ID de Prueba:	1.3.6.1.4.1.25623.1.0.57282
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2006:144 (php)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to php announced via advisory MDKSA-2006:144. A vulnerability was discovered in the sscanf function that could allow attackers in certain circumstances to execute arbitrary code via argument swapping which incremented an index past the end of an array and triggered a buffer over-read. Updated packages have been patched to correct these issues. Affected: 2006.0, Corporate 3.0, Multi Network Firewall 2.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:144 Risk factor : Medium CVSS Score: 4.6
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-4020 1016984 http://securitytracker.com/id?1016984 1341 http://securityreason.com/securityalert/1341 19415 http://www.securityfocus.com/bid/19415 20060804 php local buffer underflow could lead to arbitary code execution http://www.securityfocus.com/archive/1/442438/30/0/threaded 20061001-01-P ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc 21403 http://secunia.com/advisories/21403 21467 http://secunia.com/advisories/21467 21546 http://secunia.com/advisories/21546 21608 http://secunia.com/advisories/21608 21683 http://secunia.com/advisories/21683 21768 http://secunia.com/advisories/21768 21847 http://secunia.com/advisories/21847 22004 http://secunia.com/advisories/22004 22039 http://secunia.com/advisories/22039 22069 http://secunia.com/advisories/22069 22440 http://secunia.com/advisories/22440 22487 http://secunia.com/advisories/22487 22538 http://secunia.com/advisories/22538 23247 http://secunia.com/advisories/23247 ADV-2006-3193 http://www.vupen.com/english/advisories/2006/3193 GLSA-200608-28 http://security.gentoo.org/glsa/glsa-200608-28.xml MDKSA-2006:144 http://www.mandriva.com/security/advisories?name=MDKSA-2006:144 RHSA-2006:0669 http://www.redhat.com/support/errata/RHSA-2006-0669.html RHSA-2006:0682 http://www.redhat.com/support/errata/RHSA-2006-0682.html RHSA-2006:0688 http://rhn.redhat.com/errata/RHSA-2006-0688.html RHSA-2006:0736 http://rhn.redhat.com/errata/RHSA-2006-0736.html SUSE-SA:2006:052 http://www.novell.com/linux/security/advisories/2006_52_php.html SUSE-SR:2006:019 http://www.novell.com/linux/security/advisories/2006_19_sr.html SUSE-SR:2006:020 http://www.novell.com/linux/security/advisories/2006_20_sr.html SUSE-SR:2006:022 http://www.novell.com/linux/security/advisories/2006_22_sr.html USN-342-1 http://www.ubuntu.com/usn/usn-342-1 http://bugs.php.net/bug.php?id=38322 http://support.avaya.com/elmodocs2/security/ASA-2006-221.htm http://support.avaya.com/elmodocs2/security/ASA-2006-222.htm http://support.avaya.com/elmodocs2/security/ASA-2006-223.htm http://www.php.net/ChangeLog-5.php#5.1.5 http://www.php.net/release_5_1_5.php http://www.plain-text.info/sscanf_bug.txt oval:org.mitre.oval:def:11062 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11062
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.