Gentoo Linux Security Advisory GLSA 200811-05 - PHP contains several vulnerabilities including buffer and integer overflows which could lead to the remote execution of arbitrary code. Versions less than 5.2.6-r6 are affected.
30a9ea44a0f3a5cea3f6e349d238bdb1d46e22654727c091856a0da2f7e3c893Ubuntu Security Notice 628-1 - Over a dozen vulnerabilities in php5 have been addressed in Ubuntu.
3f4762bf322681e8f3484947ebc156f14c168b070b0d2ba92a048e740c8ac08fMandriva Linux Security Advisory - php-cgi in PHP prior to 5.2.6 does not properly calculate the length of PATH_TRANSLATED, which has unknown impact and attack vectors. The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown impact and context-dependent attack vectors related to incomplete multibyte characters. Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems. The IMAP module in PHP uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) via a long IMAP request. In addition, the updated packages provide a number of bug fixes. The updated packages have been patched to correct these issues.
a957e83af46278fc9927d4b20a07a5126ff6e3efeacf1d3c314a8c6362e8f534Mandriva Linux Security Advisory - The htmlentities() and htmlspecialchars() functions in PHP prior to 5.2.5 accepted partial multibyte sequences, which has unknown impact and attack vectors. The output_add_rewrite_var() function in PHP prior to 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which could allow a remote attacker to obtain potentially sensitive information by reading the requests for this URL. php-cgi in PHP prior to 5.2.6 does not properly calculate the length of PATH_TRANSLATED, which has unknown impact and attack vectors. The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown impact and context-dependent attack vectors related to incomplete multibyte characters. Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems. The IMAP module in PHP uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) via a long IMAP request. In addition, this update also corrects an issue with some float to string conversions.
983189b46f7172be5f967d2c4586512e100842f9151f6b89c51f240979f59cbaMandriva Linux Security Advisory - PHP 5.2.1 would allow context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with 'S:', which did not properly track the number of input bytes being processed. A vulnerability in the chunk_split() function in PHP prior to 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation. The htmlentities() and htmlspecialchars() functions in PHP prior to 5.2.5 accepted partial multibyte sequences, which has unknown impact and attack vectors. The output_add_rewrite_var() function in PHP prior to 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which could allow a remote attacker to obtain potentially sensitive information by reading the requests for this URL. The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown impact and context-dependent attack vectors related to incomplete multibyte characters. Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems. CVE-2008-2108). The IMAP module in PHP uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) via a long IMAP request.
ce9b044b78980ef6d383b1f63b8399d81b2ddddbe899ab732db688d002d50709Mandriva Linux Security Advisory - A vulnerability in the chunk_split() function in PHP prior to 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation. The htmlentities() and htmlspecialchars() functions in PHP prior to 5.2.5 accepted partial multibyte sequences, which has unknown impact and attack vectors. The output_add_rewrite_var() function in PHP prior to 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which could allow a remote attacker to obtain potentially sensitive information by reading the requests for this URL. The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown impact and context-dependent attack vectors related to incomplete multibyte characters. Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems.
462dab3e1f36a6a4ce46057d21433dea88b99d76289a74f98523fde4a31b12baDebian Security Advisory 1578-1 - Several vulnerabilities have been discovered in PHP version 4, a server-side, HTML-embedded scripting language. The session_start function allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from various parameters. A denial of service was possible through a malicious script abusing the glob() function. Certain maliciously constructed input to the wordwrap() function could lead to a denial of service attack. Large len values of the stspn() or strcspn() functions could allow an attacker to trigger integer overflows to expose memory or cause denial of service. The escapeshellcmd API function could be attacked via incomplete multibyte chars.
9825e5299540688f4d7bd7f26490f7a68f71187a478c2b2e0f29fe8b48f1420bDebian Security Advisory 1572-1 - Several vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language. The glob function allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an invalid value of the flags parameter. Integer overflow allows context-dependent attackers to cause a denial of service and possibly have other impact via a printf format parameter with a large width specifier. Stack-based buffer overflow in the FastCGI SAPI. The escapeshellcmd API function could be attacked via incomplete multibyte chars.
883573f7a0443ab580c60394e55fb82a284db1f4f899b409ab00c01fd23259fb
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed