CVE-2006-3018
https://notcve.org/view.php?id=CVE-2006-3018
Unspecified vulnerability in the session extension functionality in PHP before 5.1.3 has unknown impact and attack vectors related to heap corruption. Vulnerabilidad no especificada en la funcionalidad de extensión de sesión en PHP anterior a la versión 5.1.3 tiene un impacto y vectores de ataque desconocidos, relacionados con una corrupción de memoria dinámica. • http://secunia.com/advisories/19927 http://secunia.com/advisories/21050 http://secunia.com/advisories/21125 http://securitytracker.com/id?1016306 http://www.mandriva.com/security/advisories?name=MDKSA-2006:122 http://www.osvdb.org/25254 http://www.php.net/release_5_1_3.php http://www.securityfocus.com/bid/17843 http://www.ubuntu.com/usn/usn-320-1 •
CVE-2006-3016
https://notcve.org/view.php?id=CVE-2006-3016
Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown impact and attack vectors, related to "certain characters in session names," including special characters that are frequently associated with CRLF injection, SQL injection, cross-site scripting (XSS), and HTTP response splitting vulnerabilities. NOTE: while the nature of the vulnerability is unspecified, it is likely that this is related to a violation of an expectation by PHP applications that the session name is alphanumeric, as implied in the PHP manual for session_name(). • ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc http://rhn.redhat.com/errata/RHSA-2006-0736.html http://secunia.com/advisories/19927 http://secunia.com/advisories/21050 http://secunia.com/advisories/22004 http://secunia.com/advisories/22069 http://secunia.com/advisories/22225 http://secunia.com/advisories/22440 http://secunia.com/advisories/22487 http://secunia.com/advisories/23247 http://securitytracker.com/id?1016306 http://support.avaya.com/el •
CVE-2005-4731
https://notcve.org/view.php?id=CVE-2005-4731
The Next action in PEAR HTML_QuickForm_Controller 1.0.4 includes the SID in the URL even when session.use_only_cookies is configured, which allows remote attackers to obtain the SID via an HTTP Referer field and possibly other vectors. • http://pear.php.net/bugs/bug.php?id=3443 http://pear.php.net/package/HTML_QuickForm_Controller/download http://www.osvdb.org/23766 •