FreeBSD Local Security Checks : FreeBSD Ports: php4, php5

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.57462

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: php4, php5

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

php4 php5 php-suhosin php4-cli php5-cli php4-cgi php5-cgi
php4-dtc php5-dtc php4-horde php5-horde php4-nms php5-nms
mod_php4 mod_php5

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
6.2

CVSS Vector:
AV:L/AC:H/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-5178
BugTraq ID: 20326
http://www.securityfocus.com/bid/20326
Bugtraq: 20061003 Advisory 08/2006: PHP open_basedir Race Condition Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/447649/100/0/threaded
Bugtraq: 20061009 PHP open_basedir with symlink() function Race Condition PoC exploit (Google Search)
http://www.securityfocus.com/archive/1/448020/100/0/threaded
http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049850.html
http://www.mandriva.com/security/advisories?name=MDKSA-2006:185
http://www.hardened-php.net/advisory_082006.132.html
http://www.neosecurityteam.net/index.php?action=advisories&id=26
http://www.securityfocus.com/archive/1/448953/100/0/threaded
http://securitytracker.com/id?1016977
http://secunia.com/advisories/22235
http://secunia.com/advisories/22424
http://securityreason.com/securityalert/1692
TurboLinux Advisory: TLSA-2006-38
http://www.turbolinux.com/security/2006/TLSA-2006-38.txt
http://www.vupen.com/english/advisories/2006/3901
XForce ISS Database: php-openbasedir-security-bypass(29340)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29340

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.57462
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: php4, php5
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: php4 php5 php-suhosin php4-cli php5-cli php4-cgi php5-cgi php4-dtc php5-dtc php4-horde php5-horde php4-nms php5-nms mod_php4 mod_php5 Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 6.2 CVSS Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-5178 BugTraq ID: 20326 http://www.securityfocus.com/bid/20326 Bugtraq: 20061003 Advisory 08/2006: PHP open_basedir Race Condition Vulnerability (Google Search) http://www.securityfocus.com/archive/1/447649/100/0/threaded Bugtraq: 20061009 PHP open_basedir with symlink() function Race Condition PoC exploit (Google Search) http://www.securityfocus.com/archive/1/448020/100/0/threaded http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049850.html http://www.mandriva.com/security/advisories?name=MDKSA-2006:185 http://www.hardened-php.net/advisory_082006.132.html http://www.neosecurityteam.net/index.php?action=advisories&id=26 http://www.securityfocus.com/archive/1/448953/100/0/threaded http://securitytracker.com/id?1016977 http://secunia.com/advisories/22235 http://secunia.com/advisories/22424 http://securityreason.com/securityalert/1692 TurboLinux Advisory: TLSA-2006-38 http://www.turbolinux.com/security/2006/TLSA-2006-38.txt http://www.vupen.com/english/advisories/2006/3901 XForce ISS Database: php-openbasedir-security-bypass(29340) https://exchange.xforce.ibmcloud.com/vulnerabilities/29340
Copyright	Copyright (C) 2008 E-Soft Inc.