ID de Prueba:	1.3.6.1.4.1.25623.1.0.66779
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2010-024-02)
Resumen:	The remote host is missing an update for the 'php' package(s) announced via the SSA:2010-024-02 advisory.
Descripción:	Summary: The remote host is missing an update for the 'php' package(s) announced via the SSA:2010-024-02 advisory. Vulnerability Insight: New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: [links moved to references] Here are the details from the Slackware 13.0 ChangeLog: +--------------------------+ patches/packages/php-5.2.12-i486-1_slack13.0.txz: Upgraded. This fixes many bugs, including a few security issues. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'php' package(s) on Slackware 11.0, Slackware 12.0, Slackware 12.1, Slackware 12.2, Slackware 13.0, Slackware current. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3557 37412 http://secunia.com/advisories/37412 37821 http://secunia.com/advisories/37821 40262 http://secunia.com/advisories/40262 6601 http://securityreason.com/securityalert/6601 ADV-2009-3593 http://www.vupen.com/english/advisories/2009/3593 APPLE-SA-2010-03-29-1 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html HPSBUX02543 http://marc.info/?l=bugtraq&m=127680701405735&w=2 MDVSA-2009:285 http://www.mandriva.com/security/advisories?name=MDVSA-2009:285 MDVSA-2009:302 http://www.mandriva.com/security/advisories?name=MDVSA-2009:302 MDVSA-2009:303 http://www.mandriva.com/security/advisories?name=MDVSA-2009:303 SSRT100152 [oss-security] 20091120 CVE request: php 5.3.1 update http://www.openwall.com/lists/oss-security/2009/11/20/2 [oss-security] 20091120 Re: CVE request: php 5.3.1 update http://www.openwall.com/lists/oss-security/2009/11/20/3 http://www.openwall.com/lists/oss-security/2009/11/20/5 [php-announce] 20091119 5.3.1 Release announcement http://news.php.net/php.announce/79 http://support.apple.com/kb/HT4077 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/standard/file.c?view=log http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/standard/file.c?view=log http://svn.php.net/viewvc?view=revision&revision=288945 http://www.php.net/ChangeLog-5.php http://www.php.net/releases/5_2_12.php http://www.php.net/releases/5_3_1.php oval:org.mitre.oval:def:7396 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7396 Common Vulnerability Exposure (CVE) ID: CVE-2009-3558 6600 http://securityreason.com/securityalert/6600 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/posix/posix.c?view=log http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/posix/posix.c?view=log http://svn.php.net/viewvc?view=revision&revision=288943 Common Vulnerability Exposure (CVE) ID: CVE-2009-4017 20091120 PHP "multipart/form-data" denial of service http://seclists.org/fulldisclosure/2009/Nov/228 http://www.securityfocus.com/archive/1/507982/100/0/threaded 37482 http://secunia.com/advisories/37482 41480 http://secunia.com/advisories/41480 41490 http://secunia.com/advisories/41490 DSA-1940 http://www.debian.org/security/2009/dsa-1940 HPSBMA02568 http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995 MDVSA-2009:305 http://www.mandriva.com/security/advisories?name=MDVSA-2009:305 SSRT100219 http://www.openwall.com/lists/oss-security/2009/11/20/7 http://www.acunetix.com/blog/websecuritynews/php-multipartform-data-denial-of-service/ oval:org.mitre.oval:def:10483 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10483 oval:org.mitre.oval:def:6667 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6667 php-multipart-formdata-dos(54455) https://exchange.xforce.ibmcloud.com/vulnerabilities/54455 Common Vulnerability Exposure (CVE) ID: CVE-2009-4142 1023372 http://securitytracker.com/id?1023372 37389 http://www.securityfocus.com/bid/37389 38648 http://secunia.com/advisories/38648 DSA-2001 http://www.debian.org/security/2010/dsa-2001 http://bugs.php.net/bug.php?id=49785 oval:org.mitre.oval:def:10005 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10005 oval:org.mitre.oval:def:7085 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7085 Common Vulnerability Exposure (CVE) ID: CVE-2009-4143 37390 http://www.securityfocus.com/bid/37390 MDVSA-2010:045 http://www.mandriva.com/security/advisories?name=MDVSA-2010:045 oval:org.mitre.oval:def:7439 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7439
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.