Sorry, my listing of cURL exploit is not quite accurate, here's an updated version with that and some other fixes (let that be a lesson for you, not to post hastefully and in anger ;-)
Impact:
Fixed possible stack buffer overflow in FastCGI SAPI
Impact:Potential DOS and remote code execution if using FastCGI
Updated PCRE to deal with issues fixed in USN-581-1
Impact:Potential DOS and remote code execution
Fixes CVE-2008-0599
Impact:Potential DOS and remote code execution
Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
Impact: Potential overwriting or stealing files on the server if cURL is in use
Properly address incomplete multibyte chars inside escapeshellcmd()
Impact: Bypassing character based filtering, leading to potentially remotely running arbitrary commands on the shell
Sorry, my listing of cURL exploit is not quite accurate, here's an updated version with that and some other fixes (let that be a lesson for you, not to post hastefully and in anger ;-) Potential DOS and remote code execution if using FastCGI Potential DOS and remote code execution Potential DOS and remote code execution
Impact:
Fixed possible stack buffer overflow in FastCGI SAPI
Impact:
Updated PCRE to deal with issues fixed in USN-581-1
Impact:
Fixes CVE-2008-0599
Impact:
Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
Impact: Potential overwriting or stealing files on the server if cURL is in use
Properly address incomplete multibyte chars inside escapeshellcmd()
Impact: Bypassing character based filtering, leading to potentially remotely running arbitrary commands on the shell