what you don't know can hurt you
Showing 1 - 9 of 9 RSS Feed

CVE-2005-2491

Status Candidate

Overview

Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.

Related Files

HP Security Bulletin HPSBOV02683 SSRT090208
Posted May 10, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02683 SSRT090208 - Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. Revision 1 of this advisory.

tags | advisory, web, denial of service, php, vulnerability
advisories | CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010
MD5 | 018c2ab61a3b27c26435b260817377c5
Apple Security Advisory 2005-11-29
Posted Dec 2, 2005
Authored by Apple | Site apple.com

Apple Security Advisory - Apple has released a security update which addresses over a dozen vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2005-2088, CVE-2005-2700, CVE-2005-2757, CVE-2005-3185, CVE-2005-3700, CVE-2005-2969, CVE-2005-3701, CVE-2005-2491, CVE-2005-3702, CVE-2005-3703, CVE-2005-3705, CVE-2005-1993, CVE-2005-3704
MD5 | 00a5666bc4aeb1e3ee170e51604b41ac
HP Security Bulletin 2005-12.51
Posted Nov 20, 2005
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerability could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access.

tags | advisory, denial of service, arbitrary, vulnerability
systems | hpux
advisories | CVE-2005-2491, CVE-2005-1268, CVE-2005-2728, CVE-2005-2088
MD5 | 5e8a0053613ad7b15da3ff9c80774f79
Gentoo Linux Security Advisory 200509-19
Posted Sep 28, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200509-19 - PHP makes use of a private copy of libpcre which is subject to an integer overflow leading to a heap overflow (see GLSA 200508-17). It also ships with an XML-RPC library affected by a script injection vulnerability (see GLSA 200508-13). Versions less than 4.4.0-r1 are affected.

tags | advisory, overflow, php
systems | linux, gentoo
advisories | CVE-2005-2491, CVE-2005-2498
MD5 | 1e425a048d8eef89b012f26d39a9aab7
Debian Linux Security Advisory 819-1
Posted Sep 24, 2005
Authored by Debian | Site debian.org

Debian Security Advisory DSA 819-1 - An integer overflow with a subsequent buffer overflow has been detected in PCRE, the Perl Compatible Regular Expressions library, which allows an attacker to execute arbitrary code, and is also present in Python. Exploiting this vulnerability requires an attacker to specify the used regular expression.

tags | advisory, overflow, arbitrary, perl, python
systems | linux, debian
advisories | CVE-2005-2491
MD5 | 62e02e0c0ec99186e834ef0499394762
Gentoo Linux Security Advisory 200509-12
Posted Sep 22, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200509-12 - mod_ssl contains a security issue when SSLVerifyClient optional is configured in the global virtual host configuration (CVE-2005-2700). Also, Apache's httpd includes a PCRE library, which makes it vulnerable to an integer overflow (CVE-2005-2491). Versions less than 2.8.24 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2005-2491, CVE-2005-2700
MD5 | cbd4f76b87ba5470e8160010701bf6c1
Gentoo Linux Security Advisory 200509-8
Posted Sep 13, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200509-08 - The re Python module makes use of a private copy of libpcre which is subject to an integer overflow leading to a heap overflow (see GLSA 200508-17). Versions less than 2.3.5-r2 are affected.

tags | advisory, overflow, python
systems | linux, gentoo
advisories | CVE-2005-2491
MD5 | 72dac563858e7f1214c48f532f49e20e
Gentoo Linux Security Advisory 200509-2
Posted Sep 5, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200509-02 - Gnumeric contains a private copy of libpcre which is subject to an integer overflow leading to a heap overflow (see GLSA 200508-17). Versions less than 1.4.3-r2 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2005-2491
MD5 | 2b1b503b509e8f36d56292a6a08f4f63
Gentoo Linux Security Advisory 200508-17
Posted Aug 26, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200508-17 - libpcre fails to check certain quantifier values in regular expressions for sane values. Versions less than 6.3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2005-2491
MD5 | a70445ef46a03147538306ef75d5afdc
Page 1 of 1
Back1Next

File Archive:

June 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    35 Files
  • 2
    Jun 2nd
    14 Files
  • 3
    Jun 3rd
    40 Files
  • 4
    Jun 4th
    22 Files
  • 5
    Jun 5th
    1 Files
  • 6
    Jun 6th
    1 Files
  • 7
    Jun 7th
    19 Files
  • 8
    Jun 8th
    14 Files
  • 9
    Jun 9th
    39 Files
  • 10
    Jun 10th
    20 Files
  • 11
    Jun 11th
    22 Files
  • 12
    Jun 12th
    2 Files
  • 13
    Jun 13th
    1 Files
  • 14
    Jun 14th
    31 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close