what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2005-2491

Status Candidate

Overview

Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.

Related Files

HP Security Bulletin HPSBOV02683 SSRT090208
Posted May 10, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02683 SSRT090208 - Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running Apache and PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, unauthorized disclosure of information, or unauthorized modifications. Revision 1 of this advisory.

tags | advisory, web, denial of service, php, vulnerability
advisories | CVE-2002-0839, CVE-2002-0840, CVE-2003-0542, CVE-2004-0492, CVE-2005-2491, CVE-2005-3352, CVE-2005-3357, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738, CVE-2006-3747, CVE-2006-3918, CVE-2006-4339, CVE-2006-4343, CVE-2007-5000, CVE-2007-6388, CVE-2008-0005, CVE-2009-1891, CVE-2009-3095, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3555, CVE-2010-0010
SHA-256 | a7638da01e18d2a3d9c6e84728556bb08fdb00082b9c904826eb85aa31a5870d
Apple Security Advisory 2005-11-29
Posted Dec 2, 2005
Authored by Apple | Site apple.com

Apple Security Advisory - Apple has released a security update which addresses over a dozen vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2005-2088, CVE-2005-2700, CVE-2005-2757, CVE-2005-3185, CVE-2005-3700, CVE-2005-2969, CVE-2005-3701, CVE-2005-2491, CVE-2005-3702, CVE-2005-3703, CVE-2005-3705, CVE-2005-1993, CVE-2005-3704
SHA-256 | e7bb6ec0504327630e33ae50f3e506dd37e28fb70583d43167e478159852984a
HP Security Bulletin 2005-12.51
Posted Nov 20, 2005
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with Apache running on HP-UX. These vulnerability could be exploited remotely to allow execution of arbitrary code, Denial of Service (DoS), or unauthorized access.

tags | advisory, denial of service, arbitrary, vulnerability
systems | hpux
advisories | CVE-2005-2491, CVE-2005-1268, CVE-2005-2728, CVE-2005-2088
SHA-256 | 0c88cd43198ceaaa105ad00fd4c4738c239da351f3bb32f882c51ff2df83961b
Gentoo Linux Security Advisory 200509-19
Posted Sep 28, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200509-19 - PHP makes use of a private copy of libpcre which is subject to an integer overflow leading to a heap overflow (see GLSA 200508-17). It also ships with an XML-RPC library affected by a script injection vulnerability (see GLSA 200508-13). Versions less than 4.4.0-r1 are affected.

tags | advisory, overflow, php
systems | linux, gentoo
advisories | CVE-2005-2491, CVE-2005-2498
SHA-256 | c7a1f559573619bdacd54a3d4bece4a1a706e5cf86234d5dbd089768b44b19a0
Debian Linux Security Advisory 819-1
Posted Sep 24, 2005
Authored by Debian | Site debian.org

Debian Security Advisory DSA 819-1 - An integer overflow with a subsequent buffer overflow has been detected in PCRE, the Perl Compatible Regular Expressions library, which allows an attacker to execute arbitrary code, and is also present in Python. Exploiting this vulnerability requires an attacker to specify the used regular expression.

tags | advisory, overflow, arbitrary, perl, python
systems | linux, debian
advisories | CVE-2005-2491
SHA-256 | 81da3abd2ec36bf75527851c662acd3db1a2bf4da02cf816f39b873cca9be400
Gentoo Linux Security Advisory 200509-12
Posted Sep 22, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200509-12 - mod_ssl contains a security issue when SSLVerifyClient optional is configured in the global virtual host configuration (CVE-2005-2700). Also, Apache's httpd includes a PCRE library, which makes it vulnerable to an integer overflow (CVE-2005-2491). Versions less than 2.8.24 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2005-2491, CVE-2005-2700
SHA-256 | a3b8bf8a9ed588fcf293e0f39c75f16aebcec3ebad2d43c5b100569496f78336
Gentoo Linux Security Advisory 200509-8
Posted Sep 13, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200509-08 - The re Python module makes use of a private copy of libpcre which is subject to an integer overflow leading to a heap overflow (see GLSA 200508-17). Versions less than 2.3.5-r2 are affected.

tags | advisory, overflow, python
systems | linux, gentoo
advisories | CVE-2005-2491
SHA-256 | cc8050eb66c1eca66f2d198ae6eefa65b0f303f7ebd3c0ae896f494fc5a012cf
Gentoo Linux Security Advisory 200509-2
Posted Sep 5, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200509-02 - Gnumeric contains a private copy of libpcre which is subject to an integer overflow leading to a heap overflow (see GLSA 200508-17). Versions less than 1.4.3-r2 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2005-2491
SHA-256 | ea17c8c40a1112f64f55357546bf7e2518d8f26b0693e5f5ea412f72662287d7
Gentoo Linux Security Advisory 200508-17
Posted Aug 26, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200508-17 - libpcre fails to check certain quantifier values in regular expressions for sane values. Versions less than 6.3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2005-2491
SHA-256 | 224bda203275253f4274882215e35069c1a73ee408abb30f862e41a7cc47ac47
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    16 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close