CVE-2006-2660
https://notcve.org/view.php?id=CVE-2006-2660
Buffer consumption vulnerability in the tempnam function in PHP 5.1.4 and 4.x before 4.4.3 allows local users to bypass restrictions and create PHP files with fixed names in other directories via a pathname argument longer than MAXPATHLEN, which prevents a unique string from being appended to the filename. • http://archives.neohapsis.com/archives/fulldisclosure/2006-06/0209.html http://cvs.php.net/viewcvs.cgi/php-src/NEWS?view=markup&rev=1.1247.2.920.2.134 http://secunia.com/advisories/21125 http://securityreason.com/securityalert/1069 http://securitytracker.com/id?1016271 http://www.mandriva.com/security/advisories?name=MDKSA-2006:122 http://www.securityfocus.com/archive/1/436785/100/0/threaded http://www.ubuntu.com/usn/usn-320-1 https://exchange.xforce.ibmcloud.com/vulnerabilities •
CVE-2006-2563
https://notcve.org/view.php?id=CVE-2006-2563
The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters. • http://secunia.com/advisories/20337 http://secunia.com/advisories/21050 http://secunia.com/advisories/21847 http://secunia.com/advisories/22039 http://securityreason.com/achievement_securityalert/39 http://securityreason.com/securityalert/959 http://securitytracker.com/id?1016175 http://www.mandriva.com/security/advisories?name=MDKSA-2006:122 http://www.novell.com/linux/security/advisories/2006_22_sr.html http://www.novell.com/linux/security/advisories/2006_52_php.html http://www.se •
CVE-2006-1990
https://notcve.org/view.php?id=CVE-2006-1990
Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different vulnerability than CVE-2002-1396. Desbordamiento de entero en la función wordwrap en string.c en PHP 4.4.2 y 5.1.2 podría permitir a atacantes dependientes del contexto ejecutar código arbitrario a través de ciertos argumentos largos que provoca la asignación de un búfer pequeño, lo que desencadena un desbordamiento de búfer basado en memoria dinámica en una llamada a la función memcpy, una vulnerabilidad diferente a CVE-2002-1396. • ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U http://docs.info.apple.com/article.html?artnum=304829 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html http://rhn.redhat.com/errata/RHSA-2006-0549.html http://secunia.com/advisories/19803 http://secunia.com/advisories/20052 http://secunia.com/advisories/20222 http://secunia.com/advisories/20269 http://secunia.com/advisories/20676 http://secunia.com/advisories/21031 http://secunia.c •
CVE-2006-1549 – PHP 4/5 - Executor Deep Recursion Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-1549
PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation fault) by defining and executing a recursive function. NOTE: it has been reported by a reliable third party that some later versions are also affected. • https://www.exploit-db.com/exploits/29693 http://securityreason.com/achievement_securityalert/35 http://securityreason.com/securityalert/2312 http://securityreason.com/securityalert/676 http://securitytracker.com/id?1015880 http://www.osvdb.org/24485 http://www.php-security.org/MOPB/MOPB-02-2007.html http://www.securityfocus.com/archive/1/430453/100/0/threaded http://www.securityfocus.com/archive/1/430598/100/0/threaded http://www.securityfocus.com/archive/1/430742/100/0/thread • CWE-399: Resource Management Errors •
CVE-2006-1494 – PHP 4.x - 'tempnam() open_basedir' Restriction Bypass
https://notcve.org/view.php?id=CVE-2006-1494
Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function. • https://www.exploit-db.com/exploits/27595 ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U http://rhn.redhat.com/errata/RHSA-2006-0549.html http://secunia.com/advisories/19599 http://secunia.com/advisories/19775 http://secunia.com/advisories/19979 http://secunia.com/advisories/21031 http://secunia.com/advisories/21125 http://secunia.com/advisories/21135 http://secunia.com/advisories/21202 http://secunia.com/advisories/21252 http://secunia.com/advisor •