ID de Prueba:	1.3.6.1.4.1.25623.1.0.68802
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2010-357-01)
Resumen:	The remote host is missing an update for the 'php' package(s) announced via the SSA:2010-357-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'php' package(s) announced via the SSA:2010-357-01 advisory. Vulnerability Insight: New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues. Here are the details from the Slackware 13.1 ChangeLog: +--------------------------+ patches/packages/php-5.2.16-i486-1_slack13.1.txz: Upgraded. This fixes many bugs, including some security issues. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'php' package(s) on Slackware 11.0, Slackware 12.0, Slackware 12.1, Slackware 12.2, Slackware 13.0, Slackware 13.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3436 42729 http://secunia.com/advisories/42729 42812 http://secunia.com/advisories/42812 44723 http://www.securityfocus.com/bid/44723 ADV-2010-3313 http://www.vupen.com/english/advisories/2010/3313 ADV-2011-0077 http://www.vupen.com/english/advisories/2011/0077 APPLE-SA-2011-03-21-1 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html APPLE-SA-2011-10-12-3 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html MDVSA-2010:218 http://www.mandriva.com/security/advisories?name=MDVSA-2010:218 SSA:2010-357-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.490619 USN-1042-1 http://www.ubuntu.com/usn/USN-1042-1 http://security-tracker.debian.org/tracker/CVE-2010-3436 http://support.apple.com/kb/HT4581 http://support.apple.com/kb/HT5002 http://svn.php.net/viewvc/php/php-src/trunk/main/fopen_wrappers.c?r1=303824&r2=303823&pathrev=303824 http://svn.php.net/viewvc?view=revision&revision=303824 http://www.php.net/ChangeLog-5.php http://www.php.net/archive/2010.php#id2010-12-10-1 http://www.php.net/releases/5_2_15.php http://www.php.net/releases/5_3_4.php Common Vulnerability Exposure (CVE) ID: CVE-2010-3709 1024690 http://www.securitytracker.com/id?1024690 15431 http://www.exploit-db.com/exploits/15431 20101105 PHP 5.3.3/5.2.14 ZipArchive::getArchiveComment NULL Pointer Deference http://securityreason.com/achievement_securityalert/90 44718 http://www.securityfocus.com/bid/44718 ADV-2011-0020 http://www.vupen.com/english/advisories/2011/0020 ADV-2011-0021 http://www.vupen.com/english/advisories/2011/0021 FEDORA-2010-18976 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html FEDORA-2010-19011 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html HPSBMA02662 http://marc.info/?l=bugtraq&m=130331363227777&w=2 HPSBOV02763 http://marc.info/?l=bugtraq&m=133469208622507&w=2 RHSA-2011:0195 http://www.redhat.com/support/errata/RHSA-2011-0195.html SSRT100409 SSRT100826 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/zip/php_zip.c?view=log http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/zip/php_zip.c?view=log Common Vulnerability Exposure (CVE) ID: CVE-2010-4150 BugTraq ID: 44980 http://www.securityfocus.com/bid/44980 HPdes Security Advisory: HPSBOV02763 HPdes Security Advisory: SSRT100826 http://www.mandriva.com/security/advisories?name=MDVSA-2010:239 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12489 http://www.securitytracker.com/id?1024761 http://www.vupen.com/english/advisories/2010/3027 XForce ISS Database: php-phpimapc-dos(63390) https://exchange.xforce.ibmcloud.com/vulnerabilities/63390
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.