HP Security Bulletin HPSBMU02786 SSRT100877 2 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux, Windows, and VMware ESX. The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code. Revision 2 of this advisory.
80f8158182e481b6569a26d38a63761b
Gentoo Linux Security Advisory 201209-3 - Multiple vulnerabilities were found in PHP, the worst of which lead to remote execution of arbitrary code. Versions less than 5.3.15 are affected.
3a7b11ddafda5c0c062b3746c3db17dd
HP Security Bulletin HPSBMU02786 SSRT100877 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code. Revision 1 of this advisory.
31d29fe7aaae474acd1185e3d5e9e226
Mandriva Linux Security Advisory 2012-071 - This is a bugfix and security advisory that upgrades php to the latest 5.3.13 version for Mandriva Linux Enterprise 5.2 which resolves numerous upstream bugs in php.
f031e64124033b6bfd062d5ee8bdec36
Apple Security Advisory 2012-05-09-1 - OS X Lion v10.7.4 and Security Update 2012-002 is now available and addresses multiple security issues. An issue existed in the handling of network account logins. The login process recorded sensitive information in the system log, where other users of the system could read it. A temporary file race condition issue existed in blued's initialization routine. There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. curl disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by enabling empty fragments. A data injection issue existed in curl's handling of URLs. This issue is addressed through improved validation of URLs. This issue does not affect systems prior to OS X Lion. Various other vulnerabilities have been addressed.
9614673327dc336467f1b3577177a46e
HP Security Bulletin HPSBOV02763 SSRT100826 - Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, privilege escalation, unauthorized disclosure of information, or unauthorized modifications. Revision 1 of this advisory.
e0ac9fde45049212bb699d5b5c61d6b3
HP Security Bulletin HPSBUX02741 SSRT100728 2 - Potential security vulnerabilities have been identified with HP-UX Apache Running Tomcat Servlet Engine. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to perform an access restriction bypass. The Tomcat-based Servlet Engine is contained in the HP-UX Apache Web Server Suite. Revision 2 of this advisory.
9b5a2a8b52f327e43c06f530ea0037af
Ubuntu Security Notice 1358-2 - USN 1358-1 fixed multiple vulnerabilities in PHP. The fix for CVE-2012-0831 introduced a regression where the state of the magic_quotes_gpc setting was not correctly reflected when calling the ini_get() function. Various other issues were also addressed.
afb798bff046c3e88238eb395ad62b28
Ubuntu Security Notice 1358-1 - It was discovered that PHP computed hash values for form parameters without restricting the ability to trigger hash collisions predictably. This could allow a remote attacker to cause a denial of service by sending many crafted parameters. ATTENTION: this update changes previous PHP behavior by limiting the number of external input variables to 1000. This may be increased by adding a "max_input_vars" directive to the php.ini configuration file. See http://www.php.net/manual/en/info.configuration.php#ini.max-input-vars for more information. Various other issues were also addressed.
283098275d1a7663b375247bc413b584
HP Security Bulletin HPSBUX02741 SSRT100728 - Potential security vulnerabilities have been identified with HP-UX Apache Running Tomcat Servlet Engine. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to perform an access restriction bypass. The Tomcat-based Servlet Engine is contained in the HP-UX Apache Web Server Suite. Revision 1 of this advisory.
a803a50080344a5c6ffabbd12414c139
Debian Linux Security Advisory 2399-2 - A regression was found in the fix for PHP's XSLT transformations. Updated packages are now available to address this regression.
d66227365d387c7a49e4928c2a78ec86
Debian Linux Security Advisory 2399-1 - Several vulnerabilities have been discovered in PHP, the web scripting language.
1f2cc867fd5ec819484697ce637b6e50
Red Hat Security Advisory 2012-0071-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that the hashing routine used by PHP arrays was susceptible to predictable hash collisions. If an HTTP POST request to a PHP application contained many parameters whose names map to the same hash value, a large amount of CPU time would be consumed. This flaw has been mitigated by adding a new configuration directive, max_input_vars, that limits the maximum number of parameters processed per request. By default, max_input_vars is set to 1000.
44d81ae92adf7850ee1f492269f37d84
Red Hat Security Advisory 2012-0033-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that the hashing routine used by PHP arrays was susceptible to predictable hash collisions. If an HTTP POST request to a PHP application contained many parameters whose names map to the same hash value, a large amount of CPU time would be consumed. This flaw has been mitigated by adding a new configuration directive, max_input_vars, that limits the maximum number of parameters processed per request. By default, max_input_vars is set to 1000.
8c48d27f32502fac614393fbf3389424
HashCollision denial of service proof of concept exploit written in Python. It generates the payload on the fly and sends it to the server.
67ebecc0f2bc16cbac57e3f28f645964
HashCollision denial of service proof of concept exploit written in Python. It generates the payload on the fly and sends it to the server.
005862b9f48d4aeccfbafbfa328962a4
Red Hat Security Advisory 2012-0019-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that the hashing routine used by PHP arrays was susceptible to predictable hash collisions. If an HTTP POST request to a PHP application contained many parameters whose names map to the same hash value, a large amount of CPU time would be consumed. This flaw has been mitigated by adding a new configuration directive, max_input_vars, that limits the maximum number of parameters processed per request. By default, max_input_vars is set to 1000.
2969b3d15af9e8ee70038a425f71a92c
PHP 4 hash collision proof of concept code that computes hash values for form parameters.
ea16bf2c76f5634fa3f2084454c76ac7
PHP 5.3.x hash collision denial of service proof of concept exploit written in Python. It generates the payload on the fly and sends it to the server.
c23b07efa16d41564f4a7be8c084fc11
PHP 5.3.x hash collision denial of service proof of concept exploit.
2ec0f79d6a35f668667c83cdf5e19722
Mandriva Linux Security Advisory 2011-197 - Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708. PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service by sending many crafted parameters. The updated packages have been patched to correct this issue.
5179d8a626ca4088fe479cf3b48be141
A variety of programming languages suffer from a denial-of-service (DoS) condition against storage functions of key/value pairs in hash data structures, the condition can be leveraged by exploiting predictable collisions in the underlying hashing algorithms.
22dd5e111e5c4f6aa908cc54c3e0e83a