HP Security Bulletin HPSBMU02764 SSRT100827 2 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities. Revision 2 of this advisory.
309e442bfe4de81d1da4a903beb9bb3ce130e05b0ec3c99ada2e50debacf94afHP Security Bulletin HPSBMU02764 SSRT100827 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities. Revision 1 of this advisory.
ef4dc6d5c693e4d1488186aa6471a0d6ae5ab0b725cd9a055f4101f928dcf379Ubuntu Security Notice 1126-2 - USN 1126-1 fixed several vulnerabilities in PHP. The fix for CVE-2010-4697 introduced an incorrect reference counting regression in the Zend engine that caused the PHP interpreter to segfault. This regression affects Ubuntu 6.06 LTS and Ubuntu 8.04 LTS.
d3109ede1f1b610fb18480ae30cb346b0d85aac84aedfeadd43a5eb1ad6fe0a2Ubuntu Security Notice 1126-1 - Stephane Chazelas discovered that the /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/. Raphael Geisert and Dan Rosenberg discovered that the PEAR installer allows local users to overwrite arbitrary files via a symlink attack on the package.xml file. Martin Barbella discovered a buffer overflow in the PHP GD extension that allows an attacker to cause a denial of service (application crash) via a large number of anti-aliasing steps in an argument to the imagepstext function. It was discovered that PHP accepts the \0 character in a pathname, which might allow an attacker to bypass intended access restrictions by placing a safe file extension after this character. Various other issues with PHP 5 were also identified and resolved.
0d1f20dac678d851bff44d385515866f5fb9db107a028a3a3bb2ee850d32fc53Mandriva Linux Security Advisory 2011-053 - Multiple vulnerabilities has been identified and fixed in php. These range from denial of service to code execution issues.
8e3a31350afca8110c11002ff4e93c17438c6aac20bba525ca9ac7e60132ba30Mandriva Linux Security Advisory 2011-052 - Multiple vulnerabilities has been identified and fixed in php. These range from denial of service to code execution issues.
1b98e934ccd7157b0631d5dcf0d404eaa0ead3e489c99c8cdc7264385eb99b35
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed