Test ID:	1.3.6.1.4.1.25623.1.0.52954
Category:	Turbolinux Local Security Tests
Title:	Turbolinux TLSA-2003-47 (php)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to php announced via advisory TLSA-2003-47. PHP is an HTML-embedded scripting language. The cross-site scripting vulnerability is in the transparent SID support capability for PHP. An attacker could use this vulnerability to execute embedded scripts within the context of the generated page. Solution: Please use the turbopkg (zabom) tool to apply the update. http://www.securityspace.com/smysecure/catid.html?in=TLSA-2003-47 Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0442 BugTraq ID: 7761 http://www.securityfocus.com/bid/7761 Bugtraq: 20030530 PHP Trans SID XSS (Was: New php release with security fixes) (Google Search) http://marc.info/?l=bugtraq&m=105449314612963&w=2 Bugtraq: 20030707 [OpenPKG-SA-2003.032] OpenPKG Security Advisory (php) (Google Search) http://marc.info/?l=bugtraq&m=105760591228031&w=2 Computer Incident Advisory Center Bulletin: N-112 http://www.ciac.org/ciac/bulletins/n-112.shtml Conectiva Linux advisory: CLSA-2003:691 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000691 Debian Security Information: DSA-351 (Google Search) http://www.debian.org/security/2003/dsa-351 http://www.mandriva.com/security/advisories?name=MDKSA-2003:082 http://shh.thathost.com/secadv/2003-05-11-php.txt http://www.osvdb.org/4758 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A485 http://www.redhat.com/support/errata/RHSA-2003-204.html SCO Security Bulletin: CSSA-2003-SCO.28 http://www.securitytracker.com/id?1008653 TurboLinux Advisory: TLSA-2003-47 http://www.turbolinux.co.jp/security/2003/TLSA-2003-47j.txt XForce ISS Database: php-session-id-xss(12259) https://exchange.xforce.ibmcloud.com/vulnerabilities/12259 Common Vulnerability Exposure (CVE) ID: CVE-2003-0422 http://www.rapid7.com/advisories/R7-0015.html http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0040.html
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.