Twenty Year Anniversary
Showing 1 - 9 of 9 RSS Feed

CVE-2008-3660

Status Candidate

Overview

PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI module, allows remote attackers to cause a denial of service (crash) via a request with multiple dots preceding the extension, as demonstrated using foo..php.

Related Files

HP Security Bulletin HPSBUX02465 SSRT090192
Posted Oct 23, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS) or unauthorized access. Apache-based Web Server is contained in the Apache Web Server Suite.

tags | advisory, web, denial of service, vulnerability, xss
systems | hpux
advisories | CVE-2006-3918, CVE-2007-4465, CVE-2007-6203, CVE-2008-0005, CVE-2008-0599, CVE-2008-2168, CVE-2008-2364, CVE-2008-2371, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-2939, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498, CVE-2008-5557, CVE-2008-5624
MD5 | 542dd2645cfbb001f79ef70d92474c78
HP Security Bulletin HPSBUX02431 SSRT090085
Posted Jul 2, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), or execution of arbitrary code. Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite.

tags | advisory, web, denial of service, arbitrary, vulnerability
systems | hpux
advisories | CVE-2007-4465, CVE-2008-0005, CVE-2008-0599, CVE-2008-2168, CVE-2008-2371, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498, CVE-2008-5557, CVE-2008-5624, CVE-2008-5625, CVE-2008-5658
MD5 | 8d217e44e2ffdb59535dddf13b4c5ce2
Ubuntu Security Notice 720-1
Posted Feb 12, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-720-1 - A significant amount of vulnerabilities in PHP 5 have been addressed. These range from security bypass to denial of service issues.

tags | advisory, denial of service, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-3996, CVE-2007-5900, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-5557, CVE-2008-5624, CVE-2008-5625, CVE-2008-5658
MD5 | 92e72fe484503e38f67468fbd01b5399
Mandriva Linux Security Advisory 2009-024
Posted Jan 23, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-024 - Multiple buffer overflows and a denial of service vulnerability have been addressed in the php4 package.

tags | advisory, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2008-3658, CVE-2008-3659, CVE-2008-3660
MD5 | 9b9545a524deacd6c3bcfbe5a3934ed9
Mandriva Linux Security Advisory 2009-023
Posted Jan 23, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-023 - Denial of service, bypass, and various buffer overflows have been addressed in the php package.

tags | advisory, denial of service, overflow, php
systems | linux, mandriva
advisories | CVE-2007-4782, CVE-2007-4850, CVE-2008-1384, CVE-2008-2050, CVE-2008-2371, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498
MD5 | 2245b4abadd1d12bf9d0d208602b96d8
Mandriva Linux Security Advisory 2009-022
Posted Jan 21, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-022 - Denial of service, bypass, integer overflow, and stack overflow vulnerabilities have been addressed in php.

tags | advisory, denial of service, overflow, php, vulnerability
systems | linux, mandriva
advisories | CVE-2007-4782, CVE-2007-4850, CVE-2008-1384, CVE-2008-2050, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498
MD5 | 4040d8559ccadb70d4465b917a6859ae
Mandriva Linux Security Advisory 2009-021
Posted Jan 21, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-021 - Multiple buffer overflows, an array indexing error, and a denial of service vulnerability have all been addressed in php.

tags | advisory, denial of service, overflow, php
systems | linux, mandriva
advisories | CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498
MD5 | 8e0dc176946984a8e8facd828bd54b94
Gentoo Linux Security Advisory 200811-5
Posted Nov 17, 2008
Authored by Gentoo

Gentoo Linux Security Advisory GLSA 200811-05 - PHP contains several vulnerabilities including buffer and integer overflows which could lead to the remote execution of arbitrary code. Versions less than 5.2.6-r6 are affected.

tags | advisory, remote, overflow, arbitrary, php, vulnerability
systems | linux, gentoo
advisories | CVE-2008-0599, CVE-2008-0674, CVE-2008-1384, CVE-2008-2050, CVE-2008-2051, CVE-2008-2107, CVE-2008-2108, CVE-2008-2371, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660
MD5 | 8207fb94feefdc04cf3ecc1ec20920f1
Debian Linux Security Advisory 1647-1
Posted Oct 7, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1647-1 - Several vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language.

tags | advisory, php, vulnerability
systems | linux, debian
advisories | CVE-2008-3658, CVE-2008-3659, CVE-2008-3660
MD5 | 41b85b8e7c18a09d3e9187df40fd9209
Page 1 of 1
Back1Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    15 Files
  • 11
    Dec 11th
    30 Files
  • 12
    Dec 12th
    25 Files
  • 13
    Dec 13th
    15 Files
  • 14
    Dec 14th
    14 Files
  • 15
    Dec 15th
    2 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    15 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close