Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2015-1218)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.123083
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2015-1218)
Zusammenfassung:	The remote host is missing an update for the 'php' package(s) announced via the ELSA-2015-1218 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'php' package(s) announced via the ELSA-2015-1218 advisory. Vulnerability Insight: [5.3.3-46] - fix gzfile accept paths with NUL character #1213407 - fix patch for CVE-2015-4024 [5.3.3-45] - fix more functions accept paths with NUL character #1213407 [5.3.3-44] - soap: missing fix for #1222538 and #1204868 [5.3.3-43] - core: fix multipart/form-data request can use excessive amount of CPU usage CVE-2015-4024 - fix various functions accept paths with NUL character CVE-2015-4026, #1213407 - ftp: fix integer overflow leading to heap overflow when reading FTP file listing CVE-2015-4022 - phar: fix buffer over-read in metadata parsing CVE-2015-2783 - phar: invalid pointer free() in phar_tar_process_metadata() CVE-2015-3307 - phar: fix buffer overflow in phar_set_inode() CVE-2015-3329 - phar: fix memory corruption in phar_parse_tarfile caused by empty entry file name CVE-2015-4021 - soap: more fix type confusion through unserialize #1222538 [5.3.3-42] - soap: more fix type confusion through unserialize #1204868 [5.3.3-41] - core: fix double in zend_ts_hash_graceful_destroy CVE-2014-9425 - core: fix use-after-free in unserialize CVE-2015-2787 - exif: fix free on uninitialized pointer CVE-2015-0232 - gd: fix buffer read overflow in gd_gif.c CVE-2014-9709 - date: fix use after free vulnerability in unserialize CVE-2015-0273 - enchant: fix heap buffer overflow in enchant_broker_request_dict CVE-2014-9705 - phar: use after free in phar_object.c CVE-2015-2301 - soap: fix type confusion through unserialize Affected Software/OS: 'php' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-9425 http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html BugTraq ID: 71800 http://www.securityfocus.com/bid/71800 https://security.gentoo.org/glsa/201503-03 http://openwall.com/lists/oss-security/2014/12/29/6 RedHat Security Advisories: RHSA-2015:1218 http://rhn.redhat.com/errata/RHSA-2015-1218.html Common Vulnerability Exposure (CVE) ID: CVE-2014-9705 BugTraq ID: 73031 http://www.securityfocus.com/bid/73031 Debian Security Information: DSA-3195 (Google Search) http://www.debian.org/security/2015/dsa-3195 https://security.gentoo.org/glsa/201606-10 HPdes Security Advisory: HPSBMU03380 http://marc.info/?l=bugtraq&m=143748090628601&w=2 HPdes Security Advisory: HPSBMU03409 http://marc.info/?l=bugtraq&m=144050155601375&w=2 http://www.mandriva.com/security/advisories?name=MDVSA-2015:079 https://www.htbridge.com/advisory/HTB23252 http://openwall.com/lists/oss-security/2015/03/15/6 RedHat Security Advisories: RHSA-2015:1053 http://rhn.redhat.com/errata/RHSA-2015-1053.html RedHat Security Advisories: RHSA-2015:1066 http://rhn.redhat.com/errata/RHSA-2015-1066.html RedHat Security Advisories: RHSA-2015:1135 http://rhn.redhat.com/errata/RHSA-2015-1135.html http://www.securitytracker.com/id/1031948 SuSE Security Announcement: SUSE-SU-2015:0868 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html SuSE Security Announcement: openSUSE-SU-2015:0644 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html http://www.ubuntu.com/usn/USN-2535-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-9709 BugTraq ID: 73306 http://www.securityfocus.com/bid/73306 Debian Security Information: DSA-3215 (Google Search) http://www.debian.org/security/2015/dsa-3215 https://security.gentoo.org/glsa/201607-04 HPdes Security Advisory: HPSBUX03337 http://marc.info/?l=bugtraq&m=143403519711434&w=2 HPdes Security Advisory: SSRT102066 http://www.mandriva.com/security/advisories?name=MDVSA-2015:153 http://www.securitytracker.com/id/1033703 http://www.ubuntu.com/usn/USN-2987-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-0232 BugTraq ID: 72541 http://www.securityfocus.com/bid/72541 http://www.mandriva.com/security/advisories?name=MDVSA-2015:032 SuSE Security Announcement: SUSE-SU-2015:0365 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00029.html SuSE Security Announcement: openSUSE-SU-2015:0325 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-02/msg00079.html Common Vulnerability Exposure (CVE) ID: CVE-2015-0273 http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html BugTraq ID: 72701 http://www.securityfocus.com/bid/72701 http://www.securitytracker.com/id/1031945 SuSE Security Announcement: SUSE-SU-2015:0424 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00002.html SuSE Security Announcement: SUSE-SU-2015:0436 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00003.html SuSE Security Announcement: openSUSE-SU-2015:0440 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00004.html Common Vulnerability Exposure (CVE) ID: CVE-2015-2301 BugTraq ID: 73037 http://www.securityfocus.com/bid/73037 Debian Security Information: DSA-3198 (Google Search) http://www.debian.org/security/2015/dsa-3198 http://www.securitytracker.com/id/1031949 Common Vulnerability Exposure (CVE) ID: CVE-2015-2783 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html BugTraq ID: 74239 http://www.securityfocus.com/bid/74239 Debian Security Information: DSA-3280 (Google Search) http://www.debian.org/security/2015/dsa-3280 RedHat Security Advisories: RHSA-2015:1186 http://rhn.redhat.com/errata/RHSA-2015-1186.html RedHat Security Advisories: RHSA-2015:1187 http://rhn.redhat.com/errata/RHSA-2015-1187.html http://www.securitytracker.com/id/1032146 SuSE Security Announcement: openSUSE-SU-2015:0855 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html http://www.ubuntu.com/usn/USN-2572-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-2787 BugTraq ID: 73431 http://www.securityfocus.com/bid/73431 http://www.securitytracker.com/id/1032485 SuSE Security Announcement: openSUSE-SU-2015:0684 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-04/msg00015.html Common Vulnerability Exposure (CVE) ID: CVE-2015-3307 BugTraq ID: 74703 http://www.securityfocus.com/bid/74703 Common Vulnerability Exposure (CVE) ID: CVE-2015-3329 BugTraq ID: 74240 http://www.securityfocus.com/bid/74240 http://www.securitytracker.com/id/1032145 Common Vulnerability Exposure (CVE) ID: CVE-2015-3411 BugTraq ID: 75255 http://www.securityfocus.com/bid/75255 http://www.securitytracker.com/id/1032709 Common Vulnerability Exposure (CVE) ID: CVE-2015-3412 BugTraq ID: 75250 http://www.securityfocus.com/bid/75250 Common Vulnerability Exposure (CVE) ID: CVE-2015-4021 BugTraq ID: 74700 http://www.securityfocus.com/bid/74700 http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html RedHat Security Advisories: RHSA-2015:1219 http://rhn.redhat.com/errata/RHSA-2015-1219.html http://www.securitytracker.com/id/1032433 SuSE Security Announcement: openSUSE-SU-2015:0993 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html Common Vulnerability Exposure (CVE) ID: CVE-2015-4022 BugTraq ID: 74902 http://www.securityfocus.com/bid/74902 Common Vulnerability Exposure (CVE) ID: CVE-2015-4024 BugTraq ID: 74903 http://www.securityfocus.com/bid/74903 http://www.securitytracker.com/id/1032432 Common Vulnerability Exposure (CVE) ID: CVE-2015-4026 BugTraq ID: 75056 http://www.securityfocus.com/bid/75056 http://www.securitytracker.com/id/1032431 Common Vulnerability Exposure (CVE) ID: CVE-2015-4147 BugTraq ID: 73357 http://www.securityfocus.com/bid/73357 http://openwall.com/lists/oss-security/2015/06/01/4 http://www.securitytracker.com/id/1032459 Common Vulnerability Exposure (CVE) ID: CVE-2015-4148 BugTraq ID: 75103 http://www.securityfocus.com/bid/75103 SuSE Security Announcement: openSUSE-SU-2015:1057 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-06/msg00028.html Common Vulnerability Exposure (CVE) ID: CVE-2015-4598 BugTraq ID: 75244 http://www.securityfocus.com/bid/75244 Debian Security Information: DSA-3344 (Google Search) http://www.debian.org/security/2015/dsa-3344 http://www.openwall.com/lists/oss-security/2015/06/16/12 Common Vulnerability Exposure (CVE) ID: CVE-2015-4599 BugTraq ID: 75251 http://www.securityfocus.com/bid/75251 Common Vulnerability Exposure (CVE) ID: CVE-2015-4600 BugTraq ID: 74413 http://www.securityfocus.com/bid/74413 Common Vulnerability Exposure (CVE) ID: CVE-2015-4601 BugTraq ID: 75246 http://www.securityfocus.com/bid/75246 Common Vulnerability Exposure (CVE) ID: CVE-2015-4602 BugTraq ID: 75249 http://www.securityfocus.com/bid/75249 Common Vulnerability Exposure (CVE) ID: CVE-2015-4603 BugTraq ID: 75252 http://www.securityfocus.com/bid/75252
Copyright	Copyright (C) 2015 Greenbone AG