Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2016.0238
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2016-0238)
Zusammenfassung:	The remote host is missing an update for the 'php' package(s) announced via the MGASA-2016-0238 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'php' package(s) announced via the MGASA-2016-0238 advisory. Vulnerability Insight: php-mbstring _php_mb_regex_ereg_replace_exec() - double free (CVE-2016-5768). php-mcrypt heap Overflow due to integer overflows (CVE-2016-5769). php-SPL int/size_t confusion in SplFileObject::fread (CVE-2016-5770). php-SPL Use After Free Vulnerability in PHP's GC algorithm and unserialize (CVE-2016-5771). php-WDDX Double Free Courruption in wddx_deserialize (CVE-2016-5772). php-zip ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize (CVE-2016-5773). The php package has been updated to version 5.6.23, fixing these issues and several other bugs. See the upstream ChangeLog for details. Affected Software/OS: 'php' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5768 http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html BugTraq ID: 91396 http://www.securityfocus.com/bid/91396 Debian Security Information: DSA-3618 (Google Search) http://www.debian.org/security/2016/dsa-3618 http://www.openwall.com/lists/oss-security/2016/06/23/4 RedHat Security Advisories: RHSA-2016:2598 http://rhn.redhat.com/errata/RHSA-2016-2598.html RedHat Security Advisories: RHSA-2016:2750 http://rhn.redhat.com/errata/RHSA-2016-2750.html SuSE Security Announcement: openSUSE-SU-2016:1761 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html SuSE Security Announcement: openSUSE-SU-2016:1922 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html Common Vulnerability Exposure (CVE) ID: CVE-2016-5769 BugTraq ID: 91399 http://www.securityfocus.com/bid/91399 SuSE Security Announcement: SUSE-SU-2016:2013 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html Common Vulnerability Exposure (CVE) ID: CVE-2016-5770 BugTraq ID: 91403 http://www.securityfocus.com/bid/91403 Common Vulnerability Exposure (CVE) ID: CVE-2016-5771 BugTraq ID: 91401 http://www.securityfocus.com/bid/91401 Common Vulnerability Exposure (CVE) ID: CVE-2016-5772 BugTraq ID: 91398 http://www.securityfocus.com/bid/91398 Common Vulnerability Exposure (CVE) ID: CVE-2016-5773 BugTraq ID: 91397 http://www.securityfocus.com/bid/91397
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.