Test Kennung:	1.3.6.1.4.1.25623.1.0.66420
Kategorie:	Mandrake Local Security Checks
Titel:	Mandriva Security Advisory MDVSA-2009:324 (php)
Zusammenfassung:	The remote host is missing an update to php;announced via advisory MDVSA-2009:324.
Beschreibung:	Summary: The remote host is missing an update to php announced via advisory MDVSA-2009:324. Vulnerability Insight: For details on the issues addressed with this update, please visit the referenced security advisories. Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides a solution to these vulnerabilities. Affected: 2008.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-7068 Bugtraq: 20081127 SecurityReason : PHP 5.2.6 dba_replace() destroying file (Google Search) http://www.securityfocus.com/archive/1/498746/100/0/threaded Bugtraq: 20081206 Re: SecurityReason : PHP 5.2.6 dba_replace() destroying file (Google Search) http://www.securityfocus.com/archive/1/498981/100/0/threaded http://www.securityfocus.com/archive/1/498982/100/0/threaded http://www.osvdb.org/52206 http://securityreason.com/achievement_securityalert/58 XForce ISS Database: php-dbareplace-file-corruption(47316) https://exchange.xforce.ibmcloud.com/vulnerabilities/47316 Common Vulnerability Exposure (CVE) ID: CVE-2009-1271 http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html Debian Security Information: DSA-1775 (Google Search) http://www.debian.org/security/2009/dsa-1775 Debian Security Information: DSA-1789 (Google Search) http://www.debian.org/security/2009/dsa-1789 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:090 http://cvs.php.net/viewvc.cgi/php-src/ext/json/JSON_parser.c?r1=1.1.2.14&r2=1.1.2.15 http://www.openwall.com/lists/oss-security/2009/04/01/9 http://www.redhat.com/support/errata/RHSA-2009-0350.html http://secunia.com/advisories/34770 http://secunia.com/advisories/34830 http://secunia.com/advisories/34933 http://secunia.com/advisories/35003 http://secunia.com/advisories/35007 http://secunia.com/advisories/35306 http://secunia.com/advisories/35685 http://secunia.com/advisories/36701 SuSE Security Announcement: SUSE-SR:2009:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html https://usn.ubuntu.com/761-1/ http://www.ubuntu.com/usn/USN-761-2 Common Vulnerability Exposure (CVE) ID: CVE-2009-2687 BugTraq ID: 35440 http://www.securityfocus.com/bid/35440 Debian Security Information: DSA-1940 (Google Search) http://www.debian.org/security/2009/dsa-1940 HPdes Security Advisory: HPSBUX02543 http://marc.info/?l=bugtraq&m=127680701405735&w=2 HPdes Security Advisory: SSRT100152 http://www.mandriva.com/security/advisories?name=MDVSA-2009:145 http://www.mandriva.com/security/advisories?name=MDVSA-2009:167 http://osvdb.org/55222 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10695 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6655 http://secunia.com/advisories/35441 http://secunia.com/advisories/36462 http://secunia.com/advisories/37482 http://secunia.com/advisories/40262 SuSE Security Announcement: SUSE-SR:2009:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html https://usn.ubuntu.com/824-1/ http://www.vupen.com/english/advisories/2009/1632 XForce ISS Database: php-exifreaddata-dos(51253) https://exchange.xforce.ibmcloud.com/vulnerabilities/51253 Common Vulnerability Exposure (CVE) ID: CVE-2009-3291 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html HPdes Security Advisory: HPSBOV02683 http://marc.info/?l=bugtraq&m=130497311408250&w=2 HPdes Security Advisory: SSRT090208 http://www.osvdb.org/58185 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10438 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7394 http://www.securitytracker.com/id?1022914 http://secunia.com/advisories/36791 http://www.vupen.com/english/advisories/2009/3184 XForce ISS Database: php-certificate-unspecified(53334) https://exchange.xforce.ibmcloud.com/vulnerabilities/53334 Common Vulnerability Exposure (CVE) ID: CVE-2009-3292 http://www.mandriva.com/security/advisories?name=MDVSA-2009:302 http://www.openwall.com/lists/oss-security/2009/11/20/2 http://www.openwall.com/lists/oss-security/2009/11/20/3 http://news.php.net/php.announce/79 http://www.osvdb.org/58186 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7652 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9982 http://secunia.com/advisories/37412 Common Vulnerability Exposure (CVE) ID: CVE-2009-3293 http://www.osvdb.org/58187 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7047 Common Vulnerability Exposure (CVE) ID: CVE-2009-3546 36712 http://www.securityfocus.com/bid/36712 37069 http://secunia.com/advisories/37069 37080 http://secunia.com/advisories/37080 38055 http://secunia.com/advisories/38055 ADV-2009-2929 http://www.vupen.com/english/advisories/2009/2929 ADV-2009-2930 http://www.vupen.com/english/advisories/2009/2930 MDVSA-2009:285 http://www.mandriva.com/security/advisories?name=MDVSA-2009:285 RHSA-2010:0003 http://www.redhat.com/support/errata/RHSA-2010-0003.html [oss-security] 20091015 Re: CVE Request -- PHP 5 - 5.2.11 http://marc.info/?l=oss-security&m=125562113503923&w=2 [oss-security] 20091120 Re: CVE request: php 5.3.1 update http://www.openwall.com/lists/oss-security/2009/11/20/5 http://svn.php.net/viewvc?view=revision&revision=289557 oval:org.mitre.oval:def:11199 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11199 Common Vulnerability Exposure (CVE) ID: CVE-2009-3557 37412 37821 http://secunia.com/advisories/37821 40262 6601 http://securityreason.com/securityalert/6601 ADV-2009-3593 http://www.vupen.com/english/advisories/2009/3593 APPLE-SA-2010-03-29-1 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html HPSBUX02543 MDVSA-2009:302 MDVSA-2009:303 http://www.mandriva.com/security/advisories?name=MDVSA-2009:303 SSRT100152 [oss-security] 20091120 CVE request: php 5.3.1 update [php-announce] 20091119 5.3.1 Release announcement http://support.apple.com/kb/HT4077 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/standard/file.c?view=log http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/standard/file.c?view=log http://svn.php.net/viewvc?view=revision&revision=288945 http://www.php.net/ChangeLog-5.php http://www.php.net/releases/5_2_12.php http://www.php.net/releases/5_3_1.php oval:org.mitre.oval:def:7396 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7396 Common Vulnerability Exposure (CVE) ID: CVE-2009-3558 6600 http://securityreason.com/securityalert/6600 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/posix/posix.c?view=log http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/posix/posix.c?view=log http://svn.php.net/viewvc?view=revision&revision=288943 Common Vulnerability Exposure (CVE) ID: CVE-2009-4017 20091120 PHP "multipart/form-data" denial of service http://seclists.org/fulldisclosure/2009/Nov/228 http://www.securityfocus.com/archive/1/507982/100/0/threaded 37482 41480 http://secunia.com/advisories/41480 41490 http://secunia.com/advisories/41490 DSA-1940 HPSBMA02568 http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995 MDVSA-2009:305 http://www.mandriva.com/security/advisories?name=MDVSA-2009:305 SSRT100219 http://www.openwall.com/lists/oss-security/2009/11/20/7 http://www.acunetix.com/blog/websecuritynews/php-multipartform-data-denial-of-service/ oval:org.mitre.oval:def:10483 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10483 oval:org.mitre.oval:def:6667 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6667 php-multipart-formdata-dos(54455) https://exchange.xforce.ibmcloud.com/vulnerabilities/54455 Common Vulnerability Exposure (CVE) ID: CVE-2009-4018 37138 http://www.securityfocus.com/bid/37138 [oss-security] 20091122 Re: CVE request: php 5.3.1 update http://marc.info/?l=oss-security&m=125886770008678&w=2 [oss-security] 20091123 Re: CVE request: php 5.3.1 - proc_open() bypass PHP Bug #49026 [was: Re: CVE request: php 5.3.1 update] http://marc.info/?l=oss-security&m=125897935330618&w=2 http://www.openwall.com/lists/oss-security/2009/11/23/15 http://bugs.php.net/bug.php?id=49026 http://svn.php.net/viewvc/?view=revision&revision=286360 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/standard/proc_open.c?r1=286360&r2=286359&pathrev=286360 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/standard/proc_open.c?r1=286360&r2=286359&pathrev=286360 oval:org.mitre.oval:def:7256 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7256
Copyright	Copyright (C) 2009 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.