ID de Prueba:	1.3.6.1.4.1.25623.1.0.58207
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2007:088 (php)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to php announced via advisory MDKSA-2007:088. A heap-based buffer overflow vulnerability was found in PHP's gd extension. A script that could be forced to process WBMP images from an untrusted source could result in arbitrary code execution (CVE-2007-1001). A DoS flaw was found in how PHP processed a deeply nested array. A remote attacker could cause the PHP intrerpreter to creash by submitting an input variable with a deeply nested array (CVE-2007-1285). A vulnerability was discovered in the way PHP's unserialize() function processed data. A remote attacker able to pass arbitrary data to PHP's unserialize() function could possibly execute arbitrary code as the apache user (CVE-2007-1286). A vulnerability in the way the mbstring extension set global variables was discovered where a script using the mb_parse_str() function to set global variables could be forced to to enable the register_globals configuration option, possibly resulting in global variable injection (CVE-2007-1583). A double-free flaw was found in the session_decode() function that could allow a remote attacker to potentially execute arbitrary code as the apache user if they are able to pass arbitrary data to PHP's session_decode() function (CVE-2007-1711). A vulnerability in how PHP's mail() function processed header data was discovered. If a script sent mail using a subject header containing a string from an untrusted source, a remote attacker could send bulk email to unintended recipients (CVE-2007-1718). A buffer overflow in the sqlite_decode_function() in the bundled sqlite library could allow context-dependent attackers to execute arbitrary code (CVE-2007-1887). Updated packages have been patched to correct these issues. Also note that the default use of the Hardened PHP patch helped to protect against some of these issues prior to patching. Affected: Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2007:088 Risk factor : High CVSS Score: 7.8
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1001 20070407 PHP <= 5.2.1 wbmp file handling integer overflow http://www.securityfocus.com/archive/1/464957/100/0/threaded 20070418 rPSA-2007-0073-1 php php-mysql php-pgsql http://www.securityfocus.com/archive/1/466166/100/0/threaded 23357 http://www.securityfocus.com/bid/23357 24814 http://secunia.com/advisories/24814 24909 http://secunia.com/advisories/24909 24924 http://secunia.com/advisories/24924 24945 http://secunia.com/advisories/24945 24965 http://secunia.com/advisories/24965 25056 http://secunia.com/advisories/25056 25151 http://secunia.com/advisories/25151 25159 http://www.securityfocus.com/bid/25159 25445 http://secunia.com/advisories/25445 26235 http://secunia.com/advisories/26235 ADV-2007-1269 http://www.vupen.com/english/advisories/2007/1269 ADV-2007-2732 http://www.vupen.com/english/advisories/2007/2732 APPLE-SA-2007-07-31 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html GLSA-200705-19 http://security.gentoo.org/glsa/glsa-200705-19.xml MDKSA-2007:087 http://www.mandriva.com/security/advisories?name=MDKSA-2007:087 MDKSA-2007:088 http://www.mandriva.com/security/advisories?name=MDKSA-2007:088 MDKSA-2007:089 http://www.mandriva.com/security/advisories?name=MDKSA-2007:089 MDKSA-2007:090 http://www.mandriva.com/security/advisories?name=MDKSA-2007:090 RHSA-2007:0153 http://www.redhat.com/support/errata/RHSA-2007-0153.html RHSA-2007:0155 http://rhn.redhat.com/errata/RHSA-2007-0155.html RHSA-2007:0162 http://www.redhat.com/support/errata/RHSA-2007-0162.html SSA:2007-127 http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.470053 SUSE-SA:2007:032 http://www.novell.com/linux/security/advisories/2007_32_php.html http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?r1=1.2.4.1&r2=1.2.4.1.8.1 http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?revision=1.2.4.1.8.1&view=markup http://docs.info.apple.com/article.html?artnum=306172 http://ifsec.blogspot.com/2007/04/php-521-wbmp-file-handling-integer.html http://us2.php.net/releases/4_4_7.php http://us2.php.net/releases/5_2_2.php https://issues.rpath.com/browse/RPL-1268 oval:org.mitre.oval:def:10179 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10179 php-gd-overflow(33453) https://exchange.xforce.ibmcloud.com/vulnerabilities/33453 Common Vulnerability Exposure (CVE) ID: CVE-2007-1285 BugTraq ID: 22764 http://www.securityfocus.com/bid/22764 Bugtraq: 20070418 rPSA-2007-0073-1 php php-mysql php-pgsql (Google Search) http://www.php-security.org/MOPB/MOPB-03-2007.html http://www.osvdb.org/32769 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11017 http://www.redhat.com/support/errata/RHSA-2007-0082.html RedHat Security Advisories: RHSA-2007:0154 http://rhn.redhat.com/errata/RHSA-2007-0154.html RedHat Security Advisories: RHSA-2007:0155 RedHat Security Advisories: RHSA-2007:0163 http://rhn.redhat.com/errata/RHSA-2007-0163.html http://www.securitytracker.com/id?1017771 http://secunia.com/advisories/24910 http://secunia.com/advisories/24941 http://secunia.com/advisories/26048 http://secunia.com/advisories/26642 http://secunia.com/advisories/27864 http://secunia.com/advisories/28936 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136 SuSE Security Announcement: SUSE-SA:2007:044 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html https://usn.ubuntu.com/549-1/ http://www.ubuntu.com/usn/usn-549-2 Common Vulnerability Exposure (CVE) ID: CVE-2007-1286 BugTraq ID: 22765 http://www.securityfocus.com/bid/22765 Debian Security Information: DSA-1282 (Google Search) http://www.debian.org/security/2007/dsa-1282 Debian Security Information: DSA-1283 (Google Search) http://www.debian.org/security/2007/dsa-1283 http://security.gentoo.org/glsa/glsa-200703-21.xml HPdes Security Advisory: HPSBMA02215 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 HPdes Security Advisory: HPSBTU02232 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137 HPdes Security Advisory: SSRT071423 HPdes Security Advisory: SSRT071429 http://www.php-security.org/MOPB/MOPB-04-2007.html http://www.osvdb.org/32771 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11575 http://secunia.com/advisories/24419 http://secunia.com/advisories/24606 http://secunia.com/advisories/25025 http://secunia.com/advisories/25062 http://secunia.com/advisories/25423 http://secunia.com/advisories/25850 http://www.trustix.org/errata/2007/0009/ http://www.vupen.com/english/advisories/2007/1991 http://www.vupen.com/english/advisories/2007/2374 XForce ISS Database: php-zval-code-execution(32796) https://exchange.xforce.ibmcloud.com/vulnerabilities/32796 Common Vulnerability Exposure (CVE) ID: CVE-2007-1583 BugTraq ID: 23016 http://www.securityfocus.com/bid/23016 BugTraq ID: 25159 http://www.php-security.org/MOPB/MOPB-26-2007.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10245 http://secunia.com/advisories/25057 SuSE Security Announcement: SUSE-SA:2007:032 (Google Search) http://www.ubuntu.com/usn/usn-455-1 Common Vulnerability Exposure (CVE) ID: CVE-2007-1711 BugTraq ID: 23121 http://www.securityfocus.com/bid/23121 http://www.php-security.org/MOPB/MOPB-32-2007.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10406 XForce ISS Database: php-deserializer-code-execution(33575) https://exchange.xforce.ibmcloud.com/vulnerabilities/33575 Common Vulnerability Exposure (CVE) ID: CVE-2007-1718 BugTraq ID: 23145 http://www.securityfocus.com/bid/23145 http://www.php-security.org/MOPB/MOPB-34-2007.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10951 http://www.securitytracker.com/id?1017946 XForce ISS Database: php-mailfunction-header-injection(33516) https://exchange.xforce.ibmcloud.com/vulnerabilities/33516 Common Vulnerability Exposure (CVE) ID: CVE-2007-1887 BugTraq ID: 23235 http://www.securityfocus.com/bid/23235 https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml HPdes Security Advisory: HPSBUX02262 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 HPdes Security Advisory: SSRT071447 http://www.php-security.org/MOPB/MOPB-41-2007.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5348 http://secunia.com/advisories/27037 http://secunia.com/advisories/27102 http://secunia.com/advisories/27110 http://www.vupen.com/english/advisories/2007/2016 http://www.vupen.com/english/advisories/2007/3386 XForce ISS Database: php-sqlitedecodebinary-bo(33766) https://exchange.xforce.ibmcloud.com/vulnerabilities/33766
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.