Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2009:324 | First vendor Publication | 2009-12-07 |
Vendor | Mandriva | Last vendor Modification | 2009-12-07 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple vulnerabilities was discovered and corrected in php: The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database entries but does not have permissions to truncate the file (CVE-2008-7068). The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before 5.2.9 allows remote attackers to cause a denial of service (segmentation fault) via a malformed string to the json_decode API function (CVE-2009-1271). - Fixed upstream bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg files) (CVE-2009-2687). The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates (CVE-2009-3291). Unspecified vulnerability in PHP before 5.2.11 has unknown impact and attack vectors related to missing sanity checks around exif processing. (CVE-2009-3292) Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect sanity check for the color index. (CVE-2009-3293) The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.0, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information (CVE-2009-3546). The tempnam function in ext/standard/file.c in PHP 5.2.11 and earlier, and 5.3.x before 5.3.1, allows context-dependent attackers to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments (CVE-2009-3557). The posix_mkfifo function in ext/posix/posix.c in PHP 5.2.11 and earlier, and 5.3.x before 5.3.1, allows context-dependent attackers to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file (CVE-2009-3558). PHP 5.2.11, and 5.3.x before 5.3.1, does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive (CVE-2009-4017). The proc_open function in ext/standard/proc_open.c in PHP before 5.2.11 and 5.3.x before 5.3.1 does not enforce the (1) safe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars directives, which allows context-dependent attackers to execute programs with an arbitrary environment via the env parameter, as demonstrated by a crafted value of the LD_LIBRARY_PATH environment variable (CVE-2009-4018). The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database entries but does not have permissions to truncate the file (CVE-2008-7068). The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates (CVE-2009-3291). Unspecified vulnerability in PHP before 5.2.11 has unknown impact and attack vectors related to missing sanity checks around exif processing. (CVE-2009-3292) Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect sanity check for the color index. (CVE-2009-3293). However in Mandriva we don't use the bundled libgd source in php per default, there is a unsupported package in contrib named php-gd-bundled that eventually will get updated to pickup these fixes. The php-suhosin package has been upgraded to 0.9.22 which has better support for apache vhosts. Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides a solution to these vulnerabilities. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2009:324 |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-82 | Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi... |
CAPEC-99 | XML Parser Attack |
CAPEC-119 | Resource Depletion |
CAPEC-121 | Locate and Exploit Test APIs |
CAPEC-125 | Resource Depletion through Flooding |
CAPEC-130 | Resource Depletion through Allocation |
CAPEC-147 | XML Ping of Death |
CAPEC-197 | XEE (XML Entity Expansion) |
CAPEC-227 | Denial of Service through Resource Depletion |
CAPEC-228 | Resource Depletion through DTD Injection in a SOAP Message |
CAPEC-229 | XML Attribute Blowup |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
38 % | CWE-264 | Permissions, Privileges, and Access Controls |
38 % | CWE-20 | Improper Input Validation |
12 % | CWE-770 | Allocation of Resources Without Limits or Throttling |
12 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12644 | |||
Oval ID: | oval:org.mitre.oval:def:12644 | ||
Title: | DSA-1775-1 php-json-ext -- denial of service | ||
Description: | It was discovered that php-json-ext, a JSON serialiser for PHP, is prone to a denial of service attack, when receiving a malformed string via the json_decode function. For the oldstable distribution, this problem has been fixed in version 1.2.1-3.2+etch1. The stable distribution does not contain a separate php-json-ext package, but includes it in the php5 packages, which will be fixed soon. The testing distribution and the unstable distribution do not contain a separate php-json-ext package, but include it in the php5 packages. We recommend that you upgrade your php-json-ext packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1775-1 CVE-2009-1271 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | php-json-ext |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:13099 | |||
Oval ID: | oval:org.mitre.oval:def:13099 | ||
Title: | DSA-1936-1 libgd2 -- several | ||
Description: | Several vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-0455 Kees Cook discovered a buffer overflow in libgd2's font renderer. An attacker could cause denial of service and possibly execute arbitrary code via a crafted string with a JIS encoded font. This issue only affects the oldstable distribution. CVE-2009-3546 Tomas Hoger discovered a boundary error in the "_gdGetColors" function. An attacker could conduct a buffer overflow or buffer over-read attacks via a crafted GD file. For the oldstable distribution, these problems have been fixed in version 2.0.33-5.2etch2. For the stable distribution, these problems have been fixed in version 2.0.36~rc1~dfsg-3+lenny1. For the upcoming stable distribution and the unstable distribution ion, these problems have been fixed in version 2.0.36~rc1~dfsg-3.1. We recommend that you upgrade your libgd2 packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1936-1 CVE-2007-0455 CVE-2009-3546 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | libgd2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22090 | |||
Oval ID: | oval:org.mitre.oval:def:22090 | ||
Title: | RHSA-2010:0003: gd security update (Moderate) | ||
Description: | The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0003-01 CESA-2010:0003 CVE-2009-3546 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | gd |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22668 | |||
Oval ID: | oval:org.mitre.oval:def:22668 | ||
Title: | ELSA-2010:0003: gd security update (Moderate) | ||
Description: | The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0003-01 CVE-2009-3546 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | gd |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6655 | |||
Oval ID: | oval:org.mitre.oval:def:6655 | ||
Title: | HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS) | ||
Description: | The exif_read_data function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service (crash) via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-2687 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6667 | |||
Oval ID: | oval:org.mitre.oval:def:6667 | ||
Title: | HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS) | ||
Description: | PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-4017 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7047 | |||
Oval ID: | oval:org.mitre.oval:def:7047 | ||
Title: | HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS) | ||
Description: | Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect "sanity check for the color index." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3293 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7256 | |||
Oval ID: | oval:org.mitre.oval:def:7256 | ||
Title: | HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS) | ||
Description: | The proc_open function in ext/standard/proc_open.c in PHP before 5.2.11 and 5.3.x before 5.3.1 does not enforce the (1) safe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars directives, which allows context-dependent attackers to execute programs with an arbitrary environment via the env parameter, as demonstrated by a crafted value of the LD_LIBRARY_PATH environment variable. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-4018 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7394 | |||
Oval ID: | oval:org.mitre.oval:def:7394 | ||
Title: | HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS) | ||
Description: | The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3291 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7396 | |||
Oval ID: | oval:org.mitre.oval:def:7396 | ||
Title: | HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS) | ||
Description: | The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3557 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7652 | |||
Oval ID: | oval:org.mitre.oval:def:7652 | ||
Title: | HP-UX Running Apache with PHP, Remote Denial of Service (DoS), Unauthorized Access, Privileged Access, Cross Site Scripting (XSS) | ||
Description: | Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-3292 | Version: | 11 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8225 | |||
Oval ID: | oval:org.mitre.oval:def:8225 | ||
Title: | DSA-1936 libgd2 -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation. The Common Vulnerabilities and Exposures project identifies the following problems: Kees Cook discovered a buffer overflow in libgd2's font renderer. An attacker could cause denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. This issue only affects the oldstable distribution (etch). Tomas Hoger discovered a boundary error in the "_gdGetColors()" function. An attacker could conduct a buffer overflow or buffer over-read attacks via a crafted GD file. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1936 CVE-2007-0455 CVE-2009-3546 | Version: | 3 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 4.0 | Product(s): | libgd2 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8239 | |||
Oval ID: | oval:org.mitre.oval:def:8239 | ||
Title: | DSA-1775 php-json-ext -- denial of service | ||
Description: | It was discovered that php-json-ext, a JSON serialiser for PHP, is prone to a denial of service attack, when receiving a malformed string via the json_decode function. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1775 CVE-2009-1271 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | php-json-ext |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2010-03-05 | Kolang (proc_open PHP safe mode bypass 4.3.10 - 5.3.0) |
OpenVAS Exploits
Date | Description |
---|---|
2012-08-30 | Name : Fedora Update for gd FEDORA-2012-9298 File : nvt/gb_fedora_2012_9298_gd_fc17.nasl |
2012-07-03 | Name : Fedora Update for gd FEDORA-2012-9314 File : nvt/gb_fedora_2012_9314_gd_fc16.nasl |
2012-06-21 | Name : PHP version smaller than 5.3.1 File : nvt/nopsec_php_5_3_1.nasl |
2012-06-21 | Name : PHP version smaller than 5.2.9 File : nvt/nopsec_php_5_2_9.nasl |
2012-06-21 | Name : PHP version smaller than 5.2.11 File : nvt/nopsec_php_5_2_11.nasl |
2011-08-09 | Name : CentOS Update for gd CESA-2010:0003 centos5 i386 File : nvt/gb_CESA-2010_0003_gd_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for php CESA-2010:0040 centos5 i386 File : nvt/gb_CESA-2010_0040_php_centos5_i386.nasl |
2011-03-09 | Name : Gentoo Security Advisory GLSA 201006-16 (gd) File : nvt/glsa_201006_16.nasl |
2010-06-23 | Name : HP-UX Update for Apache with PHP HPSBUX02543 File : nvt/gb_hp_ux_HPSBUX02543.nasl |
2010-05-12 | Name : Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002 File : nvt/macosx_upd_10_6_3_secupd_2010-002.nasl |
2010-05-12 | Name : Mac OS X 10.6.2 Update / Mac OS X Security Update 2009-006 File : nvt/macosx_upd_10_6_2_secupd_2009-006.nasl |
2010-05-12 | Name : Mac OS X Security Update 2009-005 File : nvt/macosx_secupd_2009-005.nasl |
2010-04-19 | Name : PHP 'exif_read_data()' JPEG Image Processing Denial Of Service Vulnerability File : nvt/gb_php_35440.nasl |
2010-03-02 | Name : Fedora Update for php FEDORA-2010-0495 File : nvt/gb_fedora_2010_0495_php_fc11.nasl |
2010-03-02 | Name : Fedora Update for maniadrive FEDORA-2010-0495 File : nvt/gb_fedora_2010_0495_maniadrive_fc11.nasl |
2010-01-19 | Name : CentOS Update for php CESA-2010:0040 centos3 i386 File : nvt/gb_CESA-2010_0040_php_centos3_i386.nasl |
2010-01-19 | Name : RedHat Update for php RHSA-2010:0040-01 File : nvt/gb_RHSA-2010_0040-01_php.nasl |
2010-01-19 | Name : CentOS Update for php CESA-2010:0040 centos4 x86_64 File : nvt/gb_CESA-2010_0040_php_centos4_x86_64.nasl |
2010-01-19 | Name : CentOS Update for php CESA-2010:0040 centos4 i386 File : nvt/gb_CESA-2010_0040_php_centos4_i386.nasl |
2010-01-19 | Name : CentOS Update for php CESA-2010:0040 centos3 x86_64 File : nvt/gb_CESA-2010_0040_php_centos3_x86_64.nasl |
2010-01-19 | Name : CentOS Update for gd CESA-2010:0003 centos4 x86_64 File : nvt/gb_CESA-2010_0003_gd_centos4_x86_64.nasl |
2010-01-19 | Name : CentOS Update for gd CESA-2010:0003 centos4 i386 File : nvt/gb_CESA-2010_0003_gd_centos4_i386.nasl |
2010-01-15 | Name : RedHat Update for gd RHSA-2010:0003-01 File : nvt/gb_RHSA-2010_0003-01_gd.nasl |
2010-01-07 | Name : Gentoo Security Advisory GLSA 201001-03 (php) File : nvt/glsa_201001_03.nasl |
2009-12-30 | Name : FreeBSD Ports: php5 File : nvt/freebsd_php56.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:284-1 (gd) File : nvt/mdksa_2009_284_1.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:324 (php) File : nvt/mdksa_2009_324.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:305 (php) File : nvt/mdksa_2009_305.nasl |
2009-12-10 | Name : Fedora Core 12 FEDORA-2009-12017 (maniadrive) File : nvt/fcore_2009_12017.nasl |
2009-12-04 | Name : PHP Multiple Vulnerabilities Dec-09 File : nvt/gb_php_mult_vuln_dec09.nasl |
2009-12-03 | Name : Mandriva Security Advisory MDVSA-2009:303 (php) File : nvt/mdksa_2009_303.nasl |
2009-12-03 | Name : Ubuntu USN-862-1 (php5) File : nvt/ubuntu_862_1.nasl |
2009-11-23 | Name : Debian Security Advisory DSA 1936-1 (libgd2) File : nvt/deb_1936_1.nasl |
2009-11-23 | Name : Ubuntu USN-854-1 (libgd2) File : nvt/ubuntu_854_1.nasl |
2009-11-11 | Name : FreeBSD Ports: gd File : nvt/freebsd_gd1.nasl |
2009-10-27 | Name : SuSE Security Summary SUSE-SR:2009:017 File : nvt/suse_sr_2009_017.nasl |
2009-10-27 | Name : SLES10: Security update for PHP5 File : nvt/sles10_apache2-mod_php4.nasl |
2009-10-27 | Name : Mandrake Security Advisory MDVSA-2009:285 (php) File : nvt/mdksa_2009_285.nasl |
2009-10-27 | Name : Mandrake Security Advisory MDVSA-2009:284 (gd) File : nvt/mdksa_2009_284.nasl |
2009-10-23 | Name : GD Graphics Library '_gdGetColors()' Buffer Overflow Vulnerability (Linux) File : nvt/gb_gd_graphics_library_bof_vuln_lin.nasl |
2009-10-23 | Name : PHP '_gdGetColors()' Buffer Overflow Vulnerability File : nvt/gb_php_gdGetColors_bof_vuln.nasl |
2009-10-19 | Name : SLES11: Security update for PHP5 File : nvt/sles11_apache2-mod_php1.nasl |
2009-10-19 | Name : FreeBSD Ports: php5 File : nvt/freebsd_php55.nasl |
2009-10-13 | Name : SLES10: Security update for PHP5 File : nvt/sles10_apache2-mod_php3.nasl |
2009-10-11 | Name : SLES11: Security update for PHP5 File : nvt/sles11_apache2-mod_php0.nasl |
2009-09-29 | Name : PHP Multiple Vulnerabilities - Sep09 File : nvt/secpod_php_mult_vuln_sep09.nasl |
2009-09-28 | Name : Mandrake Security Advisory MDVSA-2009:247 (php) File : nvt/mdksa_2009_247.nasl |
2009-09-28 | Name : Mandrake Security Advisory MDVSA-2009:248 (php) File : nvt/mdksa_2009_248.nasl |
2009-09-28 | Name : Mandrake Security Advisory MDVSA-2009:246 (php) File : nvt/mdksa_2009_246.nasl |
2009-09-28 | Name : RedHat Security Advisory RHSA-2009:1461 File : nvt/RHSA_2009_1461.nasl |
2009-09-02 | Name : Ubuntu USN-824-1 (php5) File : nvt/ubuntu_824_1.nasl |
2009-08-27 | Name : PHP dba_replace Denial of Service Vulnerability File : nvt/secpod_php_dba_replace_dos_vuln.nasl |
2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:167 (php) File : nvt/mdksa_2009_167.nasl |
2009-07-06 | Name : SuSE Security Summary SUSE-SR:2009:012 File : nvt/suse_sr_2009_012.nasl |
2009-07-06 | Name : Mandrake Security Advisory MDVSA-2009:145 (php) File : nvt/mdksa_2009_145.nasl |
2009-06-05 | Name : Ubuntu USN-767-1 (freetype) File : nvt/ubuntu_767_1.nasl |
2009-06-05 | Name : Ubuntu USN-761-2 (php5) File : nvt/ubuntu_761_2.nasl |
2009-06-05 | Name : Fedora Core 9 FEDORA-2009-3848 (maniadrive) File : nvt/fcore_2009_3848.nasl |
2009-06-05 | Name : Ubuntu USN-769-1 (libwmf) File : nvt/ubuntu_769_1.nasl |
2009-06-05 | Name : Fedora Core 10 FEDORA-2009-3768 (maniadrive) File : nvt/fcore_2009_3768.nasl |
2009-05-20 | Name : FreeBSD Ports: php4-dba File : nvt/freebsd_php4-dba.nasl |
2009-05-11 | Name : Debian Security Advisory DSA 1789-1 (php5) File : nvt/deb_1789_1.nasl |
2009-04-28 | Name : Ubuntu USN-761-1 (php5) File : nvt/ubuntu_761_1.nasl |
2009-04-28 | Name : Debian Security Advisory DSA 1775-1 (php-json-ext) File : nvt/deb_1775_1.nasl |
2009-04-16 | Name : PHP 5.2.8 and Prior Versions Multiple Vulnerabilities File : nvt/php_cve_2009_1271.nasl |
2009-04-15 | Name : Mandrake Security Advisory MDVSA-2009:090 (php) File : nvt/mdksa_2009_090.nasl |
2009-04-15 | Name : RedHat Security Advisory RHSA-2009:0350 File : nvt/RHSA_2009_0350.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2009-276-02 php File : nvt/esoft_slk_ssa_2009_276_02.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2010-024-02 php File : nvt/esoft_slk_ssa_2010_024_02.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
60451 | PHP File Upload Crafted multipart/form-data Temporary File Exhaustion Remote DoS |
60438 | PHP ext/standard/proc_open.c proc_open() Function safe_mode_*_env_vars Bypass |
60435 | PHP ext/posix/posix.c posix_mkfifo() Function open_basedir Bypass |
60434 | PHP ext/standard/file.c tempnam() Function safe_mode Bypass |
59071 | PHP gd_gd.c _gdGetColors Function colorsTotal Structure Remote Overflow Weakness |
58187 | PHP imagecolortransparent Color Index Handling Unspecified Issue |
58186 | PHP exif Processing Unspecified Issue |
58185 | PHP php_openssl_apply_verification_policy Certificate Validation Unspecified ... |
55222 | PHP exif_read_data() Function JPG Handling DoS |
52486 | PHP json_decode() Function Malformed String Handling Remote DoS |
52206 | PHP dba_replace() Function Arbitrary File Overwrite |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2018-05-01 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2018-120-01.nasl - Type : ACT_GATHER_INFO |
2015-10-29 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2015-604.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_ca139c7f2a8c11e5a4a5002590263bf5.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0003.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0040.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100104_gd_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100113_php_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2012-9298.nasl - Type : ACT_GATHER_INFO |
2012-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2012-9314.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6847.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6536.nasl - Type : ACT_GATHER_INFO |
2010-09-17 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_6_2_0_12.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-248.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-302.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-303.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-0495.nasl - Type : ACT_GATHER_INFO |
2010-06-04 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201006-16.nasl - Type : ACT_GATHER_INFO |
2010-03-29 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_3.nasl - Type : ACT_GATHER_INFO |
2010-03-29 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2010-002.nasl - Type : ACT_GATHER_INFO |
2010-02-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201001-03.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1940.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1936.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_apache2-mod_php5-100212.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_apache2-mod_php5-100212.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_apache2-mod_php5-100215.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-100212.nasl - Type : ACT_GATHER_INFO |
2010-02-23 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6846.nasl - Type : ACT_GATHER_INFO |
2010-01-25 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-024-02.nasl - Type : ACT_GATHER_INFO |
2010-01-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0040.nasl - Type : ACT_GATHER_INFO |
2010-01-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0040.nasl - Type : ACT_GATHER_INFO |
2010-01-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0003.nasl - Type : ACT_GATHER_INFO |
2010-01-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0003.nasl - Type : ACT_GATHER_INFO |
2009-12-18 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_39a25a63eb5c11deb65000215c6a37bb.nasl - Type : ACT_GATHER_INFO |
2009-12-18 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_2_12.nasl - Type : ACT_GATHER_INFO |
2009-12-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-324.nasl - Type : ACT_GATHER_INFO |
2009-12-07 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-12017.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-862-1.nasl - Type : ACT_GATHER_INFO |
2009-11-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-304.nasl - Type : ACT_GATHER_INFO |
2009-11-20 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_3_1.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-006.nasl - Type : ACT_GATHER_INFO |
2009-11-09 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_4e8344a3ca5211de8ee800215c6a37bb.nasl - Type : ACT_GATHER_INFO |
2009-11-06 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-854-1.nasl - Type : ACT_GATHER_INFO |
2009-10-30 | Name : The remote openSUSE host is missing a security update. File : suse_apache2-mod_php5-6505.nasl - Type : ACT_GATHER_INFO |
2009-10-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-284.nasl - Type : ACT_GATHER_INFO |
2009-10-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-285.nasl - Type : ACT_GATHER_INFO |
2009-10-19 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_apache2-mod_php5-090924.nasl - Type : ACT_GATHER_INFO |
2009-10-19 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_apache2-mod_php5-090924.nasl - Type : ACT_GATHER_INFO |
2009-10-19 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-090924.nasl - Type : ACT_GATHER_INFO |
2009-10-19 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6510.nasl - Type : ACT_GATHER_INFO |
2009-10-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_437a68cfb75211deb6eb00e0815b8da8.nasl - Type : ACT_GATHER_INFO |
2009-10-05 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-276-02.nasl - Type : ACT_GATHER_INFO |
2009-09-28 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-247.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-090618.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-6311.nasl - Type : ACT_GATHER_INFO |
2009-09-18 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_2_11.nasl - Type : ACT_GATHER_INFO |
2009-09-11 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-005.nasl - Type : ACT_GATHER_INFO |
2009-08-25 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-824-1.nasl - Type : ACT_GATHER_INFO |
2009-06-29 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-145.nasl - Type : ACT_GATHER_INFO |
2009-06-22 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_2_10.nasl - Type : ACT_GATHER_INFO |
2009-06-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-3768.nasl - Type : ACT_GATHER_INFO |
2009-06-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-3848.nasl - Type : ACT_GATHER_INFO |
2009-05-18 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_1e8031be425811deb67a0030843d3802.nasl - Type : ACT_GATHER_INFO |
2009-05-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1789.nasl - Type : ACT_GATHER_INFO |
2009-04-28 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-761-2.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-761-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-090.nasl - Type : ACT_GATHER_INFO |
2009-04-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1775.nasl - Type : ACT_GATHER_INFO |
2009-02-27 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_2_9.nasl - Type : ACT_GATHER_INFO |
2008-12-05 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_2_7.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:41:04 |
|