ID de Prueba:	1.3.6.1.4.1.25623.1.0.55777
Categoría:	FreeBSD Local Security Checks
Título:	PHP -- multiple vulnerabilities
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: mod_php4-twig php4-cgi php4-cli php4-dtc php4-horde php4-nms php4 mod_php mod_php4 Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-2491 1014744 http://securitytracker.com/id?1014744 102198 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1 14620 http://www.securityfocus.com/bid/14620 15647 http://www.securityfocus.com/bid/15647 16502 http://secunia.com/advisories/16502 16679 http://secunia.com/advisories/16679 17252 http://secunia.com/advisories/17252 17813 http://secunia.com/advisories/17813 19072 http://secunia.com/advisories/19072 19193 http://secunia.com/advisories/19193 19532 http://secunia.com/advisories/19532 20060401-01-U ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U 21522 http://secunia.com/advisories/21522 22691 http://secunia.com/advisories/22691 22875 http://secunia.com/advisories/22875 604 http://securityreason.com/securityalert/604 ADV-2005-1511 http://www.vupen.com/english/advisories/2005/1511 ADV-2005-2659 http://www.vupen.com/english/advisories/2005/2659 ADV-2006-0789 http://www.vupen.com/english/advisories/2006/0789 ADV-2006-4320 http://www.vupen.com/english/advisories/2006/4320 ADV-2006-4502 http://www.vupen.com/english/advisories/2006/4502 APPLE-SA-2005-11-29 http://docs.info.apple.com/article.html?artnum=302847 DSA-800 http://www.debian.org/security/2005/dsa-800 DSA-817 http://www.debian.org/security/2005/dsa-817 DSA-819 http://www.debian.org/security/2005/dsa-819 DSA-821 http://www.debian.org/security/2005/dsa-821 FLSA:168516 http://www.securityfocus.com/archive/1/427046/100/0/threaded GLSA-200508-17 http://www.gentoo.org/security/en/glsa/glsa-200508-17.xml GLSA-200509-02 http://www.gentoo.org/security/en/glsa/glsa-200509-02.xml GLSA-200509-08 http://www.gentoo.org/security/en/glsa/glsa-200509-08.xml GLSA-200509-12 http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml GLSA-200509-19 http://www.gentoo.org/security/en/glsa/glsa-200509-19.xml HPSBMA02159 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522 HPSBOV02683 http://marc.info/?l=bugtraq&m=130497311408250&w=2 HPSBUX02074 http://www.securityfocus.com/archive/1/428138/100/0/threaded OpenPKG-SA-2005.018 http://marc.info/?l=bugtraq&m=112606064317223&w=2 RHSA-2005:358 http://www.redhat.com/support/errata/RHSA-2005-358.html RHSA-2005:761 http://www.redhat.com/support/errata/RHSA-2005-761.html RHSA-2006:0197 http://www.redhat.com/support/errata/RHSA-2006-0197.html SCOSA-2006.10 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt SSRT051251 SSRT061238 SSRT090208 SUSE-SA:2005:048 http://www.novell.com/linux/security/advisories/2005_48_pcre.html SUSE-SA:2005:049 http://www.novell.com/linux/security/advisories/2005_49_php.html SUSE-SA:2005:051 http://marc.info/?l=bugtraq&m=112605112027335&w=2 SUSE-SA:2005:052 http://www.novell.com/linux/security/advisories/2005_52_apache2.html TSLSA-2005-0059 http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/ https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1073149 [5/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/ https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E [httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E http://support.avaya.com/elmodocs2/security/ASA-2005-216.pdf http://support.avaya.com/elmodocs2/security/ASA-2005-223.pdf http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm http://support.avaya.com/elmodocs2/security/ASA-2006-159.htm http://www.ethereal.com/appnotes/enpa-sa-00021.html http://www.php.net/release_4_4_1.php oval:org.mitre.oval:def:11516 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11516 oval:org.mitre.oval:def:1496 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1496 oval:org.mitre.oval:def:1659 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1659 oval:org.mitre.oval:def:735 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A735 Common Vulnerability Exposure (CVE) ID: CVE-2005-3319 http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html BugTraq ID: 15177 http://www.securityfocus.com/bid/15177 BugTraq ID: 16907 http://www.securityfocus.com/bid/16907 Bugtraq: 20051024 php < 4.4.1 htaccess apache dos (Google Search) http://marc.info/?l=bugtraq&m=113019286208204&w=2 Cert/CC Advisory: TA06-062A http://www.us-cert.gov/cas/techalerts/TA06-062A.html http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0491.html http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml HPdes Security Advisory: HPSBMA02159 HPdes Security Advisory: SSRT061238 http://www.mandriva.com/security/advisories?name=MDKSA-2005:213 http://www.osvdb.org/20491 http://secunia.com/advisories/17510 http://secunia.com/advisories/17557 http://secunia.com/advisories/18198 http://secunia.com/advisories/19064 http://securityreason.com/securityalert/525 https://www.ubuntu.com/usn/usn-232-1/ http://www.vupen.com/english/advisories/2006/0791 XForce ISS Database: php-htaccess-dos(22844) https://exchange.xforce.ibmcloud.com/vulnerabilities/22844 Common Vulnerability Exposure (CVE) ID: CVE-2005-3353 15358 http://www.securityfocus.com/bid/15358 16907 17371 http://secunia.com/advisories/17371 17490 http://secunia.com/advisories/17490 17531 http://secunia.com/advisories/17531 17557 18054 http://secunia.com/advisories/18054 18198 19064 22713 http://secunia.com/advisories/22713 525 ADV-2006-0791 APPLE-SA-2006-03-01 DSA-1206 http://www.debian.org/security/2006/dsa-1206 FLSA:166943 http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html MDKSA-2005:213 OpenPKG-SA-2005.027 http://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html RHSA-2005:831 http://rhn.redhat.com/errata/RHSA-2005-831.html SUSE-SA:2005:069 http://www.securityfocus.com/archive/1/419504/100/0/threaded TA06-062A TLSA-2006-38 http://www.turbolinux.com/security/2006/TLSA-2006-38.txt USN-232-1 http://bugs.php.net/bug.php?id=34704 http://docs.info.apple.com/article.html?artnum=303382 http://www.php.net/ChangeLog-4.php#4.4.1 oval:org.mitre.oval:def:11032 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11032 php-exif-dos(24351) https://exchange.xforce.ibmcloud.com/vulnerabilities/24351 Common Vulnerability Exposure (CVE) ID: CVE-2005-3388 BugTraq ID: 15248 http://www.securityfocus.com/bid/15248 Bugtraq: 20051031 Advisory 18/2005: PHP Cross Site Scripting (XSS) Vulnerability in phpinfo() (Google Search) http://www.securityfocus.com/archive/1/415292 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIRZJHM6UDNWNHZ3PCMEZ2YUK3CWY2UE/ http://www.hardened-php.net/advisory_182005.77.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10542 http://www.redhat.com/support/errata/RHSA-2005-831.html http://www.redhat.com/support/errata/RHSA-2005-838.html RedHat Security Advisories: RHSA-2006:0549 http://rhn.redhat.com/errata/RHSA-2006-0549.html http://securitytracker.com/id?1015130 http://secunia.com/advisories/17559 http://secunia.com/advisories/18669 http://secunia.com/advisories/21252 http://securityreason.com/securityalert/133 SuSE Security Announcement: SUSE-SR:2005:026 (Google Search) SuSE Security Announcement: SUSE-SR:2005:027 (Google Search) http://www.novell.com/linux/security/advisories/2005_27_sr.html TurboLinux Advisory: TLSA-2006-38 http://www.vupen.com/english/advisories/2005/2254 Common Vulnerability Exposure (CVE) ID: CVE-2005-3389 BugTraq ID: 15249 http://www.securityfocus.com/bid/15249 Bugtraq: 20051031 Advisory 19/2005: PHP register_globals Activation Vulnerability in parse_str() (Google Search) http://www.securityfocus.com/archive/1/415291 http://www.hardened-php.net/advisory_192005.78.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11481 http://securitytracker.com/id?1015131 http://securityreason.com/securityalert/134 SuSE Security Announcement: SUSE-SA:2005:069 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2005-3390 BugTraq ID: 15250 http://www.securityfocus.com/bid/15250 Bugtraq: 20051031 Advisory 20/2005: PHP File-Upload $GLOBALS Overwrite Vulnerability (Google Search) http://www.securityfocus.com/archive/1/415290/30/0/threaded http://www.hardened-php.net/advisory_202005.79.html http://www.hardened-php.net/globals-problem https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10537 http://securitytracker.com/id?1015129 http://securityreason.com/securityalert/132 Common Vulnerability Exposure (CVE) ID: CVE-2005-3391 BugTraq ID: 15411 http://www.securityfocus.com/bid/15411 http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:035 http://www.osvdb.org/20898 http://secunia.com/advisories/18763 Common Vulnerability Exposure (CVE) ID: CVE-2005-3392 BugTraq ID: 15413 http://www.securityfocus.com/bid/15413 http://www.osvdb.org/20897 XForce ISS Database: php-virtual-bypass-security(22924) https://exchange.xforce.ibmcloud.com/vulnerabilities/22924
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.