Page 55 of 360 results (0.014 seconds)

CVSS: 7.5EPSS: 1%CPEs: 27EXPL: 2

CVE-2008-5625 – PHP 5.2.6 - 'error_log' Safe_mode Bypass

https://notcve.org/view.php?id=CVE-2008-5625

PHP 5 before 5.2.7 does not enforce the error_log safe_mode restrictions when safe_mode is enabled through a php_admin_flag setting in httpd.conf, which allows context-dependent attackers to write to arbitrary files by placing a "php_value error_log" entry in a .htaccess file. PHP 5 versiones anteriores a 5.2.7 no cumple las restricciones error_log safe_mode cuando safe_mode está activado a través de un parámetro php_admin_flag en httpd.conf, el cual permite a los atacantes dependiente de contexto escribir arbitrariamente archivos colocando una entrada "php_value error_log" en un archivo .htaccess. • https://www.exploit-db.com/exploits/7171 http://archives.neohapsis.com/archives/bugtraq/2008-11/0152.html http://marc.info/?l=bugtraq&m=124654546101607&w=2 http://marc.info/?l=bugtraq&m=125631037611762&w=2 http://osvdb.org/52205 http://secunia.com/advisories/35650 http://securityreason.com/achievement_securityalert/57 http://wiki.rpath.com/Advisories:rPSA-2009-0035 http://www.mandriva.com/security/advisories?name=MDVSA-2009:045 http://www.php.net/ChangeLog-5.php#5.2& • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.5EPSS: 1%CPEs: 64EXPL: 0

CVE-2008-4107 – WordPress Core < 2.6.2 - Cryptographic Weakness

https://notcve.org/view.php?id=CVE-2008-4107

The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows attackers to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset functionality in Joomla! 1.5.x and WordPress before 2.6.2, a different vulnerability than CVE-2008-2107, CVE-2008-2108, and CVE-2008-4102. Las funciones (1) rand y (2) mt_rand en PHP 5.2.6 no producen criptográficamente fuertes números aleatorios, el cual permite a los atacantes aprovechar que algunos productos confían en estas funciones para relevantes funcionalidades de seguridad, como demuestra la funcionalidad de reinicialización de contraseñas en Joomla! 1.5.x y WordPress en versiones anteriores a 2.6.2, son diferentes vulnerabilidades a CVE-2008-2107, CVE-2008-2108, y CVE-2008-4102. • http://marc.info/?l=oss-security&m=122152830017099&w=2 http://osvdb.org/48700 http://secunia.com/advisories/31737 http://secunia.com/advisories/31870 http://securityreason.com/securityalert/4271 http://securitytracker.com/id?1020869 http://wordpress.org/development/2008/09/wordpress-262 http://www.openwall.com/lists/oss-security/2008/09/11/6 http://www.securityfocus.com/archive/1/496237/100/0/threaded http://www.securityfocus.com/archive/1/496287/100/0/threaded http • CWE-189: Numeric Errors CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 5.0EPSS: 1%CPEs: 7EXPL: 0

CVE-2008-2829

https://notcve.org/view.php?id=CVE-2008-2829

php_imap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long IMAP request, which triggers an "rfc822.c legacy routine buffer overflow" error message, related to the rfc822_write_address function. El archivo php_imap.c en PHP versiones 5.2.5, 5.2.6, 4.x y otras versiones, utiliza llamadas API obsoletas que permiten a los atacantes dependiendo del contexto causar una denegación de servicio (bloqueo) y posiblemente ejecutar código arbitrario por medio de una larga petición IMAP, que activa un mensaje de error "rfc822.c legacy routine buffer overflow", relacionado con la función rfc822_write_address. • http://bugs.php.net/bug.php?id=42862 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html http://marc.info/?l=bugtraq&m=124654546101607&w=2 http://marc.info/?l=bugtraq&m=125631037611762&w=2 http://osvdb.org/46641 http://secunia.com/advisories/31200 http://secunia.com/advisories/32746 http://secunia.com/advisories/35074 http://secunia.com/advisories/35306 http://secunia. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 0%CPEs: 23EXPL: 1

CVE-2008-2666 – PHP 5.2.6 - 'chdir()' Function http URL Argument Safe_mode Restriction Bypass

https://notcve.org/view.php?id=CVE-2008-2666

Multiple directory traversal vulnerabilities in PHP 5.2.6 and earlier allow context-dependent attackers to bypass safe_mode restrictions by creating a subdirectory named http: and then placing ../ (dot dot slash) sequences in an http URL argument to the (1) chdir or (2) ftok function. Múltiples vulnerabilidades de Salto de Directorio en PHP 5.2.6 permiten a los atacantes según contexto saltarse las restricciones safe_mode creando un subdirectorio denominado http: y colocando después secuencias ../ (punto punto barra) en un argumento http URL en la función (1) chdir o (2) ftok. • https://www.exploit-db.com/exploits/31937 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://marc.info/?l=bugtraq&m=124654546101607&w=2 http://marc.info/?l=bugtraq&m=125631037611762&w=2 http://secunia.com/advisories/32746 http://secunia.com/advisories/35074 http://secunia.com/advisories/35650 http://security.gentoo.org/glsa/glsa-200811-05.xml http://securityreason.com/achievement_securityalert/55 http://securityreason.com/securityalert/3942 http: • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.5EPSS: 0%CPEs: 29EXPL: 4

CVE-2008-2565 – PHP-Address Book 4.0.x - Multiple SQL Injections

https://notcve.org/view.php?id=CVE-2008-2565

Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) edit.php. NOTE: it was later reported that 4.0.x is also affected. Múltiples vulnerabilidades de inyección SQL en PHP Address Book 3.1.5 y en versiones anteriores permiten a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro id en (1) view.php y (2) edit.php. NOTA: más tarde se informó que también se ve afectada la versión 4.0.x. • https://www.exploit-db.com/exploits/9023 https://www.exploit-db.com/exploits/5739 https://www.exploit-db.com/exploits/18578 http://packetstormsecurity.com/files/129789/PHP-Address-Book-Cross-Site-Scripting-SQL-Injection.html http://secunia.com/advisories/30540 http://secunia.com/advisories/35590 http://www.securityfocus.com/archive/1/504595/100/0/threaded http://www.securityfocus.com/bid/35511 https://exchange.xforce.ibmcloud.com/vulnerabilities/42855 https://exchange.xforce.ibmcloud. • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •