Oval Definition:oval:org.mitre.oval:def:19075
Revision Date:2015-04-20Version:30
Title:HP-UX Apache Web Server running PHP, Remote Execution of Arbitrary Code, Privilege Elevation, Denial of Service (DoS)
Description:PHP 5.3.8 does not always check the return value of the zend_strndup function, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that performs strndup operations on untrusted string data, as demonstrated by the define function in zend_builtin_functions.c, and unspecified functions in ext/soap/php_sdl.c, ext/standard/syslog.c, ext/standard/browscap.c, ext/oci8/oci8.c, ext/com_dotnet/com_typeinfo.c, and main/php_open_temporary_file.c.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2011-4153
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • Criteria meets HP Security Bulletin HPSBUX02791
  • HP-UX B.11.11
  • AND filesets tests
  • hpuxwsAPACHE.APACHE version is less than B.2.0.64.04
  • OR hpuxwsAPACHE.APACHE2 version is less than B.2.0.64.04
  • OR hpuxwsAPACHE.AUTH_LDAP version is less than B.2.0.64.04
  • OR hpuxwsAPACHE.AUTH_LDAP2 version is less than B.2.0.64.04
  • OR hpuxwsAPACHE.MOD_JK version is less than B.2.0.64.04
  • OR hpuxwsAPACHE.MOD_JK2 version is less than B.2.0.64.04
  • OR hpuxwsAPACHE.MOD_PERL version is less than B.2.0.64.04
  • OR hpuxwsAPACHE.MOD_PERL2 version is less than B.2.0.64.04
  • OR hpuxwsAPACHE.PHP version is less than B.2.0.64.04
  • OR hpuxwsAPACHE.PHP2 version is less than B.2.0.64.04
  • OR hpuxwsAPACHE.WEBPROXY version is less than B.2.0.64.04
  • OR Criteria meets HP Security Bulletin HPSBUX02791
  • HP-UX B.11.23
  • AND filesets tests
  • hpuxws22APCH32.APACHE version is less than B.2.2.15.13
  • OR hpuxws22APCH32.APACHE2 version is less than B.2.2.15.13
  • OR hpuxws22APCH32.AUTH_LDAP version is less than B.2.2.15.13
  • OR hpuxws22APCH32.AUTH_LDAP2 version is less than B.2.2.15.13
  • OR hpuxws22APCH32.MOD_JK version is less than B.2.2.15.13
  • OR hpuxws22APCH32.MOD_JK2 version is less than B.2.2.15.13
  • OR hpuxws22APCH32.MOD_PERL version is less than B.2.2.15.13
  • OR hpuxws22APCH32.MOD_PERL2 version is less than B.2.2.15.13
  • OR hpuxws22APCH32.PHP version is less than B.2.2.15.13
  • OR hpuxws22APCH32.PHP2 version is less than B.2.2.15.13
  • OR hpuxws22APCH32.WEBPROXY version is less than B.2.2.15.13
  • OR hpuxws22APCH32.WEBPROXY2 version is less than B.2.2.15.13
  • OR hpuxws22APACHE.APACHE version is less than B.2.2.15.13
  • OR hpuxws22APACHE.APACHE2 version is less than B.2.2.15.13
  • OR hpuxws22APACHE.AUTH_LDAP version is less than B.2.2.15.13
  • OR hpuxws22APACHE.AUTH_LDAP2 version is less than B.2.2.15.13
  • OR hpuxws22APACHE.MOD_JK version is less than B.2.2.15.13
  • OR hpuxws22APACHE.MOD_JK2 version is less than B.2.2.15.13
  • OR hpuxws22APACHE.MOD_PERL version is less than B.2.2.15.13
  • OR hpuxws22APACHE.MOD_PERL2 version is less than B.2.2.15.13
  • OR hpuxws22APACHE.PHP version is less than B.2.2.15.13
  • OR hpuxws22APACHE.PHP2 version is less than B.2.2.15.13
  • OR hpuxws22APACHE.WEBPROXY version is less than B.2.2.15.13
  • OR hpuxws22APACHE.WEBPROXY2 version is less than B.2.2.15.13
  • OR Criteria meets HP Security Bulletin HPSBUX02791
  • HP-UX B.11.31
  • AND filesets tests
  • hpuxws22APCH32.APACHE version is less than B.2.2.15.13
  • OR hpuxws22APCH32.APACHE2 version is less than B.2.2.15.13
  • OR hpuxws22APCH32.AUTH_LDAP version is less than B.2.2.15.13
  • OR hpuxws22APCH32.AUTH_LDAP2 version is less than B.2.2.15.13
  • OR hpuxws22APCH32.MOD_JK version is less than B.2.2.15.13
  • OR hpuxws22APCH32.MOD_JK2 version is less than B.2.2.15.13
  • OR hpuxws22APCH32.MOD_PERL version is less than B.2.2.15.13
  • OR hpuxws22APCH32.MOD_PERL2 version is less than B.2.2.15.13
  • OR hpuxws22APCH32.PHP version is less than B.2.2.15.13
  • OR hpuxws22APCH32.PHP2 version is less than B.2.2.15.13
  • OR hpuxws22APCH32.WEBPROXY version is less than B.2.2.15.13
  • OR hpuxws22APCH32.WEBPROXY2 version is less than B.2.2.15.13
  • OR hpuxws22APACHE.APACHE version is less than B.2.2.15.13
  • OR hpuxws22APACHE.APACHE2 version is less than B.2.2.15.13
  • OR hpuxws22APACHE.AUTH_LDAP version is less than B.2.2.15.13
  • OR hpuxws22APACHE.AUTH_LDAP2 version is less than B.2.2.15.13
  • OR hpuxws22APACHE.MOD_JK version is less than B.2.2.15.13
  • OR hpuxws22APACHE.MOD_JK2 version is less than B.2.2.15.13
  • OR hpuxws22APACHE.MOD_PERL version is less than B.2.2.15.13
  • OR hpuxws22APACHE.MOD_PERL2 version is less than B.2.2.15.13
  • OR hpuxws22APACHE.PHP version is less than B.2.2.15.13
  • OR hpuxws22APACHE.PHP2 version is less than B.2.2.15.13
  • OR hpuxws22APACHE.WEBPROXY version is less than B.2.2.15.13
  • OR hpuxws22APACHE.WEBPROXY2 version is less than B.2.2.15.13
    • BACK