accept no compromises
Showing 1 - 6 of 6 RSS Feed

CVE-2010-2531

Status Candidate

Overview

The var_export function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if display_errors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution time, or recursion.

Related Files

HP Security Bulletin HPSBOV02763 SSRT100826
Posted Apr 17, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02763 SSRT100826 - Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, privilege escalation, unauthorized disclosure of information, or unauthorized modifications. Revision 1 of this advisory.

tags | advisory, web, denial of service, php, vulnerability
advisories | CVE-2006-7243, CVE-2010-1860, CVE-2010-1862, CVE-2010-1864, CVE-2010-2097, CVE-2010-2100, CVE-2010-2101, CVE-2010-2190, CVE-2010-2191, CVE-2010-2225, CVE-2010-2484, CVE-2010-2531, CVE-2010-3709, CVE-2010-3710, CVE-2010-3870, CVE-2010-4150, CVE-2010-4645, CVE-2010-4697, CVE-2010-4698, CVE-2011-0421, CVE-2011-0708, CVE-2011-0752, CVE-2011-1092, CVE-2011-1148, CVE-2011-1464, CVE-2011-1938, CVE-2011-2202, CVE-2011-4885
MD5 | e0ac9fde45049212bb699d5b5c61d6b3
Debian Security Advisory 2266-2
Posted Jul 1, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2266-2 - The update for CVE-2010-2531 for the old stabledistribution (lenny) introduced a regression, which lead to additional output being written to stdout.

tags | advisory
systems | linux, debian
advisories | CVE-2010-2531, CVE-2011-0420, CVE-2011-0421, CVE-2011-0708, CVE-2011-1153, CVE-2011-1466, CVE-2011-1471, CVE-2011-2202
MD5 | 2b9ab744fd68682fb29e029a44b94f01
Debian Security Advisory 2266-1
Posted Jun 30, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2266-1 - Several vulnerabilities were discovered in PHP, which could lead to denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, php, vulnerability
systems | linux, debian
advisories | CVE-2010-2531, CVE-2011-0420, CVE-2011-0421, CVE-2011-0708, CVE-2011-1153, CVE-2011-1466, CVE-2011-1471, CVE-2011-2202
MD5 | b2e43d17e42a67932628eb0ec6270779
Ubuntu Security Notice 989-1
Posted Sep 21, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 989-1 - Auke van Slooten discovered that PHP incorrectly handled certain xmlrpc requests. It was discovered that the pseudorandom number generator in PHP did not provide the expected entropy. It was discovered that PHP did not properly handle directory pathnames that lacked a trailing slash character. Grzegorz Stachowiak discovered that the PHP session extension did not properly handle semicolon characters. Stefan Esser discovered that PHP incorrectly decoded remote HTTP chunked encoding streams. Various other issues were also addressed.

tags | advisory, remote, web, php
systems | linux, ubuntu
advisories | CVE-2010-0397, CVE-2010-1128, CVE-2010-1129, CVE-2010-1130, CVE-2010-1866, CVE-2010-1868, CVE-2010-1917, CVE-2010-2094, CVE-2010-2225, CVE-2010-2531, CVE-2010-2950, CVE-2010-3065
MD5 | da74b2944a8d10fe39fa035d26e3ccb5
Mandriva Linux Security Advisory 2010-140
Posted Jul 28, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-140 - This is a maintenance and security update that upgrades php to 5.3.3 for 2010.0/2010.1. Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs. Fixed a possible resource destruction issues in shm_put_var(). Fixed a possible information leak because of interruption of XOR operator. Fixed a possible memory corruption because of unexpected call-time pass by reference and following memory clobbering through callbacks. Fixed a possible memory corruption in ArrayObject::uasort(). Fixed a possible memory corruption in parse_str(). Fixed a possible memory corruption in pack(). Fixed a possible memory corruption in substr_replace(). Fixed a possible memory corruption in addcslashes(). Fixed a possible stack exhaustion inside fnmatch(). Fixed a possible dechunking filter buffer overflow. Fixed a possible arbitrary memory access inside sqlite extension. Fixed string format validation inside phar extension. Fixed handling of session variable serialization on certain prefix characters. Fixed a NULL pointer dereference when processing invalid XML-RPC requests. Fixed SplObjectStorage unserialization problems. Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user. Fixed possible buffer overflows when handling error packets in mysqlnd. Additionally some of the third party extensions and required dependencies has been upgraded and/or rebuilt for the new php version.

tags | advisory, overflow, arbitrary, php
systems | linux, mandriva
advisories | CVE-2010-2531, CVE-2010-0397, CVE-2010-2225
MD5 | 9728cbfda6ca6f7ff1a4ca0bc367b17c
Mandriva Linux Security Advisory 2010-139
Posted Jul 27, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-139 - This is a maintenance and security update that upgrades php to 5.2.14 for CS4/MES5/2008.0/2009.0/2009.1. Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs. Fixed a possible interruption array leak in strrchr(). Fixed a possible interruption array leak in strchr(), strstr(), substr(), chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). Fixed a possible memory corruption in substr_replace(). Fixed SplObjectStorage unserialization problems. Fixed a possible stack exhaustion inside fnmatch(). Fixed a NULL pointer dereference when processing invalid XML-RPC requests. Fixed handling of session variable serialization on certain prefix characters. Fixed a possible arbitrary memory access inside sqlite extension. Reported by Mateusz Kocielski. Additionally some of the third party extensions has been upgraded and/or rebuilt for the new php version.

tags | advisory, arbitrary, php
systems | linux, mandriva
advisories | CVE-2010-2484, CVE-2010-2225, CVE-2010-0397, CVE-2010-2531
MD5 | 2b75ea5f7908e8b6b979d2ee7f9b6e02
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    2 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close