Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.100605 |
Kategorie: | Web application abuses |
Titel: | PHP Shared Memory Functions Resource Verification Arbitrary Code Execution Vulnerability |
Zusammenfassung: | PHP shared memory functions (shmop)are prone to an arbitrary-code-; execution vulnerability. |
Beschreibung: | Summary: PHP shared memory functions (shmop)are prone to an arbitrary-code- execution vulnerability. Vulnerability Impact: An attacker may exploit this issue to execute arbitrary code within the context of the affected webserver. The attacker may also gain access to RSA keys of the SSL certificate. Affected Software/OS: This issue affects PHP 4 versions prior to 4.4.5 and PHP 5 versions prior to 5.2.1. Solution: The vendor released versions 4.4.5 and 5.2.1 to address this issue. Please see the references for more information. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
Querverweis: |
BugTraq ID: 22862 Common Vulnerability Exposure (CVE) ID: CVE-2007-1376 http://www.securityfocus.com/bid/22862 Debian Security Information: DSA-1283 (Google Search) http://www.debian.org/security/2007/dsa-1283 https://www.exploit-db.com/exploits/3426 https://www.exploit-db.com/exploits/3427 http://security.gentoo.org/glsa/glsa-200703-21.xml http://www.php-security.org/MOPB/MOPB-15-2007.html http://www.osvdb.org/32781 http://secunia.com/advisories/24606 http://secunia.com/advisories/25056 http://secunia.com/advisories/25057 http://secunia.com/advisories/25062 SuSE Security Announcement: SUSE-SA:2007:032 (Google Search) http://www.novell.com/linux/security/advisories/2007_32_php.html http://www.ubuntu.com/usn/usn-455-1 |
Copyright | Copyright (C) 2010 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |