Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title HP Secure Web Server (SWS) for OpenVMS running PHP, Remote Denial of Service (DoS), Unauthorized Access, Privilege escalation, Unauthorized Disclosure of Information, Unauthorized Modification
Informations
Name HPSBOV02763 SSRT100826 First vendor Publication 2012-04-16
Vendor HP Last vendor Modification 2012-04-16
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, privilege escalation, unauthorized disclosure of information, or unauthorized modifications.

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03281867

CWE : Common Weakness Enumeration

% Id Name
33 % CWE-200 Information Exposure
19 % CWE-399 Resource Management Errors
19 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
19 % CWE-20 Improper Input Validation
7 % CWE-189 Numeric Errors (CWE/SANS Top 25)
4 % CWE-264 Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11939
 
Oval ID: oval:org.mitre.oval:def:11939
Title: Stack-based buffer overflow in the GD extension in PHP before 5.2.15 and 5.3.x before 5.3.4
Description: Stack-based buffer overflow in the GD extension in PHP before 5.2.15 and 5.3.x before 5.3.4 allows context-dependent attackers to cause a denial of service (application crash) via a large number of anti-aliasing steps in an argument to the imagepstext function.
Family: windows Class: vulnerability
Reference(s): CVE-2010-4698
Version: 4
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): PHP
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12016
 
Oval ID: oval:org.mitre.oval:def:12016
Title: Security bypass vulnerability in the extract function in PHP before 5.2.15
Description: The extract function in PHP before 5.2.15 does not prevent use of the EXTR_OVERWRITE parameter to overwrite (1) the GLOBALS superglobal array and (2) the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended to depend on external input, a related issue to CVE-2005-2691 and CVE-2006-3758.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0752
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): PHP
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12156
 
Oval ID: oval:org.mitre.oval:def:12156
Title: DSA-2266-2 php5 -- several
Description: The update for CVE-2010-2531 for the old stable distribution introduced a regression, which lead to additional output being written to stdout.
Family: unix Class: patch
Reference(s): DSA-2266-2
CVE-2010-2531
CVE-2011-0420
CVE-2011-0421
CVE-2011-0708
CVE-2011-1153
CVE-2011-1466
CVE-2011-1471
CVE-2011-2202
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): php5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12388
 
Oval ID: oval:org.mitre.oval:def:12388
Title: DSA-2266-1 php5 -- several
Description: Several vulnerabilities were discovered in PHP, which could lead to denial of service or potentially the execution of arbitrary code. CVE-2010-2531 An information leak was found in the var_export function. CVE-2011-0421 The Zip module could crash. CVE-2011-0708 An integer overflow was discovered in the Exif module. CVE-2011-1466 An integer overflow was discovered in the Calendar module. CVE-2011-1471 The Zip module was prone to denial of service through malformed archives. CVE-2011-2202 Path names in form based file uploads were incorrectly validated. This update also fixes two bugs, which are not treated as security issues, but fixed nonetheless, see README.Debian.security for details on the scope of security support for PHP.
Family: unix Class: patch
Reference(s): DSA-2266-1
CVE-2010-2531
CVE-2011-0420
CVE-2011-0421
CVE-2011-0708
CVE-2011-1153
CVE-2011-1466
CVE-2011-1471
CVE-2011-2202
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): php5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12489
 
Oval ID: oval:org.mitre.oval:def:12489
Title: Denial of service vulnerability in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 in IMAP extension
Description: Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2010-4150
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): PHP
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12528
 
Oval ID: oval:org.mitre.oval:def:12528
Title: Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4
Description: Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of __set, __get, __isset, and __unset methods on objects accessed by a reference.
Family: windows Class: vulnerability
Reference(s): CVE-2010-4697
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): PHP
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12569
 
Oval ID: oval:org.mitre.oval:def:12569
Title: NULL byte injection vulnerability in PHP before 5.3.4
Description: PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function.
Family: windows Class: vulnerability
Reference(s): CVE-2006-7243
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s): PHP
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12808
 
Oval ID: oval:org.mitre.oval:def:12808
Title: DSA-2195-1 php5 -- several
Description: Stephane Chazelas discovered that the cronjob of the PHP 5 package in Debian suffers from a race condition which might be used to remove arbitrary files from a system. When upgrading your php5-common package take special care to _accept_ the changes to the /etc/cron.d/php5 file. Ignoring them would leave the system vulnerable.
Family: unix Class: patch
Reference(s): DSA-2195-1
CVE-2011-0441
CVE-2010-3709
CVE-2010-3710
CVE-2010-3870
CVE-2010-4150
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): php5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13005
 
Oval ID: oval:org.mitre.oval:def:13005
Title: USN-1042-1 -- php5 vulnerabilities
Description: It was discovered that an integer overflow in the XML UTF-8 decoding code could allow an attacker to bypass cross-site scripting protections. This issue only affected Ubuntu 6.06 LTS, Ubuntu 8.04 LTS, and Ubuntu 9.10. It was discovered that the XML UTF-8 decoding code did not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which could allow an attacker to bypass cross-site scripting protections. It was discovered that attackers might be able to bypass open_basedir restrictions by passing a specially crafted filename. Maksymilian Arciemowicz discovered that a NULL pointer derefence in the ZIP archive handling code could allow an attacker to cause a denial of service through a specially crafted ZIP archive. This issue only affected Ubuntu 8.04 LTS, Ubuntu 9.10, Ubuntu 10.04 LTS, and Ubuntu 10.10. It was discovered that a stack consumption vulnerability in the filter_var PHP function when in FILTER_VALIDATE_EMAIL mode, could allow a remote attacker to cause a denial of service. This issue only affected Ubuntu 8.04 LTS, Ubuntu 9.10, Ubuntu 10.04 LTS, and Ubuntu 10.10. It was discovered that the mb_strcut function in the Libmbfl library within PHP could allow an attacker to read arbitrary memory within the application process. This issue only affected Ubuntu 10.10. Maksymilian Arciemowicz discovered that an integer overflow in the NumberFormatter::getSymbol function could allow an attacker to cause a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 10.10. Rick Regan discovered that when handing PHP textual representations of the largest subnormal double-precision floating-point number, the zend_strtod function could go into an infinite loop on 32bit x86 processors, allowing an attacker to cause a denial of service
Family: unix Class: patch
Reference(s): USN-1042-1
CVE-2009-5016
CVE-2010-3870
CVE-2010-3436
CVE-2010-3709
CVE-2010-3710
CVE-2010-4156
CVE-2010-4409
CVE-2010-4645
Version: 5
Platform(s): Ubuntu 8.04
Ubuntu 10.10
Ubuntu 10.04
Ubuntu 9.10
Ubuntu 6.06
Product(s): php5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19494
 
Oval ID: oval:org.mitre.oval:def:19494
Title: HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass
Description: PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function.
Family: unix Class: vulnerability
Reference(s): CVE-2006-7243
Version: 10
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19791
 
Oval ID: oval:org.mitre.oval:def:19791
Title: HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass
Description: PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Family: unix Class: vulnerability
Reference(s): CVE-2011-4885
Version: 10
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21065
 
Oval ID: oval:org.mitre.oval:def:21065
Title: USN-1231-1 -- php5 vulnerabilities
Description: Several security issues were fixed in PHP.
Family: unix Class: patch
Reference(s): USN-1231-1
CVE-2011-1938
CVE-2011-2202
CVE-2011-2483
CVE-2011-3182
CVE-2011-3267
CVE-2011-1657
CVE-2010-1914
CVE-2010-2484
Version: 5
Platform(s): Ubuntu 11.10
Ubuntu 11.04
Ubuntu 10.10
Ubuntu 10.04
Ubuntu 8.04
Product(s): php5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21336
 
Oval ID: oval:org.mitre.oval:def:21336
Title: RHSA-2012:0019: php53 and php security update (Moderate)
Description: PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Family: unix Class: patch
Reference(s): RHSA-2012:0019-01
CESA-2012:0019
CVE-2011-4566
CVE-2011-4885
Version: 29
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): php53
php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21346
 
Oval ID: oval:org.mitre.oval:def:21346
Title: RHSA-2012:0033: php security update (Moderate)
Description: PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Family: unix Class: patch
Reference(s): RHSA-2012:0033-01
CESA-2012:0033
CVE-2011-0708
CVE-2011-1148
CVE-2011-1466
CVE-2011-1469
CVE-2011-2202
CVE-2011-4566
CVE-2011-4885
Version: 94
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21534
 
Oval ID: oval:org.mitre.oval:def:21534
Title: RHSA-2011:0195: php security update (Moderate)
Description: strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.
Family: unix Class: patch
Reference(s): RHSA-2011:0195-01
CVE-2009-5016
CVE-2010-3709
CVE-2010-3870
CVE-2010-4645
Version: 55
Platform(s): Red Hat Enterprise Linux 6
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21699
 
Oval ID: oval:org.mitre.oval:def:21699
Title: RHSA-2011:0196: php53 security update (Moderate)
Description: strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.
Family: unix Class: patch
Reference(s): RHSA-2011:0196-01
CESA-2011:0196
CVE-2010-3710
CVE-2010-4156
CVE-2010-4645
Version: 42
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): php53
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22022
 
Oval ID: oval:org.mitre.oval:def:22022
Title: RHSA-2010:0919: php security update (Moderate)
Description: The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string.
Family: unix Class: patch
Reference(s): RHSA-2010:0919-01
CESA-2010:0919
CVE-2009-5016
CVE-2010-0397
CVE-2010-1128
CVE-2010-1917
CVE-2010-2531
CVE-2010-3065
CVE-2010-3870
Version: 94
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23086
 
Oval ID: oval:org.mitre.oval:def:23086
Title: ELSA-2011:0196: php53 security update (Moderate)
Description: strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.
Family: unix Class: patch
Reference(s): ELSA-2011:0196-01
CVE-2010-3710
CVE-2010-4156
CVE-2010-4645
Version: 17
Platform(s): Oracle Linux 5
Product(s): php53
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23101
 
Oval ID: oval:org.mitre.oval:def:23101
Title: ELSA-2010:0919: php security update (Moderate)
Description: The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string.
Family: unix Class: patch
Reference(s): ELSA-2010:0919-01
CVE-2009-5016
CVE-2010-0397
CVE-2010-1128
CVE-2010-1917
CVE-2010-2531
CVE-2010-3065
CVE-2010-3870
Version: 33
Platform(s): Oracle Linux 5
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23205
 
Oval ID: oval:org.mitre.oval:def:23205
Title: DEPRECATED: ELSA-2012:0019: php53 and php security update (Moderate)
Description: PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Family: unix Class: patch
Reference(s): ELSA-2012:0019-01
CVE-2011-4566
CVE-2011-4885
Version: 14
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): php53
php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23207
 
Oval ID: oval:org.mitre.oval:def:23207
Title: ELSA-2012:0033: php security update (Moderate)
Description: PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Family: unix Class: patch
Reference(s): ELSA-2012:0033-01
CVE-2011-0708
CVE-2011-1148
CVE-2011-1466
CVE-2011-1469
CVE-2011-2202
CVE-2011-4566
CVE-2011-4885
Version: 33
Platform(s): Oracle Linux 5
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23479
 
Oval ID: oval:org.mitre.oval:def:23479
Title: ELSA-2011:0195: php security update (Moderate)
Description: strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308.
Family: unix Class: patch
Reference(s): ELSA-2011:0195-01
CVE-2009-5016
CVE-2010-3709
CVE-2010-3870
CVE-2010-4645
Version: 21
Platform(s): Oracle Linux 6
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23589
 
Oval ID: oval:org.mitre.oval:def:23589
Title: ELSA-2012:0019: php53 and php security update (Moderate)
Description: PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Family: unix Class: patch
Reference(s): ELSA-2012:0019-01
CVE-2011-4566
CVE-2011-4885
Version: 13
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): php53
php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27015
 
Oval ID: oval:org.mitre.oval:def:27015
Title: DEPRECATED: ELSA-2014-0311 -- php security update (critical)
Description: [5.1.6-44] - add security fixes for CVE-2006-7243, CVE-2009-0689
Family: unix Class: patch
Reference(s): ELSA-2014-0311
CVE-2009-0689
CVE-2006-7243
Version: 4
Platform(s): Oracle Linux 5
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27656
 
Oval ID: oval:org.mitre.oval:def:27656
Title: DEPRECATED: ELSA-2012-0033 -- php security update (moderate)
Description: [5.1.6-27.4] - add security fixes for CVE-2011-4885, CVE-2011-4566, CVE-2011-0708, CVE-2011-1148, CVE-2011-1466, CVE-2011-1469, CVE-2011-2202 (#769756)
Family: unix Class: patch
Reference(s): ELSA-2012-0033
CVE-2011-4566
CVE-2011-4885
CVE-2011-0708
CVE-2011-1148
CVE-2011-1466
CVE-2011-1469
CVE-2011-2202
Version: 4
Platform(s): Oracle Linux 5
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27760
 
Oval ID: oval:org.mitre.oval:def:27760
Title: DEPRECATED: ELSA-2012-0019 -- php53 and php security update (moderate)
Description: [5.3.3-3.5] - remove extra php.ini-prod/devel files caused by %patch -b [5.3.3-3.4] - add security fixes for CVE-2011-4885, CVE-2011-4566 (#769754)
Family: unix Class: patch
Reference(s): ELSA-2012-0019
CVE-2011-4566
CVE-2011-4885
Version: 4
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): php53
php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27854
 
Oval ID: oval:org.mitre.oval:def:27854
Title: DEPRECATED: ELSA-2011-0196 -- php53 security update (moderate)
Description: [5.3.3-1.1] - add security fixes for CVE-2010-3710, CVE-2010-4156, CVE-2010-4645 (#670463)
Family: unix Class: patch
Reference(s): ELSA-2011-0196
CVE-2010-3710
CVE-2010-4156
CVE-2010-4645
Version: 4
Platform(s): Oracle Linux 5
Product(s): php53
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28206
 
Oval ID: oval:org.mitre.oval:def:28206
Title: DEPRECATED: ELSA-2011-0195 -- php security update (moderate)
Description: [5.3.2-6.1] - add security fixes for CVE-2010-3709, CVE-2010-3870, CVE-2009-5016, CVE-2010-4645 (#670461)
Family: unix Class: patch
Reference(s): ELSA-2011-0195
CVE-2009-5016
CVE-2010-3709
CVE-2010-3870
CVE-2010-4645
Version: 4
Platform(s): Oracle Linux 6
Product(s): php
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 379

ExploitDB Exploits

id Description
2012-01-03 PHP Hash Table Collision Proof Of Concept
2012-01-01 PHP Hashtables Denial of Service
2011-07-04 PHP 5.3.6 Buffer Overflow PoC (ROP) CVE-2011-1938
2011-05-25 PHP <= 5.3.5 socket_connect() Buffer Overflow Vulnerability
2011-03-18 libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5)
2011-03-12 PHP <= 5.3.6 shmop_read() Integer Overflow DoS
2010-11-05 PHP 5.3.3/5.2.14 ZipArchive::getArchiveComment NULL Pointer Deference

OpenVAS Exploits

Date Description
2012-12-13 Name : SuSE Update for update openSUSE-SU-2012:0426-1 (update)
File : nvt/gb_suse_2012_0426_1.nasl
2012-09-26 Name : Gentoo Security Advisory GLSA 201209-03 (php)
File : nvt/glsa_201209_03.nasl
2012-09-10 Name : Slackware Advisory SSA:2011-210-01 libpng
File : nvt/esoft_slk_ssa_2011_210_01.nasl
2012-09-10 Name : Slackware Advisory SSA:2011-237-01 php
File : nvt/esoft_slk_ssa_2011_237_01.nasl
2012-08-03 Name : Mandriva Update for php MDVSA-2012:065 (php)
File : nvt/gb_mandriva_MDVSA_2012_065.nasl
2012-07-30 Name : CentOS Update for php53 CESA-2011:0196 centos5 x86_64
File : nvt/gb_CESA-2011_0196_php53_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for php53 CESA-2011:1423 centos5 x86_64
File : nvt/gb_CESA-2011_1423_php53_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for php53 CESA-2012:0019 centos5
File : nvt/gb_CESA-2012_0019_php53_centos5.nasl
2012-07-30 Name : CentOS Update for php CESA-2012:0019 centos6
File : nvt/gb_CESA-2012_0019_php_centos6.nasl
2012-07-30 Name : CentOS Update for php CESA-2012:0033 centos5
File : nvt/gb_CESA-2012_0033_php_centos5.nasl
2012-07-30 Name : CentOS Update for php CESA-2012:0071 centos4
File : nvt/gb_CESA-2012_0071_php_centos4.nasl
2012-07-30 Name : CentOS Update for php53 CESA-2012:0092 centos5
File : nvt/gb_CESA-2012_0092_php53_centos5.nasl
2012-07-30 Name : CentOS Update for php CESA-2012:0093 centos4
File : nvt/gb_CESA-2012_0093_php_centos4.nasl
2012-07-30 Name : CentOS Update for php CESA-2012:0093 centos5
File : nvt/gb_CESA-2012_0093_php_centos5.nasl
2012-07-30 Name : CentOS Update for php CESA-2012:0093 centos6
File : nvt/gb_CESA-2012_0093_php_centos6.nasl
2012-06-21 Name : PHP version smaller than 5.2.14
File : nvt/nopsec_php_5_2_14.nasl
2012-06-21 Name : PHP 5.2 < 5.2.15
File : nvt/nopsec_php_5_2_15.nasl
2012-06-21 Name : PHP version smaller than 5.3.3
File : nvt/nopsec_php_5_3_3.nasl
2012-06-21 Name : PHP version smaller than 5.3.4
File : nvt/nopsec_php_5_3_4.nasl
2012-06-14 Name : PHP version 5.3< 5.3.6
File : nvt/nopsec_php_5_3_6.nasl
2012-06-14 Name : PHP versoin < 5.3.9
File : nvt/nopsec_php_5_3_9.nasl
2012-06-05 Name : RedHat Update for php RHSA-2011:0195-01
File : nvt/gb_RHSA-2011_0195-01_php.nasl
2012-05-18 Name : Mac OS X Multiple Vulnerabilities (2012-002)
File : nvt/gb_macosx_su12-002.nasl
2012-04-02 Name : Fedora Update for maniadrive FEDORA-2011-11464
File : nvt/gb_fedora_2011_11464_maniadrive_fc16.nasl
2012-04-02 Name : Fedora Update for maniadrive FEDORA-2012-0504
File : nvt/gb_fedora_2012_0504_maniadrive_fc16.nasl
2012-04-02 Name : Fedora Update for php FEDORA-2012-0504
File : nvt/gb_fedora_2012_0504_php_fc16.nasl
2012-04-02 Name : Fedora Update for maniadrive FEDORA-2012-1262
File : nvt/gb_fedora_2012_1262_maniadrive_fc16.nasl
2012-04-02 Name : Fedora Update for php FEDORA-2012-1262
File : nvt/gb_fedora_2012_1262_php_fc16.nasl
2012-03-19 Name : Fedora Update for php-eaccelerator FEDORA-2011-11464
File : nvt/gb_fedora_2011_11464_php-eaccelerator_fc16.nasl
2012-03-19 Name : Fedora Update for php FEDORA-2011-11464
File : nvt/gb_fedora_2011_11464_php_fc16.nasl
2012-03-19 Name : Fedora Update for php-eaccelerator FEDORA-2012-0504
File : nvt/gb_fedora_2012_0504_php-eaccelerator_fc16.nasl
2012-03-19 Name : Fedora Update for php-eaccelerator FEDORA-2012-1262
File : nvt/gb_fedora_2012_1262_php-eaccelerator_fc16.nasl
2012-03-12 Name : Debian Security Advisory DSA 2408-1 (php5)
File : nvt/deb_2408_1.nasl
2012-02-21 Name : Fedora Update for maniadrive FEDORA-2012-1301
File : nvt/gb_fedora_2012_1301_maniadrive_fc15.nasl
2012-02-21 Name : Fedora Update for php-eaccelerator FEDORA-2012-1301
File : nvt/gb_fedora_2012_1301_php-eaccelerator_fc15.nasl
2012-02-21 Name : Fedora Update for php FEDORA-2012-1301
File : nvt/gb_fedora_2012_1301_php_fc15.nasl
2012-02-21 Name : Ubuntu Update for php5 USN-1358-2
File : nvt/gb_ubuntu_USN_1358_2.nasl
2012-02-13 Name : Ubuntu Update for php5 USN-1358-1
File : nvt/gb_ubuntu_USN_1358_1.nasl
2012-02-12 Name : Debian Security Advisory DSA 2399-1 (php5)
File : nvt/deb_2399_1.nasl
2012-02-12 Name : Debian Security Advisory DSA 2399-2 (php5)
File : nvt/deb_2399_2.nasl
2012-02-12 Name : FreeBSD Ports: php5
File : nvt/freebsd_php514.nasl
2012-02-12 Name : FreeBSD Ports: php5, php5-exif
File : nvt/freebsd_php515.nasl
2012-02-12 Name : Gentoo Security Advisory GLSA 201110-06 (php)
File : nvt/glsa_201110_06.nasl
2012-02-06 Name : Mac OS X Multiple Vulnerabilities (2012-001)
File : nvt/gb_macosx_su12-001.nasl
2012-02-03 Name : RedHat Update for php53 RHSA-2012:0092-01
File : nvt/gb_RHSA-2012_0092-01_php53.nasl
2012-02-03 Name : RedHat Update for php RHSA-2012:0093-01
File : nvt/gb_RHSA-2012_0093-01_php.nasl
2012-02-01 Name : RedHat Update for php RHSA-2012:0071-01
File : nvt/gb_RHSA-2012_0071-01_php.nasl
2012-02-01 Name : Fedora Update for maniadrive FEDORA-2012-0420
File : nvt/gb_fedora_2012_0420_maniadrive_fc15.nasl
2012-02-01 Name : Fedora Update for php-eaccelerator FEDORA-2012-0420
File : nvt/gb_fedora_2012_0420_php-eaccelerator_fc15.nasl
2012-02-01 Name : Fedora Update for php FEDORA-2012-0420
File : nvt/gb_fedora_2012_0420_php_fc15.nasl
2012-01-20 Name : RedHat Update for php RHSA-2012:0033-01
File : nvt/gb_RHSA-2012_0033-01_php.nasl
2012-01-13 Name : RedHat Update for php53 and php RHSA-2012:0019-01
File : nvt/gb_RHSA-2012_0019-01_php53_and_php.nasl
2012-01-03 Name : PHP Web Form Hash Collision Denial of Service Vulnerability (Win)
File : nvt/gb_php_web_form_hash_collision_dos_vuln_win.nasl
2012-01-02 Name : Mandriva Update for php MDVSA-2011:197 (php)
File : nvt/gb_mandriva_MDVSA_2011_197.nasl
2011-11-08 Name : Mandriva Update for php MDVSA-2011:165 (php)
File : nvt/gb_mandriva_MDVSA_2011_165.nasl
2011-11-03 Name : CentOS Update for php53 CESA-2011:1423 centos5 i386
File : nvt/gb_CESA-2011_1423_php53_centos5_i386.nasl
2011-11-03 Name : RedHat Update for php53 and php RHSA-2011:1423-01
File : nvt/gb_RHSA-2011_1423-01_php53_and_php.nasl
2011-10-21 Name : Ubuntu Update for php5 USN-1231-1
File : nvt/gb_ubuntu_USN_1231_1.nasl
2011-10-20 Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)
File : nvt/gb_macosx_su11-006.nasl
2011-09-21 Name : FreeBSD Ports: php5, php5-sockets
File : nvt/freebsd_php513.nasl
2011-09-20 Name : Fedora Update for maniadrive FEDORA-2011-11528
File : nvt/gb_fedora_2011_11528_maniadrive_fc15.nasl
2011-09-20 Name : Fedora Update for php-eaccelerator FEDORA-2011-11528
File : nvt/gb_fedora_2011_11528_php-eaccelerator_fc15.nasl
2011-09-20 Name : Fedora Update for php FEDORA-2011-11528
File : nvt/gb_fedora_2011_11528_php_fc15.nasl
2011-09-20 Name : Fedora Update for maniadrive FEDORA-2011-11537
File : nvt/gb_fedora_2011_11537_maniadrive_fc14.nasl
2011-09-20 Name : Fedora Update for php-eaccelerator FEDORA-2011-11537
File : nvt/gb_fedora_2011_11537_php-eaccelerator_fc14.nasl
2011-09-20 Name : Fedora Update for php FEDORA-2011-11537
File : nvt/gb_fedora_2011_11537_php_fc14.nasl
2011-09-07 Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007)
File : nvt/gb_macosx_su10-007.nasl
2011-08-26 Name : Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)
File : nvt/secpod_macosx_su11-001.nasl
2011-08-09 Name : CentOS Update for php CESA-2010:0919 centos5 i386
File : nvt/gb_CESA-2010_0919_php_centos5_i386.nasl
2011-08-09 Name : CentOS Update for php53 CESA-2011:0196 centos5 i386
File : nvt/gb_CESA-2011_0196_php53_centos5_i386.nasl
2011-08-03 Name : Debian Security Advisory DSA 2262-2 (php5)
File : nvt/deb_2262_2.nasl
2011-08-03 Name : Debian Security Advisory DSA 2266-1 (php5)
File : nvt/deb_2266_1.nasl
2011-07-01 Name : PHP SAPI_POST_HANDLER_FUNC() Security Bypass Vulnerability
File : nvt/secpod_php_sapi_post_handle_security_bypass_vuln_win.nasl
2011-06-03 Name : Mandriva Update for libzip MDVSA-2011:099 (libzip)
File : nvt/gb_mandriva_MDVSA_2011_099.nasl
2011-06-02 Name : PHP 'socket_connect()' Buffer Overflow Vulnerability
File : nvt/secpod_php_bof_vuln_win.nasl
2011-05-12 Name : Debian Security Advisory DSA 2195-1 (php5)
File : nvt/deb_2195_1.nasl
2011-05-12 Name : FreeBSD Ports: php5-exif
File : nvt/freebsd_php5-exif.nasl
2011-05-12 Name : FreeBSD Ports: php5-zip
File : nvt/freebsd_php5-zip0.nasl
2011-05-10 Name : Ubuntu Update for php5 USN-1126-1
File : nvt/gb_ubuntu_USN_1126_1.nasl
2011-05-10 Name : Ubuntu Update for php5 USN-1126-2
File : nvt/gb_ubuntu_USN_1126_2.nasl
2011-04-11 Name : Fedora Update for maniadrive FEDORA-2011-3636
File : nvt/gb_fedora_2011_3636_maniadrive_fc14.nasl
2011-04-11 Name : Fedora Update for php-eaccelerator FEDORA-2011-3636
File : nvt/gb_fedora_2011_3636_php-eaccelerator_fc14.nasl
2011-04-11 Name : Fedora Update for php FEDORA-2011-3636
File : nvt/gb_fedora_2011_3636_php_fc14.nasl
2011-04-11 Name : Fedora Update for maniadrive FEDORA-2011-3666
File : nvt/gb_fedora_2011_3666_maniadrive_fc13.nasl
2011-04-11 Name : Fedora Update for php-eaccelerator FEDORA-2011-3666
File : nvt/gb_fedora_2011_3666_php-eaccelerator_fc13.nasl
2011-04-11 Name : Fedora Update for php FEDORA-2011-3666
File : nvt/gb_fedora_2011_3666_php_fc13.nasl
2011-03-25 Name : Mandriva Update for php MDVSA-2011:052 (php)
File : nvt/gb_mandriva_MDVSA_2011_052.nasl
2011-03-25 Name : Mandriva Update for php MDVSA-2011:053 (php)
File : nvt/gb_mandriva_MDVSA_2011_053.nasl
2011-03-22 Name : PHP 'substr_replace()' Use After Free Vulnerability
File : nvt/secpod_php_use_after_free_vuln.nasl
2011-03-09 Name : PHP 'shmop_read()' Remote Integer Overflow Vulnerability
File : nvt/gb_php_46786.nasl
2011-02-07 Name : PHP 'extract()' Function Security Bypass Vulnerability
File : nvt/gb_php_sec_bypass_vuln.nasl
2011-02-04 Name : RedHat Update for php53 RHSA-2011:0196-01
File : nvt/gb_RHSA-2011_0196-01_php53.nasl
2011-02-01 Name : PHP Multiple Security Bypass Vulnerabilities
File : nvt/gb_php_mult_sec_bypass_vuln.nasl
2011-02-01 Name : PHP Zend and GD Multiple Denial of Service Vulnerabilities
File : nvt/gb_php_zend_mult_dos_vuln.nasl
2011-01-31 Name : PHP 'ext/imap/php_imap.c' Use After Free Denial of Service Vulnerability
File : nvt/gb_php_imap_do_open_dos_vuln.nasl
2011-01-24 Name : FreeBSD Ports: php5-filter
File : nvt/freebsd_php5-filter.nasl
2011-01-24 Name : FreeBSD Ports: php5-imap
File : nvt/freebsd_php5-imap1.nasl
2011-01-24 Name : FreeBSD Ports: php5-zip
File : nvt/freebsd_php5-zip.nasl
2011-01-24 Name : FreeBSD Ports: php5
File : nvt/freebsd_php57.nasl
2011-01-24 Name : FreeBSD Ports: php5
File : nvt/freebsd_php58.nasl
2011-01-24 Name : FreeBSD Ports: php5
File : nvt/freebsd_php59.nasl
2011-01-24 Name : Fedora Update for maniadrive-data FEDORA-2011-0321
File : nvt/gb_fedora_2011_0321_maniadrive-data_fc13.nasl
2011-01-24 Name : Fedora Update for maniadrive FEDORA-2011-0321
File : nvt/gb_fedora_2011_0321_maniadrive_fc13.nasl
2011-01-24 Name : Fedora Update for php-eaccelerator FEDORA-2011-0321
File : nvt/gb_fedora_2011_0321_php-eaccelerator_fc13.nasl
2011-01-24 Name : Fedora Update for php FEDORA-2011-0321
File : nvt/gb_fedora_2011_0321_php_fc13.nasl
2011-01-24 Name : Fedora Update for maniadrive-data FEDORA-2011-0329
File : nvt/gb_fedora_2011_0329_maniadrive-data_fc14.nasl
2011-01-24 Name : Fedora Update for maniadrive FEDORA-2011-0329
File : nvt/gb_fedora_2011_0329_maniadrive_fc14.nasl
2011-01-24 Name : Fedora Update for php-eaccelerator FEDORA-2011-0329
File : nvt/gb_fedora_2011_0329_php-eaccelerator_fc14.nasl
2011-01-24 Name : Fedora Update for php FEDORA-2011-0329
File : nvt/gb_fedora_2011_0329_php_fc14.nasl
2011-01-14 Name : Ubuntu Update for php5 vulnerabilities USN-1042-1
File : nvt/gb_ubuntu_USN_1042_1.nasl
2011-01-11 Name : Fedora Update for maniadrive FEDORA-2010-18976
File : nvt/gb_fedora_2010_18976_maniadrive_fc14.nasl
2011-01-11 Name : Fedora Update for php-eaccelerator FEDORA-2010-18976
File : nvt/gb_fedora_2010_18976_php-eaccelerator_fc14.nasl
2011-01-11 Name : Fedora Update for php FEDORA-2010-18976
File : nvt/gb_fedora_2010_18976_php_fc14.nasl
2011-01-11 Name : Fedora Update for maniadrive FEDORA-2010-19011
File : nvt/gb_fedora_2010_19011_maniadrive_fc13.nasl
2011-01-11 Name : Fedora Update for php-eaccelerator FEDORA-2010-19011
File : nvt/gb_fedora_2010_19011_php-eaccelerator_fc13.nasl
2011-01-11 Name : Fedora Update for php FEDORA-2010-19011
File : nvt/gb_fedora_2010_19011_php_fc13.nasl
2011-01-10 Name : PHP 'zend_strtod()' Function Floating-Point Value Denial of Service Vulnerabi...
File : nvt/gb_php_45668.nasl
2010-12-28 Name : Mandriva Update for php MDVSA-2010:254 (php)
File : nvt/gb_mandriva_MDVSA_2010_254.nasl
2010-12-09 Name : CentOS Update for php CESA-2010:0919 centos4 i386
File : nvt/gb_CESA-2010_0919_php_centos4_i386.nasl
2010-12-09 Name : RedHat Update for php RHSA-2010:0919-01
File : nvt/gb_RHSA-2010_0919-01_php.nasl
2010-11-23 Name : Mandriva Update for php MDVSA-2010:239 (php)
File : nvt/gb_mandriva_MDVSA_2010_239.nasl
2010-11-23 Name : PHP 'filter_var()' function Stack Consumption Vulnerability
File : nvt/gb_php_stack_consumption_vuln.nasl
2010-11-16 Name : Mandriva Update for php MDVSA-2010:218 (php)
File : nvt/gb_mandriva_MDVSA_2010_218.nasl
2010-11-16 Name : Mandriva Update for php MDVSA-2010:224 (php)
File : nvt/gb_mandriva_MDVSA_2010_224.nasl
2010-11-10 Name : PHP 'xml_utf8_decode()' UTF-8 Input Validation Vulnerability
File : nvt/gb_php_44605.nasl
2010-09-22 Name : Ubuntu Update for php5 vulnerabilities USN-989-1
File : nvt/gb_ubuntu_USN_989_1.nasl
2010-08-30 Name : Fedora Update for maniadrive FEDORA-2010-11428
File : nvt/gb_fedora_2010_11428_maniadrive_fc12.nasl
2010-08-30 Name : Fedora Update for php-eaccelerator FEDORA-2010-11428
File : nvt/gb_fedora_2010_11428_php-eaccelerator_fc12.nasl
2010-08-30 Name : Fedora Update for php FEDORA-2010-11428
File : nvt/gb_fedora_2010_11428_php_fc12.nasl
2010-08-30 Name : Fedora Update for maniadrive FEDORA-2010-11481
File : nvt/gb_fedora_2010_11481_maniadrive_fc13.nasl
2010-08-30 Name : Fedora Update for php-eaccelerator FEDORA-2010-11481
File : nvt/gb_fedora_2010_11481_php-eaccelerator_fc13.nasl
2010-08-30 Name : Fedora Update for php FEDORA-2010-11481
File : nvt/gb_fedora_2010_11481_php_fc13.nasl
2010-08-02 Name : PHP Versions Prior to 5.3.3/5.2.14 Multiple Vulnerabilities
File : nvt/gb_php_41991.nasl
2010-07-30 Name : Mandriva Update for php MDVSA-2010:139 (php)
File : nvt/gb_mandriva_MDVSA_2010_139.nasl
2010-07-30 Name : Mandriva Update for php MDVSA-2010:140 (php)
File : nvt/gb_mandriva_MDVSA_2010_140.nasl
2010-06-21 Name : PHP 'SplObjectStorage' Unserializer Arbitrary Code Execution Vulnerability
File : nvt/gb_php_40948.nasl
2010-06-15 Name : PHP Multiple Information Disclosure Vulnerabilities
File : nvt/gb_php_mult_info_disc_vuln.nasl
0000-00-00 Name : Slackware Advisory SSA:2010-240-04 php
File : nvt/esoft_slk_ssa_2010_240_04.nasl
0000-00-00 Name : Slackware Advisory SSA:2010-357-01 php
File : nvt/esoft_slk_ssa_2010_357_01.nasl
0000-00-00 Name : Slackware Advisory SSA:2011-010-01 php
File : nvt/esoft_slk_ssa_2011_010_01.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
78115 PHP Hash Collission Form Parameter Parsing Remote DoS

PHP contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends multiple crafted parameters which trigger hash collisions, and will result in loss of availability for the program via CPU consumption.
74728 PHP extract() Function EXTR_OVERWRITE Parameter Variable Overwriting

73218 PHP substr_replace Function Repeated Argument Variable Memory Corruption

73113 PHP main/rfc1867.c rfc1867_post_handler Function Traversal Upload File Path I...

72644 PHP ext/sockets/sockets.c socket_connect Function UNIX Socket Pathname Overflow

72533 PHP ZIP Extension zip_name_locate.c _zip_name_locate Function Malformed ZIP A...

72531 PHP strval Function Numerical Argument Handling DoS

71598 PHP ext/shmop/shmop.c shmop_read Function Overflow

71597 PHP Exif Extension (exif.c) Image File Directory (IFD) Parsing DoS

70608 PHP GD Extension imagepstext Function Anti-aliasing Overflow DoS

PHP is prone to an overflow condition. The GD extension fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. This may allow a context-dependent attacker to cause a denial of service via vectors related to invalid anti-aliasing and the imagepstext function.
70607 PHP Zend Engine Multiple Method Object Reference Access Use-after-free DoS

PHP contains a flaw that may allow a context-dependent denial of service. The issue is triggered when a use-after-free error in the Zend engine occurs, allowing a context-dependent attacker to use vectors related to the '__set', '__get', '__isset' and '__unset' methods to cause a denial of service, or possibly have other unspecified impact.
70606 PHP Pathname \0 Character file_exists Function Access Restriction Bypass

PHP contains a flaw related to the accepting of the \0 character in a pathname. This may allow a context-dependent attacker to bypass access restrictions by combining this character with a safe file extension, such as .php\0.jpg.
70370 PHP strtod.c zend_strtod Function x87 FPU Register DoS

PHP contains a flaw in strtod.c, as used in the function 'zend_strtod' that may allow a context-dependent denial of service. This may allow an attacker to cause an infinite loop denial of service via a certain floating-point value in scientific notation, which x87 FPU registers fail to handle properly.
69660 PHP ext/imap/php_imap.c imap_do_open Function Double-free Memory Corruption

A memory corruption flaw exists in PHP. The 'imap_do_open' function in the IMAP extension 'ext/imap/php_imap.c' fails to sanitize provided user credentials when opening the user mailbox folder resulting in memory corruption. With maliciously crafted user credentials, a local attacker can execute arbitrary code.
69230 PHP utf8_decode Function UTF-8 Encoding / Data Crafted String Protection Mech...

69109 PHP ZipArchive::getArchiveComment Function Crafted ZIP Archive NULL Dereferen...

PHP contains a flaw related to the ZipArchive::getArchiveComment function that may allow a context-dependent denial of service. The issue is triggered via a maliciously crafted ZIP archive, and will result in loss of availability.
68597 PHP ext/filter/logical_filters.c php_filter_validate_email() Function Overflo...

PHP is prone to an overflow condition. The 'php_filter_validate_email()' function in 'ext/filter/logical_filters.c' fails to properly sanitize user-supplied input resulting in a stack overflow. With a specially crafted overly long e-mail address string, a remote attacker can potentially cause a denial of service.
66805 PHP var_export() Function Fata Error Information Disclosure

66804 PHP strrchr() Function Interruption Array Leak Memory Disclosure

66106 PHP parse_str Function Userspace Interuption Memory Corruption

66105 PHP preg_match Function Userspace Interuption Memory Corruption

66104 PHP unpack / pack Functions Userspace Interuption Memory Corruption

66103 PHP ZEND_FETCH_RW Opcodes Userspace Interuption Memory Corruption

66102 PHP ZEND_*CONCAT Opcodes Userspace Interuption Memory Corruption

66101 PHP ArrayObject::uasort Method Userspace Interuption Memory Corruption

66100 PHP trim / ltrim / rtrim Functions Userspace Interuption Arbitrary Memory Con...

66099 PHP substr_replace Function Userspace Interuption Arbitrary Memory Content Di...

66098 PHP setcookie Function Userspace Interuption Arbitrary Memory Content Disclosure

66097 PHP strip_tags Function Userspace Interuption Arbitrary Memory Content Disclo...

66096 PHP wordwrap Function Userspace Interuption Arbitrary Memory Content Disclosure

66095 PHP Multiple str* Functions Userspace Interuption Arbitrary Memory Content Di...

66094 PHP http_build_query Function Userspace Interuption Arbitrary Memory Disclosure

66093 PHP htmlentities / htmlspecialchars Functions Userspace Interuption Arbitrary...

66087 PHP iconv_* Functions Userspace Interuption Arbitrary Memory Disclosure

65755 PHP SplObjectStorage Unserializer Use-after-free Arbitrary Code Execution

64546 PHP html_entity_decode Function Internal Call Userspace Interruption Memory D...

64544 PHP chunk_split Function Internal Function Userspace Interruption Memory Disc...

64322 PHP addcslashes() Function Userspace Interruption Information Disclosure

Snort® IPS/IDS

Date Description
2014-01-10 socket_connect buffer overflow attempt
RuleID : 24195 - Revision : 7 - Type : SERVER-WEBAPP
2014-01-10 socket_connect buffer overflow attempt
RuleID : 24194 - Revision : 4 - Type : SERVER-WEBAPP
2014-01-10 socket_connect buffer overflow attempt
RuleID : 24193 - Revision : 4 - Type : SERVER-WEBAPP
2014-01-10 socket_connect buffer overflow attempt
RuleID : 24192 - Revision : 4 - Type : SERVER-WEBAPP
2014-01-10 empty zip file upload attempt
RuleID : 23944 - Revision : 5 - Type : SERVER-WEBAPP
2014-01-10 exif invalid tag data buffer overflow attempt
RuleID : 23796 - Revision : 4 - Type : SERVER-WEBAPP
2014-01-10 use-after-free in substr_replace attempt
RuleID : 23793 - Revision : 4 - Type : SERVER-WEBAPP
2014-01-10 PHP use-after-free in substr_replace attempt
RuleID : 23792 - Revision : 4 - Type : SERVER-WEBAPP
2014-01-10 PHP use-after-free in substr_replace attempt
RuleID : 23791 - Revision : 4 - Type : SERVER-WEBAPP

Nessus® Vulnerability Scanner

Date Description
2016-08-29 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-1638-1.nasl - Type : ACT_GATHER_INFO
2016-03-01 Name : The remote Debian host is missing a security update.
File : debian_DLA-444.nasl - Type : ACT_GATHER_INFO
2016-01-22 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16993.nasl - Type : ACT_GATHER_INFO
2015-09-08 Name : The remote Debian host is missing a security update.
File : debian_DLA-307.nasl - Type : ACT_GATHER_INFO
2015-08-20 Name : The remote application is affected by multiple vulnerabilities.
File : securitycenter_php_5_4_41.nasl - Type : ACT_GATHER_INFO
2015-06-12 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2015-162-02.nasl - Type : ACT_GATHER_INFO
2015-05-29 Name : The remote Fedora host is missing a security update.
File : fedora_2015-8370.nasl - Type : ACT_GATHER_INFO
2015-05-29 Name : The remote Fedora host is missing a security update.
File : fedora_2015-8383.nasl - Type : ACT_GATHER_INFO
2015-05-27 Name : The remote Fedora host is missing a security update.
File : fedora_2015-8281.nasl - Type : ACT_GATHER_INFO
2015-05-26 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_31de2e1300d211e5a072d050996490d0.nasl - Type : ACT_GATHER_INFO
2015-05-18 Name : The remote web server uses a version of PHP that is affected by multiple vuln...
File : php_5_4_41.nasl - Type : ACT_GATHER_INFO
2015-05-18 Name : The remote web server uses a version of PHP that is affected by multiple vuln...
File : php_5_5_25.nasl - Type : ACT_GATHER_INFO
2015-05-18 Name : The remote web server uses a version of PHP that is affected by multiple vuln...
File : php_5_6_9.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1307.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1615.nasl - Type : ACT_GATHER_INFO
2014-10-12 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-7.nasl - Type : ACT_GATHER_INFO
2014-10-10 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL12650.nasl - Type : ACT_GATHER_INFO
2014-10-10 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL13519.nasl - Type : ACT_GATHER_INFO
2014-10-10 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL13588.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-182.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_apache2-mod_php5-100812.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_apache2-mod_php5-101110.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_apache2-mod_php5-110309.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_apache2-mod_php5-110601.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_apache2-mod_php5-110907.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_libzip-devel-110321.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_apache2-mod_php5-110601.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_apache2-mod_php5-110907.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_libzip-devel-110321.nasl - Type : ACT_GATHER_INFO
2014-03-20 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20140318_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-03-19 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-0311.nasl - Type : ACT_GATHER_INFO
2014-03-19 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0311.nasl - Type : ACT_GATHER_INFO
2014-03-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0311.nasl - Type : ACT_GATHER_INFO
2013-12-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20131121_php_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-11-27 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1615.nasl - Type : ACT_GATHER_INFO
2013-11-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1615.nasl - Type : ACT_GATHER_INFO
2013-10-11 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130930_php53_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-10-03 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1307.nasl - Type : ACT_GATHER_INFO
2013-10-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1307.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-07.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-37.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-41.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0919.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0195.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0196.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1423.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0019.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0033.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0071.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0092.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0093.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0071.nasl - Type : ACT_GATHER_INFO
2012-09-24 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201209-03.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101129_php_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110203_php53_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110203_php_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111102_php53_and_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120111_php53_and_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120118_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120130_php_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120202_php53_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120202_php_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-07-05 Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_7_1_1_1.nasl - Type : ACT_GATHER_INFO
2012-05-10 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_7_4.nasl - Type : ACT_GATHER_INFO
2012-04-27 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2012-065.nasl - Type : ACT_GATHER_INFO
2012-04-20 Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_7_0_0_24.nasl - Type : ACT_GATHER_INFO
2012-04-13 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_apache2-mod_php5-120309.nasl - Type : ACT_GATHER_INFO
2012-03-26 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_apache2-mod_php5-8009.nasl - Type : ACT_GATHER_INFO
2012-02-20 Name : The remote web server uses a version of PHP that is affected by a code execut...
File : php_5_3_9_ace.nasl - Type : ACT_ATTACK
2012-02-15 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2012-1301.nasl - Type : ACT_GATHER_INFO
2012-02-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2408.nasl - Type : ACT_GATHER_INFO
2012-02-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1358-2.nasl - Type : ACT_GATHER_INFO
2012-02-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1358-1.nasl - Type : ACT_GATHER_INFO
2012-02-09 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2012-1262.nasl - Type : ACT_GATHER_INFO
2012-02-03 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0092.nasl - Type : ACT_GATHER_INFO
2012-02-03 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0093.nasl - Type : ACT_GATHER_INFO
2012-02-03 Name : The remote web server uses a version of PHP that is affected by a code execut...
File : php_5_3_10.nasl - Type : ACT_GATHER_INFO
2012-02-03 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0092.nasl - Type : ACT_GATHER_INFO
2012-02-03 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0093.nasl - Type : ACT_GATHER_INFO
2012-02-02 Name : The remote host is missing a Mac OS X update that fixes several security vuln...
File : macosx_10_7_3.nasl - Type : ACT_GATHER_INFO
2012-02-02 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_SecUpd2012-001.nasl - Type : ACT_GATHER_INFO
2012-02-01 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2399.nasl - Type : ACT_GATHER_INFO
2012-01-31 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0071.nasl - Type : ACT_GATHER_INFO
2012-01-27 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2012-0420.nasl - Type : ACT_GATHER_INFO
2012-01-24 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0033.nasl - Type : ACT_GATHER_INFO
2012-01-20 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2012-0504.nasl - Type : ACT_GATHER_INFO
2012-01-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0033.nasl - Type : ACT_GATHER_INFO
2012-01-13 Name : The remote web server uses a version of PHP that is affected by multiple flaws.
File : php_5_3_9.nasl - Type : ACT_GATHER_INFO
2012-01-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0019.nasl - Type : ACT_GATHER_INFO
2012-01-12 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_d39218103c8011e197e800215c6a37bb.nasl - Type : ACT_GATHER_INFO
2012-01-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0019.nasl - Type : ACT_GATHER_INFO
2012-01-03 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-197.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_apache2-mod_php5-7393.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_apache2-mod_php5-7553.nasl - Type : ACT_GATHER_INFO
2011-11-04 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-165.nasl - Type : ACT_GATHER_INFO
2011-11-03 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1423.nasl - Type : ACT_GATHER_INFO
2011-11-03 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1423.nasl - Type : ACT_GATHER_INFO
2011-10-19 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1231-1.nasl - Type : ACT_GATHER_INFO
2011-10-13 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_SecUpd2011-006.nasl - Type : ACT_GATHER_INFO
2011-10-12 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201110-06.nasl - Type : ACT_GATHER_INFO
2011-09-19 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2011-11528.nasl - Type : ACT_GATHER_INFO
2011-09-19 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2011-11537.nasl - Type : ACT_GATHER_INFO
2011-09-12 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2011-11464.nasl - Type : ACT_GATHER_INFO
2011-08-26 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2011-237-01.nasl - Type : ACT_GATHER_INFO
2011-08-22 Name : The remote web server uses a version of PHP that is affected by multiple vuln...
File : php_5_3_7.nasl - Type : ACT_GATHER_INFO
2011-08-20 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_057bf770cac411e0aea300215c6a37bb.nasl - Type : ACT_GATHER_INFO
2011-08-01 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2011-210-01.nasl - Type : ACT_GATHER_INFO
2011-07-05 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2266.nasl - Type : ACT_GATHER_INFO
2011-06-17 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_apache2-mod_php5-110601.nasl - Type : ACT_GATHER_INFO
2011-06-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_apache2-mod_php5-7554.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1126-1.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1126-2.nasl - Type : ACT_GATHER_INFO
2011-05-25 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-099.nasl - Type : ACT_GATHER_INFO
2011-05-09 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_libzip-devel-110321.nasl - Type : ACT_GATHER_INFO
2011-05-09 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_libzip1-110321.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_apache2-mod_php5-101105.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_apache2-mod_php5-101110.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_apache2-mod_php5-110309.nasl - Type : ACT_GATHER_INFO
2011-04-22 Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_6_3_0_22.nasl - Type : ACT_GATHER_INFO
2011-04-15 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-0196.nasl - Type : ACT_GATHER_INFO
2011-04-07 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2011-3636.nasl - Type : ACT_GATHER_INFO
2011-04-07 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2011-3666.nasl - Type : ACT_GATHER_INFO
2011-04-04 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_apache2-mod_php5-110310.nasl - Type : ACT_GATHER_INFO
2011-03-27 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2011-3614.nasl - Type : ACT_GATHER_INFO
2011-03-27 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_cc3bfec656cd11e09668001fd0d616cf.nasl - Type : ACT_GATHER_INFO
2011-03-27 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_fe85366656ce11e09668001fd0d616cf.nasl - Type : ACT_GATHER_INFO
2011-03-24 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-052.nasl - Type : ACT_GATHER_INFO
2011-03-24 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-053.nasl - Type : ACT_GATHER_INFO
2011-03-22 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_6_7.nasl - Type : ACT_GATHER_INFO
2011-03-22 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_SecUpd2011-001.nasl - Type : ACT_GATHER_INFO
2011-03-21 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2195.nasl - Type : ACT_GATHER_INFO
2011-03-18 Name : The remote web server uses a version of PHP that is affected by multiple vuln...
File : php_5_3_6.nasl - Type : ACT_GATHER_INFO
2011-02-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0195.nasl - Type : ACT_GATHER_INFO
2011-02-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0196.nasl - Type : ACT_GATHER_INFO
2011-01-24 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2011-0321.nasl - Type : ACT_GATHER_INFO
2011-01-24 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2011-0329.nasl - Type : ACT_GATHER_INFO
2011-01-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_1a0704e70edf11e0becc0022156e8794.nasl - Type : ACT_GATHER_INFO
2011-01-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_2a41233d10e711e0becc0022156e8794.nasl - Type : ACT_GATHER_INFO
2011-01-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_3761df020f9c11e0becc0022156e8794.nasl - Type : ACT_GATHER_INFO
2011-01-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_c623f05810e711e0becc0022156e8794.nasl - Type : ACT_GATHER_INFO
2011-01-12 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1042-1.nasl - Type : ACT_GATHER_INFO
2011-01-11 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2011-010-01.nasl - Type : ACT_GATHER_INFO
2011-01-10 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_2b6ed5c71a7f11e0b61d000c29d1636d.nasl - Type : ACT_GATHER_INFO
2011-01-07 Name : The remote web server uses a version of PHP that is affected by a denial of s...
File : php_5_3_5.nasl - Type : ACT_GATHER_INFO
2011-01-05 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2010-18976.nasl - Type : ACT_GATHER_INFO
2011-01-05 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2010-19011.nasl - Type : ACT_GATHER_INFO
2010-12-26 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2010-357-01.nasl - Type : ACT_GATHER_INFO
2010-12-16 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-254.nasl - Type : ACT_GATHER_INFO
2010-12-13 Name : The remote web server uses a version of PHP that is affected by multiple flaws.
File : php_5_2_15.nasl - Type : ACT_GATHER_INFO
2010-12-13 Name : The remote web server uses a version of PHP that is affected by multiple flaws.
File : php_5_3_4.nasl - Type : ACT_GATHER_INFO
2010-12-03 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_apache2-mod_php5-101105.nasl - Type : ACT_GATHER_INFO
2010-12-03 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_apache2-mod_php5-7221.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0919.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_apache2-mod_php5-100805.nasl - Type : ACT_GATHER_INFO
2010-11-30 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0919.nasl - Type : ACT_GATHER_INFO
2010-11-22 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-239.nasl - Type : ACT_GATHER_INFO
2010-11-10 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_10_6_5.nasl - Type : ACT_GATHER_INFO
2010-11-10 Name : The remote host is missing a Mac OS X update that fixes security issues.
File : macosx_SecUpd2010-007.nasl - Type : ACT_GATHER_INFO
2010-11-10 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-224.nasl - Type : ACT_GATHER_INFO
2010-11-01 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-218.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_apache2-mod_php5-7110.nasl - Type : ACT_GATHER_INFO
2010-10-06 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_apache2-mod_php5-100928.nasl - Type : ACT_GATHER_INFO
2010-09-21 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-989-1.nasl - Type : ACT_GATHER_INFO
2010-09-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_apache2-mod_php5-100813.nasl - Type : ACT_GATHER_INFO
2010-08-29 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2010-240-04.nasl - Type : ACT_GATHER_INFO
2010-08-24 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2010-11428.nasl - Type : ACT_GATHER_INFO
2010-08-24 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2010-11481.nasl - Type : ACT_GATHER_INFO
2010-08-24 Name : The remote host is missing a Mac OS X update that fixes security issues.
File : macosx_SecUpd2010-005.nasl - Type : ACT_GATHER_INFO
2010-08-23 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2089.nasl - Type : ACT_GATHER_INFO
2010-08-04 Name : The remote web server uses a version of PHP that is affected by multiple flaws.
File : php_5_2_14.nasl - Type : ACT_GATHER_INFO
2010-08-04 Name : The remote web server uses a version of PHP that is affected by multiple flaws.
File : php_5_3_3.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-139.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-140.nasl - Type : ACT_GATHER_INFO