exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2005-2491

Status Candidate

Overview

Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.

Related Files

HP Security Bulletin HPSBOV02683 SSRT090208
Posted May 10, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02683 SSRT090208 - Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. Revision 1 of this advisory.

tags | advisory, web, denial of service, php, vulnerability
advisories | CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010
SHA-256 | a7638da01e18d2a3d9c6e84728556bb08fdb00082b9c904826eb85aa31a5870d
Apple Security Advisory 2005-11-29
Posted Dec 2, 2005
Authored by Apple | Site apple.com

Apple Security Advisory - Apple has released a security update which addresses over a dozen vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2005-2088, CVE-2005-2700, CVE-2005-2757, CVE-2005-3185, CVE-2005-3700, CVE-2005-2969, CVE-2005-3701, CVE-2005-2491, CVE-2005-3702, CVE-2005-3703, CVE-2005-3705, CVE-2005-1993, CVE-2005-3704
SHA-256 | e7bb6ec0504327630e33ae50f3e506dd37e28fb70583d43167e478159852984a
HP Security Bulletin 2005-12.51
Posted Nov 20, 2005
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerability could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access.

tags | advisory, denial of service, arbitrary, vulnerability
systems | hpux
advisories | CVE-2005-2491, CVE-2005-1268, CVE-2005-2728, CVE-2005-2088
SHA-256 | 0c88cd43198ceaaa105ad00fd4c4738c239da351f3bb32f882c51ff2df83961b
Gentoo Linux Security Advisory 200509-19
Posted Sep 28, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200509-19 - PHP makes use of a private copy of libpcre which is subject to an integer overflow leading to a heap overflow (see GLSA 200508-17). It also ships with an XML-RPC library affected by a script injection vulnerability (see GLSA 200508-13). Versions less than 4.4.0-r1 are affected.

tags | advisory, overflow, php
systems | linux, gentoo
advisories | CVE-2005-2491, CVE-2005-2498
SHA-256 | c7a1f559573619bdacd54a3d4bece4a1a706e5cf86234d5dbd089768b44b19a0
Debian Linux Security Advisory 819-1
Posted Sep 24, 2005
Authored by Debian | Site debian.org

Debian Security Advisory DSA 819-1 - An integer overflow with a subsequent buffer overflow has been detected in PCRE, the Perl Compatible Regular Expressions library, which allows an attacker to execute arbitrary code, and is also present in Python. Exploiting this vulnerability requires an attacker to specify the used regular expression.

tags | advisory, overflow, arbitrary, perl, python
systems | linux, debian
advisories | CVE-2005-2491
SHA-256 | 81da3abd2ec36bf75527851c662acd3db1a2bf4da02cf816f39b873cca9be400
Gentoo Linux Security Advisory 200509-12
Posted Sep 22, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200509-12 - mod_ssl contains a security issue when SSLVerifyClient optional is configured in the global virtual host configuration (CVE-2005-2700). Also, Apache's httpd includes a PCRE library, which makes it vulnerable to an integer overflow (CVE-2005-2491). Versions less than 2.8.24 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2005-2491, CVE-2005-2700
SHA-256 | a3b8bf8a9ed588fcf293e0f39c75f16aebcec3ebad2d43c5b100569496f78336
Gentoo Linux Security Advisory 200509-8
Posted Sep 13, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200509-08 - The re Python module makes use of a private copy of libpcre which is subject to an integer overflow leading to a heap overflow (see GLSA 200508-17). Versions less than 2.3.5-r2 are affected.

tags | advisory, overflow, python
systems | linux, gentoo
advisories | CVE-2005-2491
SHA-256 | cc8050eb66c1eca66f2d198ae6eefa65b0f303f7ebd3c0ae896f494fc5a012cf
Gentoo Linux Security Advisory 200509-2
Posted Sep 5, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200509-02 - Gnumeric contains a private copy of libpcre which is subject to an integer overflow leading to a heap overflow (see GLSA 200508-17). Versions less than 1.4.3-r2 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2005-2491
SHA-256 | ea17c8c40a1112f64f55357546bf7e2518d8f26b0693e5f5ea412f72662287d7
Gentoo Linux Security Advisory 200508-17
Posted Aug 26, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200508-17 - libpcre fails to check certain quantifier values in regular expressions for sane values. Versions less than 6.3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2005-2491
SHA-256 | 224bda203275253f4274882215e35069c1a73ee408abb30f862e41a7cc47ac47
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close