English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.58312
Kategorie:CGI abuses
Titel:PHP < 4.4.7/5.2.3 Multiple Vulnerabilities
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is vulnerable to denial of service attacks and
arbitrary code execution vulnerabilities via the 'chunk_split'
function. As well, open_basedir and safe_mode restrictions
are not enforced under certain situations.

Versions up to and including 4.4.6 and 5.2.2 are vulnerable.

Solution : Upgrade to PHP 5.2.3/4.4.7 or later.

Risk factor : High

CVSS Score:
6.8

Querverweis: BugTraq ID: 24261
BugTraq ID: 24259
Common Vulnerability Exposure (CVE) ID: CVE-2007-3007
http://www.securityfocus.com/bid/24259
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html
http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml
http://osvdb.org/36084
http://secunia.com/advisories/25456
http://secunia.com/advisories/26048
http://secunia.com/advisories/26231
http://secunia.com/advisories/27102
http://secunia.com/advisories/27110
SuSE Security Announcement: SUSE-SA:2007:044 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html
http://www.trustix.org/errata/2007/0023/
Common Vulnerability Exposure (CVE) ID: CVE-2007-2872
1018186
http://www.securitytracker.com/id?1018186
2007-0023
20070601 SEC Consult SA-20070601-0 :: PHP chunk_split() integer overflow
http://www.securityfocus.com/archive/1/470244/100/0/threaded
24261
http://www.securityfocus.com/bid/24261
25456
25535
http://secunia.com/advisories/25535
26048
26231
26838
http://secunia.com/advisories/26838
26871
http://secunia.com/advisories/26871
26895
http://secunia.com/advisories/26895
26930
http://secunia.com/advisories/26930
26967
http://secunia.com/advisories/26967
27037
http://secunia.com/advisories/27037
27102
27110
27351
http://secunia.com/advisories/27351
27377
http://secunia.com/advisories/27377
27545
http://secunia.com/advisories/27545
27864
http://secunia.com/advisories/27864
28318
http://secunia.com/advisories/28318
28658
http://secunia.com/advisories/28658
28750
http://secunia.com/advisories/28750
28936
http://secunia.com/advisories/28936
30040
http://secunia.com/advisories/30040
36083
http://osvdb.org/36083
ADV-2007-2061
http://www.vupen.com/english/advisories/2007/2061
ADV-2007-3386
http://www.vupen.com/english/advisories/2007/3386
ADV-2008-0059
http://www.vupen.com/english/advisories/2008/0059
ADV-2008-0398
http://www.vupen.com/english/advisories/2008/0398
FEDORA-2007-2215
FEDORA-2007-709
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html
GLSA-200710-02
HPSBUX02262
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
HPSBUX02308
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501
HPSBUX02332
http://www.securityfocus.com/archive/1/491693/100/0/threaded
MDKSA-2007:187
http://www.mandriva.com/security/advisories?name=MDKSA-2007:187
OpenPKG-SA-2007.020
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.020.html
RHSA-2007:0888
http://www.redhat.com/support/errata/RHSA-2007-0888.html
RHSA-2007:0889
http://rhn.redhat.com/errata/RHSA-2007-0889.html
RHSA-2007:0890
http://www.redhat.com/support/errata/RHSA-2007-0890.html
RHSA-2007:0891
http://www.redhat.com/support/errata/RHSA-2007-0891.html
SSA:2007-152-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.482863
SSA:2008-045-03
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136
SSRT071447
SSRT080010
SSRT080056
SUSE-SA:2007:044
SUSE-SA:2008:004
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html
USN-549-1
https://usn.ubuntu.com/549-1/
USN-549-2
http://www.ubuntu.com/usn/usn-549-2
http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm
http://www.php.net/ChangeLog-4.php
http://www.php.net/releases/4_4_8.php
http://www.php.net/releases/5_2_3.php
http://www.sec-consult.com/291.html
https://issues.rpath.com/browse/RPL-1693
https://issues.rpath.com/browse/RPL-1702
https://launchpad.net/bugs/173043
oval:org.mitre.oval:def:9424
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9424
php-chunksplit-security-bypass(39398)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39398
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.