exploit the possibilities
Showing 1 - 5 of 5 RSS Feed

CVE-2009-4143

Status Candidate

Overview

PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive.

Related Files

HP Security Bulletin HPSBMA02568 SSRT100219
Posted Sep 17, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP System Management

tags | advisory, vulnerability
advisories | CVE-2010-3010, CVE-2010-3011, CVE-2010-2068, CVE-2009-4143, CVE-2009-4018, CVE-2009-4017, CVE-2009-3555
MD5 | 9883e92229abf440c358371040e586ad
HP Security Bulletin HPSBUX02543 SSRT100152
Posted Jun 19, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache with PHP. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) gain unauthorized access, and perform cross site scripting (XSS).

tags | advisory, denial of service, php, vulnerability, xss
systems | hpux
advisories | CVE-2009-2687, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3557, CVE-2009-4017, CVE-2009-4018, CVE-2009-4142, CVE-2009-4143
MD5 | fb8a1ed6738fc28c3bf409677d0e6489
Mandriva Linux Security Advisory 2010-045
Posted Feb 24, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-045 - PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.

tags | advisory, php
systems | linux, mandriva
advisories | CVE-2009-4143
MD5 | 59138632306bcf7a657471c53121d8d7
Debian Linux Security Advisory 2001-1
Posted Feb 20, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2001-1 - Several remote vulnerabilities have been discovered in PHP 5, an hypertext preprocessor.

tags | advisory, remote, php, vulnerability
systems | linux, debian
advisories | CVE-2009-4142, CVE-2009-4143
MD5 | c803642cec299d8db68d6e6df19f9dd2
Ubuntu Security Notice 882-1
Posted Jan 14, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 882-1 - Maksymilian Arciemowicz discovered that PHP did not properly handle the ini_restore function. An attacker could exploit this issue to obtain random memory contents or to cause the PHP server to crash, resulting in a denial of service. It was discovered that the htmlspecialchars function did not properly handle certain character sequences, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. Stefan Esser discovered that PHP did not properly handle session data. An attacker could exploit this issue to bypass safe_mode or open_basedir restrictions.

tags | advisory, remote, denial of service, php, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2009-2626, CVE-2009-4142, CVE-2009-4143
MD5 | 58014cec2904df5137bfc8f8a0a82992
Page 1 of 1
Back1Next

File Archive:

July 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    12 Files
  • 3
    Jul 3rd
    1 Files
  • 4
    Jul 4th
    2 Files
  • 5
    Jul 5th
    34 Files
  • 6
    Jul 6th
    21 Files
  • 7
    Jul 7th
    21 Files
  • 8
    Jul 8th
    13 Files
  • 9
    Jul 9th
    6 Files
  • 10
    Jul 10th
    1 Files
  • 11
    Jul 11th
    3 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    19 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    15 Files
  • 16
    Jul 16th
    9 Files
  • 17
    Jul 17th
    2 Files
  • 18
    Jul 18th
    2 Files
  • 19
    Jul 19th
    19 Files
  • 20
    Jul 20th
    21 Files
  • 21
    Jul 21st
    53 Files
  • 22
    Jul 22nd
    14 Files
  • 23
    Jul 23rd
    14 Files
  • 24
    Jul 24th
    1 Files
  • 25
    Jul 25th
    1 Files
  • 26
    Jul 26th
    21 Files
  • 27
    Jul 27th
    8 Files
  • 28
    Jul 28th
    9 Files
  • 29
    Jul 29th
    12 Files
  • 30
    Jul 30th
    9 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close