ID de Prueba:	1.3.6.1.4.1.25623.1.0.55882
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2005:213 (php)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to php announced via advisory MDKSA-2005:213. A number of vulnerabilities were discovered in PHP: An issue with fopen_wrappers.c would not properly restrict access to other directories when the open_basedir directive included a trailing slash (CVE-2005-3054) this issue does not affect Corporate Server 2.1. An issue with the apache2handler SAPI in mod_php could allow an attacker to cause a Denial of Service via the session.save_path option in an .htaccess file or VirtualHost stanza (CVE-2005-3319) this issue does not affect Corporate Server 2.1. A Denial of Service vulnerability was discovered in the way that PHP processes EXIF image data which could allow an attacker to cause PHP to crash by supplying carefully crafted EXIF image data (CVE-2005-3353). A cross-site scripting vulnerability was discovered in the phpinfo() function which could allow for the injection of javascript or HTML content onto a page displaying phpinfo() output, or to steal data such as cookies (CVE-2005-3388). A flaw in the parse_str() function could allow for the enabling of register_globals, even if it was disabled in the PHP configuration file (CVE-2005-3389). A vulnerability in the way that PHP registers global variables during a file upload request could allow a remote attacker to overwrite the $GLOBALS array which could potentially lead the execution of arbitrary PHP commands. This vulnerability only affects systems with register_globals enabled (CVE-2005-3390). The updated packages have been patched to address this issue. Once the new packages have been installed, you will need to restart your Apache server using service httpd restart in order for the new packages to take effect (service httpd2-naat restart for MNF2). Affected: 10.1, 10.2, 2006.0, Corporate 2.1, Corporate 3.0, Multi Network Firewall 2.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2005:213 http://www.hardened-php.net/advisory_202005.79.html http://www.hardened-php.net/advisory_192005.78.html http://www.hardened-php.net/advisory_182005.77.html Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-3054 BugTraq ID: 14957 http://www.securityfocus.com/bid/14957 http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:213 http://secunia.com/advisories/17229 http://secunia.com/advisories/17371 http://secunia.com/advisories/17510 http://secunia.com/advisories/17557 http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html https://usn.ubuntu.com/207-1/ http://www.vupen.com/english/advisories/2005/1862 http://www.vupen.com/english/advisories/2005/2254 Common Vulnerability Exposure (CVE) ID: CVE-2005-3319 http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html BugTraq ID: 15177 http://www.securityfocus.com/bid/15177 BugTraq ID: 16907 http://www.securityfocus.com/bid/16907 Bugtraq: 20051024 php < 4.4.1 htaccess apache dos (Google Search) http://marc.info/?l=bugtraq&m=113019286208204&w=2 Cert/CC Advisory: TA06-062A http://www.us-cert.gov/cas/techalerts/TA06-062A.html http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0491.html HPdes Security Advisory: HPSBMA02159 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522 HPdes Security Advisory: SSRT061238 http://www.osvdb.org/20491 http://secunia.com/advisories/18198 http://secunia.com/advisories/19064 http://secunia.com/advisories/22691 http://securityreason.com/securityalert/525 https://www.ubuntu.com/usn/usn-232-1/ http://www.vupen.com/english/advisories/2006/0791 http://www.vupen.com/english/advisories/2006/4320 XForce ISS Database: php-htaccess-dos(22844) https://exchange.xforce.ibmcloud.com/vulnerabilities/22844 Common Vulnerability Exposure (CVE) ID: CVE-2005-3353 15358 http://www.securityfocus.com/bid/15358 16907 17371 17490 http://secunia.com/advisories/17490 17531 http://secunia.com/advisories/17531 17557 18054 http://secunia.com/advisories/18054 18198 19064 22691 22713 http://secunia.com/advisories/22713 525 ADV-2006-0791 ADV-2006-4320 APPLE-SA-2006-03-01 DSA-1206 http://www.debian.org/security/2006/dsa-1206 FLSA:166943 http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html HPSBMA02159 MDKSA-2005:213 OpenPKG-SA-2005.027 http://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html RHSA-2005:831 http://rhn.redhat.com/errata/RHSA-2005-831.html SSRT061238 SUSE-SA:2005:069 http://www.securityfocus.com/archive/1/419504/100/0/threaded TA06-062A TLSA-2006-38 http://www.turbolinux.com/security/2006/TLSA-2006-38.txt USN-232-1 http://bugs.php.net/bug.php?id=34704 http://docs.info.apple.com/article.html?artnum=303382 http://www.php.net/ChangeLog-4.php#4.4.1 oval:org.mitre.oval:def:11032 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11032 php-exif-dos(24351) https://exchange.xforce.ibmcloud.com/vulnerabilities/24351 Common Vulnerability Exposure (CVE) ID: CVE-2005-3388 BugTraq ID: 15248 http://www.securityfocus.com/bid/15248 Bugtraq: 20051031 Advisory 18/2005: PHP Cross Site Scripting (XSS) Vulnerability in phpinfo() (Google Search) http://www.securityfocus.com/archive/1/415292 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIRZJHM6UDNWNHZ3PCMEZ2YUK3CWY2UE/ http://www.hardened-php.net/advisory_182005.77.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10542 http://www.redhat.com/support/errata/RHSA-2005-831.html http://www.redhat.com/support/errata/RHSA-2005-838.html RedHat Security Advisories: RHSA-2006:0549 http://rhn.redhat.com/errata/RHSA-2006-0549.html http://securitytracker.com/id?1015130 http://secunia.com/advisories/17559 http://secunia.com/advisories/18669 http://secunia.com/advisories/21252 http://securityreason.com/securityalert/133 SuSE Security Announcement: SUSE-SR:2005:026 (Google Search) SuSE Security Announcement: SUSE-SR:2005:027 (Google Search) http://www.novell.com/linux/security/advisories/2005_27_sr.html TurboLinux Advisory: TLSA-2006-38 Common Vulnerability Exposure (CVE) ID: CVE-2005-3389 BugTraq ID: 15249 http://www.securityfocus.com/bid/15249 Bugtraq: 20051031 Advisory 19/2005: PHP register_globals Activation Vulnerability in parse_str() (Google Search) http://www.securityfocus.com/archive/1/415291 http://www.hardened-php.net/advisory_192005.78.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11481 http://securitytracker.com/id?1015131 http://securityreason.com/securityalert/134 SuSE Security Announcement: SUSE-SA:2005:069 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2005-3390 BugTraq ID: 15250 http://www.securityfocus.com/bid/15250 Bugtraq: 20051031 Advisory 20/2005: PHP File-Upload $GLOBALS Overwrite Vulnerability (Google Search) http://www.securityfocus.com/archive/1/415290/30/0/threaded http://www.hardened-php.net/advisory_202005.79.html http://www.hardened-php.net/globals-problem https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10537 http://securitytracker.com/id?1015129 http://securityreason.com/securityalert/132
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.