HPE Security Bulletin HPESBHF03770 1 - A potential security vulnerability has been identified in Comware 7 MSR Routers using PHP, Go, Apache Http Server, and Tomcat. The vulnerability known as "httpoxy" could be remotely exploited to execute arbitrary code. Revision 1 of this advisory.
2af8ae566d18e3cd782b2353bc2bd160ea874bc5b28f246c238fe9f009bc5455HP Security Bulletin HPSBST03671 2 - A security vulnerability in PHP was addressed by the HPE StoreEver MSL6480 Tape Library firmware version 5.10. The vulnerability could be exploited remotely to allow Unauthorized Disclosure of Information or Denial of Service via the Ethernet Management Interface. Please note that the Management Interface cannot access data stored on tape media, so this vulnerability does not allow for remote unauthorized disclosure of data stored on tape media or remote denial of service. Revision 2 of this advisory.
74f9f0b80ca8d59cd41c5d09975ba20cb91f186b15a715a72840744163cf4c42Gentoo Linux Security Advisory 201611-22 - Multiple vulnerabilities have been found in PHP, the worst of which could lead to arbitrary code execution or cause a Denial of Service condition. Versions less than 5.6.28 are affected.
52e724112af437f442f0e544ef13d31b93ca4b1cc384b4d064b812122fe84921HP Security Bulletin HPSBST03671 1 - A security vulnerability in PHP was addressed by the HPE StoreEver MSL6480 Tape Library firmware version 5.10. The vulnerability could be exploited remotely to allow Unauthorized Disclosure of Information. Revision 1 of this advisory.
a236eaf5199d818b254fc1971d748d5d36168d9a9c1c1304c367c3f4b563aefbHP Security Bulletin HPSBMU03653 1 - Multiple potential security vulnerabilities have been identified in HPE System Management Homepage (SMH) on Windows and Linux. The vulnerabilities could be remotely exploited using man-in-the-middle (MITM) attacks resulting in cross-site scripting (XSS), arbitrary code execution, Denial of Service (DoS), and/or unauthorized disclosure of information. Revision 1 of this advisory.
8c670a2d763c2a2f7a69a05242741bdf9441d037d1584c704b9fdff983643e06Red Hat Security Advisory 2016-1613-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: It was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to an attacker-controlled proxy via a malicious HTTP request.
e0bf59f5cf1d3c0945e0d6d6e0c15750289bc15a60fccdb2ee9d694dd4128871Red Hat Security Advisory 2016-1612-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: It was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to an attacker-controlled proxy via a malicious HTTP request.
f67019f31418549e29743778856e445f5f3d39cc49377c1111e61f49fc4b91deRed Hat Security Advisory 2016-1611-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: It was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to an attacker-controlled proxy via a malicious HTTP request.
55592b7d6ab377e799f0673e09120f679bd0c8e8a43960c9c3d68a564709590bRed Hat Security Advisory 2016-1610-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: It was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to an attacker-controlled proxy via a malicious HTTP request.
fcd71ebcda575c41b6353590baddb7b6da04850d4fbba07468173f9919b13631Red Hat Security Advisory 2016-1609-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: It was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to an attacker-controlled proxy via a malicious HTTP request.
e4a867d0b2afb3d26671450133c752f70eebf6d1dc0e5c147088d80e10f92350Ubuntu Security Notice 3045-1 - It was discovered that PHP incorrectly handled certain SplMinHeap::compare operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Various other issues were also addressed.
47fc0ea179e44d1fcb53b84c0bfce2c297ab17348494c2a4bfed673be21e1948Debian Linux Security Advisory 3631-1 - Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.
38a66d762d614a958d7801c279d78dadb3c6ac4fce34ef4bc800ff8d7a0c22aeSlackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
06b270db60bab1c5042a20d49f118cbf8e37b6f5c672d51b08de3cc253ac07e0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed