Test Kennung:	1.3.6.1.4.1.25623.1.0.55857
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200511-08 (PHP)
Zusammenfassung:	The remote host is missing updates announced in;advisory GLSA 200511-08.
Beschreibung:	Summary: The remote host is missing updates announced in advisory GLSA 200511-08. Vulnerability Insight: PHP suffers from multiple issues, resulting in security functions bypass, local Denial of service, cross-site scripting or PHP variables overwrite. Solution: All PHP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose dev-php/php All mod_php users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose dev-php/mod_php All php-cgi users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose dev-php/php-cgi CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2005-3054 BugTraq ID: 14957 http://www.securityfocus.com/bid/14957 http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:213 http://secunia.com/advisories/17229 http://secunia.com/advisories/17371 http://secunia.com/advisories/17510 http://secunia.com/advisories/17557 http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html https://usn.ubuntu.com/207-1/ http://www.vupen.com/english/advisories/2005/1862 http://www.vupen.com/english/advisories/2005/2254 Common Vulnerability Exposure (CVE) ID: CVE-2005-3319 http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html BugTraq ID: 15177 http://www.securityfocus.com/bid/15177 BugTraq ID: 16907 http://www.securityfocus.com/bid/16907 Bugtraq: 20051024 php < 4.4.1 htaccess apache dos (Google Search) http://marc.info/?l=bugtraq&m=113019286208204&w=2 Cert/CC Advisory: TA06-062A http://www.us-cert.gov/cas/techalerts/TA06-062A.html http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0491.html HPdes Security Advisory: HPSBMA02159 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522 HPdes Security Advisory: SSRT061238 http://www.osvdb.org/20491 http://secunia.com/advisories/18198 http://secunia.com/advisories/19064 http://secunia.com/advisories/22691 http://securityreason.com/securityalert/525 https://www.ubuntu.com/usn/usn-232-1/ http://www.vupen.com/english/advisories/2006/0791 http://www.vupen.com/english/advisories/2006/4320 XForce ISS Database: php-htaccess-dos(22844) https://exchange.xforce.ibmcloud.com/vulnerabilities/22844 Common Vulnerability Exposure (CVE) ID: CVE-2005-3388 BugTraq ID: 15248 http://www.securityfocus.com/bid/15248 Bugtraq: 20051031 Advisory 18/2005: PHP Cross Site Scripting (XSS) Vulnerability in phpinfo() (Google Search) http://www.securityfocus.com/archive/1/415292 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIRZJHM6UDNWNHZ3PCMEZ2YUK3CWY2UE/ http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html http://www.hardened-php.net/advisory_182005.77.html http://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10542 http://www.redhat.com/support/errata/RHSA-2005-831.html http://www.redhat.com/support/errata/RHSA-2005-838.html RedHat Security Advisories: RHSA-2006:0549 http://rhn.redhat.com/errata/RHSA-2006-0549.html http://securitytracker.com/id?1015130 http://secunia.com/advisories/17490 http://secunia.com/advisories/17531 http://secunia.com/advisories/17559 http://secunia.com/advisories/18669 http://secunia.com/advisories/21252 http://securityreason.com/securityalert/133 SuSE Security Announcement: SUSE-SR:2005:026 (Google Search) SuSE Security Announcement: SUSE-SR:2005:027 (Google Search) http://www.novell.com/linux/security/advisories/2005_27_sr.html TurboLinux Advisory: TLSA-2006-38 http://www.turbolinux.com/security/2006/TLSA-2006-38.txt Common Vulnerability Exposure (CVE) ID: CVE-2005-3389 BugTraq ID: 15249 http://www.securityfocus.com/bid/15249 Bugtraq: 20051031 Advisory 19/2005: PHP register_globals Activation Vulnerability in parse_str() (Google Search) http://www.securityfocus.com/archive/1/415291 http://www.hardened-php.net/advisory_192005.78.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11481 http://securitytracker.com/id?1015131 http://secunia.com/advisories/18054 http://securityreason.com/securityalert/134 SuSE Security Announcement: SUSE-SA:2005:069 (Google Search) http://www.securityfocus.com/archive/1/419504/100/0/threaded Common Vulnerability Exposure (CVE) ID: CVE-2005-3390 BugTraq ID: 15250 http://www.securityfocus.com/bid/15250 Bugtraq: 20051031 Advisory 20/2005: PHP File-Upload $GLOBALS Overwrite Vulnerability (Google Search) http://www.securityfocus.com/archive/1/415290/30/0/threaded http://www.hardened-php.net/advisory_202005.79.html http://www.hardened-php.net/globals-problem https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10537 http://securitytracker.com/id?1015129 http://securityreason.com/securityalert/132 Common Vulnerability Exposure (CVE) ID: CVE-2005-3391 BugTraq ID: 15411 http://www.securityfocus.com/bid/15411 http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:035 http://www.osvdb.org/20898 http://secunia.com/advisories/18763 Common Vulnerability Exposure (CVE) ID: CVE-2005-3392 BugTraq ID: 15413 http://www.securityfocus.com/bid/15413 http://www.osvdb.org/20897 XForce ISS Database: php-virtual-bypass-security(22924) https://exchange.xforce.ibmcloud.com/vulnerabilities/22924
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.