QCEJFYL8

1"HEADER__KEY___value","HEADER__KEY____text","IP__OS","IP__SERVICES__CAT__SERVICE__TITLE","IP__SERVICES__CAT__SERVICE__PCI_FLAG","IP__SERVICES__CAT__SERVICE__RESULT___format","IP__SERVICES__CAT__SERVICE__RESULT____cdata","IP__SERVICES__CAT__SERVICE___number","IP__SERVICES__CAT__SERVICE___severity","IP__SERVICES__CAT___value","IP__VULNS__CAT__VULN__TITLE","IP__VULNS__CAT__VULN__PCI_FLAG","IP__VULNS__CAT__VULN__CVSS_BASE","IP__VULNS__CAT__VULN__CVSS_TEMPORAL","IP__VULNS__CAT__VULN__CONSEQUENCE____cdata","IP__VULNS__CAT__VULN__DIAGNOSIS____cdata","IP__VULNS__CAT__VULN__DIAGNOSIS","IP__VULNS__CAT__VULN__RESULT","IP__VULNS__CAT__VULN__SOLUTION","IP__VULNS__CAT__VULN__SOLUTION____cdata","IP__VULNS__CAT__VULN___number","IP__VULNS__CAT__VULN___severity","IP__VULNS__CAT__VULN___cveid","IP__VULNS__CAT___value","IP__VULNS__CAT___protocol","IP__VULNS__CAT___port","IP___name","IP___value","_value"
2"DATE","2019-01-16T22:42:49Z","Linux Kernel: CentOS","Open TCP Services List","0","table","Port	IANA Assigned Ports/Services	Description	Service Detected	OS On Redirected Port\n22	ssh	ssh	SSH\n80	http	http	HTTP\n110	pop3	pop3	POP3\n143	imap	imap	IMAP\n993	imaps	imaps	IMAP SSL\n995	pop3s	pop3s	POP3 SSL\n3306	mysql	mysql	MySQL","82023","1","TCP/IP","Accounts are found","1","10.0","8.7","\nLogin: test\nPassword: test\nStatus:  \nServer greeting: Last failed login: Wed Jan 16 13:58:31 PST 2019 from 192.168.43.108 on ssh:notty\nThere was 1 failed login attempt since the last successful login.\n","","N/A","N/A","","Change password, or disable this account.","MP-6011","5","","SSH","TCP","22","No registered hostname","192.168.43.208","2/43"
3"STATUS","FINISHED","","","","","","","","","OpenSSHD User Enumeration without Authentication","0","5.0","0.0","OpenSSHD 7.2p2 and possibly other versions uses fake password hashes when authenticating non-existing users, that results in different time delays.\nThe fact is that it takes much longer to calculate SHA256/SHA512 password hashes than BLOWFISH password hashes, which are used for non-existing users. If real user passwords are hashed using SHA256/SHA512, then sending 10KB passwords will result in significantly different time delays depending on the used algorithm (i.e. BLOWFISH or SHA256/SHA512), that allows to determine whether a user name exists. Exploitation of this vulnerability allows remote attackers to enumerate valid usernames.\nThis vulnerability has no direct impact on the system but it facilitates guessing user logins.\nLogins: root\nLogins: test","Vulnerability allows remote attackers to enumerate valid usernames.","","N/A","","To fix the vulnerability install the latest OpenSSHD version (i.e. 7.3p1 or earlier).","MP-8350","4","CVE-2016-6210","","","","","",""
4"DURATION","00:44:01","","","","","","","","","SSH Weak Cryptography Ciphers","0","0.0","0.0","The 'arcfour' is the Arcfour stream cipher. The Arcfour cipher is believed to be compatible with the RC4 cipher. RFC 4253 states that Arcfour (and RC4) has problems with weak keys, and should be used with caution.\nIf SSH server is configured to support Cipher Block Chaining (CBC) encryption, this may allow an attacker to recover plaintext data from the ciphertext.\nWeak Ciphers: arcfour256\nWeak Ciphers: arcfour128\nWeak Ciphers: aes128-cbc\nWeak Ciphers: 3des-cbc\nWeak Ciphers: blowfish-cbc\nWeak Ciphers: cast128-cbc\nWeak Ciphers: aes192-cbc\nWeak Ciphers: aes256-cbc\nWeak Ciphers: arcfour\nWeak Ciphers: rijndael-cbc@lysator.liu.se","Weak encryption algorithms are enabled for the SSH protocol.","","N/A","","Disable the listed encryption algorithms.","MP-8365","3","CVE-2008-5161","","","","","",""
5"SCAN_HOST","maxpatrol (MaxPatrol build 28741,,)","","","","","","","","","SSH Weak MAC Algorithms","0","0.0","0.0","Using the following algorithms is unsafe: md5-based, sha1-based.\nThe following algorithms use weak cryptography: umac-64.\nThe following algorithms are considered obsolete and removed from the standard: ripemd160, blowfish.\nWeak algorithms: hmac-md5-etm@openssh.com\nWeak algorithms: hmac-sha1-etm@openssh.com\nWeak algorithms: umac-64-etm@openssh.com\nWeak algorithms: hmac-ripemd160-etm@openssh.com\nWeak algorithms: hmac-sha1-96-etm@openssh.com\nWeak algorithms: hmac-md5-96-etm@openssh.com\nWeak algorithms: hmac-md5\nWeak algorithms: hmac-sha1\nWeak algorithms: umac-64@openssh.com\nWeak algorithms: hmac-ripemd160\nWeak algorithms: hmac-ripemd160@openssh.com\nWeak algorithms: hmac-sha1-96\nWeak algorithms: hmac-md5-96","The remote SSH server is configured to allow weak MD5, 96-bit, and SHA1 MAC algorithms.","","N/A","","Disable the listed MAC algorithms.","MP-8368","3","","","","","","",""
6"","","","","","","","","","","SSH Weak Key-Exchange Algorithms","0","0.0","0.0","Using the following algorithms is unsafe: sha1-based.\nThe following algorithms use weak elliptic-curve cryptography: ecdh-sha2-nistp-*.\nWeak algorithms: ecdh-sha2-nistp256\nWeak algorithms: ecdh-sha2-nistp384\nWeak algorithms: ecdh-sha2-nistp521\nWeak algorithms: diffie-hellman-group-exchange-sha1\nWeak algorithms: diffie-hellman-group14-sha1\nWeak algorithms: diffie-hellman-group1-sha1","The remote SSH server is configured to allow weak SHA1-based or weak elliptic-curves Key-Exchange algorithms.","","N/A","","Disable the listed Key-Exchange algorithms.","MP-8369","3","","","","","","",""
7"","","","","","","","","","","SSH Weak Host-Key Signature Algorithms","0","0.0","0.0","The following algorithms use weak elliptic curve cryptography: ecdsa-sha2-nistp256.\nWeak algorithms: ecdsa-sha2-nistp256","The remote SSH server is configured to allow weak Host-Key algorithms.","","N/A","","Disable the listed Host-Key algorithms.","MP-8370","3","","","","","","",""
8"","","","","","","","","","","User Enumeration","0","5.0","3.9","OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.\nLogins: root\nLogins: test","Vulnerability allows attackers to obtain sensitive information.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttps://www.openssh.com/","MP-8377","4","CVE-2018-15473","","","","","",""
9"","","","","","","","","","","Arbitrary Code Execution","1","7.5","5.9","Vulnerability in OpenSSH allows users to access all parts of the filesystem that they have access to, and write to arbitrary memory positions. Successful exploitation may allow execution of arbitrary code.","Vulnerability allows attackers to execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.openssh.com","MP-183773","5","","SSH","TCP","22","","",""
10"","","","","","","","","","","Access Restrictions Bypass","1","6.5","4.8","The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.","Vulnerability allows remote attackers to bypass intended access restrictions.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.openssh.com","MP-184735","3","CVE-2015-5352","","","","","",""
11"","","","","","","","","","","Access Restrictions Bypass","1","8.5","7.3","The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.","Vulnerability allows remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption).","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.openssh.com/\nhttps://kb.juniper.net/InfoCenter/index?page=content&id=JSA10697","MP-184810","5","CVE-2015-5600","","","","","",""
12"","","","","","","","","","","Impersonation","0","1.9","1.4","The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.","Vulnerability allows local users to conduct impersonation attacks.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.openssh.com","MP-184891","3","CVE-2015-6563","","","","","",""
13"","","","","","","","","","","Use-After-Free Vulnerability","1","6.9","5.1","Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.","Vulnerability allows local users to gain privileges.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.openssh.com","MP-184892","3","CVE-2015-6564","","","","","",""
14"","","","","","","","","","","Denial of Service","0","5.0","3.7","The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.","Vulnerability allows remote attackers to cause a denial of service (out-of-bounds read and application crash).","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.openssh.com","MP-185619","3","CVE-2016-1907","","","","","",""
15"","","","","","","","","","","Command Injection","1","5.5","4.3","Vulnerability exists in OpenSSH with X11Forwarding enabled due to missing sanitization of credential data that allows remote authenticated users to inject xauth commands and read or overwrite arbitrary files or connect to local ports.","Vulnerability allows remote attackers to read or overwrite arbitrary files and connect to local ports.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.openssh.com","MP-185816","3","CVE-2016-3115","","","","","",""
16"","","","","","","","","","","Privilege Gaining","1","7.2","5.3","The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD_PRELOAD environment variable.","Vulnerability allows local users to gain privileges.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.openssh.com","MP-186569","5","CVE-2015-8325","","","","","",""
17"","","","","","","","","","","Denial of Service","1","7.8","5.8","The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.","Vulnerability allows remote attackers to cause a denial of service (crypt CPU consumption).","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.openssh.com/","MP-186616","5","CVE-2016-6515","","","","","",""
18"","","","","","","","","","","Untrusted Search Path","1","7.5","6.2","Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.","Vulnerability allows remote attackers to execute arbitrary local PKCS#11 modules.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.openssh.com/","MP-187538","5","CVE-2016-10009","","","","","",""
19"","","","","","","","","","","Privilege Gaining","1","6.9","5.7","sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.","Vulnerability allows local users to gain privileges.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.openssh.com/","MP-187539","3","CVE-2016-10010","","","","","",""
20"","","","","","","","","","","Information Disclosure","0","2.1","1.6","authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.","Vulnerability allows attackers to obtain sensitive information.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.openssh.com/","MP-187540","3","CVE-2016-10011","","","","","",""
21"","","","","","","","","","","Privilege Gaining","1","7.2","5.3","The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.","Vulnerability allows local users to gain privileges.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.openssh.com/","MP-187541","5","CVE-2016-10012","","","","","",""
22"","","","","","","","","","","User Enumeration","0","4.3","3.4","sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.","Vulnerability allows remote attackers to enumerate users.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.openssh.com/","MP-188148","3","CVE-2016-6210","","","","","",""
23"","","","","","","","","","","Unauthorized Write Operations","0","5.0","3.7","The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.","Vulnerability allows attackers to create zero-length files.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttps://www.openssh.com/","MP-189261","3","CVE-2017-15906","","","","","",""
24"","","","","","","","","","","User Enumeration","0","5.0","3.9","OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.","Vulnerability allows attackers to obtain sensitive information.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttps://www.openssh.com/","MP-190653","3","CVE-2018-15473","","","","","",""
25"","","","","","","","","","","Directories with BROWSE access found","0","5.0","0.0","Malicious users or attackers could use the information gained by browsing the directory structure of a website to refine an attack, locate unprotected directories or gain access to directories and files that should not be publicly accessible. The structure of a websites directory could provide a potential attacker some insight into the type of web server, operating system or other software running on the system.\nDirectories with browse access:\n\n(null : 0x00000000): <a href=""http://192.168.43.208/icons/"" target=_blank>/icons/</a>","","N/A","N/A","","Deny BROWSE access to all directories unless completely necessary.","MP-1012","4","","HTTP","TCP","80","","",""
26"","","","","","","","","","","Existing but Unreachable Directories found","0","2.1","0.0","The following directories exist in the directory structure, but were unreachable at the time the scan was run:\n\n(null : 0x00000000): <a href=""http://192.168.43.208/"" target=_blank>/</a>\n(null : 0x00000000): <a href=""http://192.168.43.208/cgi-bin/"" target=_blank>/cgi-bin/</a>","","N/A","N/A","N/A","","MP-1015","3","","","","","","",""
27"","","","","","","","","","","TRACE Method Allowed","0","4.3","0.0","A flaw in the TRACE request, a rarely used portion of the HTTP standard akin to a ""ping"", makes XST possible, broadening its scope well beyond buggy Web browsers, and painting a sobering picture: all Web servers have TRACE switched on by default. The affected servers power the Web's day-to-day banking transactions and fuel the engines of e-commerce, as well as more mundane tasks.","","N/A","N/A","","Disable TRACE Method.","MP-1160","3","","","","","","",""
28"","","","","","","","","","","Spoofing","0","4.3","3.2","The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.","Vulnerability allows remote attackers to spoof arbitrary SSL servers.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net","MP-181934","3","CVE-2013-4248","HTTP","TCP","80","","",""
29"","","","","","","","","","","Denial of Service","1","6.8","5.0","ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net","MP-181936","3","CVE-2013-4113","","","","","",""
30"","","","","","","","","","","Denial of Service","0","5.0","4.0","Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.","Vulnerability allows attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net","MP-183101","3","CVE-2014-1943","","","","","",""
31"","","","","","","","","","","Denial of Service","0","4.3","3.5","softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.","Vulnerability allows attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net","MP-183102","3","CVE-2014-2270","","","","","",""
32"","","","","","","","","","","Denial of Service","0","5.0","3.7","The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://httpd.apache.org/","MP-183155","3","CVE-2014-0098","HTTP","TCP","80","","",""
33"","","","","","","","","","","Denial of Service","0","5.0","3.7","The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://httpd.apache.org/","MP-183156","3","CVE-2013-6438","","","","","",""
34"","","","","","","","","","","Arbitrary Code Execution","1","7.5","5.9","The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.","Vulnerability allows remote attackers to execute arbitrary code or cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net","MP-183195","5","CVE-2013-6420","HTTP","TCP","80","","",""
35"","","","","","","","","","","Denial of Service","0","5.0","3.7","The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters.","Vulnerability allows attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net","MP-183196","3","CVE-2013-7345","","","","","",""
36"","","","","","","","","","","Denial of Service","0","5.0","3.7","The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net","MP-183454","3","CVE-2014-0237","","","","","",""
37"","","","","","","","","","","Denial of Service","0","5.0","3.7","The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net","MP-183455","3","CVE-2014-0238","","","","","",""
38"","","","","","","","","","","Heap-Based Buffer Overflow","0","5.1","4.0","Heap-based buffer overflow in the php_parserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record, related to the dns_get_record function.","Vulnerability allows remote attackers to cause a denial of service and execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net","MP-183456","3","CVE-2014-4049","","","","","",""
39"","","","","","","","","","","Arbitrary File Overwriting","0","3.3","2.6","acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file.","Vulnerability allows local users to overwrite arbitrary files.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net","MP-183457","3","CVE-2014-3981","","","","","",""
40"","","","","","","","","","","Denial of Service","0","4.3","3.4","The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net","MP-183497","3","CVE-2014-0207","","","","","",""
41"","","","","","","","","","","Buffer Overflow","0","5.0","3.9","Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net","MP-183498","3","CVE-2014-3478","","","","","",""
42"","","","","","","","","","","Denial of Service","0","4.3","3.4","The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service (application crash) via a crafted stream offset in a CDF file.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net","MP-183499","3","CVE-2014-3479","","","","","",""
43"","","","","","","","","","","Denial of Service","0","4.3","3.4","The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net","MP-183500","3","CVE-2014-3480","","","","","",""
44"","","","","","","","","","","Denial of Service","0","4.3","3.4","The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net","MP-183501","3","CVE-2014-3487","","","","","",""
45"","","","","","","","","","","Arbitrary Code Execution","1","7.5","5.9","The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, related to ""type confusion"" issues in (1) ArrayObject and (2) SPLObjectStorage.","Vulnerability allows remote attackers to execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net","MP-183502","5","CVE-2014-3515","","","","","",""
46"","","","","","","","","","","Denial of Service","0","4.3","3.5","The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.apache.org/","MP-183545","3","CVE-2014-0118","HTTP","TCP","80","","",""
47"","","","","","","","","","","Denial of Service","0","5.0","4.0","The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a request to a CGI script that does not read from its stdin file descriptor.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.apache.org/","MP-183546","3","CVE-2014-0231","","","","","",""
48"","","","","","","","","","","Memory Leak","0","5.0","3.7","Memory leak in the winnt_accept function in server/mpm/winnt/child.c in the WinNT MPM in the Apache HTTP Server 2.4.x before 2.4.10 on Windows, when the default AcceptFilter is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted requests.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.apache.org/","MP-183547","3","CVE-2014-3523","","","","","",""
49"","","","","","","","","","","Denial of Service","0","4.3","3.2","The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via a crafted HTTP Connection header.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.apache.org/","MP-183548","3","CVE-2014-0117","","","","","",""
50"","","","","","","","","","","Race Condition","1","6.8","5.0","Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.","Vulnerability allows remote attackers to cause a denial of service, obtain sensitive information or execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.apache.org/","MP-183549","3","CVE-2014-0226","","","","","",""
51"","","","","","","","","","","Denial of Service","0","4.3","3.2","The cache_invalidate function in modules/cache/cache_storage.c in the mod_cache module in the Apache HTTP Server 2.4.6, when a caching forward proxy is enabled, allows remote HTTP servers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger a missing hostname value.","Vulnerability allows remote HTTP servers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.apache.org/","MP-183550","3","CVE-2013-4352","","","","","",""
52"","","","","","","","","","","Use-After-Free Vulnerability","0","4.6","3.4","Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications in certain web-hosting environments.","Vulnerability allows attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-183579","3","CVE-2014-4670","HTTP","TCP","80","","",""
53"","","","","","","","","","","Denial of Service","0","5.0","3.7","The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-183666","3","CVE-2013-6712","","","","","",""
54"","","","","","","","","","","Buffer Overflow","1","6.8","5.0","Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049.","Vulnerability allows remote attackers to cause a denial of service or execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-183667","3","CVE-2014-3597","","","","","",""
55"","","","","","","","","","","Denial of Service","0","5.0","3.7","file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7345.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-183668","3","CVE-2014-3538","","","","","",""
56"","","","","","","","","","","Integer Overflow","0","4.3","3.2","Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-183669","3","CVE-2014-3587","","","","","",""
57"","","","","","","","","","","Denial of Service","0","4.3","3.2","The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-183670","3","CVE-2014-2497","","","","","",""
58"","","","","","","","","","","Arbitrary File Overwriting","1","6.4","4.7","gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) imagewebp function.","Vulnerability allows remote attackers to overwrite arbitrary files.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-183671","3","CVE-2014-5120","","","","","",""
59"","","","","","","","","","","Use-After-Free Vulnerability","0","4.6","3.4","Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments.","Vulnerability allows attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-183672","3","CVE-2014-4698","","","","","",""
60"","","","","","","","","","","Denial of Service","1","6.8","5.0","The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by the exif_thumbnail function.","Vulnerability allows remote attackers to cause a denial of service or execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-183856","3","CVE-2014-3670","","","","","",""
61"","","","","","","","","","","Integer Overflow","1","7.5","5.5","Integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an argument to the unserialize function that triggers calculation of a large length value.","Vulnerability allows remote attackers to cause a denial of service or execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-183857","5","CVE-2014-3669","","","","","",""
62"","","","","","","","","","","Buffer Overflow","0","5.0","3.7","Buffer overflow in the date_from_ISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service (application crash) via (1) a crafted first argument to the xmlrpc_set_type function or (2) a crafted argument to the xmlrpc_decode function, related to an out-of-bounds read operation.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-183858","3","CVE-2014-3668","","","","","",""
63"","","","","","","","","","","Denial of Service","0","5.0","3.7","The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty HTTP Content-Type header.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.apache.org/","MP-183864","3","CVE-2014-3581","HTTP","TCP","80","","",""
64"","","","","","","","","","","Security Bypassing","0","5.0","3.7","The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass ""RequestHeader unset"" directives by placing a header in the trailer portion of data sent with chunked transfer coding.","Vulnerability allows remote attackers to bypass ""RequestHeader unset"" directives.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.apache.org/","MP-183865","3","CVE-2013-5704","","","","","",""
65"","","","","","","","","","","Denial of Service","0","5.0","3.7","The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-183961","3","CVE-2014-3710","HTTP","TCP","80","","",""
66"","","","","","","","","","","Use-After-Free Vulnerability","1","7.5","5.9","Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys within the serialized properties of an object, a different vulnerability than CVE-2004-1019.","Vulnerability allows remote attackers to execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-184012","5","CVE-2014-8142","","","","","",""
67"","","","","","","","","","","Information Disclosure","1","7.5","5.5","sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping's length during processing of an invalid file that begins with a # character and lacks a newline character, which causes an out-of-bounds read and might (1) allow remote attackers to obtain sensitive information from php-cgi process memory by leveraging the ability to upload a .php file or (2) trigger unexpected code execution if a valid PHP script is present in memory locations adjacent to the mapping.","Vulnerability allows remote attackers to obtain sensitive information or trigger unexpected code execution.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-184167","5","CVE-2014-9427","","","","","",""
68"","","","","","","","","","","Use-After-Free Vulnerability","1","7.5","5.5","Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate numerical keys within the serialized properties of an object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8142.","Vulnerability allows remote attackers to execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-184168","5","CVE-2015-0231","","","","","",""
69"","","","","","","","","","","Arbitrary Code Execution","1","6.8","5.0","The exif_process_unicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free and application crash) via crafted EXIF data in a JPEG image.","Vulnerability allows remote attackers to execute arbitrary code or cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-184169","3","CVE-2015-0232","","","","","",""
70"","","","","","","","","","","Denial of Service","0","5.0","3.7","The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function.","Vulnerability allows remote attackers to cause a denial of service (child-process crash).","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.apache.org/","MP-184304","3","CVE-2015-0228","HTTP","TCP","80","","",""
71"","","","","","","","","","","Denial of Service","0","5.0","3.7","The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service (buffer over-read and daemon crash) via long response headers.","Vulnerability allows remote attackers to cause a denial of service (buffer over-read and daemon crash).","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.apache.org/","MP-184305","3","CVE-2014-3583","","","","","",""
72"","","","","","","","","","","Access Restriction Bypassing","0","4.3","3.2","mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging multiple Require directives, as demonstrated by a configuration that specifies authorization for one group to access a certain directory, and authorization for a second group to access a second directory.","Vulnerability allows remote attackers to bypass intended access restrictions.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.apache.org/","MP-184306","3","CVE-2014-8109","","","","","",""
73"","","","","","","","","","","Use-After-Free Vulnerability","1","7.5","5.5","Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231.","Vulnerability allows remote attackers to execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-184330","5","CVE-2015-2787","HTTP","TCP","80","","",""
74"","","","","","","","","","","Security Restriction Bypassing","0","5.0","3.7","The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected names via a crafted second argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.","Vulnerability allows remote attackers to bypass intended extension restrictions and create files with unexpected names.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-184331","3","CVE-2015-2348","","","","","",""
75"","","","","","","","","","","Denial of Service","0","5.0","3.7","The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file.","Vulnerability allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash).","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-184335","3","CVE-2014-9652","","","","","",""
76"","","","","","","","","","","Denial of Service","1","7.5","5.0","readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service (uninitialized memory access) or possibly have unspecified other impact via a crafted ELF file.","Vulnerability allows remote attackers to cause a denial of service (uninitialized memory access).","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-184336","5","CVE-2014-9653","","","","","",""
77"","","","","","","","","","","Heap-Based Buffer Overflow","1","7.5","5.5","Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries.","Vulnerability allows remote attackers to execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-184337","5","CVE-2014-9705","","","","","",""
78"","","","","","","","","","","Use-After-Free Vulnerability","1","7.5","5.5","Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allow remote attackers to execute arbitrary code via crafted serialized input containing a (1) R or (2) r type specifier in (a) DateTimeZone data handled by the php_date_timezone_initialize_from_hash function or (b) DateTime data handled by the php_date_initialize_from_hash function.","Vulnerability allows remote attackers to execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-184339","5","CVE-2015-0273","","","","","",""
79"","","","","","","","","","","HTTP Request Smuggling","0","5.0","3.7","The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.","Vulnerability allows remote attackers to conduct HTTP request smuggling attacks.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.apache.org/","MP-184738","3","CVE-2015-3183","HTTP","TCP","80","","",""
80"","","","","","","","","","","Access Restrictions Bypass","0","4.3","3.2","The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authorization setting rather than an authentication setting, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging the presence of a module that relies on the 2.2 API behavior.","Vulnerability allows remote attackers to bypass access restrictions.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.apache.org/","MP-184739","3","CVE-2015-3185","","","","","",""
81"","","","","","","","","","","Redirection","0","5.1","3.8","The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an ""httpoxy"" issue. NOTE: the vendor states ""This mitigation has been assigned the identifier CVE-2016-5387""; in other words, this is not a CVE ID for a vulnerability.","Vulnerability allows remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server.","","N/A","","To fix the vulnerability update your software according to used platform. All necessary information is available here:\nhttp://www.apache.org/","MP-186494","3","CVE-2016-5387","","","","","",""
82"","","","","","","","","","","End Of Life","0","10.0","0.0","This software version may contain critical vulnerabilities, but its lifetime has expired (it is not supported anymore) and developers do not release security updates.\n","This software version is no longer supported by its developers.","","N/A","","You are strongly recommended to upgrade to a current version. All necessary information is available here:\nhttps://secure.php.net/","MP-186963","5","","HTTP","TCP","80","","",""
83"","","","","","","","","","","Arbitrary Command Execution","1","10.0","7.4","The escapeshellarg function in ext/standard/exec.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 on Windows allows remote attackers to execute arbitrary OS commands via a crafted string to an application that accepts command-line arguments for a call to the PHP system function.","Vulnerability allows remote attackers to execute arbitrary OS commands.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187093","5","CVE-2015-4642","","","","","",""
84"","","","","","","","","","","Denial of Service","1","7.5","5.5","The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive.","Vulnerability allows remote attackers to cause a denial of service (heap metadata corruption).","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187095","5","CVE-2015-3307","","","","","",""
85"","","","","","","","","","","Stack-based Buffer Overflow","1","7.5","5.5","Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.","Vulnerability allows remote attackers to execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187096","5","CVE-2015-3329","","","","","",""
86"","","","","","","","","","","Denial of Service","0","5.0","3.7","The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive.","Vulnerability allows remote attackers to cause a denial of service (integer underflow and memory corruption).","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187098","3","CVE-2015-4021","","","","","",""
87"","","","","","","","","","","Integer Overflow","1","7.5","5.5","Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.","Vulnerability allows remote attackers to execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187099","5","CVE-2015-4022","","","","","",""
88"","","","","","","","","","","Denial of Service","0","5.0","3.7","Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.","Vulnerability allows remote attackers to cause a denial of service (CPU consumption).","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187100","3","CVE-2015-4024","","","","","",""
89"","","","","","","","","","","Integer Overflow","1","7.5","5.5","Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow.","Vulnerability allows remote attackers to cause a denial of service (application crash) or execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187104","5","CVE-2015-2331","","","","","",""
90"","","","","","","","","","","Security Restrictions Bypass","0","5.0","3.7","The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected names via a crafted second argument.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.","Vulnerability allows remote attackers to bypass intended extension restrictions and create files with unexpected names.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187105","3","CVE-2015-2348","","","","","",""
91"","","","","","","","","","","Information Disclosure","1","5.8","4.3","ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions.","Vulnerability allows remote attackers to obtain sensitive information or cause a denial of service (buffer over-read and application crash).","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187106","3","CVE-2015-2783","","","","","",""
92"","","","","","","","","","","Use After Free","1","7.5","5.5","Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231.","Vulnerability allows remote attackers to execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187107","5","CVE-2015-2787","","","","","",""
93"","","","","","","","","","","Stack-based Buffer Overflow","1","7.5","5.5","Stack-based buffer overflow in the phar_fix_filepath function in ext/phar/phar.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value, as demonstrated by mishandling of an e-mail attachment by the imap PHP extension.","Vulnerability allows remote attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187110","5","CVE-2015-5590","","","","","",""
94"","","","","","","","","","","Directory Traversal","0","5.0","3.7","Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extractTo call.","Vulnerability allows remote attackers to write to arbitrary files.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187112","3","CVE-2015-6833","","","","","",""
95"","","","","","","","","","","Use After Free","1","7.5","5.9","Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization.","Vulnerability allows remote attackers to execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187114","5","CVE-2015-6831","","","","","",""
96"","","","","","","","","","","Use After Free","1","7.5","5.5","Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/spl_array.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to execute arbitrary code via crafted serialized data that triggers misuse of an array field.","Vulnerability allows remote attackers to execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187115","5","CVE-2015-6832","","","","","",""
97"","","","","","","","","","","Integer Overflow","1","7.5","5.5","Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4022.","Vulnerability allows remote attackers to execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187119","5","CVE-2015-4643","","","","","",""
98"","","","","","","","","","","Denial of Service","1","10.0","7.4","The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted TAR archive that is mishandled in a Phar::convertToData call.","Vulnerability allows remote attackers to cause a denial of service (segmentation fault).","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187121","5","CVE-2015-5589","","","","","",""
99"","","","","","","","","","","Use After Free","1","7.5","5.5","Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3) the SplDoublyLinkedList class, which are mishandled during unserialization.","Vulnerability allows remote attackers to execute arbitrary code.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187122","5","CVE-2015-6834","","","","","",""
100"","","","","","","","","","","Arbitrary Code Execution","1","7.5","5.5","The session deserializer in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 mishandles multiple php_var_unserialize calls, which allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted session content.","Vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free).","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187123","5","CVE-2015-6835","","","","","",""
101"","","","","","","","","","","Directory Traversal","0","4.3","3.2","Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive.","Vulnerability allows remote attackers to create arbitrary empty directories.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187142","3","CVE-2014-9767","","","","","",""
102"","","","","","","","","","","Denial of Service","1","7.5","5.9","Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution via crafted serialized data.","Vulnerability allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187144","5","CVE-2015-8876","","","","","",""
103"","","","","","","","","","","Arbitrary File Reading/Writing","1","6.4","4.7","PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\0.xml attack that bypasses an intended configuration in which client users may read only .xml files.","Vulnerability allows remote attackers to read or write to arbitrary files.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187156","3","CVE-2015-3411","","","","","",""
104"","","","","","","","","","","Arbitrary File Reading","0","5.0","3.7","PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension.","Vulnerability allows remote attackers to read arbitrary files.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187157","3","CVE-2015-3412","","","","","",""
105"","","","","","","","","","","Access Restrictions Bypass","1","7.5","5.5","PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.","Vulnerability allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187161","5","CVE-2015-4025","","","","","",""
106"","","","","","","","","","","Arbitrary File Reading/Writing","1","7.5","5.5","PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont function, as demonstrated by a filename\0.html attack that bypasses an intended configuration in which client users may write to only .html files.","Vulnerability allows remote attackers to read or write to arbitrary files.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttp://www.php.net/","MP-187162","5","CVE-2015-4598","","","","","",""
107"","","","","","","","","","","Information Disclosure","0","5.0","3.7","In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC.","Vulnerability allows attackers to obtain sensitive information.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttps://httpd.apache.org/","MP-188794","3","CVE-2016-0736","HTTP","TCP","80","","",""
108"","","","","","","","","","","Denial of Service","0","5.0","3.7","In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.","Vulnerability allows attackers to cause a denial of service (crash).","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttps://httpd.apache.org/","MP-188795","3","CVE-2016-2161","","","","","",""
109"","","","","","","","","","","Unauthorized Modifications","0","5.0","3.7","Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interacts with back-end application servers, either through mod_proxy or using conventional CGI mechanisms, and may result in request smuggling, response splitting and cache pollution.","Vulnerability allows attackers to conduct request smuggling, response splitting and cache pollution attacks.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttps://httpd.apache.org/","MP-188796","3","CVE-2016-8743","","","","","",""
110"","","","","","","","","","","Security Bypass","1","7.5","5.5","In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.","Vulnerability allows attackers to bypass authentication requirements.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttps://httpd.apache.org/","MP-188797","5","CVE-2017-3167","","","","","",""
111"","","","","","","","","","","Information Disclosure","1","6.4","4.7","In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.","Vulnerability allows attackers to obtain sensitive information or cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttps://httpd.apache.org/","MP-188798","3","CVE-2017-9788","","","","","",""
112"","","","","","","","","","","NULL Pointer Dereference","1","7.5","5.5","In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.","Vulnerability allows attackers to affect the system.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttps://httpd.apache.org/","MP-188800","5","CVE-2017-3169","","","","","",""
113"","","","","","","","","","","Information Disclosure","1","7.5","5.5","In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.","Vulnerability allows attackers to read one byte past the end of a buffer.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttps://httpd.apache.org/","MP-188802","5","CVE-2017-7679","","","","","",""
114"","","","","","","","","","","Use After Free","1","5.0","4.1","Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.","Vulnerability allows remote attackers to obtain sensitive information from process memory.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttps://httpd.apache.org/","MP-189077","3","CVE-2017-9798","","","","","",""
115"","","","","","","","","","","Tampering","0","3.5","2.6","In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a ""Session"" header. This comes from the ""HTTP_SESSION"" variable name used by mod_session to forward its data to CGIs, since the prefix ""HTTP_"" is also used by the Apache HTTP Server to pass HTTP header fields, per CGI specifications.","Vulnerability allows remote attackers to modify data for CGI applications.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttps://httpd.apache.org/","MP-189793","3","CVE-2018-1283","","","","","",""
116"","","","","","","","","","","Out-of-Bounds Write","0","5.0","3.7","In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset conversion table, a fallback mechanism is used to truncate it to a two characters value to allow a quick retry (for example, 'en-US' is truncated to 'en'). A header value of less than two characters forces an out of bound write of one NUL byte to a memory location that is not part of the string. In the worst case, quite unlikely, the process would crash which could be used as a Denial of Service attack.","Vulnerability allows attackers to cause a denial of service.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttps://httpd.apache.org/","MP-189794","3","CVE-2017-15710","","","","","",""
117"","","","","","","","","","","Security Restrictions Bypass","1","6.8","5.0","In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename.","Vulnerability allows attackers to bypass upload restrictions.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttps://httpd.apache.org/","MP-189795","3","CVE-2017-15715","","","","","",""
118"","","","","","","","","","","Out-of-Bounds Access","0","4.3","3.2","A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header.","Vulnerability allows attackers to cause a denial of service (crash).","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttps://httpd.apache.org/","MP-189796","3","CVE-2018-1301","","","","","",""
119"","","","","","","","","","","Out-of-Bounds Read","0","5.0","3.7","A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache.","Vulnerability allows attackers to cause a denial of service (crash).","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttps://httpd.apache.org/","MP-189798","3","CVE-2018-1303","","","","","",""
120"","","","","","","","","","","Replay Attack","1","6.8","5.0","In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent replay attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection.","Vulnerability allows attackers to replay HTTP requests.","","N/A","","To fix the vulnerability update your software according to the used platform. All necessary information is available here:\nhttps://httpd.apache.org/","MP-189799","3","CVE-2018-1312","","","","","",""
121"","","","","","","","","","","User Enumeration Weakness","0","5.0","0.0","Service explicitly reports non-existent user account. As a result, it is possible to determine valid user names using brute-force technique.","","N/A","N/A","","Update to the latest version. If this does not fix problem, migrate to other software.","MP-1147","4","","POP3","TCP","110","","",""
122"","","","","","","","","","","Invalid certificate","0","5.0","0.0","Subject Name and Alternative Subject Names do not match domain name. This certificate could be misused.\n(null : 0x00000000): imap.example.com\nType: IP address\nValue: 192.168.43.208\nType: Name specified in task\nValue: 192.168.43.208","","N/A","N/A","","Install valid certificate.","MP-7029","4","","","","","","",""
123"","","","","","","","","","","Invalid certificate chain","0","5.0","0.0","During verification of the service certificate chain, the following errors were detected\n\n(null : 0x00000000): 1. The certificate or certificate chain is based on an untrusted root.\n2. Certificate of this service is self-signed.\n","","N/A","N/A","","Install valid certificate for the service.\n","MP-7034","4","","","","","","",""
124"","","","","","","","","","","Weak Cryptographic Key","0","6.1","0.0","\nAlgorithm (key length): rsaEncryption(1024)","A weak cryptographic key was discovered. The key length used by a cryptographic algorithm determines the highest security it can offer.","","N/A","","Generate a longer key and recreate the certificate.","MP-8309","4","","","","","","",""
125"","","","","","","","","","","Information Disclosure. POODLE","0","4.3","3.2","The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the ""POODLE"" issue.","Vulnerability allows attackers to obtain sensitive information.","","N/A","","To fix the vulnerability disable SSLv3. If you need support for SSLv3, enable the TLS_FALLBACK_SCSV option. Make sure that OpenSSL 1.0.1 is upgraded to 1.0.1j, OpenSSL 1.0.0 is upgraded to 1.0.0o, and OpenSSL 0.9.8 is upgraded to 0.9.8zc.","MP-8332","4","CVE-2014-3566","","","","","",""
126"","","","","","","","","","","Information Disclosure","0","4.3","0.0","The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.","Vulnerability allows remote attackers to conduct plaintext-recovery attacks.","","N/A","","Disable RC4 support for SSL3 and TLS1 protocols by setting ""DEFAULT:!SSLv3:!TLSv1:!RC4."" If you can't disable TLS1.0, then disable SSL3 only by setting ""DEFAULT:!SSLv3:!RC4.""","MP-8333","4","CVE-2013-2566","","","","","",""
127"","","","","","","","","","","Information Disclosure (SWEET32)","0","5.0","0.0","Vulnerability allows MITM attackers, having ability to sniff the network traffic (e.g. in public Wi-Fi networks), to recover some identifiers like HTTPS session cookies transmitted via a 3DES-encrypted connection.\nSuccessful exploitation of this vulnerability requires a web site to support connections encrypted with the Triple DES symmetric-key block cipher and transmission of huge number of requests via the same session.\nThis attack exploits the mathematics behind the birthday problem in probability theory, a.k.a. a Birthday attack. An attacker will generate a large number of requests and then check for two identically encrypted blocks that indicate a collision. The attacker knowing the original request, which caused a collision, and the fact that CBC mode uses XORing of two different blocks can recover the encryption key by getting results of several collisions.","Sweet32 attack allows attackers to obtain cleartext data from HTTPS sessions when the Triple DES (3DES) cipher is used.","","N/A","","You should disable 3DES cipher support. If you run an old server that doesn’t support any better ciphers than DES, you should upgrade.","MP-8351","4","CVE-2016-2183","","","","","",""
128"","","","","","","","","","","Insecure Encryption Key-Exchange Algorithms","0","0.0","0.0","These key-exchange algorithms allow attackers to conduct attacks against the encryption algorithm and obtain data transmitted via an encrypted connection. In modern TLS standards, the RSA algorithm is used only as compatibility with previous versions of standards.\n(null : 0x00000000): SSL_RSA_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_IDEA_CBC_SHA SSL_RSA_WITH_RC4_128_MD5 SSL_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA TLS_RSA_WITH_CAMELLIA_256_CBC_SHA TLS_RSA_WITH_SEED_CBC_SHA ","Insecure encryption key-exchange algorithms are enabled for the TLS protocol.","","N/A","","Disable the listed encryption algorithms which use insecure key-exchange algorithms.","MP-8361","3","","","","","","",""
129"","","","","","","","","","","Invalid certificate","0","5.0","0.0","Subject Name and Alternative Subject Names do not match domain name. This certificate could be misused.\n(null : 0x00000000): imap.example.com\nType: IP address\nValue: 192.168.43.208\nType: Name specified in task\nValue: 192.168.43.208","","N/A","N/A","","Install valid certificate.","MP-7029","4","","IMAP","TCP","143","","",""
130"","","","","","","","","","","Invalid certificate chain","0","5.0","0.0","During verification of the service certificate chain, the following errors were detected\n\n(null : 0x00000000): 1. The certificate or certificate chain is based on an untrusted root.\n2. Certificate of this service is self-signed.\n","","N/A","N/A","","Install valid certificate for the service.\n","MP-7034","4","","","","","","",""
131"","","","","","","","","","","Weak Cryptographic Key","0","6.1","0.0","\nAlgorithm (key length): rsaEncryption(1024)","A weak cryptographic key was discovered. The key length used by a cryptographic algorithm determines the highest security it can offer.","","N/A","","Generate a longer key and recreate the certificate.","MP-8309","4","","","","","","",""
132"","","","","","","","","","","Information Disclosure. POODLE","0","4.3","3.2","The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the ""POODLE"" issue.","Vulnerability allows attackers to obtain sensitive information.","","N/A","","To fix the vulnerability disable SSLv3. If you need support for SSLv3, enable the TLS_FALLBACK_SCSV option. Make sure that OpenSSL 1.0.1 is upgraded to 1.0.1j, OpenSSL 1.0.0 is upgraded to 1.0.0o, and OpenSSL 0.9.8 is upgraded to 0.9.8zc.","MP-8332","4","CVE-2014-3566","","","","","",""
133"","","","","","","","","","","Information Disclosure","0","4.3","0.0","The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.","Vulnerability allows remote attackers to conduct plaintext-recovery attacks.","","N/A","","Disable RC4 support for SSL3 and TLS1 protocols by setting ""DEFAULT:!SSLv3:!TLSv1:!RC4."" If you can't disable TLS1.0, then disable SSL3 only by setting ""DEFAULT:!SSLv3:!RC4.""","MP-8333","4","CVE-2013-2566","","","","","",""
134"","","","","","","","","","","Information Disclosure (SWEET32)","0","5.0","0.0","Vulnerability allows MITM attackers, having ability to sniff the network traffic (e.g. in public Wi-Fi networks), to recover some identifiers like HTTPS session cookies transmitted via a 3DES-encrypted connection.\nSuccessful exploitation of this vulnerability requires a web site to support connections encrypted with the Triple DES symmetric-key block cipher and transmission of huge number of requests via the same session.\nThis attack exploits the mathematics behind the birthday problem in probability theory, a.k.a. a Birthday attack. An attacker will generate a large number of requests and then check for two identically encrypted blocks that indicate a collision. The attacker knowing the original request, which caused a collision, and the fact that CBC mode uses XORing of two different blocks can recover the encryption key by getting results of several collisions.","Sweet32 attack allows attackers to obtain cleartext data from HTTPS sessions when the Triple DES (3DES) cipher is used.","","N/A","","You should disable 3DES cipher support. If you run an old server that doesn’t support any better ciphers than DES, you should upgrade.","MP-8351","4","CVE-2016-2183","","","","","",""
135"","","","","","","","","","","Insecure Encryption Key-Exchange Algorithms","0","0.0","0.0","These key-exchange algorithms allow attackers to conduct attacks against the encryption algorithm and obtain data transmitted via an encrypted connection. In modern TLS standards, the RSA algorithm is used only as compatibility with previous versions of standards.\n(null : 0x00000000): SSL_RSA_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_IDEA_CBC_SHA SSL_RSA_WITH_RC4_128_MD5 SSL_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA TLS_RSA_WITH_CAMELLIA_256_CBC_SHA TLS_RSA_WITH_SEED_CBC_SHA ","Insecure encryption key-exchange algorithms are enabled for the TLS protocol.","","N/A","","Disable the listed encryption algorithms which use insecure key-exchange algorithms.","MP-8361","3","","","","","","",""
136"","","","","","","","","","","Invalid certificate","0","5.0","0.0","Subject Name and Alternative Subject Names do not match domain name. This certificate could be misused.\n(null : 0x00000000): imap.example.com\nType: IP address\nValue: 192.168.43.208\nType: Name specified in task\nValue: 192.168.43.208","","N/A","N/A","","Install valid certificate.","MP-7029","4","","IMAP SSL","TCP","993","","",""
137"","","","","","","","","","","Invalid certificate chain","0","5.0","0.0","During verification of the service certificate chain, the following errors were detected\n\n(null : 0x00000000): 1. The certificate or certificate chain is based on an untrusted root.\n2. Certificate of this service is self-signed.\n","","N/A","N/A","","Install valid certificate for the service.\n","MP-7034","4","","","","","","",""
138"","","","","","","","","","","Weak Cryptographic Key","0","6.1","0.0","\nAlgorithm (key length): rsaEncryption(1024)","A weak cryptographic key was discovered. The key length used by a cryptographic algorithm determines the highest security it can offer.","","N/A","","Generate a longer key and recreate the certificate.","MP-8309","4","","","","","","",""
139"","","","","","","","","","","Information Disclosure. POODLE","0","4.3","3.2","The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the ""POODLE"" issue.","Vulnerability allows attackers to obtain sensitive information.","","N/A","","To fix the vulnerability disable SSLv3. If you need support for SSLv3, enable the TLS_FALLBACK_SCSV option. Make sure that OpenSSL 1.0.1 is upgraded to 1.0.1j, OpenSSL 1.0.0 is upgraded to 1.0.0o, and OpenSSL 0.9.8 is upgraded to 0.9.8zc.","MP-8332","4","CVE-2014-3566","","","","","",""
140"","","","","","","","","","","Information Disclosure","0","4.3","0.0","The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.","Vulnerability allows remote attackers to conduct plaintext-recovery attacks.","","N/A","","Disable RC4 support for SSL3 and TLS1 protocols by setting ""DEFAULT:!SSLv3:!TLSv1:!RC4."" If you can't disable TLS1.0, then disable SSL3 only by setting ""DEFAULT:!SSLv3:!RC4.""","MP-8333","4","CVE-2013-2566","","","","","",""
141"","","","","","","","","","","Information Disclosure (SWEET32)","0","5.0","0.0","Vulnerability allows MITM attackers, having ability to sniff the network traffic (e.g. in public Wi-Fi networks), to recover some identifiers like HTTPS session cookies transmitted via a 3DES-encrypted connection.\nSuccessful exploitation of this vulnerability requires a web site to support connections encrypted with the Triple DES symmetric-key block cipher and transmission of huge number of requests via the same session.\nThis attack exploits the mathematics behind the birthday problem in probability theory, a.k.a. a Birthday attack. An attacker will generate a large number of requests and then check for two identically encrypted blocks that indicate a collision. The attacker knowing the original request, which caused a collision, and the fact that CBC mode uses XORing of two different blocks can recover the encryption key by getting results of several collisions.","Sweet32 attack allows attackers to obtain cleartext data from HTTPS sessions when the Triple DES (3DES) cipher is used.","","N/A","","You should disable 3DES cipher support. If you run an old server that doesn’t support any better ciphers than DES, you should upgrade.","MP-8351","4","CVE-2016-2183","","","","","",""
142"","","","","","","","","","","Insecure Encryption Key-Exchange Algorithms","0","0.0","0.0","These key-exchange algorithms allow attackers to conduct attacks against the encryption algorithm and obtain data transmitted via an encrypted connection. In modern TLS standards, the RSA algorithm is used only as compatibility with previous versions of standards.\n(null : 0x00000000): SSL_RSA_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_IDEA_CBC_SHA SSL_RSA_WITH_RC4_128_MD5 SSL_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA TLS_RSA_WITH_CAMELLIA_256_CBC_SHA TLS_RSA_WITH_SEED_CBC_SHA ","Insecure encryption key-exchange algorithms are enabled for the TLS protocol.","","N/A","","Disable the listed encryption algorithms which use insecure key-exchange algorithms.","MP-8361","3","","","","","","",""
143"","","","","","","","","","","Invalid certificate","0","5.0","0.0","Subject Name and Alternative Subject Names do not match domain name. This certificate could be misused.\n(null : 0x00000000): imap.example.com\nType: IP address\nValue: 192.168.43.208\nType: Name specified in task\nValue: 192.168.43.208","","N/A","N/A","","Install valid certificate.","MP-7029","4","","POP3 SSL","TCP","995","","",""
144"","","","","","","","","","","Invalid certificate chain","0","5.0","0.0","During verification of the service certificate chain, the following errors were detected\n\n(null : 0x00000000): 1. The certificate or certificate chain is based on an untrusted root.\n2. Certificate of this service is self-signed.\n","","N/A","N/A","","Install valid certificate for the service.\n","MP-7034","4","","","","","","",""
145"","","","","","","","","","","Weak Cryptographic Key","0","6.1","0.0","\nAlgorithm (key length): rsaEncryption(1024)","A weak cryptographic key was discovered. The key length used by a cryptographic algorithm determines the highest security it can offer.","","N/A","","Generate a longer key and recreate the certificate.","MP-8309","4","","","","","","",""
146"","","","","","","","","","","Information Disclosure. POODLE","0","4.3","3.2","The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the ""POODLE"" issue.","Vulnerability allows attackers to obtain sensitive information.","","N/A","","To fix the vulnerability disable SSLv3. If you need support for SSLv3, enable the TLS_FALLBACK_SCSV option. Make sure that OpenSSL 1.0.1 is upgraded to 1.0.1j, OpenSSL 1.0.0 is upgraded to 1.0.0o, and OpenSSL 0.9.8 is upgraded to 0.9.8zc.","MP-8332","4","CVE-2014-3566","","","","","",""
147"","","","","","","","","","","Information Disclosure","0","4.3","0.0","The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.","Vulnerability allows remote attackers to conduct plaintext-recovery attacks.","","N/A","","Disable RC4 support for SSL3 and TLS1 protocols by setting ""DEFAULT:!SSLv3:!TLSv1:!RC4."" If you can't disable TLS1.0, then disable SSL3 only by setting ""DEFAULT:!SSLv3:!RC4.""","MP-8333","4","CVE-2013-2566","","","","","",""
148"","","","","","","","","","","Information Disclosure (SWEET32)","0","5.0","0.0","Vulnerability allows MITM attackers, having ability to sniff the network traffic (e.g. in public Wi-Fi networks), to recover some identifiers like HTTPS session cookies transmitted via a 3DES-encrypted connection.\nSuccessful exploitation of this vulnerability requires a web site to support connections encrypted with the Triple DES symmetric-key block cipher and transmission of huge number of requests via the same session.\nThis attack exploits the mathematics behind the birthday problem in probability theory, a.k.a. a Birthday attack. An attacker will generate a large number of requests and then check for two identically encrypted blocks that indicate a collision. The attacker knowing the original request, which caused a collision, and the fact that CBC mode uses XORing of two different blocks can recover the encryption key by getting results of several collisions.","Sweet32 attack allows attackers to obtain cleartext data from HTTPS sessions when the Triple DES (3DES) cipher is used.","","N/A","","You should disable 3DES cipher support. If you run an old server that doesn’t support any better ciphers than DES, you should upgrade.","MP-8351","4","CVE-2016-2183","","","","","",""
149"","","","","","","","","","","Insecure Encryption Key-Exchange Algorithms","0","0.0","0.0","These key-exchange algorithms allow attackers to conduct attacks against the encryption algorithm and obtain data transmitted via an encrypted connection. In modern TLS standards, the RSA algorithm is used only as compatibility with previous versions of standards.\n(null : 0x00000000): SSL_RSA_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_IDEA_CBC_SHA SSL_RSA_WITH_RC4_128_MD5 SSL_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA TLS_RSA_WITH_CAMELLIA_256_CBC_SHA TLS_RSA_WITH_SEED_CBC_SHA ","Insecure encryption key-exchange algorithms are enabled for the TLS protocol.","","N/A","","Disable the listed encryption algorithms which use insecure key-exchange algorithms.","MP-8361","3","","","","","","",""