SuSE Local Security Checks : SuSE Security Advisory SUSE-SA:2005:051 (php4,php5)

Resumen de Precio/Funciones | Ordenar | Nuevas Vulnerabilidades | Confidencialidad | Búsqueda de Vulnerabilidad

Búsqueda de Vulnerabilidad		Buscar 61204 Descripciones CVE y 32582 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Esta es sólo una de 32582 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario
Email:

Usuario:

Contraseña:

Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas.

Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.

Privacidad

Ingreso de Usuario Registrado

Usuario:

Contraseña:

¿Olvidó su usuario o contraseña??

Email/ID de Usario:

ID de Prueba:	1.3.6.1.4.1.25623.1.0.55222
Categoría:	SuSE Local Security Checks
Título:	SuSE Security Advisory SUSE-SA:2005:051 (php4,php5)
Resumen:	SuSE Security Advisory SUSE-SA:2005:051 (php4,php5)
Descripción:	The remote host is missing updates announced in advisory SUSE-SA:2005:051. This update fixes the following security issues in the PHP scripting language. - Bugs in the PEAR::XML_RPC library allowed remote attackers to pass arbitrary PHP code to the eval() function (CVE-2005-1921, CVE-2005-2498). The Pear::XML_RPC library is not used by default in SUSE Linux, but might be used by third-party PHP applications. - An integer overflow bug was found in the PCRE (perl compatible regular expression) library which could be used by an attacker to potentially execute code. (CVE-2005-2491) Please note: This is a reissue of the previous PHP update (SUSE-SA:2005:049) which due to a mixup between PCRE version was causing breakage in nearly all PHP applications. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2005:051 Risk factor : High
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-2491 http://docs.info.apple.com/article.html?artnum=302847 Debian Security Information: DSA-800 (Google Search) http://www.debian.org/security/2005/dsa-800 Debian Security Information: DSA-817 (Google Search) http://www.debian.org/security/2005/dsa-817 Debian Security Information: DSA-819 (Google Search) http://www.debian.org/security/2005/dsa-819 Debian Security Information: DSA-821 (Google Search) http://www.debian.org/security/2005/dsa-821 http://www.securityfocus.com/archive/1/archive/1/427046/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200509-02.xml http://www.gentoo.org/security/en/glsa/glsa-200508-17.xml http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml http://www.gentoo.org/security/en/glsa/glsa-200509-19.xml HPdes Security Advisory: HPSBUX02074 http://www.securityfocus.com/archive/1/archive/1/428138/100/0/threaded HPdes Security Advisory: SSRT051251 HPdes Security Advisory: HPSBMA02159 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522 HPdes Security Advisory: SSRT061238 HPdes Security Advisory: HPSBOV02683 http://marc.info/?l=bugtraq&m=130497311408250&w=2 HPdes Security Advisory: SSRT090208 http://www.redhat.com/support/errata/RHSA-2005-761.html http://www.redhat.com/support/errata/RHSA-2006-0197.html http://marc.theaimsgroup.com/?l=bugtraq&m=112606064317223&w=2 http://www.redhat.com/support/errata/RHSA-2005-358.html SCO Security Bulletin: SCOSA-2006.10 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt SGI Security Advisory: 20060401-01-U ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1 SuSE Security Announcement: SUSE-SA:2005:051 (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=112605112027335&w=2 SuSE Security Announcement: SUSE-SA:2005:048 (Google Search) http://www.novell.com/linux/security/advisories/2005_48_pcre.html SuSE Security Announcement: SUSE-SA:2005:049 (Google Search) http://www.novell.com/linux/security/advisories/2005_49_php.html SuSE Security Announcement: SUSE-SA:2005:052 (Google Search) http://www.novell.com/linux/security/advisories/2005_52_apache2.html http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html BugTraq ID: 14620 http://www.securityfocus.com/bid/14620 BugTraq ID: 15647 http://www.securityfocus.com/bid/15647 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11516 http://www.vupen.com/english/advisories/2005/1511 http://www.vupen.com/english/advisories/2005/2659 http://www.vupen.com/english/advisories/2006/0789 http://www.vupen.com/english/advisories/2006/4320 http://www.vupen.com/english/advisories/2006/4502 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:735 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1496 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1659 http://securitytracker.com/id?1014744 http://secunia.com/advisories/17813 http://secunia.com/advisories/16502 http://secunia.com/advisories/16679 http://secunia.com/advisories/19072 http://secunia.com/advisories/19193 http://secunia.com/advisories/17252 http://secunia.com/advisories/19532 http://secunia.com/advisories/21522 http://secunia.com/advisories/22691 http://secunia.com/advisories/22875 http://securityreason.com/securityalert/604 Common Vulnerability Exposure (CVE) ID: CVE-2005-1921 Bugtraq: 20050629 Advisory 02/2005: Remote code execution in Serendipity (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=112008638320145&w=2 http://pear.php.net/package/XML_RPC/download/1.3.1 http://www.gulftech.org/?node=research&article_id=00087-07012005 http://www.hardened-php.net/advisory-022005.php Debian Security Information: DSA-745 (Google Search) http://www.debian.org/security/2005/dsa-745 Debian Security Information: DSA-747 (Google Search) http://www.debian.org/security/2005/dsa-747 Debian Security Information: DSA-789 (Google Search) http://www.debian.org/security/2005/dsa-789 Debian Security Information: DSA-746 (Google Search) http://www.debian.org/security/2005/dsa-746 http://security.gentoo.org/glsa/glsa-200507-01.xml http://security.gentoo.org/glsa/glsa-200507-06.xml http://security.gentoo.org/glsa/glsa-200507-07.xml HPdes Security Advisory: HPSBTU02083 http://www.securityfocus.com/archive/1/archive/1/419064/100/0/threaded HPdes Security Advisory: SSRT051069 http://www.mandriva.com/security/advisories?name=MDKSA-2005:109 http://www.redhat.com/support/errata/RHSA-2005-564.html Bugtraq: 20050629 [DRUPAL-SA-2005-003] Drupal 4.6.2 / 4.5.4 fixes critical XML-RPC issue (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=112015336720867&w=2 SuSE Security Announcement: SUSE-SA:2005:041 (Google Search) http://www.novell.com/linux/security/advisories/2005_41_php_pear.html SuSE Security Announcement: SUSE-SR:2005:018 (Google Search) http://www.novell.com/linux/security/advisories/2005_18_sr.html BugTraq ID: 14088 http://www.securityfocus.com/bid/14088 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11294 http://www.vupen.com/english/advisories/2005/2827 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:350 http://securitytracker.com/id?1015336 http://secunia.com/advisories/15852 http://secunia.com/advisories/15872 http://secunia.com/advisories/15944 http://secunia.com/advisories/15947 http://secunia.com/advisories/15957 http://secunia.com/advisories/16001 http://secunia.com/advisories/18003 http://secunia.com/advisories/15810 http://secunia.com/advisories/15855 http://secunia.com/advisories/15861 http://secunia.com/advisories/15883 http://secunia.com/advisories/15884 http://secunia.com/advisories/15895 http://secunia.com/advisories/15903 http://secunia.com/advisories/15904 http://secunia.com/advisories/15916 http://secunia.com/advisories/15917 http://secunia.com/advisories/15922 http://secunia.com/advisories/16339 http://secunia.com/advisories/16693 http://secunia.com/advisories/17440 http://secunia.com/advisories/17674 Common Vulnerability Exposure (CVE) ID: CVE-2005-2498 Bugtraq: 20050815 Advisory 15/2005: PHPXMLRPC Remote PHP Code Injection Vulnerability (Google Search) http://www.securityfocus.com/archive/1/408125 http://www.hardened-php.net/advisory_152005.67.html Bugtraq: 20050817 [PHPADSNEW-SA-2005-001] phpAdsNew and phpPgAds 2.0.6 fix multiple vulnerabilities (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=112431497300344&w=2 Bugtraq: 20050815 [DRUPAL-SA-2005-004] Drupal 4.6.3 / 4.5.5 fixes critical XML-RPC issue (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=112412415822890&w=2 Debian Security Information: DSA-798 (Google Search) http://www.debian.org/security/2005/dsa-798 Debian Security Information: DSA-840 (Google Search) http://www.debian.org/security/2005/dsa-840 Debian Security Information: DSA-842 (Google Search) http://www.debian.org/security/2005/dsa-842 http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html http://www.redhat.com/support/errata/RHSA-2005-748.html BugTraq ID: 14560 http://www.securityfocus.com/bid/14560 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9569 http://secunia.com/advisories/16431 http://secunia.com/advisories/16432 http://secunia.com/advisories/16441 http://secunia.com/advisories/16460 http://secunia.com/advisories/16465 http://secunia.com/advisories/16468 http://secunia.com/advisories/16469 http://secunia.com/advisories/16491 http://secunia.com/advisories/16550 http://secunia.com/advisories/16558 http://secunia.com/advisories/16563 http://secunia.com/advisories/16619 http://secunia.com/advisories/16635 http://secunia.com/advisories/16976 http://secunia.com/advisories/17053 http://secunia.com/advisories/17066
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com