Details of VAR-201205-0305

ID

VAR-201205-0305

CVE

CVE-2012-1823

TITLE

PHP-CGI query string parameter vulnerability

Trust: 0.8

sources: CERT/CC: VU#520827

DESCRIPTION

sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case. PHP-CGI-based setups contain a vulnerability when parsing query string parameters from php files. Parallels Plesk Panel versions 9.0 - 9.2.3 on Linux platforms are vulnerable to remote code execution. PHP is prone to an information-disclosure vulnerability. Exploiting this issue allows remote attackers to view the source code of files in the context of the server process. This may allow the attacker to obtain sensitive information and to run arbitrary PHP code on the affected computer; other attacks are also possible. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201209-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: PHP: Multiple vulnerabilities Date: September 24, 2012 Bugs: #384301, #396311, #396533, #399247, #399567, #399573, #401997, #410957, #414553, #421489, #427354, #429630 ID: 201209-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities were found in PHP, the worst of which lead to remote execution of arbitrary code. Background ========== PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-lang/php < 5.3.15 >= 5.3.15 < 5.4.5 >= 5.4.5 ------------------------------------------------------------------- # Package 1 only applies to users of these architectures: arm Description =========== Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All PHP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/php-5.3.15" All PHP users on ARM should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/php-5.4.5" References ========== [ 1 ] CVE-2011-1398 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1398 [ 2 ] CVE-2011-3379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3379 [ 3 ] CVE-2011-4566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4566 [ 4 ] CVE-2011-4885 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4885 [ 5 ] CVE-2012-0057 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0057 [ 6 ] CVE-2012-0788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0788 [ 7 ] CVE-2012-0789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0789 [ 8 ] CVE-2012-0830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0830 [ 9 ] CVE-2012-0831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0831 [ 10 ] CVE-2012-1172 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1172 [ 11 ] CVE-2012-1823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1823 [ 12 ] CVE-2012-2143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2143 [ 13 ] CVE-2012-2311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2311 [ 14 ] CVE-2012-2335 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2335 [ 15 ] CVE-2012-2336 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2336 [ 16 ] CVE-2012-2386 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2386 [ 17 ] CVE-2012-2688 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2688 [ 18 ] CVE-2012-3365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3365 [ 19 ] CVE-2012-3450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3450 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201209-03.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1148 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1657 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2202 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2483 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3267 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3268 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2483 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4566 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4885 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0788 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0831 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1172 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1823 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1823 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2335 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2336 http://www.mandriva.com/security/advisories?name=MDVA-2012:004 http://www.mandriva.com/security/advisories?name=MDVSA-2011:165 http://www.mandriva.com/security/advisories?name=MDVSA-2011:166 http://www.mandriva.com/security/advisories?name=MDVSA-2011:180 http://www.mandriva.com/security/advisories?name=MDVSA-2011:197 http://www.mandriva.com/security/advisories?name=MDVSA-2012:065 http://www.mandriva.com/security/advisories?name=MDVSA-2012:068 http://www.mandriva.com/security/advisories?name=MDVSA-2012:068-1 _______________________________________________________________________ Updated Packages: Mandriva Enterprise Server 5: 7361d218b400b6601eef5465f0c132f1 mes5/i586/apache-mod_php-5.3.13-0.1mdvmes5.2.i586.rpm 23194f266a0a18c9d49fa7760f6d75f7 mes5/i586/lemon-3.7.4-0.1mdvmes5.2.i586.rpm ee51be362aff5c90c587650c52e5d874 mes5/i586/libmbfl1-1.1.0-0.1mdvmes5.2.i586.rpm 0cd89098cc20b5ce8acb14d6f6ddc748 mes5/i586/libmbfl-devel-1.1.0-0.1mdvmes5.2.i586.rpm dedab7019ea9edfeb929fa521191fe09 mes5/i586/libming1-0.4.4-0.1mdvmes5.2.i586.rpm 881df3313a40b7113d0b2c4d39349c4a mes5/i586/libming-devel-0.4.4-0.1mdvmes5.2.i586.rpm a09e59b16f2c4fe4a583b65689f0f308 mes5/i586/libmonetra7-7.0.4-0.1mdvmes5.2.i586.rpm 1cdd454b9561c94253a4d885a1f34370 mes5/i586/libmonetra-devel-7.0.4-0.1mdvmes5.2.i586.rpm 90dcdd87fb687327fd687e490be5fc7b mes5/i586/libphp5_common5-5.3.13-0.1mdvmes5.2.i586.rpm cc8e259df098747e849797194711dff1 mes5/i586/libsphinxclient0-0.9.9-0.1mdvmes5.2.i586.rpm 716d1d5539c4a4eaac5996c70578107d mes5/i586/libsphinxclient-devel-0.9.9-0.1mdvmes5.2.i586.rpm b271fe2d863cb99d46f99a20c0cab5d3 mes5/i586/libstemmer0-0-5.1mdvmes5.2.i586.rpm f08df937c8cbc104c32a0b42f77a2b2d mes5/i586/libstemmer-devel-0-5.1mdvmes5.2.i586.rpm fc04b1140795dafb3a280100a34e1698 mes5/i586/libxmlrpc-epi0-0.54-0.1mdvmes5.2.i586.rpm ed22bcef35a1b90090a01d5bdf5c2861 mes5/i586/libxmlrpc-epi-devel-0.54-0.1mdvmes5.2.i586.rpm 3c70ce8653099b8bede16e1d4b1c854c mes5/i586/libyaz3-3.0.48-0.1mdvmes5.2.i586.rpm d73a3220c42f40c085c1caa3a1797b9a mes5/i586/libyaz-devel-3.0.48-0.1mdvmes5.2.i586.rpm 8cd9158f64b8d1345e47485ab28b8f87 mes5/i586/ming-utils-0.4.4-0.1mdvmes5.2.i586.rpm ec6c990e242c299eb3f250a273298534 mes5/i586/perl-SWF-0.4.4-0.1mdvmes5.2.i586.rpm c199e39972b4633c025cdb4497f866d5 mes5/i586/php-apc-3.1.10-0.1mdvmes5.2.i586.rpm 4d7b2a7efea30875044fa27ab621855f mes5/i586/php-apc-admin-3.1.10-0.1mdvmes5.2.i586.rpm b86186ed13e27f5dde58b58e799f9145 mes5/i586/php-bcmath-5.3.13-0.1mdvmes5.2.i586.rpm 364fb5e17d6f35aeb212e374f8408236 mes5/i586/php-bz2-5.3.13-0.1mdvmes5.2.i586.rpm 64367f635bddcdb8f799f30bd56db615 mes5/i586/php-calendar-5.3.13-0.1mdvmes5.2.i586.rpm 040288301616bfb16436f2e5a341ff9f mes5/i586/php-cgi-5.3.13-0.1mdvmes5.2.i586.rpm 3c265959950263674c5017eda963117e mes5/i586/php-cli-5.3.13-0.1mdvmes5.2.i586.rpm 42876a7aead3c2ba20de3b237502d317 mes5/i586/php-ctype-5.3.13-0.1mdvmes5.2.i586.rpm 9ae84a482bced4724fc5b2719a5f7e74 mes5/i586/php-curl-5.3.13-0.1mdvmes5.2.i586.rpm fb39ca8bc9b3e70dca9eabeb43f1b5a3 mes5/i586/php-dba-5.3.13-0.1mdvmes5.2.i586.rpm eb9cd33f04b6b8ce9631dbee6ffdfa1c mes5/i586/php-dbx-1.1.0-30.2mdvmes5.2.i586.rpm 4a289a7a64702fc7bf9167125f172274 mes5/i586/php-devel-5.3.13-0.1mdvmes5.2.i586.rpm fc09a56f707392c32ef3aeec9a1bb242 mes5/i586/php-dio-0.0.5-0.1mdvmes5.2.i586.rpm 521e2447d98a8d37aa7fb2fa35787ef2 mes5/i586/php-doc-5.3.13-0.1mdvmes5.2.i586.rpm 6e0fed6e1c0b5ee5a11645e4956d345c mes5/i586/php-dom-5.3.13-0.1mdvmes5.2.i586.rpm 5e9298f4d04acef2d164c52697e911eb mes5/i586/php-eaccelerator-0.9.6.1-0.6mdvmes5.2.i586.rpm 688d1e19c4955521d7a217bd64b1a3aa mes5/i586/php-eaccelerator-admin-0.9.6.1-0.6mdvmes5.2.i586.rpm c7ba6857a141dbac85afa4f05cdb65ca mes5/i586/php-enchant-5.3.13-0.1mdvmes5.2.i586.rpm 0c179177f51deb368800f0c08cedc599 mes5/i586/php-exif-5.3.13-0.1mdvmes5.2.i586.rpm 39f6318d1367c28e8c0365098e7750e4 mes5/i586/php-fam-5.0.1-3.6mdvmes5.2.i586.rpm 1ef9b6263948c34f46b5fd29321d911c mes5/i586/php-fileinfo-5.3.13-0.1mdvmes5.2.i586.rpm aad86d693bbe62bba0942b370f6ca246 mes5/i586/php-filepro-5.1.6-13.6mdvmes5.2.i586.rpm 3868021d3e61c00b8ae6809bb7c0900b mes5/i586/php-filter-5.3.13-0.1mdvmes5.2.i586.rpm 48b88e31e42379400dc7766ad2c62e5a mes5/i586/php-fpm-5.3.13-0.1mdvmes5.2.i586.rpm f8cd704030d7d70ea8ebe8346f9f0e0f mes5/i586/php-ftp-5.3.13-0.1mdvmes5.2.i586.rpm 7c32f002b04ac8072df7aa7fa8b7a8e6 mes5/i586/php-gd-5.3.13-0.1mdvmes5.2.i586.rpm df5a2a2b26101a778494b26af67766a2 mes5/i586/php-gettext-5.3.13-0.1mdvmes5.2.i586.rpm 8327f44ffa0b41841ff9b71039017d52 mes5/i586/php-gmp-5.3.13-0.1mdvmes5.2.i586.rpm 811259cfad20fd63253a7123b7fd27dc mes5/i586/php-gtk2-2.0.1-2.2mdvmes5.2.i586.rpm be58ace4d69b596b57afd068f7cf3c49 mes5/i586/php-hash-5.3.13-0.1mdvmes5.2.i586.rpm a17c44ceea8b3f5a0bc55a3af3474af3 mes5/i586/php-iconv-5.3.13-0.1mdvmes5.2.i586.rpm c89f28160eaf77c3655965bfbed6c3b1 mes5/i586/php-imagick-3.0.1-0.2mdvmes5.2.i586.rpm 73fa2e549e58fd68ad8a9109c77a7369 mes5/i586/php-imap-5.3.13-0.1mdvmes5.2.i586.rpm b3c413082301b0a8f4a25f176a87a45e mes5/i586/php-ini-5.3.13-0.1mdvmes5.2.i586.rpm 6c775dd0ca5396b0ebb70e602db834b6 mes5/i586/php-intl-5.3.13-0.1mdvmes5.2.i586.rpm 5902f72d9bc4f0c025618cd49e5f8e79 mes5/i586/php-json-5.3.13-0.1mdvmes5.2.i586.rpm 877dc6caffd8bbe76c654ac4a9d18daa mes5/i586/php-ldap-5.3.13-0.1mdvmes5.2.i586.rpm abe1393ef623af8944406dadd8064c89 mes5/i586/php-mailparse-2.1.6-0.1mdvmes5.2.i586.rpm 0f498f237e44a451224929ecd24b315c mes5/i586/php-mbstring-5.3.13-0.1mdvmes5.2.i586.rpm 35eceb3b8e39847fa00a91409afe9407 mes5/i586/php-mcal-0.6-23.6mdvmes5.2.i586.rpm 385e71ffb5612c05a701ed557e556c62 mes5/i586/php-mcrypt-5.3.13-0.1mdvmes5.2.i586.rpm 18e3385588deda52c3516375d6d803d0 mes5/i586/php-mcve-7.0.3-0.2mdvmes5.2.i586.rpm daf72900f0a90864046a67a2d71e6caa mes5/i586/php-mdbtools-1.0.0-4.2mdvmes5.2.i586.rpm d0905f31f721643a572bf6b005262bf6 mes5/i586/php-memcache-3.0.6-0.2mdvmes5.2.i586.rpm 6b5378f95fb1022c83d34c9db1422d8e mes5/i586/php-ming-5.2.10-0.2mdvmes5.2.i586.rpm 8e6e4f7017a0febfef7cdf155ecc4962 mes5/i586/php-mssql-5.3.13-0.1mdvmes5.2.i586.rpm 0411daf7561b179eb5a8e484d36f4ad3 mes5/i586/php-mysql-5.3.13-0.1mdvmes5.2.i586.rpm ff31716a2c412fba2e9d013c56965cf7 mes5/i586/php-mysqli-5.3.13-0.1mdvmes5.2.i586.rpm 993a888b1c2713a00565e45282b23148 mes5/i586/php-mysqlnd-5.3.13-0.1mdvmes5.2.i586.rpm 08fbe9fae6d67c0637041c80f07eba12 mes5/i586/php-odbc-5.3.13-0.1mdvmes5.2.i586.rpm 7a29e566a7751e1821a623a4f0018a6f mes5/i586/php-openssl-5.3.13-0.1mdvmes5.2.i586.rpm f441f06ada4ee980d501e2b6576f2806 mes5/i586/php-optimizer-0.1-0.alpha2.0.2mdvmes5.2.i586.rpm b8da69bd634b1daa981efbc2ed95a648 mes5/i586/php-pcntl-5.3.13-0.1mdvmes5.2.i586.rpm 95089b116c79922e497d4fd7854df544 mes5/i586/php-pdo-5.3.13-0.1mdvmes5.2.i586.rpm 2f2196f900c6b802cf7fea375c9eeb91 mes5/i586/php-pdo_dblib-5.3.13-0.1mdvmes5.2.i586.rpm 25c438a18c01c09b60e7c7b2fe13671f mes5/i586/php-pdo_mysql-5.3.13-0.1mdvmes5.2.i586.rpm 91f1fee5243ed4ae8398a75e9114adac mes5/i586/php-pdo_odbc-5.3.13-0.1mdvmes5.2.i586.rpm bfff4547a91207f42302cd9fc184f86f mes5/i586/php-pdo_pgsql-5.3.13-0.1mdvmes5.2.i586.rpm 8d460754542459d816d1b3dff39c872b mes5/i586/php-pdo_sqlite-5.3.13-0.1mdvmes5.2.i586.rpm 9ff947c66182403b9888b265832c9161 mes5/i586/php-perl-1.0.0-32.2mdvmes5.2.i586.rpm cb1bca793338e4e792ab6c8792293617 mes5/i586/php-pgsql-5.3.13-0.1mdvmes5.2.i586.rpm 1ef789ec5d683fef4934fc57101456b1 mes5/i586/php-phar-5.3.13-0.1mdvmes5.2.i586.rpm 52145842d6faa93fa073fa17cb3b0763 mes5/i586/php-posix-5.3.13-0.1mdvmes5.2.i586.rpm aed79d1522b7507df309ddd682a99b4d mes5/i586/php-pspell-5.3.13-0.1mdvmes5.2.i586.rpm 7cf0cf423041e29370ec6df0da70d21e mes5/i586/php-radius-1.2.5-7.2mdvmes5.2.i586.rpm f53c0be9c38ddf42a8c6820a312eaa06 mes5/i586/php-readline-5.3.13-0.1mdvmes5.2.i586.rpm 29ee9c49f78cb11e83f9a251bd02b7e9 mes5/i586/php-recode-5.3.13-0.1mdvmes5.2.i586.rpm 2c8c33fd81fc8468d0ddb774c2814264 mes5/i586/php-sasl-0.1.0-21.6mdvmes5.2.i586.rpm 8c2471fa96a43e94edabd4b9668724ef mes5/i586/php-session-5.3.13-0.1mdvmes5.2.i586.rpm 3ca8b754f64883be1924fa8e95e799d3 mes5/i586/php-shmop-5.3.13-0.1mdvmes5.2.i586.rpm faa1b493b705f393754abcc2174857b5 mes5/i586/php-snmp-5.3.13-0.1mdvmes5.2.i586.rpm c393eb8db265798b1beff2541d13ee25 mes5/i586/php-soap-5.3.13-0.1mdvmes5.2.i586.rpm c23958451e7f49cb90e18f0d58fde045 mes5/i586/php-sockets-5.3.13-0.1mdvmes5.2.i586.rpm 419a7ecf0f1d44a08795cc21c88f3b17 mes5/i586/php-sphinx-1.2.0-0.1mdvmes5.2.i586.rpm b42c41d30364c4bb308146ab5087fabf mes5/i586/php-sqlite3-5.3.13-0.1mdvmes5.2.i586.rpm 6e9609d6fd4724426a63e3e520341051 mes5/i586/php-sqlite-5.3.13-0.1mdvmes5.2.i586.rpm e0b0e03c3ba4746805a70f3749784af7 mes5/i586/php-ssh2-0.11.3-0.1mdvmes5.2.i586.rpm f3be55d6857f3c36f063a418ff780c01 mes5/i586/php-suhosin-0.9.33-0.1mdvmes5.2.i586.rpm 49ab75a66171482bc0c92da727b42790 mes5/i586/php-sybase_ct-5.3.13-0.1mdvmes5.2.i586.rpm a49fe633e4d2eb4acb1fcd9ded4afff6 mes5/i586/php-sysvmsg-5.3.13-0.1mdvmes5.2.i586.rpm e548f18c2ccd5522376387fb9895e605 mes5/i586/php-sysvsem-5.3.13-0.1mdvmes5.2.i586.rpm 079ffcc8e9bbcf02d70b39aed0e37510 mes5/i586/php-sysvshm-5.3.13-0.1mdvmes5.2.i586.rpm a0bfac8555bfaefec8cdab4a8fe8f759 mes5/i586/php-tclink-3.4.5-0.2mdvmes5.2.i586.rpm c3bb9c496c70fa477b65a326f10f1f13 mes5/i586/php-tidy-5.3.13-0.1mdvmes5.2.i586.rpm 92fa5b22a77b38c94e1e81cee27e94e5 mes5/i586/php-timezonedb-2012.3-0.1mdvmes5.2.i586.rpm c69e34969e6be01c229701cb3bd381f3 mes5/i586/php-tokenizer-5.3.13-0.1mdvmes5.2.i586.rpm 86d0fa4af4c00f2a996ee86c7480eaec mes5/i586/php-translit-0.6.1-0.1mdvmes5.2.i586.rpm 11aa119fde6b2c43e93259784d78b72a mes5/i586/php-vld-0.11.1-0.1mdvmes5.2.i586.rpm f48532222388b41b6f5abbeffa704cf9 mes5/i586/php-wddx-5.3.13-0.1mdvmes5.2.i586.rpm 1770351942d2fb1c5685afe0609d22ea mes5/i586/php-xattr-1.1.0-2.6mdvmes5.2.i586.rpm 09300dd1170f00c70d05a21017d05448 mes5/i586/php-xcache-1.3.2-0.1mdvmes5.2.i586.rpm 508c5edb557c8bc20d7084b314278944 mes5/i586/php-xcache-admin-1.3.2-0.1mdvmes5.2.i586.rpm 41e91f88a9fdaf1fa0420ae01dc46ade mes5/i586/php-xdebug-2.1.4-0.1mdvmes5.2.i586.rpm c8d6da8bdb753cf7a2a6db3d3e2e46bf mes5/i586/php-xml-5.3.13-0.1mdvmes5.2.i586.rpm 50aed2d093b83fdaa77dc407da9b861a mes5/i586/php-xmlreader-5.3.13-0.1mdvmes5.2.i586.rpm fe32252d37699afb0c51f60f9722adcb mes5/i586/php-xmlrpc-5.3.13-0.1mdvmes5.2.i586.rpm a1a2181cb93d31acf2c6b6e246b9db0d mes5/i586/php-xmlwriter-5.3.13-0.1mdvmes5.2.i586.rpm f87097cce5a501146df0e7120211c4bd mes5/i586/php-xsl-5.3.13-0.1mdvmes5.2.i586.rpm 9d5c99b04a85caea9bce01f4c662372c mes5/i586/php-yaz-1.1.1-0.1mdvmes5.2.i586.rpm d38eb4445d09878793e8506f1b649236 mes5/i586/php-zip-5.3.13-0.1mdvmes5.2.i586.rpm ec0cbe2b90c8fb0db9939d10e62fef02 mes5/i586/php-zlib-5.3.13-0.1mdvmes5.2.i586.rpm e2fe6c46edade8b149063316fb6e9268 mes5/i586/python-SWF-0.4.4-0.1mdvmes5.2.i586.rpm aef4719c148c3f6edf549f236a08868e mes5/i586/sphinx-0.9.9-0.1mdvmes5.2.i586.rpm 48b1928235704dd977b9fdc25f1e2933 mes5/i586/stemwords-0-5.1mdvmes5.2.i586.rpm 1b7636ca4c1ec6eac492041c6e9c95e2 mes5/i586/yaz-3.0.48-0.1mdvmes5.2.i586.rpm 2bac0388ad669fc836a910cb6919733e mes5/SRPMS/apache-mod_php-5.3.13-0.1mdvmes5.2.src.rpm 0dd8c597a6a39e17b504408fa4f894d1 mes5/SRPMS/lemon-3.7.4-0.1mdvmes5.2.src.rpm 04a50458044ddef8dca4acbecd0555d1 mes5/SRPMS/libmbfl-1.1.0-0.1mdvmes5.2.src.rpm d9e473396af964f01dd6310844925396 mes5/SRPMS/libmonetra-7.0.4-0.1mdvmes5.2.src.rpm 0fafe53fccc11afa4b75c66dc49261cd mes5/SRPMS/libstemmer-0-5.1mdvmes5.2.src.rpm 6de1878b7ff4fbc0b63e381618e966ba mes5/SRPMS/ming-0.4.4-0.1mdvmes5.2.src.rpm c4041cade9aaf6c4c67f046e4bfbaa74 mes5/SRPMS/php-5.3.13-0.1mdvmes5.2.src.rpm c0a1c69bca172f69a034505cfd6b37fc mes5/SRPMS/php-apc-3.1.10-0.1mdvmes5.2.src.rpm df8c3520a450cb4209179f60cf8828cd mes5/SRPMS/php-dbx-1.1.0-30.2mdvmes5.2.src.rpm 7705d28806c6a73a9e588d174203ec11 mes5/SRPMS/php-dio-0.0.5-0.1mdvmes5.2.src.rpm cb9fd58d04a1db3ceec2f9b15c5ddac0 mes5/SRPMS/php-eaccelerator-0.9.6.1-0.6mdvmes5.2.src.rpm d1e7c7da449372f62c27a0cd3eeb8a8d mes5/SRPMS/php-fam-5.0.1-3.6mdvmes5.2.src.rpm 4c10d297abc9ea2a4dfe2cc441be619c mes5/SRPMS/php-filepro-5.1.6-13.6mdvmes5.2.src.rpm 7c30fe50ac1dc23870c64660300e78f8 mes5/SRPMS/php-gtk2-2.0.1-2.2mdvmes5.2.src.rpm ecdbedc8c745921ab7e8c97850c7e976 mes5/SRPMS/php-imagick-3.0.1-0.2mdvmes5.2.src.rpm c31069ae710a67783a81adf905f72842 mes5/SRPMS/php-ini-5.3.13-0.1mdvmes5.2.src.rpm 7bba5d67278539bbfe8980f4619fc443 mes5/SRPMS/php-mailparse-2.1.6-0.1mdvmes5.2.src.rpm c064fa5008b99634cf43dd8cfcfc38a8 mes5/SRPMS/php-mcal-0.6-23.6mdvmes5.2.src.rpm 4dc1c969e13503b5b84e4cc2a62fcafa mes5/SRPMS/php-mcve-7.0.3-0.2mdvmes5.2.src.rpm 8a0b00a7eb45735c7f1b84db2124a02a mes5/SRPMS/php-mdbtools-1.0.0-4.2mdvmes5.2.src.rpm 50514e567296ef853fc9c040b27fde14 mes5/SRPMS/php-memcache-3.0.6-0.2mdvmes5.2.src.rpm 3d68803bc8d4d5db837d034e31b559ab mes5/SRPMS/php-ming-5.2.10-0.2mdvmes5.2.src.rpm 3788a033464659c7697271fe3e11cb6b mes5/SRPMS/php-optimizer-0.1-0.alpha2.0.2mdvmes5.2.src.rpm 4e41590da9fd097f6ecb0cf362bf99f9 mes5/SRPMS/php-perl-1.0.0-32.2mdvmes5.2.src.rpm 8227db814a6322c4a1c72717965be834 mes5/SRPMS/php-radius-1.2.5-7.2mdvmes5.2.src.rpm b6eea216f82a274151c12bb38e50793c mes5/SRPMS/php-sasl-0.1.0-21.6mdvmes5.2.src.rpm aefb4d8a934bd9ecf18f10cf94508b21 mes5/SRPMS/php-sphinx-1.2.0-0.1mdvmes5.2.src.rpm 27acc20ae9792b5ee79127428c76d019 mes5/SRPMS/php-ssh2-0.11.3-0.1mdvmes5.2.src.rpm 8561139b4f53146b52d0d881c93bd884 mes5/SRPMS/php-suhosin-0.9.33-0.1mdvmes5.2.src.rpm 9decd2138202b8f51428b69f8d089679 mes5/SRPMS/php-tclink-3.4.5-0.2mdvmes5.2.src.rpm a331ac0e06665fb2b1696eeb35ddd67b mes5/SRPMS/php-timezonedb-2012.3-0.1mdvmes5.2.src.rpm 79c414525991c894f01d9e597cda78f6 mes5/SRPMS/php-translit-0.6.1-0.1mdvmes5.2.src.rpm 93897f5b7d60138c9e12474dc8388954 mes5/SRPMS/php-vld-0.11.1-0.1mdvmes5.2.src.rpm 9f2b8c72495c63762e02a4792b321463 mes5/SRPMS/php-xattr-1.1.0-2.6mdvmes5.2.src.rpm bec964b1764e87c0ba2d78ec3c33f662 mes5/SRPMS/php-xcache-1.3.2-0.1mdvmes5.2.src.rpm 6e3b637199e13bd895401f2cadbf25c5 mes5/SRPMS/php-xdebug-2.1.4-0.1mdvmes5.2.src.rpm 7b1f065bc086533fa01adba07235c4fe mes5/SRPMS/php-yaz-1.1.1-0.1mdvmes5.2.src.rpm 51586ceaba69e3a61e4171c1b33821ad mes5/SRPMS/sphinx-0.9.9-0.1mdvmes5.2.src.rpm fb8632c3872b5f62b8fdc070565d21b6 mes5/SRPMS/xmlrpc-epi-0.54-0.1mdvmes5.2.src.rpm 7737d7193bce052e26930d49ee7e841f mes5/SRPMS/yaz-3.0.48-0.1mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: 96b2d5df095de56795b5e402b5615e5a mes5/x86_64/apache-mod_php-5.3.13-0.1mdvmes5.2.x86_64.rpm 03641ff5a502b304b0cbdeff4161f07a mes5/x86_64/lemon-3.7.4-0.1mdvmes5.2.x86_64.rpm 16d5aee91aab749c674b146725679edf mes5/x86_64/lib64mbfl1-1.1.0-0.1mdvmes5.2.x86_64.rpm 211cf3c8c54d7135c1c59d37df63dbd9 mes5/x86_64/lib64mbfl-devel-1.1.0-0.1mdvmes5.2.x86_64.rpm ff17fd8f9ad24289e558636ce26d6e17 mes5/x86_64/lib64ming1-0.4.4-0.1mdvmes5.2.x86_64.rpm 84acf50087747dcb4f34a5aa2ea1ce0a mes5/x86_64/lib64ming-devel-0.4.4-0.1mdvmes5.2.x86_64.rpm db2510f25a007023647f235013ec6e74 mes5/x86_64/lib64monetra7-7.0.4-0.1mdvmes5.2.x86_64.rpm e449abc214208571c14827a9319c0ec3 mes5/x86_64/lib64monetra-devel-7.0.4-0.1mdvmes5.2.x86_64.rpm 7a418a728839573bca2187e8c5468fe2 mes5/x86_64/lib64php5_common5-5.3.13-0.1mdvmes5.2.x86_64.rpm 4060a9ea3f85ea3df9260575783e7a17 mes5/x86_64/lib64sphinxclient0-0.9.9-0.1mdvmes5.2.x86_64.rpm f6ca93737988ebae403ef0ed8ab41359 mes5/x86_64/lib64sphinxclient-devel-0.9.9-0.1mdvmes5.2.x86_64.rpm 4a7ef9bd46d3c4e8e36f08868319244d mes5/x86_64/lib64stemmer0-0-5.1mdvmes5.2.x86_64.rpm b15fe53cc1c6ea59fdd82c04eae8e7fd mes5/x86_64/lib64stemmer-devel-0-5.1mdvmes5.2.x86_64.rpm c673964b2561e44781a98cb86a9e3187 mes5/x86_64/lib64xmlrpc-epi0-0.54-0.1mdvmes5.2.x86_64.rpm e66b903dc4310d0d3849689529146ec3 mes5/x86_64/lib64xmlrpc-epi-devel-0.54-0.1mdvmes5.2.x86_64.rpm 49cbe05c0d48ad378bd129ebd036ba26 mes5/x86_64/lib64yaz3-3.0.48-0.1mdvmes5.2.x86_64.rpm 2afb044886e1c96c3db29bdf0bb7dc9b mes5/x86_64/lib64yaz-devel-3.0.48-0.1mdvmes5.2.x86_64.rpm 2f4b0caff3c9e97839df3aa1ad6ca732 mes5/x86_64/ming-utils-0.4.4-0.1mdvmes5.2.x86_64.rpm f288571bd192a5e5802a40cd7d4e3118 mes5/x86_64/perl-SWF-0.4.4-0.1mdvmes5.2.x86_64.rpm b059dbc18e76476659494969ef5e4947 mes5/x86_64/php-apc-3.1.10-0.1mdvmes5.2.x86_64.rpm 68149e7e29a2e2ea3f7d7e3573bd193b mes5/x86_64/php-apc-admin-3.1.10-0.1mdvmes5.2.x86_64.rpm e38d895cf490704f5e6f8b1ecdca7e61 mes5/x86_64/php-bcmath-5.3.13-0.1mdvmes5.2.x86_64.rpm 711815bad3794350d9177d52bac8d95b mes5/x86_64/php-bz2-5.3.13-0.1mdvmes5.2.x86_64.rpm 3e8c4f72f0211a797a172c7092966a46 mes5/x86_64/php-calendar-5.3.13-0.1mdvmes5.2.x86_64.rpm 51026f5c6c789d4fe07bb64f5c2a4559 mes5/x86_64/php-cgi-5.3.13-0.1mdvmes5.2.x86_64.rpm a5c4c236c80e4219e0a8e29eac78b440 mes5/x86_64/php-cli-5.3.13-0.1mdvmes5.2.x86_64.rpm f7d68cdc91a5d1aca630bf5d2cc027a8 mes5/x86_64/php-ctype-5.3.13-0.1mdvmes5.2.x86_64.rpm 1e82cf4c1d05409239f773c27f25e148 mes5/x86_64/php-curl-5.3.13-0.1mdvmes5.2.x86_64.rpm 4414697431b4f9d8347d368406a74792 mes5/x86_64/php-dba-5.3.13-0.1mdvmes5.2.x86_64.rpm 78a159ea14c942e6b1484d7f7a02430f mes5/x86_64/php-dbx-1.1.0-30.2mdvmes5.2.x86_64.rpm afce38f700de1511605177aaac2a4b0c mes5/x86_64/php-devel-5.3.13-0.1mdvmes5.2.x86_64.rpm 24c2440bccc5cdceb6d9c6eb6fbd8fb6 mes5/x86_64/php-dio-0.0.5-0.1mdvmes5.2.x86_64.rpm e304390a900576e6344b831935fca984 mes5/x86_64/php-doc-5.3.13-0.1mdvmes5.2.x86_64.rpm 41d2f61596375aa03dcd64462432b8ad mes5/x86_64/php-dom-5.3.13-0.1mdvmes5.2.x86_64.rpm 84eead8c2a272ed05ef0a8f3b6672f56 mes5/x86_64/php-eaccelerator-0.9.6.1-0.6mdvmes5.2.x86_64.rpm d72cfcdee8d186ad859b3b99fd70bdd0 mes5/x86_64/php-eaccelerator-admin-0.9.6.1-0.6mdvmes5.2.x86_64.rpm e3b9b291bbc15d61895e27372b8b1925 mes5/x86_64/php-enchant-5.3.13-0.1mdvmes5.2.x86_64.rpm 558cd9c98631858a661a6aa4ccdf882b mes5/x86_64/php-exif-5.3.13-0.1mdvmes5.2.x86_64.rpm 3553939609e3fef1652ee999d37fd530 mes5/x86_64/php-fam-5.0.1-3.6mdvmes5.2.x86_64.rpm 5a19e0b3fc58299ccdb1b12f5ca69200 mes5/x86_64/php-fileinfo-5.3.13-0.1mdvmes5.2.x86_64.rpm 8a23bbc3e8c9ef45a339563075668d59 mes5/x86_64/php-filepro-5.1.6-13.6mdvmes5.2.x86_64.rpm 78be28f1fee69306797aa83a91bee75b mes5/x86_64/php-filter-5.3.13-0.1mdvmes5.2.x86_64.rpm f8339f10b4664c2130f1159f89c0b244 mes5/x86_64/php-fpm-5.3.13-0.1mdvmes5.2.x86_64.rpm d3b287afef7b1f6207082e97ae77b349 mes5/x86_64/php-ftp-5.3.13-0.1mdvmes5.2.x86_64.rpm 98f68dcc439e4252d72be221fe1e9b98 mes5/x86_64/php-gd-5.3.13-0.1mdvmes5.2.x86_64.rpm 0d04cfba60b215c27a87d77a363a51e9 mes5/x86_64/php-gettext-5.3.13-0.1mdvmes5.2.x86_64.rpm f95a838116143b396aedeeb01c534584 mes5/x86_64/php-gmp-5.3.13-0.1mdvmes5.2.x86_64.rpm e84018d144e7f94e436132420d51440d mes5/x86_64/php-gtk2-2.0.1-2.2mdvmes5.2.x86_64.rpm 7e02ce03f990c677fd39095d094bf5fc mes5/x86_64/php-hash-5.3.13-0.1mdvmes5.2.x86_64.rpm 9e3ae7e6d67397fc15a81d3b3e7d30c8 mes5/x86_64/php-iconv-5.3.13-0.1mdvmes5.2.x86_64.rpm 76155d4adcfb84852c193a6a9183a701 mes5/x86_64/php-imagick-3.0.1-0.2mdvmes5.2.x86_64.rpm 6c1aa64a78fef0ba6b12de5c7fdf227e mes5/x86_64/php-imap-5.3.13-0.1mdvmes5.2.x86_64.rpm e9dbcfb8b6330f52ea6f83630e0b96db mes5/x86_64/php-ini-5.3.13-0.1mdvmes5.2.x86_64.rpm a99ae1adc279e1446501374b396e9194 mes5/x86_64/php-intl-5.3.13-0.1mdvmes5.2.x86_64.rpm c4856a889eb1fabe4cfb4e7e0541a208 mes5/x86_64/php-json-5.3.13-0.1mdvmes5.2.x86_64.rpm 1e6ed1c6f514d3bed9271e192d6b8c79 mes5/x86_64/php-ldap-5.3.13-0.1mdvmes5.2.x86_64.rpm 23d141eeb5ec49b7bd14931e313efe61 mes5/x86_64/php-mailparse-2.1.6-0.1mdvmes5.2.x86_64.rpm 67df3a26f6e25258bb28b9d70ebdc7b9 mes5/x86_64/php-mbstring-5.3.13-0.1mdvmes5.2.x86_64.rpm ce6ec0bd9bf2c6bbea51b670566cf125 mes5/x86_64/php-mcal-0.6-23.6mdvmes5.2.x86_64.rpm 3af3a06df5a30d2324b42ce38b0170c7 mes5/x86_64/php-mcrypt-5.3.13-0.1mdvmes5.2.x86_64.rpm 898c0ff97086e4003f34c5af21a1209b mes5/x86_64/php-mcve-7.0.3-0.2mdvmes5.2.x86_64.rpm ea3c678599dd676b1596cf9b38bac5fa mes5/x86_64/php-mdbtools-1.0.0-4.2mdvmes5.2.x86_64.rpm f42a0499caae118ccb02a404fe853e8d mes5/x86_64/php-memcache-3.0.6-0.2mdvmes5.2.x86_64.rpm d656bf501e02bf270c74e621655e0f79 mes5/x86_64/php-ming-5.2.10-0.2mdvmes5.2.x86_64.rpm 67182e137d6799e21d1eb95f8e8a09a6 mes5/x86_64/php-mssql-5.3.13-0.1mdvmes5.2.x86_64.rpm 13b16b807e73dc799f820ec360b4c4c4 mes5/x86_64/php-mysql-5.3.13-0.1mdvmes5.2.x86_64.rpm 401bf41f8ae42e1c5cbae844b5859310 mes5/x86_64/php-mysqli-5.3.13-0.1mdvmes5.2.x86_64.rpm a3d71aca0b59a479be67aa5f7e2dadac mes5/x86_64/php-mysqlnd-5.3.13-0.1mdvmes5.2.x86_64.rpm 299a5af759216cc02b72c73e1aedb898 mes5/x86_64/php-odbc-5.3.13-0.1mdvmes5.2.x86_64.rpm 1b9afd33db663c3c0376e9e366a1d7e9 mes5/x86_64/php-openssl-5.3.13-0.1mdvmes5.2.x86_64.rpm 1bfa8188adf02eefd1fee6980bf8a637 mes5/x86_64/php-optimizer-0.1-0.alpha2.0.2mdvmes5.2.x86_64.rpm 4ea6deefc1d6c98165a39bf0cbbb1e68 mes5/x86_64/php-pcntl-5.3.13-0.1mdvmes5.2.x86_64.rpm e8edc47c4535c7185c648fe2cdd62fd3 mes5/x86_64/php-pdo-5.3.13-0.1mdvmes5.2.x86_64.rpm 7de9187f26e2b1dcbde7bfa6b5e72cc3 mes5/x86_64/php-pdo_dblib-5.3.13-0.1mdvmes5.2.x86_64.rpm 43c1dabc4e916f1676a64affa4e71923 mes5/x86_64/php-pdo_mysql-5.3.13-0.1mdvmes5.2.x86_64.rpm 90e7bb6c5edceae816e1efc1d772c1cd mes5/x86_64/php-pdo_odbc-5.3.13-0.1mdvmes5.2.x86_64.rpm 41c159cea72f2c8608422dd60b24a2aa mes5/x86_64/php-pdo_pgsql-5.3.13-0.1mdvmes5.2.x86_64.rpm 3b806d521833732f44d199760894e6cc mes5/x86_64/php-pdo_sqlite-5.3.13-0.1mdvmes5.2.x86_64.rpm e3047e894435230a2234b6c106e7f85b mes5/x86_64/php-perl-1.0.0-32.2mdvmes5.2.x86_64.rpm 13e2506c835e395eb7f81edac6b61a8f mes5/x86_64/php-pgsql-5.3.13-0.1mdvmes5.2.x86_64.rpm dab84434950d74f298b66066fc5d22b2 mes5/x86_64/php-phar-5.3.13-0.1mdvmes5.2.x86_64.rpm c087bf52f652c59da6bdd4fb06286464 mes5/x86_64/php-posix-5.3.13-0.1mdvmes5.2.x86_64.rpm 29d9820c941b281ec4bf2e1ae154b590 mes5/x86_64/php-pspell-5.3.13-0.1mdvmes5.2.x86_64.rpm 2a5472038518e78b1e77c085486a7f41 mes5/x86_64/php-radius-1.2.5-7.2mdvmes5.2.x86_64.rpm ef96d7846f36e03abbe0389a9c7025a6 mes5/x86_64/php-readline-5.3.13-0.1mdvmes5.2.x86_64.rpm 3d6dc5bbe9f83a3b7379b09842418d6d mes5/x86_64/php-recode-5.3.13-0.1mdvmes5.2.x86_64.rpm fe9478b8ef31ffd03c4fd7e3b13a6fcd mes5/x86_64/php-sasl-0.1.0-21.6mdvmes5.2.x86_64.rpm 66ea22c633fb484f787795c541c31458 mes5/x86_64/php-session-5.3.13-0.1mdvmes5.2.x86_64.rpm 73cf8b14818d6c4aa6ff7b4f876a305f mes5/x86_64/php-shmop-5.3.13-0.1mdvmes5.2.x86_64.rpm 2f1c10a3e69bc4962c68da8494d7a2d1 mes5/x86_64/php-snmp-5.3.13-0.1mdvmes5.2.x86_64.rpm 66bf34f4665ce04daf5962c4c5178966 mes5/x86_64/php-soap-5.3.13-0.1mdvmes5.2.x86_64.rpm d9f0deeb70efb200c65be5ba2cbfe197 mes5/x86_64/php-sockets-5.3.13-0.1mdvmes5.2.x86_64.rpm cb5ace43e37f4488ca65e4740495842a mes5/x86_64/php-sphinx-1.2.0-0.1mdvmes5.2.x86_64.rpm d2347f18673adf71d3fdc94600e6ec77 mes5/x86_64/php-sqlite3-5.3.13-0.1mdvmes5.2.x86_64.rpm 5317fd6819706540ee1d1e209b0ee65d mes5/x86_64/php-sqlite-5.3.13-0.1mdvmes5.2.x86_64.rpm e308fc3349779514b7aa1e336452f539 mes5/x86_64/php-ssh2-0.11.3-0.1mdvmes5.2.x86_64.rpm c60c35039cdf4a3446e29d0dfa96bc40 mes5/x86_64/php-suhosin-0.9.33-0.1mdvmes5.2.x86_64.rpm 3076e178dff5d37d8c44f21e00d63c9e mes5/x86_64/php-sybase_ct-5.3.13-0.1mdvmes5.2.x86_64.rpm e268581c1bbbd9269faa591577fce62a mes5/x86_64/php-sysvmsg-5.3.13-0.1mdvmes5.2.x86_64.rpm 7dbc04b5fc2ffee323f2c4123feb05bd mes5/x86_64/php-sysvsem-5.3.13-0.1mdvmes5.2.x86_64.rpm 1bdffd99b577b97adc67e5b20df0b301 mes5/x86_64/php-sysvshm-5.3.13-0.1mdvmes5.2.x86_64.rpm 71043e5371ce75f9f0cb63df38021fdb mes5/x86_64/php-tclink-3.4.5-0.2mdvmes5.2.x86_64.rpm 215a92aa7004ea738f44aed3e1168b9c mes5/x86_64/php-tidy-5.3.13-0.1mdvmes5.2.x86_64.rpm efc0a9750197c1b1f5158c8c1e55c27b mes5/x86_64/php-timezonedb-2012.3-0.1mdvmes5.2.x86_64.rpm c7debf59191371056785b18a4a99c276 mes5/x86_64/php-tokenizer-5.3.13-0.1mdvmes5.2.x86_64.rpm 26be1bde74ac0ce9f0b442cb4c81a9be mes5/x86_64/php-translit-0.6.1-0.1mdvmes5.2.x86_64.rpm c99427fc99b451727ac42a9b96a5537c mes5/x86_64/php-vld-0.11.1-0.1mdvmes5.2.x86_64.rpm 2743db76a4ec5fd0a67dbd68bf1229a4 mes5/x86_64/php-wddx-5.3.13-0.1mdvmes5.2.x86_64.rpm 6af7e7503ffe3d4141f222fb0701e817 mes5/x86_64/php-xattr-1.1.0-2.6mdvmes5.2.x86_64.rpm 85f807ce183c7b843701fd8899ef0991 mes5/x86_64/php-xcache-1.3.2-0.1mdvmes5.2.x86_64.rpm a62dad29f5eade1f3d3864b25dff3f2d mes5/x86_64/php-xcache-admin-1.3.2-0.1mdvmes5.2.x86_64.rpm bbf6d7585d06df26bcfa3b73dab0007c mes5/x86_64/php-xdebug-2.1.4-0.1mdvmes5.2.x86_64.rpm a5f092be6c7ca43ad60913afb67885e6 mes5/x86_64/php-xml-5.3.13-0.1mdvmes5.2.x86_64.rpm 65ef3be867bd8427c1f5d41131de8249 mes5/x86_64/php-xmlreader-5.3.13-0.1mdvmes5.2.x86_64.rpm d0c2192b6b08ef59e912fcbd272c98be mes5/x86_64/php-xmlrpc-5.3.13-0.1mdvmes5.2.x86_64.rpm 1c529b0215628a4d699542742dddb80e mes5/x86_64/php-xmlwriter-5.3.13-0.1mdvmes5.2.x86_64.rpm 78df5fc0a2128aa9658b426cd8378b35 mes5/x86_64/php-xsl-5.3.13-0.1mdvmes5.2.x86_64.rpm dadfa8975b5a1a141b2f454d370c59f6 mes5/x86_64/php-yaz-1.1.1-0.1mdvmes5.2.x86_64.rpm 9caa5cd5185ae316a091de219fd984d9 mes5/x86_64/php-zip-5.3.13-0.1mdvmes5.2.x86_64.rpm 92ac01caa79c1d542fe06e4aae21ff0b mes5/x86_64/php-zlib-5.3.13-0.1mdvmes5.2.x86_64.rpm fb2eadb2172166381d594394916add79 mes5/x86_64/python-SWF-0.4.4-0.1mdvmes5.2.x86_64.rpm 5fdd248cb611e7997ddc828e8a90c043 mes5/x86_64/sphinx-0.9.9-0.1mdvmes5.2.x86_64.rpm b3d72ab63f47dd5a0f3b1f147321bcab mes5/x86_64/stemwords-0-5.1mdvmes5.2.x86_64.rpm cfada59c5348ee46e44202376cf042c5 mes5/x86_64/yaz-3.0.48-0.1mdvmes5.2.x86_64.rpm 2bac0388ad669fc836a910cb6919733e mes5/SRPMS/apache-mod_php-5.3.13-0.1mdvmes5.2.src.rpm 0dd8c597a6a39e17b504408fa4f894d1 mes5/SRPMS/lemon-3.7.4-0.1mdvmes5.2.src.rpm 04a50458044ddef8dca4acbecd0555d1 mes5/SRPMS/libmbfl-1.1.0-0.1mdvmes5.2.src.rpm d9e473396af964f01dd6310844925396 mes5/SRPMS/libmonetra-7.0.4-0.1mdvmes5.2.src.rpm 0fafe53fccc11afa4b75c66dc49261cd mes5/SRPMS/libstemmer-0-5.1mdvmes5.2.src.rpm 6de1878b7ff4fbc0b63e381618e966ba mes5/SRPMS/ming-0.4.4-0.1mdvmes5.2.src.rpm c4041cade9aaf6c4c67f046e4bfbaa74 mes5/SRPMS/php-5.3.13-0.1mdvmes5.2.src.rpm c0a1c69bca172f69a034505cfd6b37fc mes5/SRPMS/php-apc-3.1.10-0.1mdvmes5.2.src.rpm df8c3520a450cb4209179f60cf8828cd mes5/SRPMS/php-dbx-1.1.0-30.2mdvmes5.2.src.rpm 7705d28806c6a73a9e588d174203ec11 mes5/SRPMS/php-dio-0.0.5-0.1mdvmes5.2.src.rpm cb9fd58d04a1db3ceec2f9b15c5ddac0 mes5/SRPMS/php-eaccelerator-0.9.6.1-0.6mdvmes5.2.src.rpm d1e7c7da449372f62c27a0cd3eeb8a8d mes5/SRPMS/php-fam-5.0.1-3.6mdvmes5.2.src.rpm 4c10d297abc9ea2a4dfe2cc441be619c mes5/SRPMS/php-filepro-5.1.6-13.6mdvmes5.2.src.rpm 7c30fe50ac1dc23870c64660300e78f8 mes5/SRPMS/php-gtk2-2.0.1-2.2mdvmes5.2.src.rpm ecdbedc8c745921ab7e8c97850c7e976 mes5/SRPMS/php-imagick-3.0.1-0.2mdvmes5.2.src.rpm c31069ae710a67783a81adf905f72842 mes5/SRPMS/php-ini-5.3.13-0.1mdvmes5.2.src.rpm 7bba5d67278539bbfe8980f4619fc443 mes5/SRPMS/php-mailparse-2.1.6-0.1mdvmes5.2.src.rpm c064fa5008b99634cf43dd8cfcfc38a8 mes5/SRPMS/php-mcal-0.6-23.6mdvmes5.2.src.rpm 4dc1c969e13503b5b84e4cc2a62fcafa mes5/SRPMS/php-mcve-7.0.3-0.2mdvmes5.2.src.rpm 8a0b00a7eb45735c7f1b84db2124a02a mes5/SRPMS/php-mdbtools-1.0.0-4.2mdvmes5.2.src.rpm 50514e567296ef853fc9c040b27fde14 mes5/SRPMS/php-memcache-3.0.6-0.2mdvmes5.2.src.rpm 3d68803bc8d4d5db837d034e31b559ab mes5/SRPMS/php-ming-5.2.10-0.2mdvmes5.2.src.rpm 3788a033464659c7697271fe3e11cb6b mes5/SRPMS/php-optimizer-0.1-0.alpha2.0.2mdvmes5.2.src.rpm 4e41590da9fd097f6ecb0cf362bf99f9 mes5/SRPMS/php-perl-1.0.0-32.2mdvmes5.2.src.rpm 8227db814a6322c4a1c72717965be834 mes5/SRPMS/php-radius-1.2.5-7.2mdvmes5.2.src.rpm b6eea216f82a274151c12bb38e50793c mes5/SRPMS/php-sasl-0.1.0-21.6mdvmes5.2.src.rpm aefb4d8a934bd9ecf18f10cf94508b21 mes5/SRPMS/php-sphinx-1.2.0-0.1mdvmes5.2.src.rpm 27acc20ae9792b5ee79127428c76d019 mes5/SRPMS/php-ssh2-0.11.3-0.1mdvmes5.2.src.rpm 8561139b4f53146b52d0d881c93bd884 mes5/SRPMS/php-suhosin-0.9.33-0.1mdvmes5.2.src.rpm 9decd2138202b8f51428b69f8d089679 mes5/SRPMS/php-tclink-3.4.5-0.2mdvmes5.2.src.rpm a331ac0e06665fb2b1696eeb35ddd67b mes5/SRPMS/php-timezonedb-2012.3-0.1mdvmes5.2.src.rpm 79c414525991c894f01d9e597cda78f6 mes5/SRPMS/php-translit-0.6.1-0.1mdvmes5.2.src.rpm 93897f5b7d60138c9e12474dc8388954 mes5/SRPMS/php-vld-0.11.1-0.1mdvmes5.2.src.rpm 9f2b8c72495c63762e02a4792b321463 mes5/SRPMS/php-xattr-1.1.0-2.6mdvmes5.2.src.rpm bec964b1764e87c0ba2d78ec3c33f662 mes5/SRPMS/php-xcache-1.3.2-0.1mdvmes5.2.src.rpm 6e3b637199e13bd895401f2cadbf25c5 mes5/SRPMS/php-xdebug-2.1.4-0.1mdvmes5.2.src.rpm 7b1f065bc086533fa01adba07235c4fe mes5/SRPMS/php-yaz-1.1.1-0.1mdvmes5.2.src.rpm 51586ceaba69e3a61e4171c1b33821ad mes5/SRPMS/sphinx-0.9.9-0.1mdvmes5.2.src.rpm fb8632c3872b5f62b8fdc070565d21b6 mes5/SRPMS/xmlrpc-epi-0.54-0.1mdvmes5.2.src.rpm 7737d7193bce052e26930d49ee7e841f mes5/SRPMS/yaz-3.0.48-0.1mdvmes5.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFPq6gTmqjQ0CJFipgRAqvVAJ9zEwWjj1SD2W0x+6Nb/vNvjYO4oQCg6O6L wF916W6TuFcSv/gD10fMyoE= =Va72 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ---------------------------------------------------------------------- Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch ---------------------------------------------------------------------- TITLE: PHP PHP-CGI QUERY_STRING Parameter Vulnerability SECUNIA ADVISORY ID: SA49014 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49014/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49014 RELEASE DATE: 2012-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/49014/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/49014/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=49014 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: De Eindbazen has reported a vulnerability in PHP, which can be exploited by malicious people to disclose certain sensitive information or compromise a vulnerable system. This can be exploited to e.g. disclose the PHP source code or execute arbitrary code. SOLUTION: Apply patch or workaround. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: De Eindbazen ORIGINAL ADVISORY: PHP: https://bugs.php.net/bug.php?id=61910 De Eindbazen: http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/ US-CERT VU#520827: http://www.kb.cert.org/vuls/id/520827 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . This fixes a vulnerability, which can be exploited by malicious people to disclose certain sensitive information or compromise a vulnerable system. HP System Management Homepage (SMH) before v7.1.1 running on Linux, Windows and VMware ESX. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03368475 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03368475 Version: 2 HPSBUX02791 SSRT100856 rev.2 - HP-UX Apache Web Server running PHP, Remote Execution of Arbitrary Code, Privilege Elevation, Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2012-06-14 Last Updated: 2012-08-22 - ----------------------------------------------------------------------------- Potential Security Impact: Remote execution of arbitrary code, privilege elevation, or Denial of Service (DoS). Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX Apache Web Server running PHP. These vulnerabilities could be exploited remotely to execute arbitrary code, elevate privileges, or create a Denial of Service (DoS). PHP is contained in the HP-UX Apache Web Server Suite. References: CVE-2011-4153, CVE-2012-0830, CVE-2012-0883, CVE-2012-1172, CVE-2012-1823, CVE-2012-2311 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.23, B.11.31 running HP-UX Apache Web Server Suite v3.24 or earlier HP-UX B.11.11 running HP-UX Apache Web Server Suite v2.35 or earlier BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2011-4153 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2012-0830 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-0883 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9 CVE-2012-1172 (AV:N/AC:M/Au:N/C:N/I:P/A:P) 5.8 CVE-2012-1823 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2012-2311 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided the following software updates to resolve the vulnerabilities. The updates are available for download from http://software.hp.com HP-UX Web Server Suite v3.24 containing Apache v2.2.15.13 and PHP v5.2.17 HP-UX 11i Release / Apache Depot name B.11.23 (32-bit) / HPUXWS22ATW-B324-32 B.11.23 (64-bit) / HPUXWS22ATW-B324-64 B.11.31 (32-bit) / HPUXWS22ATW-B324-32 B.11.31 (64-bit) / HPUXWS22ATW-B324-64 HP-UX Web Server Suite v2.36 containing Apache v2.0.64.04 and PHP v5.2.17 HP-UX 11i Release / Apache Depot Name B.11.11 (32-bit) / HPUXWSATW-B236-1111 MANUAL ACTIONS: Yes - Update Install HP-UX Web Server Suite v3.24 or subsequent Install HP-UX Web Server Suite v2.36 or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.11 ============== hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.64.04 or subsequent HP-UX B.11.23 ============== hpuxws22APCH32.APACHE hpuxws22APCH32.APACHE2 hpuxws22APCH32.AUTH_LDAP hpuxws22APCH32.AUTH_LDAP2 hpuxws22APCH32.MOD_JK hpuxws22APCH32.MOD_JK2 hpuxws22APCH32.MOD_PERL hpuxws22APCH32.MOD_PERL2 hpuxws22APCH32.PHP hpuxws22APCH32.PHP2 hpuxws22APCH32.WEBPROXY hpuxws22APCH32.WEBPROXY2 hpuxws22APACHE.APACHE hpuxws22APACHE.APACHE2 hpuxws22APACHE.AUTH_LDAP hpuxws22APACHE.AUTH_LDAP2 hpuxws22APACHE.MOD_JK hpuxws22APACHE.MOD_JK2 hpuxws22APACHE.MOD_PERL hpuxws22APACHE.MOD_PERL2 hpuxws22APACHE.PHP hpuxws22APACHE.PHP2 hpuxws22APACHE.WEBPROXY hpuxws22APACHE.WEBPROXY2 action: install revision B.2.2.15.13 or subsequent HP-UX B.11.31 ================== hpuxws22APCH32.APACHE hpuxws22APCH32.APACHE2 hpuxws22APCH32.AUTH_LDAP hpuxws22APCH32.AUTH_LDAP2 hpuxws22APCH32.MOD_JK hpuxws22APCH32.MOD_JK2 hpuxws22APCH32.MOD_PERL hpuxws22APCH32.MOD_PERL2 hpuxws22APCH32.PHP hpuxws22APCH32.PHP2 hpuxws22APCH32.WEBPROXY hpuxws22APCH32.WEBPROXY2 hpuxws22APACHE.APACHE hpuxws22APACHE.APACHE2 hpuxws22APACHE.AUTH_LDAP hpuxws22APACHE.AUTH_LDAP2 hpuxws22APACHE.MOD_JK hpuxws22APACHE.MOD_JK2 hpuxws22APACHE.MOD_PERL hpuxws22APACHE.MOD_PERL2 hpuxws22APACHE.PHP hpuxws22APACHE.PHP2 hpuxws22APACHE.WEBPROXY hpuxws22APACHE.WEBPROXY2 action: install revision B.2.2.15.13 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) - 14 June 2012 Initial release Version:2 (rev.2) - 22 August 2012 B.11.11 content added for B.2.0.64.04 Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAlA1Tn0ACgkQ4B86/C0qfVnYSgCgm9ZwCyDmHDD7Ti4ymR24RakY Vr4AoL+komq2lyIyCcjYvpF4Y/povF+J =ZGHp -----END PGP SIGNATURE-----

Trust: 3.24

sources: NVD: CVE-2012-1823 // CERT/CC: VU#520827 // CERT/CC: VU#673343 // BID: 53388 // VULMON: CVE-2012-1823 // PACKETSTORM: 116800 // PACKETSTORM: 112598 // PACKETSTORM: 112465 // PACKETSTORM: 112515 // PACKETSTORM: 121573 // PACKETSTORM: 115853

AFFECTED PRODUCTS

vendor:	redhat	model:	enterprise linux eus	scope:	eq	version:	6.2	Trust: 1.0
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	5.0	Trust: 1.0
vendor:	hp	model:	hp-ux	scope:	eq	version:	b.11.23	Trust: 1.0
vendor:	redhat	model:	application stack	scope:	eq	version:	2.0	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	gte	version:	10.8.0	Trust: 1.0
vendor:	redhat	model:	enterprise linux workstation	scope:	eq	version:	5.0	Trust: 1.0
vendor:	php	model:	php	scope:	lt	version:	5.3.12	Trust: 1.0
vendor:	opensuse	model:	opensuse	scope:	eq	version:	12.1	Trust: 1.0
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	6.0	Trust: 1.0
vendor:	redhat	model:	enterprise linux desktop	scope:	eq	version:	6.0	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	gte	version:	10.6.8	Trust: 1.0
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	5.3	Trust: 1.0
vendor:	suse	model:	linux enterprise software development kit	scope:	eq	version:	10	Trust: 1.0
vendor:	opensuse	model:	opensuse	scope:	eq	version:	11.4	Trust: 1.0
vendor:	hp	model:	hp-ux	scope:	eq	version:	b.11.31	Trust: 1.0
vendor:	redhat	model:	enterprise linux workstation	scope:	eq	version:	6.0	Trust: 1.0
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	5.6	Trust: 1.0
vendor:	redhat	model:	storage for public cloud	scope:	eq	version:	2.0	Trust: 1.0
vendor:	suse	model:	linux enterprise software development kit	scope:	eq	version:	11	Trust: 1.0
vendor:	php	model:	php	scope:	lt	version:	5.4.2	Trust: 1.0
vendor:	suse	model:	linux enterprise server	scope:	eq	version:	10	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	6.0	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lt	version:	10.8.2	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	39	Trust: 1.0
vendor:	redhat	model:	enterprise linux eus	scope:	eq	version:	5.6	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	40	Trust: 1.0
vendor:	redhat	model:	enterprise linux eus	scope:	eq	version:	6.1	Trust: 1.0
vendor:	redhat	model:	storage	scope:	eq	version:	2.0	Trust: 1.0
vendor:	php	model:	php	scope:	gte	version:	5.4.0	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lt	version:	10.7.5	Trust: 1.0
vendor:	suse	model:	linux enterprise server	scope:	eq	version:	11	Trust: 1.0
vendor:	redhat	model:	gluster storage server for on-premise	scope:	eq	version:	2.0	Trust: 1.0
vendor:	php	model:	php	scope:	eq	version:	5.3.1	Trust: 0.9
vendor:	the php group	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	parallels holdings	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	php	model:	php	scope:	eq	version:	5.2.16	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.3.0	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.2.15	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.2.8	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.2.13	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.2.17	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.2.14	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.2.11	Trust: 0.6
vendor:	php	model:	php	scope:	eq	version:	5.2.12	Trust: 0.6
vendor:	parallels	model:	plesk panel	scope:	eq	version:	9.5.4	Trust: 0.3
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	11.10	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.2	Trust: 0.3
vendor:	redhat	model:	enterprise linux hpc node optional	scope:	eq	version:	6	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	7.2	Trust: 0.3
vendor:	debian	model:	linux arm	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux ia-64	scope:	eq	version:	6.0	Trust: 0.3
vendor:	avaya	model:	ip office application server	scope:	eq	version:	8.1	Trust: 0.3
vendor:	oracle	model:	enterprise linux	scope:	eq	version:	6.2	Trust: 0.3
vendor:	avaya	model:	voice portal sp1	scope:	eq	version:	5.0	Trust: 0.3
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	6	Trust: 0.3
vendor:	php	model:	php	scope:	eq	version:	5.3.8	Trust: 0.3
vendor:	suse	model:	linux enterprise sdk sp1	scope:	eq	version:	11	Trust: 0.3
vendor:	avaya	model:	voice portal	scope:	eq	version:	5.1	Trust: 0.3
vendor:	suse	model:	linux enterprise server sp3 ltss	scope:	eq	version:	10	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	5.2	Trust: 0.3
vendor:	oracle	model:	enterprise linux	scope:	eq	version:	5	Trust: 0.3
vendor:	redhat	model:	enterprise linux server eus 6.1.z	scope:	-	version:	-	Trust: 0.3
vendor:	redhat	model:	enterprise linux server optional	scope:	eq	version:	6	Trust: 0.3
vendor:	redhat	model:	enterprise linux long life server	scope:	eq	version:	5.3	Trust: 0.3
vendor:	turbolinux	model:	appliance server	scope:	eq	version:	3.0	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	5.2.3	Trust: 0.3
vendor:	mandrakesoft	model:	enterprise server	scope:	eq	version:	5	Trust: 0.3
vendor:	php	model:	php	scope:	eq	version:	5.3.10	Trust: 0.3
vendor:	avaya	model:	voice portal sp2	scope:	eq	version:	5.0	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7	Trust: 0.3
vendor:	juniper	model:	ctpview	scope:	eq	version:	4.6	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	6.1	Trust: 0.3
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	11.10	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	7.0	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	6.1.1	Trust: 0.3
vendor:	avaya	model:	aura communication manager utility services	scope:	eq	version:	6.1	Trust: 0.3
vendor:	ubuntu	model:	linux lts amd64	scope:	eq	version:	8.04	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2011	Trust: 0.3
vendor:	redhat	model:	enterprise linux workstation	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.8	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7.5	Trust: 0.3
vendor:	ubuntu	model:	linux lts powerpc	scope:	eq	version:	8.04	Trust: 0.3
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	10.04	Trust: 0.3
vendor:	juniper	model:	ctpview	scope:	eq	version:	4.3	Trust: 0.3
vendor:	avaya	model:	aura messaging	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7.3	Trust: 0.3
vendor:	suse	model:	linux enterprise sdk sp4	scope:	eq	version:	10	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.4	Trust: 0.3
vendor:	juniper	model:	ctpview	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.8	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	11.4	Trust: 0.3
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	11.04	Trust: 0.3
vendor:	redhat	model:	enterprise linux workstation optional	scope:	eq	version:	6	Trust: 0.3
vendor:	avaya	model:	voice portal	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.8.1	Trust: 0.3
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	10.04	Trust: 0.3
vendor:	avaya	model:	aura communication manager	scope:	eq	version:	6.0	Trust: 0.3
vendor:	parallels	model:	plesk panel	scope:	eq	version:	9.3	Trust: 0.3
vendor:	ubuntu	model:	linux lts sparc	scope:	eq	version:	8.04	Trust: 0.3
vendor:	debian	model:	linux sparc	scope:	eq	version:	6.0	Trust: 0.3
vendor:	juniper	model:	ctpview 7.0r1	scope:	ne	version:	-	Trust: 0.3
vendor:	ibm	model:	lotus foundations start 1.2.2b	scope:	ne	version:	-	Trust: 0.3
vendor:	php	model:	php	scope:	eq	version:	5.3.9	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7.1	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.1	Trust: 0.3
vendor:	avaya	model:	aura messaging	scope:	eq	version:	6.1	Trust: 0.3
vendor:	ubuntu	model:	linux lts i386	scope:	eq	version:	8.04	Trust: 0.3
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	11.04	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	5.2.2	Trust: 0.3
vendor:	redhat	model:	enterprise linux eus 5.6.z server	scope:	-	version:	-	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.2	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	ne	version:	7.2.1	Trust: 0.3
vendor:	suse	model:	linux enterprise server sp1	scope:	eq	version:	11	Trust: 0.3
vendor:	avaya	model:	aura session manager sp1	scope:	eq	version:	5.2	Trust: 0.3
vendor:	php	model:	php	scope:	eq	version:	5.4.2	Trust: 0.3
vendor:	suse	model:	linux enterprise server sp4	scope:	eq	version:	10	Trust: 0.3
vendor:	avaya	model:	ip office application server	scope:	eq	version:	6.1	Trust: 0.3
vendor:	oracle	model:	enterprise linux	scope:	eq	version:	6	Trust: 0.3
vendor:	ibm	model:	lotus foundations start 1.2.2a	scope:	-	version:	-	Trust: 0.3
vendor:	apple	model:	mac os	scope:	ne	version:	x10.7.5	Trust: 0.3
vendor:	juniper	model:	ctpview	scope:	eq	version:	4.5	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	5.2.1	Trust: 0.3
vendor:	ubuntu	model:	linux sparc	scope:	eq	version:	10.04	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop optional	scope:	eq	version:	6	Trust: 0.3
vendor:	avaya	model:	aura communication manager utility services	scope:	eq	version:	6.0	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2010.1	Trust: 0.3
vendor:	avaya	model:	voice portal sp1	scope:	eq	version:	5.1	Trust: 0.3
vendor:	php	model:	php	scope:	eq	version:	5.3.3	Trust: 0.3
vendor:	suse	model:	linux enterprise server sp2	scope:	eq	version:	11	Trust: 0.3
vendor:	avaya	model:	voice portal	scope:	eq	version:	5.1.2	Trust: 0.3
vendor:	avaya	model:	ip office application server	scope:	eq	version:	7.0	Trust: 0.3
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.3
vendor:	suse	model:	linux enterprise sdk sp2	scope:	eq	version:	11	Trust: 0.3
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	10.04	Trust: 0.3
vendor:	redhat	model:	enterprise linux server optional eus	scope:	eq	version:	6.1	Trust: 0.3
vendor:	ubuntu	model:	linux lts i386	scope:	eq	version:	12.04	Trust: 0.3
vendor:	redhat	model:	enterprise linux hpc node	scope:	eq	version:	6	Trust: 0.3
vendor:	php	model:	php	scope:	eq	version:	5.3.6	Trust: 0.3
vendor:	php	model:	php	scope:	eq	version:	5.3.5	Trust: 0.3
vendor:	debian	model:	linux amd64	scope:	eq	version:	6.0	Trust: 0.3
vendor:	avaya	model:	aura communication manager	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	turbolinux	model:	server	scope:	eq	version:	110	Trust: 0.3
vendor:	avaya	model:	voice portal	scope:	eq	version:	5.0	Trust: 0.3
vendor:	avaya	model:	aura session manager	scope:	eq	version:	5.2	Trust: 0.3
vendor:	avaya	model:	ip office application server	scope:	eq	version:	8.0	Trust: 0.3
vendor:	php	model:	php	scope:	eq	version:	5.3.4	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2011	Trust: 0.3
vendor:	ubuntu	model:	linux lts lpia	scope:	eq	version:	8.04	Trust: 0.3
vendor:	ubuntu	model:	linux arm	scope:	eq	version:	10.04	Trust: 0.3
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	11.04	Trust: 0.3
vendor:	php	model:	php	scope:	eq	version:	5.3.12	Trust: 0.3
vendor:	juniper	model:	ctpview	scope:	eq	version:	4.4	Trust: 0.3
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	5	Trust: 0.3
vendor:	ubuntu	model:	linux lts amd64	scope:	eq	version:	12.04	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7	Trust: 0.3
vendor:	debian	model:	linux ia-32	scope:	eq	version:	6.0	Trust: 0.3
vendor:	php	model:	php	scope:	eq	version:	5.3.7	Trust: 0.3
vendor:	debian	model:	linux mips	scope:	eq	version:	6.0	Trust: 0.3
vendor:	ubuntu	model:	linux arm	scope:	eq	version:	11.04	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.0	Trust: 0.3
vendor:	avaya	model:	aura messaging	scope:	eq	version:	6.0	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.8	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.3	Trust: 0.3
vendor:	suse	model:	linux enterprise server for vmware sp1	scope:	eq	version:	11	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	7.1.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	ne	version:	x10.8.2	Trust: 0.3
vendor:	suse	model:	linux enterprise server for vmware sp2	scope:	eq	version:	11	Trust: 0.3
vendor:	hp	model:	hp-ux b.11.31	scope:	-	version:	-	Trust: 0.3
vendor:	debian	model:	linux s/390	scope:	eq	version:	6.0	Trust: 0.3
vendor:	avaya	model:	aura communication manager utility services	scope:	eq	version:	6.2	Trust: 0.3
vendor:	turbolinux	model:	appliance server	scope:	eq	version:	3.0x64	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop workstation client	scope:	eq	version:	5	Trust: 0.3
vendor:	parallels	model:	plesk panel	scope:	eq	version:	9.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.7.1	Trust: 0.3
vendor:	php	model:	php	scope:	eq	version:	5.4.1	Trust: 0.3
vendor:	debian	model:	linux powerpc	scope:	eq	version:	6.0	Trust: 0.3
vendor:	turbolinux	model:	client	scope:	eq	version:	2008	Trust: 0.3
vendor:	parallels	model:	plesk panel	scope:	eq	version:	8.6	Trust: 0.3
vendor:	parallels	model:	plesk panel	scope:	eq	version:	9.0	Trust: 0.3
vendor:	avaya	model:	ip office application server	scope:	eq	version:	6.0	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	6.3	Trust: 0.3
vendor:	ibm	model:	lotus foundations start	scope:	eq	version:	1.2	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	7.1.1	Trust: 0.3
vendor:	mandrakesoft	model:	enterprise server x86 64	scope:	eq	version:	5	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	eq	version:	7.1	Trust: 0.3
vendor:	redhat	model:	enterprise linux server eus	scope:	eq	version:	6.0	Trust: 0.3
vendor:	avaya	model:	aura session manager sp2	scope:	eq	version:	5.2	Trust: 0.3
vendor:	turbolinux	model:	server	scope:	eq	version:	11x64	Trust: 0.3
vendor:	hp	model:	system management homepage	scope:	ne	version:	7.1.1	Trust: 0.3
vendor:	redhat	model:	enterprise linux server optional eus	scope:	eq	version:	6.0	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	12.1	Trust: 0.3
vendor:	php	model:	php	scope:	eq	version:	5.3.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.7.2	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2010.1	Trust: 0.3
vendor:	php	model:	php	scope:	ne	version:	5.3.13	Trust: 0.3

sources: CERT/CC: VU#520827 // CERT/CC: VU#673343 // BID: 53388 // CNNVD: CNNVD-201205-108 // NVD: CVE-2012-1823

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-1823
value:	CRITICAL
Trust: 1.0
134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2012-1823
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2012-1823
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201205-108
value:	HIGH
Trust: 0.6
VULMON:	CVE-2012-1823
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2012-1823
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	CVE-2012-1823
severity:	HIGH
baseScore:	7.5
vectorString:	NONE
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8

nvd@nist.gov:	CVE-2012-1823
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 2.0

sources: CERT/CC: VU#673343 // VULMON: CVE-2012-1823 // CNNVD: CNNVD-201205-108 // NVD: CVE-2012-1823 // NVD: CVE-2012-1823

PROBLEMTYPE DATA

problemtype:

CWE-77

Trust: 1.0

sources: NVD: CVE-2012-1823

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 116800 // CNNVD: CNNVD-201205-108

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201205-108

EXPLOIT AVAILABILITY

sources: CERT/CC: VU#673343 // VULMON: CVE-2012-1823

PATCH

title:	PHP 5.4.3	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43186	Trust: 0.6
title:	PHP 5.4.3	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=43185	Trust: 0.6
title:	Red Hat: Critical: php53 security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20120569 - Security Advisory	Trust: 0.1
title:	Red Hat: Critical: php security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20120568 - Security Advisory	Trust: 0.1
title:	Red Hat: Critical: php security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20120546 - Security Advisory	Trust: 0.1
title:	Red Hat: Critical: php53 security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20120547 - Security Advisory	Trust: 0.1
title:	Debian CVElist Bug Report Logs: php5: PHP-CGI query string parameter vulnerability (CVE-2012-1823 / CVE-2012-2311, CERT VU#520827)	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=369fec60ba7ae134a5d768faf3cb2f6b	Trust: 0.1
title:	Ubuntu Security Notice: php5 vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1437-1	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2012-077	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2012-077	Trust: 0.1
title:	Debian Security Advisories: DSA-2465-1 php5 -- several vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=db88513c75df4c41339c6c90dcb69831	Trust: 0.1
title:	Red Hat: Moderate: php security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121045 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: php53 security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121047 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: php security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20121046 - Security Advisory	Trust: 0.1
title:	HacktivityCon_CTF_2020	url:	https://github.com/W3rni0/HacktivityCon_CTF_2020	Trust: 0.1
title:	exploits	url:	https://github.com/infodox/exploits	Trust: 0.1
title:	webappurls	url:	https://github.com/pwnwiki/webappurls	Trust: 0.1
title:	CVE-2012-1823	url:	https://github.com/drone789/CVE-2012-1823	Trust: 0.1
title:	Covid-v2-Botnet	url:	https://github.com/SniperX-D/Covid-v2-Botnet	Trust: 0.1
title:	covid	url:	https://github.com/MrScytheLULZ/covid	Trust: 0.1
title:	python-pySecurity	url:	https://github.com/CyberSavvy/python-pySecurity	Trust: 0.1
title:	pySecurity	url:	https://github.com/smartFlash/pySecurity	Trust: 0.1
title:	AutoSploit	url:	https://github.com/RootUp/AutoSploit	Trust: 0.1
title:	Python	url:	https://github.com/BCyberSavvy/Python	Trust: 0.1
title:	awesome-infosec	url:	https://github.com/onlurking/awesome-infosec	Trust: 0.1
title:	awesome-infosec	url:	https://github.com/eric-erki/awesome-infosec	Trust: 0.1
title:	Intrusion_Detection_System-Python	url:	https://github.com/marcocastro100/Intrusion_Detection_System-Python	Trust: 0.1
title:	deepdig	url:	https://github.com/cyberdeception/deepdig	Trust: 0.1
title:	Boot2root-CTFs-Writeups	url:	https://github.com/Jean-Francois-C/Boot2root-CTFs	Trust: 0.1
title:	Boot2root-CTFs-Writeups	url:	https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups	Trust: 0.1
title:	CDL	url:	https://github.com/NCSU-DANCE-Research-Group/CDL	Trust: 0.1
title:	Classified-Distributed-Learning-for-Detecting-Security-Attacks-in-Containerized-Applications	url:	https://github.com/yuhang-lin/Classified-Distributed-Learning-for-Detecting-Security-Attacks-in-Containerized-Applications	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/new-exploits-arrive-for-old-php-vulnerability/104881/	Trust: 0.1
title:	Securelist	url:	https://securelist.com/it-threat-evolution-q2-2013/37163/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/php-group-set-release-another-patch-cve-2012-1823-flaw-050812/76537/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/php-group-releases-new-versions-patch-doesnt-fix-cve-2012-1823-bug-050412/76524/	Trust: 0.1

sources: VULMON: CVE-2012-1823 // CNNVD: CNNVD-201205-108

EXTERNAL IDS

db:	NVD	id:	CVE-2012-1823	Trust: 4.1
db:	CERT/CC	id:	VU#520827	Trust: 2.9
db:	CERT/CC	id:	VU#673343	Trust: 2.2
db:	SECUNIA	id:	49014	Trust: 2.0
db:	SECUNIA	id:	49065	Trust: 1.7
db:	SECUNIA	id:	49085	Trust: 1.7
db:	SECUNIA	id:	49087	Trust: 1.7
db:	SECTRACK	id:	1027022	Trust: 1.1
db:	OPENWALL	id:	OSS-SECURITY/2024/06/07/1	Trust: 1.0
db:	SECUNIA	id:	49097	Trust: 0.7
db:	SECUNIA	id:	49053	Trust: 0.6
db:	CNNVD	id:	CNNVD-201205-108	Trust: 0.6
db:	JUNIPER	id:	JSA10658	Trust: 0.3
db:	BID	id:	53388	Trust: 0.3
db:	EXPLOIT-DB	id:	18836	Trust: 0.1
db:	VULMON	id:	CVE-2012-1823	Trust: 0.1
db:	PACKETSTORM	id:	116800	Trust: 0.1
db:	PACKETSTORM	id:	112598	Trust: 0.1
db:	PACKETSTORM	id:	112465	Trust: 0.1
db:	PACKETSTORM	id:	112515	Trust: 0.1
db:	PACKETSTORM	id:	121573	Trust: 0.1
db:	PACKETSTORM	id:	115853	Trust: 0.1

sources: CERT/CC: VU#520827 // CERT/CC: VU#673343 // VULMON: CVE-2012-1823 // BID: 53388 // PACKETSTORM: 116800 // PACKETSTORM: 112598 // PACKETSTORM: 112465 // PACKETSTORM: 112515 // PACKETSTORM: 121573 // PACKETSTORM: 115853 // CNNVD: CNNVD-201205-108 // NVD: CVE-2012-1823

REFERENCES

url:	http://www.php.net/archive/2012.php#id2012-05-03-1	Trust: 3.6
url:	http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/	Trust: 2.9
url:	http://www.kb.cert.org/vuls/id/520827	Trust: 2.1
url:	https://bugs.php.net/bug.php?id=61910	Trust: 1.8
url:	http://www.php.net/changelog-5.php#5.4.2	Trust: 1.7
url:	https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1	Trust: 1.7
url:	http://secunia.com/advisories/49014	Trust: 1.7
url:	http://secunia.com/advisories/49087	Trust: 1.7
url:	http://secunia.com/advisories/49065	Trust: 1.7
url:	http://secunia.com/advisories/49085	Trust: 1.7
url:	http://www.kb.cert.org/vuls/id/673343	Trust: 1.5
url:	http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03360041	Trust: 1.4
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2012:068	Trust: 1.2
url:	http://www.php.net/	Trust: 1.1
url:	http://kb.parallels.com/en/113818	Trust: 1.1
url:	http://seclists.org/fulldisclosure/2013/jun/21	Trust: 1.1
url:	http://rhn.redhat.com/errata/rhsa-2012-0568.html	Trust: 1.1
url:	http://rhn.redhat.com/errata/rhsa-2012-0547.html	Trust: 1.1
url:	http://rhn.redhat.com/errata/rhsa-2012-0546.html	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=134012830914727&w=2	Trust: 1.1
url:	http://lists.apple.com/archives/security-announce/2012/sep/msg00004.html	Trust: 1.1
url:	http://support.apple.com/kb/ht5501	Trust: 1.1
url:	http://www.securitytracker.com/id?1027022	Trust: 1.1
url:	http://rhn.redhat.com/errata/rhsa-2012-0570.html	Trust: 1.1
url:	http://rhn.redhat.com/errata/rhsa-2012-0569.html	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html	Trust: 1.1
url:	http://www.debian.org/security/2012/dsa-2465	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html	Trust: 1.1
url:	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2012-1823	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/pkgtquoa2ntz3rxn22csaujpiruyrb4b/	Trust: 1.0
url:	http://www.openwall.com/lists/oss-security/2024/06/07/1	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/pkgtquoa2ntz3rxn22csaujpiruyrb4b/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/w45dboh56nqdrtom2dn2lna2fzimc3pk/	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1823	Trust: 0.9
url:	http://www.php.net/manual/en/security.cgi-bin.php	Trust: 0.8
url:	http://www.php.net/archive/2012.php#id2012-05-08-1	Trust: 0.8
url:	http://www.symantec.com/connect/blogs/linux-worm-targeting-hidden-devices	Trust: 0.8
url:	http://php.net/changelog-5.php	Trust: 0.8
url:	http://kb.parallels.com/116241	Trust: 0.8
url:	http://www.parallels.com/products/plesk/lifecycle	Trust: 0.8
url:	http://blogs.cisco.com/security/plesk-0-day-targets-web-servers/	Trust: 0.8
url:	http://kb.parallels.com/en/113814	Trust: 0.8
url:	https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03839862	Trust: 0.6
url:	http://secunia.com/advisories/49053	Trust: 0.6
url:	http://secunia.com/advisories/49097	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0830	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1823	Trust: 0.4
url:	http://alerts.hp.com/r?2.1.3kt.2zr.xg7ek.hmj%2asm..t.a4jy.6o9k.bw89mq%5f%5fdmtsfto0	Trust: 0.3
url:	http://www-01.ibm.com/software/lotus/products/foundations/start/	Trust: 0.3
url:	kb.parallels.com/en/116241	Trust: 0.3
url:	https://community.rapid7.com/thread/5174	Trust: 0.3
url:	http://ompldr.org/vzgxxaq	Trust: 0.3
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10658&cat=sirt_1&actp=list	Trust: 0.3
url:	https://downloads.avaya.com/css/p8/documents/100162699	Trust: 0.3
url:	https://downloads.avaya.com/css/p8/documents/100165255	Trust: 0.3
url:	http://www.h-online.com/security/news/item/critical-open-hole-in-php-creates-risks-update-1567532.html	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21620314	Trust: 0.3
url:	http://www.turbolinux.co.jp/security-e/2012/tlsa-2012-14.txt	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2011-4885	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1172	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3379	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0057	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0788	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0831	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2012-2335	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2011-4566	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2012-2311	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2012-2336	Trust: 0.2
url:	http://secunia.com/psi_30_beta_launch	Trust: 0.2
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.2
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.2
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.2
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.2
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.2
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.2
url:	http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/	Trust: 0.2
url:	http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2011-4153	Trust: 0.2
url:	https://h20566.www2.hp.com/portal/site/hpsc/public/kb/	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2012:0569	Trust: 0.1
url:	https://github.com/infodox/exploits	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.exploit-db.com/exploits/18836/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-2688	Trust: 0.1
url:	http://security.gentoo.org/glsa/glsa-201209-03.xml	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4566	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2688	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-1398	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0789	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-1398	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0831	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2336	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2335	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-2143	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0057	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-3450	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3450	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0830	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3379	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-2386	Trust: 0.1
url:	http://security.gentoo.org/	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1172	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4885	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1823	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0788	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2311	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0789	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3365	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2143	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-3365	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-2386	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4566	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0831	Trust: 0.1
url:	http://secunia.com/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-1148	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4885	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3182	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1938	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0830	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2483	Trust: 0.1
url:	http://www.mandriva.com/security/advisories?name=mdva-2012:004	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-2202	Trust: 0.1
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2011:166	Trust: 0.1
url:	http://lists.grok.org.uk/full-disclosure-charter.html	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2336	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0788	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0807	Trust: 0.1
url:	http://www.mandriva.com/security/	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1148	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-1938	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3267	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3268	Trust: 0.1
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2011:165	Trust: 0.1
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2012:065	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3182	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3268	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2202	Trust: 0.1
url:	http://www.mandriva.com/security/advisories	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-2483	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-1657	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0807	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1172	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3379	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3267	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1657	Trust: 0.1
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2012:068-1	Trust: 0.1
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2011:197	Trust: 0.1
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2011:180	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2335	Trust: 0.1
url:	http://secunia.com/advisories/49014/#comments	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=49014	Trust: 0.1
url:	http://secunia.com/advisories/49014/	Trust: 0.1
url:	http://www.ubuntu.com/usn/usn-1437-1/	Trust: 0.1
url:	http://secunia.com/advisories/49097/#comments	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=49097	Trust: 0.1
url:	http://secunia.com/advisories/49097/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0036	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-2016	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-4078	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0031	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1165	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-2834	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-4317	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-1944	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-2014	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-4108	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-2013	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-4415	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-4577	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3607	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-4619	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0021	Trust: 0.1
url:	http://www.hp.com/swpublishing/mtx-ac3d1f80b8dd48b792bfc01a08	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0027	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0053	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-2012	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-2015	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-4576	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-2821	Trust: 0.1
url:	http://software.hp.com	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2012-0883	Trust: 0.1
url:	https://www.hp.com/go/swa	Trust: 0.1

CREDITS

De Eindbazen

Trust: 0.3

sources: BID: 53388

SOURCES

db:	CERT/CC	id:	VU#520827
db:	CERT/CC	id:	VU#673343
db:	VULMON	id:	CVE-2012-1823
db:	BID	id:	53388
db:	PACKETSTORM	id:	116800
db:	PACKETSTORM	id:	112598
db:	PACKETSTORM	id:	112465
db:	PACKETSTORM	id:	112515
db:	PACKETSTORM	id:	121573
db:	PACKETSTORM	id:	115853
db:	CNNVD	id:	CNNVD-201205-108
db:	NVD	id:	CVE-2012-1823

LAST UPDATE DATE

2026-02-05T15:20:38.920000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#520827	date:	2013-12-02T00:00:00
db:	CERT/CC	id:	VU#673343	date:	2013-06-07T00:00:00
db:	VULMON	id:	CVE-2012-1823	date:	2018-01-18T00:00:00
db:	BID	id:	53388	date:	2015-04-13T22:15:00
db:	CNNVD	id:	CNNVD-201205-108	date:	2012-05-08T00:00:00
db:	NVD	id:	CVE-2012-1823	date:	2025-11-04T18:15:34.990

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#520827	date:	2012-05-03T00:00:00
db:	CERT/CC	id:	VU#673343	date:	2013-06-07T00:00:00
db:	VULMON	id:	CVE-2012-1823	date:	2012-05-11T00:00:00
db:	BID	id:	53388	date:	2012-05-04T00:00:00
db:	PACKETSTORM	id:	116800	date:	2012-09-24T15:02:14
db:	PACKETSTORM	id:	112598	date:	2012-05-10T15:28:01
db:	PACKETSTORM	id:	112465	date:	2012-05-05T05:25:23
db:	PACKETSTORM	id:	112515	date:	2012-05-08T04:16:46
db:	PACKETSTORM	id:	121573	date:	2013-05-09T14:44:00
db:	PACKETSTORM	id:	115853	date:	2012-08-24T01:40:32
db:	CNNVD	id:	CNNVD-201205-108	date:	2012-05-08T00:00:00
db:	NVD	id:	CVE-2012-1823	date:	2012-05-11T10:15:48.043