LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

php: code execution

Package(s):php5 CVE #(s):CVE-2011-1938
Created:June 16, 2011 Updated:August 25, 2011
Description:

From the Novell bug database:

Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket.

Alerts:
Oracle ELSA-2011-1423 2011-11-03
Oracle ELSA-2011-1423 2011-11-03
Scientific Linux SL-NotF-20111102 2011-11-02
Mandriva MDVSA-2011:165 2011-11-03
CentOS CESA-2011:1423 2011-11-03
Red Hat RHSA-2011:1423-01 2011-11-02
Ubuntu USN-1231-1 2011-10-18
Gentoo 201110-06 2011-10-10
Fedora FEDORA-2011-11537 2011-08-26
Fedora FEDORA-2011-11528 2011-08-26
Fedora FEDORA-2011-11537 2011-08-26
Fedora FEDORA-2011-11528 2011-08-26
Fedora FEDORA-2011-11537 2011-08-26
Fedora FEDORA-2011-11528 2011-08-26
Slackware SSA:2011-237-01 2011-08-25
Pardus 2011-88 2011-06-21
openSUSE openSUSE-SU-2011:0645-1 2011-06-16
Debian DSA-2399-1 2012-01-31
Mandriva MDVSA-2012:071 2012-05-10
Oracle ELSA-2012-1046 2012-06-30
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds