Ubuntu Security Notice 624-2 - USN-624-1 fixed a vulnerability in PCRE. This update provides the corresponding update for Erlang. Original advisory details: Tavis Ormandy discovered that the PCRE library did not correctly handle certain in-pattern options. An attacker could cause applications linked against pcre3 to crash, leading to a denial of service.
32e5186625d26202f52e2952207fd8481b1948c4cb6d686bf772c7fe10544a69HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS) or unauthorized access. Apache-based Web Server is contained in the Apache Web Server Suite.
917f5771b1ecaed534503ff6b3384773b7597e104b42f7ed74b05115d49f2b09HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), or execution of arbitrary code. Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite.
188b9f0db86834082088170fd33ebb8a50552ab4a702ee3c2405d86f177e52e0Mandriva Linux Security Advisory 2009-023 - Denial of service, bypass, and various buffer overflows have been addressed in the php package.
92466f410be73bf8a3cbb21d9967b91cb688bf798202ffc8693fb04ad04223e3Gentoo Linux Security Advisory GLSA 200811-05 - PHP contains several vulnerabilities including buffer and integer overflows which could lead to the remote execution of arbitrary code. Versions less than 5.2.6-r6 are affected.
30a9ea44a0f3a5cea3f6e349d238bdb1d46e22654727c091856a0da2f7e3c893Ubuntu Security Notice 628-1 - Over a dozen vulnerabilities in php5 have been addressed in Ubuntu.
3f4762bf322681e8f3484947ebc156f14c168b070b0d2ba92a048e740c8ac08fMandriva Linux Security Advisory - Tavis Ormandy of the Google Security Team discovered a heap-based buffer overflow when compiling certain regular expression patterns. This could be used by a malicious attacker by sending a specially crafted regular expression to an application using the PCRE library, resulting in the possible execution of arbitrary code or a denial of service. The updated packages have been patched to correct this issue.
90af6b4f2837c16c44dd246b1175a40dd0effece45f132077dde70f78db33ecaUbuntu Security Notice 624-1 - Tavis Ormandy discovered that the PCRE library did not correctly handle certain in-pattern options. An attacker could cause applications linked against pcre3 to crash, leading to a denial of service.
52846f503af8273a9bb739b323a5e67ae8711b8e42d4d3b2dfce00b572825b43Gentoo Linux Security Advisory GLSA 200807-03 - Tavis Ormandy of the Google Security team reported a heap-based buffer overflow when compiling regular expression patterns containing Internal Option Settings such as (?i). Versions less than 7.7-r1 are affected.
90bc807b7b7aa390aeb1924d5012ed79223d057910f8883feb451614ef283d31Debian Security Advisory 1602-1 - Tavis Ormandy discovered that PCRE, the Perl-Compatible Regular Expression library, may encounter a heap overflow condition when compiling certain regular expressions involving in-pattern options and branches, potentially leading to arbitrary code execution.
d81e46e2f256747f79a7c880be762f69cc8cd3ff336ed8da330037303001f5d4
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed