Executive Summary
Summary | |
---|---|
Title | PHP vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-1126-1 | First vendor Publication | 2011-04-29 |
Vendor | Ubuntu | Last vendor Modification | 2011-04-29 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS - Ubuntu 9.10 - Ubuntu 8.04 LTS - Ubuntu 6.06 LTS Summary: Multiple vulnerabilities in PHP. Software Description: - php5: HTML-embedded scripting language interpreter Details: Stephane Chazelas discovered that the /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/. (CVE-2011-0441) Raphael Geisert and Dan Rosenberg discovered that the PEAR installer allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories. (CVE-2011-1072, CVE-2011-1144) Ben Schmidt discovered that a use-after-free vulnerability in the PHP Zend engine could allow an attacker to cause a denial of service (heap memory corruption) or possibly execute arbitrary code. (CVE-2010-4697) Martin Barbella discovered a buffer overflow in the PHP GD extension that allows an attacker to cause a denial of service (application crash) via a large number of anti- aliasing steps in an argument to the imagepstext function. (CVE-2010-4698) It was discovered that PHP accepts the \0 character in a pathname, which might allow an attacker to bypass intended access restrictions by placing a safe file extension after this character. This issue is addressed in Ubuntu 10.04 LTS, Ubuntu 10.10, and Ubuntu 11.04. (CVE-2006-7243) Maksymilian Arciemowicz discovered that the grapheme_extract function in the PHP Internationalization extension (Intl) for ICU allow an attacker to cause a denial of service (crash) via an invalid size argument, which triggers a NULL pointer dereference. This issue affected Ubuntu 10.04 LTS, Ubuntu 10.10, and Ubuntu 11.04. (CVE-2011-0420) Maksymilian Arciemowicz discovered that the _zip_name_locate function in the PHP Zip extension does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow an attacker to cause a denial of service (NULL pointer dereference) via an empty ZIP archive. This issue affected Ubuntu 8.04 LTS, Ubuntu 9.10, Ubuntu 10.04 LTS, Ubuntu 10.10, and Ubuntu 11.04. (CVE-2011-0421) Luca Carettoni discovered that the PHP Exif extension performs an incorrect cast on 64bit platforms, which allows a remote attacker to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD). (CVE-2011-0708) Jose Carlos Norte discovered that an integer overflow in the PHP shmop extension could allow an attacker to cause a denial of service (crash) and possibly read sensitive memory function. (CVE-2011-1092) Felipe Pena discovered that a use-after-free vulnerability in the substr_replace function allows an attacker to cause a denial of service (memory corruption) or possibly execute arbitrary code. (CVE-2011-1148) Felipe Pena discovered multiple format string vulnerabilities in the PHP phar extension. These could allow an attacker to obtain sensitive information from process memory, cause a denial of service (memory corruption), or possibly execute arbitrary code. This issue affected Ubuntu 10.04 LTS, Ubuntu 10.10, and Ubuntu 11.04.(CVE-2011-1153) It was discovered that a buffer overflow occurs in the strval function when the precision configuration option has a large value. The default compiler options for Ubuntu 8.04 LTS, Ubuntu 9.10, Ubuntu 10.04 LTS, Ubuntu 10.10, and Ubuntu 11.04 should reduce the vulnerability to a denial of service. (CVE-2011-1464) It was discovered that an integer overflow in the SdnToJulian function in the PHP Calendar extension could allow an attacker to cause a denial of service (application crash). (CVE-2011-1466) Tomas Hoger discovered that an integer overflow in the NumberFormatter::setSymbol function in the PHP Intl extension could allow an attacker to cause a denial of service (application crash). This issue affected Ubuntu 10.04 LTS, Ubuntu 10.10, and Ubuntu 11.04. (CVE-2011-1467) It was discovered that multiple memory leaks in the PHP OpenSSL extension might allow a remote attacker to cause a denial of service (memory consumption). This issue affected Ubuntu 10.04 LTS, Ubuntu 10.10, and Ubuntu 11.04. (CVE-2011-1468) Daniel Buschke discovered that the PHP Streams component in PHP handled types improperly, possibly allowing an attacker to cause a denial of service (application crash). (CVE-2011-1469) It was discovered that the PHP Zip extension could allow an attacker to cause a denial of service (application crash) via a ziparchive stream that is not properly handled by the stream_get_contents function. This issue affected Ubuntu 8.04 LTS, Ubuntu 9.10, Ubuntu 10.04 LTS, Ubuntu 10.10, and Ubuntu 11.04. (CVE-2011-1470) It was discovered that an integer signedness error in the PHP Zip extension could allow an attacker to cause a denial of service (CPU consumption) via a malformed archive file. This issue affected Ubuntu 8.04 LTS, Ubuntu 9.10, Ubuntu 10.04 LTS, Ubuntu 10.10, and Ubuntu 11.04. (CVE-2011-1470) (CVE-2011-1471) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: Ubuntu 10.10: Ubuntu 10.04 LTS: Ubuntu 9.10: Ubuntu 8.04 LTS: Ubuntu 6.06 LTS: In general, a standard system update will make all the necessary changes. References: Package Information: |
Original Source
Url : http://www.ubuntu.com/usn/USN-1126-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
20 % | CWE-399 | Resource Management Errors |
20 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
20 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
20 % | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
13 % | CWE-20 | Improper Input Validation |
7 % | CWE-134 | Uncontrolled Format String (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11939 | |||
Oval ID: | oval:org.mitre.oval:def:11939 | ||
Title: | Stack-based buffer overflow in the GD extension in PHP before 5.2.15 and 5.3.x before 5.3.4 | ||
Description: | Stack-based buffer overflow in the GD extension in PHP before 5.2.15 and 5.3.x before 5.3.4 allows context-dependent attackers to cause a denial of service (application crash) via a large number of anti-aliasing steps in an argument to the imagepstext function. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4698 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | PHP |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12528 | |||
Oval ID: | oval:org.mitre.oval:def:12528 | ||
Title: | Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 | ||
Description: | Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of __set, __get, __isset, and __unset methods on objects accessed by a reference. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-4697 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | PHP |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12569 | |||
Oval ID: | oval:org.mitre.oval:def:12569 | ||
Title: | NULL byte injection vulnerability in PHP before 5.3.4 | ||
Description: | PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-7243 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | PHP |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15505 | |||
Oval ID: | oval:org.mitre.oval:def:15505 | ||
Title: | USN-1358-2 -- PHP regression | ||
Description: | php5: HTML-embedded scripting language interpreter Details: USN 1358-1 fixed multiple vulnerabilities in PHP. The fix for CVE-2012-0831 introduced a regression where the state of the magic_quotes_gpc setting was not correctly reflected when calling the ini_get function. We apologize for the inconvenience. Original advisory USN 1358-1 introduced a regression in PHP. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1358-2 CVE-2012-0831 CVE-2011-4885 CVE-2012-0830 CVE-2011-4153 CVE-2012-0057 CVE-2012-0788 CVE-2011-0441 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 11.10 Ubuntu 8.04 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | PHP |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19494 | |||
Oval ID: | oval:org.mitre.oval:def:19494 | ||
Title: | HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass | ||
Description: | PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2006-7243 | Version: | 10 |
Platform(s): | HP-UX 11 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26934 | |||
Oval ID: | oval:org.mitre.oval:def:26934 | ||
Title: | RHSA-2011:1741 -- php-pear security and bug fix update (Low) | ||
Description: | The php-pear package contains the PHP Extension and Application Repository (PEAR), a framework and distribution system for reusable PHP components. It was found that the "pear" command created temporary files in an insecure way when installing packages. A malicious, local user could use this flaw to conduct a symbolic link attack, allowing them to overwrite the contents of arbitrary files accessible to the victim running the "pear install" command. (CVE-2011-1072) This update also fixes the following bugs: * The php-pear package has been upgraded to version 1.9.4, which provides a number of bug fixes over the previous version. (BZ#651897) * Prior to this update, php-pear created a cache in the "/var/cache/php-pear/" directory when attempting to list all packages. As a consequence, php-pear failed to create or update the cache file as a regular user without sufficient file permissions and could not list all packages. With this update, php-pear no longer fails if writing to the cache directory is not permitted. Now, all packages are listed as expected. (BZ#747361) All users of php-pear are advised to upgrade to this updated package, which corrects these issues. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1741 CVE-2011-1072 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | php-pear |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27880 | |||
Oval ID: | oval:org.mitre.oval:def:27880 | ||
Title: | ELSA-2011-1741 -- php-pear security and bug fix update (low) | ||
Description: | [1.9.4-4] - fix patch application for #747361 [1.9.4-3] - ignore REST cache creation failures as non-root user (#747361) [1.9.4-2] - fix XML-Util provides [1.9.4-1] - update to 1.9.4 (#651897) - update XML_RPC to 1.5.4, Structures_Graph to 1.0.4, Archive_Tar to 1.3.7 [1.9.1-1] - update to 1.9.1 (#651897) - fix installation of XML_RPC license file | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-1741 CVE-2011-1072 | Version: | 3 |
Platform(s): | Oracle Linux 6 | Product(s): | php-pear |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2011-03-18 | libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5) |
2011-03-12 | PHP <= 5.3.6 shmop_read() Integer Overflow DoS |
2011-02-17 | PHP 5.3.5 grapheme_extract() NULL Pointer Dereference |
OpenVAS Exploits
Date | Description |
---|---|
2012-12-13 | Name : SuSE Update for update openSUSE-SU-2012:0426-1 (update) File : nvt/gb_suse_2012_0426_1.nasl |
2012-09-10 | Name : Slackware Advisory SSA:2011-210-01 libpng File : nvt/esoft_slk_ssa_2011_210_01.nasl |
2012-09-10 | Name : Slackware Advisory SSA:2011-237-01 php File : nvt/esoft_slk_ssa_2011_237_01.nasl |
2012-07-30 | Name : CentOS Update for php CESA-2012:0071 centos4 File : nvt/gb_CESA-2012_0071_php_centos4.nasl |
2012-07-30 | Name : CentOS Update for php CESA-2012:0033 centos5 File : nvt/gb_CESA-2012_0033_php_centos5.nasl |
2012-07-30 | Name : CentOS Update for php53 CESA-2011:1423 centos5 x86_64 File : nvt/gb_CESA-2011_1423_php53_centos5_x86_64.nasl |
2012-07-09 | Name : RedHat Update for php-pear RHSA-2011:1741-03 File : nvt/gb_RHSA-2011_1741-03_php-pear.nasl |
2012-06-21 | Name : PHP version smaller than 5.3.4 File : nvt/nopsec_php_5_3_4.nasl |
2012-06-21 | Name : PHP 5.2 < 5.2.15 File : nvt/nopsec_php_5_2_15.nasl |
2012-06-14 | Name : PHP version 5.3< 5.3.6 File : nvt/nopsec_php_5_3_6.nasl |
2012-04-02 | Name : Fedora Update for maniadrive FEDORA-2011-11464 File : nvt/gb_fedora_2011_11464_maniadrive_fc16.nasl |
2012-03-19 | Name : Fedora Update for php-eaccelerator FEDORA-2011-11464 File : nvt/gb_fedora_2011_11464_php-eaccelerator_fc16.nasl |
2012-03-19 | Name : Fedora Update for php FEDORA-2011-11464 File : nvt/gb_fedora_2011_11464_php_fc16.nasl |
2012-03-12 | Name : Debian Security Advisory DSA 2408-1 (php5) File : nvt/deb_2408_1.nasl |
2012-02-21 | Name : Ubuntu Update for php5 USN-1358-2 File : nvt/gb_ubuntu_USN_1358_2.nasl |
2012-02-13 | Name : Ubuntu Update for php5 USN-1358-1 File : nvt/gb_ubuntu_USN_1358_1.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201110-06 (php) File : nvt/glsa_201110_06.nasl |
2012-02-12 | Name : FreeBSD Ports: php5, php5-exif File : nvt/freebsd_php515.nasl |
2012-02-06 | Name : Mac OS X Multiple Vulnerabilities (2012-001) File : nvt/gb_macosx_su12-001.nasl |
2012-02-01 | Name : RedHat Update for php RHSA-2012:0071-01 File : nvt/gb_RHSA-2012_0071-01_php.nasl |
2012-01-20 | Name : RedHat Update for php RHSA-2012:0033-01 File : nvt/gb_RHSA-2012_0033-01_php.nasl |
2012-01-02 | Name : Mandriva Update for php MDVSA-2011:197 (php) File : nvt/gb_mandriva_MDVSA_2011_197.nasl |
2011-12-16 | Name : Mandriva Update for php-pear MDVSA-2011:187 (php-pear) File : nvt/gb_mandriva_MDVSA_2011_187.nasl |
2011-11-08 | Name : Mandriva Update for php MDVSA-2011:165 (php) File : nvt/gb_mandriva_MDVSA_2011_165.nasl |
2011-11-03 | Name : CentOS Update for php53 CESA-2011:1423 centos5 i386 File : nvt/gb_CESA-2011_1423_php53_centos5_i386.nasl |
2011-11-03 | Name : RedHat Update for php53 and php RHSA-2011:1423-01 File : nvt/gb_RHSA-2011_1423-01_php53_and_php.nasl |
2011-10-20 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006) File : nvt/gb_macosx_su11-006.nasl |
2011-09-21 | Name : FreeBSD Ports: php5, php5-sockets File : nvt/freebsd_php513.nasl |
2011-09-20 | Name : Fedora Update for maniadrive FEDORA-2011-11528 File : nvt/gb_fedora_2011_11528_maniadrive_fc15.nasl |
2011-09-20 | Name : Fedora Update for php-eaccelerator FEDORA-2011-11528 File : nvt/gb_fedora_2011_11528_php-eaccelerator_fc15.nasl |
2011-09-20 | Name : Fedora Update for php FEDORA-2011-11528 File : nvt/gb_fedora_2011_11528_php_fc15.nasl |
2011-09-20 | Name : Fedora Update for maniadrive FEDORA-2011-11537 File : nvt/gb_fedora_2011_11537_maniadrive_fc14.nasl |
2011-09-20 | Name : Fedora Update for php-eaccelerator FEDORA-2011-11537 File : nvt/gb_fedora_2011_11537_php-eaccelerator_fc14.nasl |
2011-09-20 | Name : Fedora Update for php FEDORA-2011-11537 File : nvt/gb_fedora_2011_11537_php_fc14.nasl |
2011-08-26 | Name : Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001) File : nvt/secpod_macosx_su11-001.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2262-2 (php5) File : nvt/deb_2262_2.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2266-1 (php5) File : nvt/deb_2266_1.nasl |
2011-06-03 | Name : Mandriva Update for libzip MDVSA-2011:099 (libzip) File : nvt/gb_mandriva_MDVSA_2011_099.nasl |
2011-05-12 | Name : FreeBSD Ports: php5-zip File : nvt/freebsd_php5-zip0.nasl |
2011-05-12 | Name : FreeBSD Ports: php5-exif File : nvt/freebsd_php5-exif.nasl |
2011-05-12 | Name : Debian Security Advisory DSA 2195-1 (php5) File : nvt/deb_2195_1.nasl |
2011-05-10 | Name : Ubuntu Update for php5 USN-1126-1 File : nvt/gb_ubuntu_USN_1126_1.nasl |
2011-05-10 | Name : Ubuntu Update for php5 USN-1126-2 File : nvt/gb_ubuntu_USN_1126_2.nasl |
2011-04-11 | Name : Fedora Update for php FEDORA-2011-3636 File : nvt/gb_fedora_2011_3636_php_fc14.nasl |
2011-04-11 | Name : Mandriva Update for php MDVSA-2011:069 (php) File : nvt/gb_mandriva_MDVSA_2011_069.nasl |
2011-04-11 | Name : Fedora Update for php-eaccelerator FEDORA-2011-3636 File : nvt/gb_fedora_2011_3636_php-eaccelerator_fc14.nasl |
2011-04-11 | Name : Fedora Update for maniadrive FEDORA-2011-3636 File : nvt/gb_fedora_2011_3636_maniadrive_fc14.nasl |
2011-04-11 | Name : Fedora Update for php FEDORA-2011-3666 File : nvt/gb_fedora_2011_3666_php_fc13.nasl |
2011-04-11 | Name : Fedora Update for php-eaccelerator FEDORA-2011-3666 File : nvt/gb_fedora_2011_3666_php-eaccelerator_fc13.nasl |
2011-04-11 | Name : Fedora Update for maniadrive FEDORA-2011-3666 File : nvt/gb_fedora_2011_3666_maniadrive_fc13.nasl |
2011-03-25 | Name : Mandriva Update for php MDVSA-2011:053 (php) File : nvt/gb_mandriva_MDVSA_2011_053.nasl |
2011-03-25 | Name : Mandriva Update for php MDVSA-2011:052 (php) File : nvt/gb_mandriva_MDVSA_2011_052.nasl |
2011-03-22 | Name : PHP 'substr_replace()' Use After Free Vulnerability File : nvt/secpod_php_use_after_free_vuln.nasl |
2011-03-10 | Name : PHP 'grapheme_extract()' NULL Pointer Dereference Denial Of Service Vulnerabi... File : nvt/gb_php_grapheme_extract_dos_vuln.nasl |
2011-03-09 | Name : PHP 'shmop_read()' Remote Integer Overflow Vulnerability File : nvt/gb_php_46786.nasl |
2011-02-01 | Name : PHP Multiple Security Bypass Vulnerabilities File : nvt/gb_php_mult_sec_bypass_vuln.nasl |
2011-02-01 | Name : PHP Zend and GD Multiple Denial of Service Vulnerabilities File : nvt/gb_php_zend_mult_dos_vuln.nasl |
2011-01-24 | Name : FreeBSD Ports: php5 File : nvt/freebsd_php59.nasl |
2011-01-24 | Name : FreeBSD Ports: php5 File : nvt/freebsd_php57.nasl |
2011-01-11 | Name : Fedora Update for php-eaccelerator FEDORA-2010-18976 File : nvt/gb_fedora_2010_18976_php-eaccelerator_fc14.nasl |
2011-01-11 | Name : Fedora Update for maniadrive FEDORA-2010-18976 File : nvt/gb_fedora_2010_18976_maniadrive_fc14.nasl |
2011-01-11 | Name : Fedora Update for php FEDORA-2010-18976 File : nvt/gb_fedora_2010_18976_php_fc14.nasl |
2011-01-11 | Name : Fedora Update for maniadrive FEDORA-2010-19011 File : nvt/gb_fedora_2010_19011_maniadrive_fc13.nasl |
2011-01-11 | Name : Fedora Update for php-eaccelerator FEDORA-2010-19011 File : nvt/gb_fedora_2010_19011_php-eaccelerator_fc13.nasl |
2011-01-11 | Name : Fedora Update for php FEDORA-2010-19011 File : nvt/gb_fedora_2010_19011_php_fc13.nasl |
2010-12-28 | Name : Mandriva Update for php MDVSA-2010:254 (php) File : nvt/gb_mandriva_MDVSA_2010_254.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
75083 | PEAR Installer Multiple Directory Temporary File Symlink Arbitrary File Overw... |
73755 | PHP OpenSSL Extension x Function openssl_decrypt Ciphertext Data Memory Leak DoS |
73754 | PHP OpenSSL Extension openssl_encrypt Function Plaintext Data Memory Leak DoS |
73706 | PHP on Debian GNU/Linux /etc/cron.d/php5 Directory Symlink Arbitrary File Del... |
73626 | PHP Calendar Extension SdnToJulian Function Overflow DoS |
73625 | PHP Intl Extension NumberFormatter::setSymbol Function Invalid Argument DoS |
73624 | PHP Streams Component HTTP Proxy FTP Wrapper ftp:// URL DoS |
73623 | PHP Zip Extension stream_get_contents Function ziparchive Stream Handling DoS |
73622 | PHP Zip Extension zip_stream.c zip_fread Function Call Integer Signedness Err... |
73275 | PHP grapheme_extract() Function NULL Dereference DoS |
73218 | PHP substr_replace Function Repeated Argument Variable Memory Corruption |
72533 | PHP ZIP Extension zip_name_locate.c _zip_name_locate Function Malformed ZIP A... |
72532 | PHP phar Extension phar_object.c Multiple Format Strings |
72531 | PHP strval Function Numerical Argument Handling DoS |
71598 | PHP ext/shmop/shmop.c shmop_read Function Overflow |
71597 | PHP Exif Extension (exif.c) Image File Directory (IFD) Parsing DoS |
70608 | PHP GD Extension imagepstext Function Anti-aliasing Overflow DoS PHP is prone to an overflow condition. The GD extension fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. This may allow a context-dependent attacker to cause a denial of service via vectors related to invalid anti-aliasing and the imagepstext function. |
70607 | PHP Zend Engine Multiple Method Object Reference Access Use-after-free DoS PHP contains a flaw that may allow a context-dependent denial of service. The issue is triggered when a use-after-free error in the Zend engine occurs, allowing a context-dependent attacker to use vectors related to the '__set', '__get', '__isset' and '__unset' methods to cause a denial of service, or possibly have other unspecified impact. |
70606 | PHP Pathname \0 Character file_exists Function Access Restriction Bypass PHP contains a flaw related to the accepting of the \0 character in a pathname. This may allow a context-dependent attacker to bypass access restrictions by combining this character with a safe file extension, such as .php\0.jpg. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | calendar conversion remote integer overflow attempt RuleID : 23975 - Revision : 5 - Type : SERVER-WEBAPP |
2014-01-10 | calendar conversion remote integer overflow attempt RuleID : 23974 - Revision : 5 - Type : SERVER-WEBAPP |
2014-01-10 | empty zip file upload attempt RuleID : 23944 - Revision : 5 - Type : SERVER-WEBAPP |
2014-01-10 | Invalid global flag attachment attempt RuleID : 23937 - Revision : 5 - Type : SERVER-WEBAPP |
2014-01-10 | exif invalid tag data buffer overflow attempt RuleID : 23796 - Revision : 4 - Type : SERVER-WEBAPP |
2014-01-10 | use-after-free in substr_replace attempt RuleID : 23793 - Revision : 4 - Type : SERVER-WEBAPP |
2014-01-10 | PHP use-after-free in substr_replace attempt RuleID : 23792 - Revision : 4 - Type : SERVER-WEBAPP |
2014-01-10 | PHP use-after-free in substr_replace attempt RuleID : 23791 - Revision : 4 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-08-29 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-1638-1.nasl - Type : ACT_GATHER_INFO |
2016-03-01 | Name : The remote Debian host is missing a security update. File : debian_DLA-444.nasl - Type : ACT_GATHER_INFO |
2016-01-22 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16993.nasl - Type : ACT_GATHER_INFO |
2015-09-08 | Name : The remote Debian host is missing a security update. File : debian_DLA-307.nasl - Type : ACT_GATHER_INFO |
2015-08-20 | Name : The remote application is affected by multiple vulnerabilities. File : securitycenter_php_5_4_41.nasl - Type : ACT_GATHER_INFO |
2015-06-12 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2015-162-02.nasl - Type : ACT_GATHER_INFO |
2015-05-29 | Name : The remote Fedora host is missing a security update. File : fedora_2015-8370.nasl - Type : ACT_GATHER_INFO |
2015-05-29 | Name : The remote Fedora host is missing a security update. File : fedora_2015-8383.nasl - Type : ACT_GATHER_INFO |
2015-05-27 | Name : The remote Fedora host is missing a security update. File : fedora_2015-8281.nasl - Type : ACT_GATHER_INFO |
2015-05-26 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_31de2e1300d211e5a072d050996490d0.nasl - Type : ACT_GATHER_INFO |
2015-05-18 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_6_9.nasl - Type : ACT_GATHER_INFO |
2015-05-18 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_5_25.nasl - Type : ACT_GATHER_INFO |
2015-05-18 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_4_41.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-09.nasl - Type : ACT_GATHER_INFO |
2014-11-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1615.nasl - Type : ACT_GATHER_INFO |
2014-11-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1307.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-7.nasl - Type : ACT_GATHER_INFO |
2014-10-10 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL13519.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libzip-devel-110321.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_apache2-mod_php5-110601.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libzip-devel-110321.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_apache2-mod_php5-110601.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_apache2-mod_php5-110309.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-182.nasl - Type : ACT_GATHER_INFO |
2014-03-20 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140318_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2014-03-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0311.nasl - Type : ACT_GATHER_INFO |
2014-03-19 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0311.nasl - Type : ACT_GATHER_INFO |
2014-03-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0311.nasl - Type : ACT_GATHER_INFO |
2013-12-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131121_php_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-11-27 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1615.nasl - Type : ACT_GATHER_INFO |
2013-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1615.nasl - Type : ACT_GATHER_INFO |
2013-10-11 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130930_php53_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-10-03 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1307.nasl - Type : ACT_GATHER_INFO |
2013-10-01 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1307.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-07.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1423.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0033.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0071.nasl - Type : ACT_GATHER_INFO |
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0071.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111102_php53_and_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120130_php_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120118_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20111206_php_pear_on_SL6.nasl - Type : ACT_GATHER_INFO |
2012-04-20 | Name : The remote web server is affected by multiple vulnerabilities. File : hpsmh_7_0_0_24.nasl - Type : ACT_GATHER_INFO |
2012-04-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-120309.nasl - Type : ACT_GATHER_INFO |
2012-02-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2408.nasl - Type : ACT_GATHER_INFO |
2012-02-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1358-2.nasl - Type : ACT_GATHER_INFO |
2012-02-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1358-1.nasl - Type : ACT_GATHER_INFO |
2012-02-02 | Name : The remote host is missing a Mac OS X update that fixes several security vuln... File : macosx_10_7_3.nasl - Type : ACT_GATHER_INFO |
2012-02-02 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2012-001.nasl - Type : ACT_GATHER_INFO |
2012-01-31 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0071.nasl - Type : ACT_GATHER_INFO |
2012-01-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0033.nasl - Type : ACT_GATHER_INFO |
2012-01-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0033.nasl - Type : ACT_GATHER_INFO |
2012-01-03 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-197.nasl - Type : ACT_GATHER_INFO |
2011-12-16 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2011-187.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-7553.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-7393.nasl - Type : ACT_GATHER_INFO |
2011-12-06 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-1741.nasl - Type : ACT_GATHER_INFO |
2011-11-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-165.nasl - Type : ACT_GATHER_INFO |
2011-11-03 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1423.nasl - Type : ACT_GATHER_INFO |
2011-11-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1423.nasl - Type : ACT_GATHER_INFO |
2011-10-13 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_SecUpd2011-006.nasl - Type : ACT_GATHER_INFO |
2011-10-12 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-06.nasl - Type : ACT_GATHER_INFO |
2011-09-19 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-11537.nasl - Type : ACT_GATHER_INFO |
2011-09-19 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-11528.nasl - Type : ACT_GATHER_INFO |
2011-09-12 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-11464.nasl - Type : ACT_GATHER_INFO |
2011-08-26 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2011-237-01.nasl - Type : ACT_GATHER_INFO |
2011-08-22 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_3_7.nasl - Type : ACT_GATHER_INFO |
2011-08-20 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_057bf770cac411e0aea300215c6a37bb.nasl - Type : ACT_GATHER_INFO |
2011-08-01 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2011-210-01.nasl - Type : ACT_GATHER_INFO |
2011-07-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2266.nasl - Type : ACT_GATHER_INFO |
2011-06-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-7554.nasl - Type : ACT_GATHER_INFO |
2011-06-17 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-110601.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1126-1.nasl - Type : ACT_GATHER_INFO |
2011-06-13 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1126-2.nasl - Type : ACT_GATHER_INFO |
2011-05-25 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-099.nasl - Type : ACT_GATHER_INFO |
2011-05-09 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_libzip1-110321.nasl - Type : ACT_GATHER_INFO |
2011-05-09 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libzip-devel-110321.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_apache2-mod_php5-110309.nasl - Type : ACT_GATHER_INFO |
2011-04-11 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-069.nasl - Type : ACT_GATHER_INFO |
2011-04-07 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-3636.nasl - Type : ACT_GATHER_INFO |
2011-04-07 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-3666.nasl - Type : ACT_GATHER_INFO |
2011-04-04 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_apache2-mod_php5-110310.nasl - Type : ACT_GATHER_INFO |
2011-03-27 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-3614.nasl - Type : ACT_GATHER_INFO |
2011-03-27 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_cc3bfec656cd11e09668001fd0d616cf.nasl - Type : ACT_GATHER_INFO |
2011-03-27 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_fe85366656ce11e09668001fd0d616cf.nasl - Type : ACT_GATHER_INFO |
2011-03-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-053.nasl - Type : ACT_GATHER_INFO |
2011-03-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-052.nasl - Type : ACT_GATHER_INFO |
2011-03-22 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_6_7.nasl - Type : ACT_GATHER_INFO |
2011-03-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2195.nasl - Type : ACT_GATHER_INFO |
2011-03-18 | Name : The remote web server uses a version of PHP that is affected by multiple vuln... File : php_5_3_6.nasl - Type : ACT_GATHER_INFO |
2011-01-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_3761df020f9c11e0becc0022156e8794.nasl - Type : ACT_GATHER_INFO |
2011-01-05 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-19011.nasl - Type : ACT_GATHER_INFO |
2011-01-05 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2010-18976.nasl - Type : ACT_GATHER_INFO |
2010-12-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-254.nasl - Type : ACT_GATHER_INFO |
2010-12-13 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_3_4.nasl - Type : ACT_GATHER_INFO |
2010-12-13 | Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_2_15.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:58:34 |
|