FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
07f3fe15-a9de-11d9-a788-0001020eed82php -- readfile() DoS vulnerability

A SUSE Security advisory reports:

A bug in the readfile() function of php4 could be used to to crash the httpd running the php4 code when accessing files with a multiple of the architectures page size leading to a denial of service.


Discovery 2004-01-25
Entry 2005-04-10
mod_php4-twig
php4-cgi
php4-cli
php4-dtc
php4-horde
php4-nms
php4
< 4.3.5_7

mod_php
mod_php4
< 4.3.5_7,1

12665
CVE-2005-0596
http://bugs.php.net/bug.php?id=27037
http://www.novell.com/linux/security/advisories/2005_06_sr.html
6821a2db-4ab7-11da-932d-00055d790c25PHP -- multiple vulnerabilities

A Secunia Advisory reports:

Some vulnerabilities have been reported in PHP, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and potentially compromise a vulnerable system.


Discovery 2005-10-31
Entry 2005-11-01
mod_php4-twig
php4-cgi
php4-cli
php4-dtc
php4-horde
php4-nms
php4
< 4.4.1

mod_php
mod_php4
ge 4 lt 4.4.1,1

http://secunia.com/advisories/17371/
7fcf1727-be71-11db-b2ec-000c6ec775d9php -- multiple vulnerabilities

Multiple vulnerabilities have been found in PHP, including: buffer overflows, stack overflows, format string, and information disclosure vulnerabilities.

The session extension contained safe_mode and open_basedir bypasses, but the FreeBSD Security Officer does not consider these real security vulnerabilities, since safe_mode and open_basedir are insecure by design and should not be relied upon.


Discovery 2007-02-09
Entry 2007-02-17
Modified 2013-04-01
php5-imap
php5-odbc
php5-session
php5-shmop
php5-sqlite
php5-wddx
php5
< 5.2.1_2

php4-odbc
php4-session
php4-shmop
php4-wddx
php4
< 4.4.5

mod_php4-twig
mod_php4
mod_php5
mod_php
php4-cgi
php4-cli
php4-dtc
php4-horde
php4-nms
php5-cgi
php5-cli
php5-dtc
php5-horde
php5-nms
ge 4 lt 4.4.5

ge 5 lt 5.2.1_2

CVE-2007-0905
CVE-2007-0906
CVE-2007-0907
CVE-2007-0908
CVE-2007-0909
CVE-2007-0910
CVE-2007-0988
http://secunia.com/advisories/24089/
http://www.php.net/releases/4_4_5.php
http://www.php.net/releases/5_2_1.php
ad74a1bd-16d2-11d9-bc4a-000c41e2cdadphp -- php_variables memory disclosure

Stefano Di Paola reports:

Bad array parsing in php_variables.c could lead to show arbitrary memory content such as pieces of php code and other data. This affects all GET, POST or COOKIES variables.


Discovery 2004-09-15
Entry 2004-10-05
mod_php4-twig
php4-cgi
php4-cli
php4-dtc
php4-horde
php4-nms
php4
le 4.3.8_2

mod_php
mod_php4
ge 4 le 4.3.8_2,1

php5
php5-cgi
php5-cli
le 5.0.1

mod_php5
le 5.0.1,1

http://marc.theaimsgroup.com/?l=bugtraq&m=109527531130492
d47e9d19-5016-11d9-9b5f-0050569f0001php -- multiple vulnerabilities

Secunia reports:

Multiple vulnerabilities have been reported in PHP, which can be exploited to gain escalated privileges, bypass certain security restrictions, gain knowledge of sensitive information, or compromise a vulnerable system.


Discovery 2004-12-16
Entry 2004-12-17
Modified 2004-12-18
mod_php4-twig
php4-cgi
php4-cli
php4-dtc
php4-horde
php4-nms
php4
< 4.3.10

mod_php
mod_php4
ge 4 lt 4.3.10,1

php5
php5-cgi
php5-cli
< 5.0.3

mod_php5
< 5.0.3,1

http://secunia.com/advisories/13481/
CVE-2004-1019
CVE-2004-1065
http://www.php.net/release_4_3_10.php
http://www.hardened-php.net/advisories/012004.txt
dd7aa4f1-102f-11d9-8a8a-000c41e2cdadphp -- memory_limit related vulnerability

Stefan Esser of e-matters discovered a condition within PHP that may lead to remote execution of arbitrary code. The memory_limit facility is used to notify functions when memory contraints have been met. Under certain conditions, the entry into this facility is able to interrupt functions such as zend_hash_init() at locations not suitable for interruption. The result would leave these functions in a vulnerable state.

An attacker that is able to trigger the memory_limit abort within zend_hash_init() and is additionally able to control the heap before the HashTable itself is allocated, is able to supply his own HashTable destructor pointer. [...]

All mentioned places outside of the extensions are quite easy to exploit, because the memory allocation up to those places is deterministic and quite static throughout different PHP versions. [...]

Because the exploit itself consist of supplying an arbitrary destructor pointer this bug is exploitable on any platform.


Discovery 2004-07-07
Entry 2004-09-27
Modified 2004-10-02
mod_php4-twig
php4
php4-cgi
php4-cli
php4-dtc
php4-horde
php4-nms
le 4.3.7_3

mod_php4
le 4.3.7_3,1

php5
php5-cgi
php5-cli
le 5.0.0.r3_2

mod_php5
le 5.0.0.r3_2,1

CVE-2004-0594
http://marc.theaimsgroup.com/?l=bugtraq&m=108981780109154
http://security.e-matters.de/advisories/112004.html
10725
edf61c61-0f07-11d9-8393-000103ccf9d6php -- strip_tags cross-site scripting vulnerability

Stefan Esser of e-matters discovered that PHP's strip_tags() function would ignore certain characters during parsing of tags, allowing these tags to pass through. Select browsers could then parse these tags, possibly allowing cross-site scripting attacks.


Discovery 2004-07-07
Entry 2004-09-27
Modified 2013-06-19
mod_php4-twig
php4
php4-cgi
php4-cli
php4-dtc
php4-horde
php4-nms
le 4.3.7_3

mod_php4
le 4.3.7_3,1

php5
php5-cgi
php5-cli
le 5.0.0.r3_2

mod_php5
le 5.0.0.r3_2,1

CVE-2004-0595
http://marc.theaimsgroup.com/?l=bugtraq&m=108981589117423
http://security.e-matters.de/advisories/122004.html
10724
f5e52bf5-fc77-11db-8163-000e0c2e438aphp -- multiple vulnerabilities

The PHP development team reports:

Security Enhancements and Fixes in PHP 5.2.2 and PHP 4.4.7:

  • Fixed CVE-2007-1001, GD wbmp used with invalid image size
  • Fixed asciiz byte truncation inside mail()
  • Fixed a bug in mb_parse_str() that can be used to activate register_globals
  • Fixed unallocated memory access/double free in in array_user_key_compare()
  • Fixed a double free inside session_regenerate_id()
  • Added missing open_basedir & safe_mode checks to zip:// and bzip:// wrappers.
  • Limit nesting level of input variables with max_input_nesting_level as fix for.
  • Fixed CRLF injection inside ftp_putcmd().
  • Fixed a possible super-global overwrite inside import_request_variables().
  • Fixed a remotely trigger-able buffer overflow inside bundled libxmlrpc library.

Security Enhancements and Fixes in PHP 5.2.2 only:

  • Fixed a header injection via Subject and To parameters to the mail() function
  • Fixed wrong length calculation in unserialize S type.
  • Fixed substr_compare and substr_count information leak.
  • Fixed a remotely trigger-able buffer overflow inside make_http_soap_request().
  • Fixed a buffer overflow inside user_filter_factory_create().

Security Enhancements and Fixes in PHP 4.4.7 only:

  • XSS in phpinfo()

Discovery 2007-05-03
Entry 2007-05-07
Modified 2014-04-01
php5-imap
php5-odbc
php5-session
php5-shmop
php5-sqlite
php5-wddx
php5
< 5.2.2

php4-odbc
php4-session
php4-shmop
php4-wddx
php4
< 4.4.7

mod_php4-twig
mod_php4
mod_php5
mod_php
php4-cgi
php4-cli
php4-dtc
php4-horde
php4-nms
php5-cgi
php5-cli
php5-dtc
php5-horde
php5-nms
ge 4 lt 4.4.7

ge 5 lt 5.2.2

CVE-2007-1001
http://www.php.net/releases/4_4_7.php
http://www.php.net/releases/5_2_2.php