English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.58650
Categoría:Gentoo Local Security Checks
Título:Gentoo Security Advisory GLSA 200710-02 (php)
Resumen:The remote host is missing updates announced in;advisory GLSA 200710-02.
Descripción:Summary:
The remote host is missing updates announced in
advisory GLSA 200710-02.

Vulnerability Insight:
PHP contains several vulnerabilities including buffer and integer overflows
which could lead to the remote execution of arbitrary code.

Solution:
All PHP users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-lang/php-5.2.4_p20070914-r2'

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-1883
http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml
http://www.php-security.org/MOPB/MOPB-37-2007.html
http://secunia.com/advisories/24542
http://secunia.com/advisories/27102
XForce ISS Database: php-userspace-information-disclosure(33750)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33750
Common Vulnerability Exposure (CVE) ID: CVE-2007-1887
BugTraq ID: 23235
http://www.securityfocus.com/bid/23235
Debian Security Information: DSA-1283 (Google Search)
http://www.debian.org/security/2007/dsa-1283
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html
HPdes Security Advisory: HPSBUX02262
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
HPdes Security Advisory: SSRT071447
http://www.mandriva.com/security/advisories?name=MDKSA-2007:088
http://www.mandriva.com/security/advisories?name=MDKSA-2007:089
http://www.php-security.org/MOPB/MOPB-41-2007.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5348
http://secunia.com/advisories/24909
http://secunia.com/advisories/25057
http://secunia.com/advisories/25062
http://secunia.com/advisories/27037
http://secunia.com/advisories/27110
http://www.ubuntu.com/usn/usn-455-1
http://www.vupen.com/english/advisories/2007/2016
http://www.vupen.com/english/advisories/2007/3386
XForce ISS Database: php-sqlitedecodebinary-bo(33766)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33766
Common Vulnerability Exposure (CVE) ID: CVE-2007-1900
BugTraq ID: 23359
http://www.securityfocus.com/bid/23359
http://security.gentoo.org/glsa/glsa-200705-19.xml
http://www.php-security.org/MOPB/PMOPB-45-2007.html
http://www.osvdb.org/33962
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6067
http://secunia.com/advisories/24824
http://secunia.com/advisories/25056
http://secunia.com/advisories/25445
http://secunia.com/advisories/25535
http://secunia.com/advisories/26231
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.482863
SuSE Security Announcement: SUSE-SA:2007:032 (Google Search)
http://www.novell.com/linux/security/advisories/2007_32_php.html
http://www.trustix.org/errata/2007/0023/
XForce ISS Database: php-filtervalidateemail-header-injection(33510)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33510
Common Vulnerability Exposure (CVE) ID: CVE-2007-2756
BugTraq ID: 24089
http://www.securityfocus.com/bid/24089
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html
http://security.gentoo.org/glsa/glsa-200708-05.xml
http://security.gentoo.org/glsa/glsa-200711-34.xml
http://security.gentoo.org/glsa/glsa-200805-13.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:122
http://www.mandriva.com/security/advisories?name=MDKSA-2007:123
http://www.mandriva.com/security/advisories?name=MDKSA-2007:124
http://www.mandriva.com/security/advisories?name=MDKSA-2007:187
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.020.html
http://osvdb.org/35788
http://osvdb.org/36643
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10779
RedHat Security Advisories: RHSA-2007:0889
http://rhn.redhat.com/errata/RHSA-2007-0889.html
http://www.redhat.com/support/errata/RHSA-2007-0890.html
http://www.redhat.com/support/errata/RHSA-2007-0891.html
http://www.redhat.com/support/errata/RHSA-2008-0146.html
http://www.securitytracker.com/id?1018187
http://secunia.com/advisories/25353
http://secunia.com/advisories/25362
http://secunia.com/advisories/25378
http://secunia.com/advisories/25575
http://secunia.com/advisories/25590
http://secunia.com/advisories/25646
http://secunia.com/advisories/25657
http://secunia.com/advisories/25658
http://secunia.com/advisories/25787
http://secunia.com/advisories/25855
http://secunia.com/advisories/26048
http://secunia.com/advisories/26390
http://secunia.com/advisories/26871
http://secunia.com/advisories/26895
http://secunia.com/advisories/26930
http://secunia.com/advisories/26967
http://secunia.com/advisories/27545
http://secunia.com/advisories/29157
http://secunia.com/advisories/30168
SuSE Security Announcement: SUSE-SA:2007:044 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html
SuSE Security Announcement: SUSE-SR:2007:013 (Google Search)
http://www.novell.com/linux/security/advisories/2007_13_sr.html
http://www.trustix.org/errata/2007/0019/
http://www.ubuntu.com/usn/usn-473-1
http://www.vupen.com/english/advisories/2007/1904
http://www.vupen.com/english/advisories/2007/1905
http://www.vupen.com/english/advisories/2007/2336
XForce ISS Database: gd-gdpngreaddata-dos(34420)
https://exchange.xforce.ibmcloud.com/vulnerabilities/34420
Common Vulnerability Exposure (CVE) ID: CVE-2007-2872
1018186
http://www.securitytracker.com/id?1018186
2007-0023
20070601 SEC Consult SA-20070601-0 :: PHP chunk_split() integer overflow
http://www.securityfocus.com/archive/1/470244/100/0/threaded
24261
http://www.securityfocus.com/bid/24261
25456
http://secunia.com/advisories/25456
25535
26048
26231
26838
http://secunia.com/advisories/26838
26871
26895
26930
26967
27037
27102
27110
27351
http://secunia.com/advisories/27351
27377
http://secunia.com/advisories/27377
27545
27864
http://secunia.com/advisories/27864
28318
http://secunia.com/advisories/28318
28658
http://secunia.com/advisories/28658
28750
http://secunia.com/advisories/28750
28936
http://secunia.com/advisories/28936
30040
http://secunia.com/advisories/30040
36083
http://osvdb.org/36083
ADV-2007-2061
http://www.vupen.com/english/advisories/2007/2061
ADV-2007-3386
ADV-2008-0059
http://www.vupen.com/english/advisories/2008/0059
ADV-2008-0398
http://www.vupen.com/english/advisories/2008/0398
FEDORA-2007-2215
FEDORA-2007-709
GLSA-200710-02
HPSBUX02262
HPSBUX02308
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501
HPSBUX02332
http://www.securityfocus.com/archive/1/491693/100/0/threaded
MDKSA-2007:187
OpenPKG-SA-2007.020
RHSA-2007:0888
http://www.redhat.com/support/errata/RHSA-2007-0888.html
RHSA-2007:0889
RHSA-2007:0890
RHSA-2007:0891
SSA:2007-152-01
SSA:2008-045-03
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136
SSRT071447
SSRT080010
SSRT080056
SUSE-SA:2007:044
SUSE-SA:2008:004
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html
USN-549-1
https://usn.ubuntu.com/549-1/
USN-549-2
http://www.ubuntu.com/usn/usn-549-2
http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm
http://www.php.net/ChangeLog-4.php
http://www.php.net/releases/4_4_8.php
http://www.php.net/releases/5_2_3.php
http://www.sec-consult.com/291.html
https://issues.rpath.com/browse/RPL-1693
https://issues.rpath.com/browse/RPL-1702
https://launchpad.net/bugs/173043
oval:org.mitre.oval:def:9424
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9424
php-chunksplit-security-bypass(39398)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39398
Common Vulnerability Exposure (CVE) ID: CVE-2007-3007
BugTraq ID: 24259
http://www.securityfocus.com/bid/24259
http://osvdb.org/36084
Common Vulnerability Exposure (CVE) ID: CVE-2007-3378
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
BugTraq ID: 24661
http://www.securityfocus.com/bid/24661
BugTraq ID: 25498
http://www.securityfocus.com/bid/25498
Bugtraq: 20070627 PHP 4/5 htaccess safemode and open_basedir Bypass (Google Search)
http://www.securityfocus.com/archive/1/472343/100/0/threaded
http://seclists.org/fulldisclosure/2020/Sep/34
HPdes Security Advisory: HPSBUX02308
HPdes Security Advisory: HPSBUX02332
HPdes Security Advisory: SSRT080010
HPdes Security Advisory: SSRT080056
http://securityreason.com/achievement_exploitalert/9
http://www.openwall.com/lists/oss-security/2020/09/17/3
http://www.osvdb.org/38682
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6056
http://secunia.com/advisories/26642
http://secunia.com/advisories/26822
http://secunia.com/advisories/27648
http://secunia.com/advisories/29420
http://securityreason.com/securityalert/2831
http://securityreason.com/securityalert/3389
http://securityreason.com/achievement_securityalert/45
http://www.trustix.org/errata/2007/0026/
http://www.vupen.com/english/advisories/2007/3023
http://www.vupen.com/english/advisories/2008/0924/references
XForce ISS Database: php-htaccess-security-bypass(35102)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35102
XForce ISS Database: php-sessionsavepath-errorlog-security-bypass(39403)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39403
Common Vulnerability Exposure (CVE) ID: CVE-2007-3806
BugTraq ID: 24922
http://www.securityfocus.com/bid/24922
Debian Security Information: DSA-1572 (Google Search)
http://www.debian.org/security/2008/dsa-1572
Debian Security Information: DSA-1578 (Google Search)
http://www.debian.org/security/2008/dsa-1578
http://www.exploit-db.com/exploits/4181
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?r1=1.166&r2=1.167
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?view=log
http://osvdb.org/36085
http://secunia.com/advisories/26085
http://secunia.com/advisories/30158
http://secunia.com/advisories/30288
http://www.vupen.com/english/advisories/2007/2547
XForce ISS Database: php-glob-security-bypass(35437)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35437
Common Vulnerability Exposure (CVE) ID: CVE-2007-3996
Debian Security Information: DSA-1613 (Google Search)
http://www.debian.org/security/2008/dsa-1613
http://security.gentoo.org/glsa/glsa-200712-13.xml
http://secweb.se/en/advisories/php-imagecopyresized-integer-overflow/
http://secweb.se/en/advisories/php-imagecreatetruecolor-integer-overflow/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11147
http://secunia.com/advisories/28009
http://secunia.com/advisories/28147
http://secunia.com/advisories/31168
http://securityreason.com/securityalert/3103
SuSE Security Announcement: SUSE-SA:2008:004 (Google Search)
http://www.ubuntu.com/usn/usn-557-1
XForce ISS Database: php-gdimagecopyresized-bo(36383)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36383
XForce ISS Database: php-gdimagecreate-bo(36382)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36382
Common Vulnerability Exposure (CVE) ID: CVE-2007-3997
https://www.exploit-db.com/exploits/4392
http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/
http://securityreason.com/securityalert/3102
XForce ISS Database: php-local-infile-security-bypass(36384)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36384
XForce ISS Database: php-localinfile-mysql-security-bypass(39402)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39402
Common Vulnerability Exposure (CVE) ID: CVE-2007-3998
Debian Security Information: DSA-1444 (Google Search)
http://www.debian.org/security/2008/dsa-1444
http://secweb.se/en/advisories/php-wordwrap-vulnerability/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10603
http://secunia.com/advisories/28249
Common Vulnerability Exposure (CVE) ID: CVE-2007-4652
XForce ISS Database: php-session-security-bypass(36387)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36387
Common Vulnerability Exposure (CVE) ID: CVE-2007-4657
http://secweb.se/en/advisories/php-strcspn-information-leak-vulnerability/
XForce ISS Database: php-strcspn-overflow(36388)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36388
XForce ISS Database: php-strcspn-strspn-unspecified(39399)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39399
Common Vulnerability Exposure (CVE) ID: CVE-2007-4658
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10363
XForce ISS Database: php-moneyformat-unspecified(36377)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36377
Common Vulnerability Exposure (CVE) ID: CVE-2007-4659
XForce ISS Database: php-zendalterinientry-unspecified(36380)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36380
Common Vulnerability Exposure (CVE) ID: CVE-2007-4660
http://www.mandriva.com/security/advisories?name=MDVSA-2008:125
http://www.mandriva.com/security/advisories?name=MDVSA-2008:126
Common Vulnerability Exposure (CVE) ID: CVE-2007-4661
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.58&r2=1.445.2.14.2.59
Common Vulnerability Exposure (CVE) ID: CVE-2007-4662
XForce ISS Database: php-phpopensslmakereq-bo(36390)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36390
Common Vulnerability Exposure (CVE) ID: CVE-2007-4663
XForce ISS Database: php-glob-security-bypass(36386)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36386
Common Vulnerability Exposure (CVE) ID: CVE-2007-4670
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11028
Common Vulnerability Exposure (CVE) ID: CVE-2007-4727
BugTraq ID: 25622
http://www.securityfocus.com/bid/25622
Bugtraq: 20070917 FLEA-2007-0054-1 lighttpd (Google Search)
http://www.securityfocus.com/archive/1/479763/100/0/threaded
http://fedoranews.org/updates/FEDORA-2007-213.shtml
http://www.gentoo.org/security/en/glsa/glsa-200709-16.xml
http://secweb.se/en/advisories/lighttpd-fastcgi-remote-vulnerability/
https://bugzilla.redhat.com/show_bug.cgi?id=284511
http://secunia.com/advisories/26732
http://secunia.com/advisories/26794
http://secunia.com/advisories/26824
http://secunia.com/advisories/26997
http://secunia.com/advisories/27229
http://securityreason.com/securityalert/3127
SuSE Security Announcement: SUSE-SR:2007:020 (Google Search)
http://www.novell.com/linux/security/advisories/2007_20_sr.html
http://www.vupen.com/english/advisories/2007/3110
XForce ISS Database: lighttpd-modfastcgi-code-execution(36526)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36526
Common Vulnerability Exposure (CVE) ID: CVE-2007-4782
Bugtraq: 20070904 PHP < 5.2.3 fnmatch() denial of service (Google Search)
http://www.securityfocus.com/archive/1/478630/100/0/threaded
Bugtraq: 20070905 PHP < 5.2.3 glob() denial of service (Google Search)
http://www.securityfocus.com/archive/1/478626/100/0/threaded
http://www.securityfocus.com/archive/1/478726/100/0/threaded
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:022
http://www.mandriva.com/security/advisories?name=MDVSA-2009:023
http://osvdb.org/38686
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10897
http://www.redhat.com/support/errata/RHSA-2008-0505.html
http://www.redhat.com/support/errata/RHSA-2008-0544.html
http://www.redhat.com/support/errata/RHSA-2008-0545.html
http://www.redhat.com/support/errata/RHSA-2008-0582.html
http://secunia.com/advisories/30828
http://secunia.com/advisories/31119
http://secunia.com/advisories/31200
http://securityreason.com/securityalert/3109
http://www.ubuntu.com/usn/usn-628-1
XForce ISS Database: php-fnmatch-dos(36457)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36457
XForce ISS Database: php-globfunction-dos(36461)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36461
Common Vulnerability Exposure (CVE) ID: CVE-2007-4783
Bugtraq: 20070905 PHP <=5.2.4 iconv_substr() denial of service (Google Search)
http://www.securityfocus.com/archive/1/478637/100/0/threaded
http://osvdb.org/38917
http://secunia.com/advisories/27659
http://securityreason.com/securityalert/3115
Common Vulnerability Exposure (CVE) ID: CVE-2007-4784
Bugtraq: 20070904 PHP < 5.2.4 setlocale() denial of service (Google Search)
http://www.securityfocus.com/archive/1/478627/100/0/threaded
http://osvdb.org/38687
http://securityreason.com/securityalert/3114
XForce ISS Database: php-setlocale-dos(36458)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36458
Common Vulnerability Exposure (CVE) ID: CVE-2007-4825
Bugtraq: 20070910 /* PHP <=5.2.4 open_basedir bypass & code exec & denial of service errata ... working on windows too .. */ (Google Search)
http://www.securityfocus.com/archive/1/478988/100/0/threaded
Bugtraq: 20070910 PHP <=5.2.4 open_basedir bypass & code exec & denial of service (Google Search)
http://www.securityfocus.com/archive/1/478985/100/0/threaded
Bugtraq: 20070910 Re: PHP <=5.2.4 open_basedir bypass & code exec & denial of service (Google Search)
http://www.securityfocus.com/archive/1/478989/100/0/threaded
http://osvdb.org/45902
http://securityreason.com/securityalert/3119
XForce ISS Database: php-dl-security-bypass(36528)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36528
Common Vulnerability Exposure (CVE) ID: CVE-2007-4840
Bugtraq: 20070906 PHP <= 5.2.4 multiple Iconv functions denial of service (Google Search)
http://www.securityfocus.com/archive/1/478730/100/0/threaded
http://osvdb.org/38916
http://securityreason.com/securityalert/3122
Common Vulnerability Exposure (CVE) ID: CVE-2007-4887
BugTraq ID: 26403
http://www.securityfocus.com/bid/26403
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5767
http://securityreason.com/securityalert/3133
http://www.vupen.com/english/advisories/2007/3825
CopyrightCopyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.