ID de Prueba:	1.3.6.1.4.1.25623.1.0.120535
Categoría:	Amazon Linux Local Security Checks
Título:	Amazon Linux: Security Advisory (ALAS-2015-510)
Resumen:	The remote host is missing an update for the 'php55' package(s) announced via the ALAS-2015-510 advisory.
Descripción:	Summary: The remote host is missing an update for the 'php55' package(s) announced via the ALAS-2015-510 advisory. Vulnerability Insight: A use-after-free flaw was found in PHP's OPcache extension. This flaw could possibly lead to a disclosure of portion of server memory. (CVE-2015-1351) A NULL pointer dereference flaw was found in PHP's pgsql extension. A specially crafted table name passed to function as pg_insert() or pg_select() could cause a PHP application to crash. (CVE-2015-1352) A buffer overflow flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened. (CVE-2015-3329) Affected Software/OS: 'php55' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1351 http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html BugTraq ID: 71929 http://www.securityfocus.com/bid/71929 https://security.gentoo.org/glsa/201606-10 http://www.mandriva.com/security/advisories?name=MDVSA-2015:079 http://openwall.com/lists/oss-security/2015/01/24/9 RedHat Security Advisories: RHSA-2015:1053 http://rhn.redhat.com/errata/RHSA-2015-1053.html RedHat Security Advisories: RHSA-2015:1066 http://rhn.redhat.com/errata/RHSA-2015-1066.html Common Vulnerability Exposure (CVE) ID: CVE-2015-1352 BugTraq ID: 71932 http://www.securityfocus.com/bid/71932 HPdes Security Advisory: HPSBUX03337 http://marc.info/?l=bugtraq&m=143403519711434&w=2 HPdes Security Advisory: SSRT102066 Common Vulnerability Exposure (CVE) ID: CVE-2015-3329 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html BugTraq ID: 74240 http://www.securityfocus.com/bid/74240 Debian Security Information: DSA-3280 (Google Search) http://www.debian.org/security/2015/dsa-3280 RedHat Security Advisories: RHSA-2015:1135 http://rhn.redhat.com/errata/RHSA-2015-1135.html RedHat Security Advisories: RHSA-2015:1186 http://rhn.redhat.com/errata/RHSA-2015-1186.html RedHat Security Advisories: RHSA-2015:1187 http://rhn.redhat.com/errata/RHSA-2015-1187.html RedHat Security Advisories: RHSA-2015:1218 http://rhn.redhat.com/errata/RHSA-2015-1218.html http://www.securitytracker.com/id/1032145 SuSE Security Announcement: SUSE-SU-2015:0868 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html SuSE Security Announcement: openSUSE-SU-2015:0855 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html http://www.ubuntu.com/usn/USN-2572-1
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.