304.nasl - Type : ACT_GATHER_INFO |
| 2009-11-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-862-1.nasl - Type : ACT_GATHER_INFO |
| 2009-11-20 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_3_1.nasl - Type : ACT_GATHER_INFO |
| 2009-11-09 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_4e8344a3ca5211de8ee800215c6a37bb.nasl - Type : ACT_GATHER_INFO |
| 2009-11-09 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-006.nasl - Type : ACT_GATHER_INFO |
| 2009-11-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-854-1.nasl - Type : ACT_GATHER_INFO |
| 2009-10-30 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-mod_php5-6505.nasl - Type : ACT_GATHER_INFO |
| 2009-10-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-284.nasl - Type : ACT_GATHER_INFO |
| 2009-10-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-285.nasl - Type : ACT_GATHER_INFO |
| 2009-10-19 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_apache2-mod_php5-090924.nasl - Type : ACT_GATHER_INFO |
| 2009-10-19 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_apache2-mod_php5-090924.nasl - Type : ACT_GATHER_INFO |
| 2009-10-19 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-090924.nasl - Type : ACT_GATHER_INFO |
| 2009-10-19 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6510.nasl - Type : ACT_GATHER_INFO |
| 2009-10-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_437a68cfb75211deb6eb00e0815b8da8.nasl - Type : ACT_GATHER_INFO |
| 2009-10-05 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-276-02.nasl - Type : ACT_GATHER_INFO |
| 2009-09-28 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-247.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12382.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-090319.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-090618.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-5909.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6069.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6311.nasl - Type : ACT_GATHER_INFO |
| 2009-09-18 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_2_11.nasl - Type : ACT_GATHER_INFO |
| 2009-09-11 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-005.nasl - Type : ACT_GATHER_INFO |
| 2009-08-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-824-1.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_apache2-mod_php5-090114.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_apache2-mod_php5-090312.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_imap-081217.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_apache2-mod_php5-090119.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_apache2-mod_php5-090312.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_imap-081217.nasl - Type : ACT_GATHER_INFO |
| 2009-06-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-146.nasl - Type : ACT_GATHER_INFO |
| 2009-06-29 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-145.nasl - Type : ACT_GATHER_INFO |
| 2009-06-22 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_2_10.nasl - Type : ACT_GATHER_INFO |
| 2009-06-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-3768.nasl - Type : ACT_GATHER_INFO |
| 2009-06-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-3848.nasl - Type : ACT_GATHER_INFO |
| 2009-05-20 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_3_0_1_73.nasl - Type : ACT_GATHER_INFO |
| 2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO |
| 2009-05-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1789.nasl - Type : ACT_GATHER_INFO |
| 2009-04-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-761-2.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-0413.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-021.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-022.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-045.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-066.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-090.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-720-1.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-761-1.nasl - Type : ACT_GATHER_INFO |
| 2009-04-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1775.nasl - Type : ACT_GATHER_INFO |
| 2009-04-08 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-098-02.nasl - Type : ACT_GATHER_INFO |
| 2009-04-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0337.nasl - Type : ACT_GATHER_INFO |
| 2009-04-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0337.nasl - Type : ACT_GATHER_INFO |
| 2009-04-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0338.nasl - Type : ACT_GATHER_INFO |
| 2009-04-03 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-mod_php5-6068.nasl - Type : ACT_GATHER_INFO |
| 2009-03-17 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_a2074ac6124c11dea9640030843d3802.nasl - Type : ACT_GATHER_INFO |
| 2009-02-27 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_2_9.nasl - Type : ACT_GATHER_INFO |
| 2009-02-06 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-mod_php5-5934.nasl - Type : ACT_GATHER_INFO |
| 2009-02-04 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_58a3c266db0111ddae30001cc0377035.nasl - Type : ACT_GATHER_INFO |
| 2009-01-22 | Name : The remote Fedora host is missing a security update. File : fedora_2009-0371.nasl - Type : ACT_GATHER_INFO |
| 2009-01-12 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_69a20ce4dfee11dda7650030843d3802.nasl - Type : ACT_GATHER_INFO |
| 2009-01-12 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_a6713190dfea11dda7650030843d3802.nasl - Type : ACT_GATHER_INFO |
| 2008-12-21 | Name : The remote openSUSE host is missing a security update. File : suse_imap-5868.nasl - Type : ACT_GATHER_INFO |
| 2008-12-09 | Name : The remote web server uses a version of PHP that may be affected by multiple ... File : php_5_2_8.nasl - Type : ACT_GATHER_INFO |
| 2008-12-08 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_1f9e2376c52f11dd8cbc00163e000016.nasl - Type : ACT_GATHER_INFO |
| 2008-12-05 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_2_7.nasl - Type : ACT_GATHER_INFO |
| 2008-08-08 | Name : The remote web server uses a version of PHP that is affected by multiple issues. File : php_4_4_9.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:36:47 |
|
