FreeBSD Local Security Checks : FreeBSD Ports: php5

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.68833

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: php5

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

php5
php52

CVE-2010-3436
fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote
attackers to bypass open_basedir restrictions via vectors related to
the length of a filename.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-3436
42729
http://secunia.com/advisories/42729
42812
http://secunia.com/advisories/42812
44723
http://www.securityfocus.com/bid/44723
ADV-2010-3313
http://www.vupen.com/english/advisories/2010/3313
ADV-2011-0077
http://www.vupen.com/english/advisories/2011/0077
APPLE-SA-2011-03-21-1
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
APPLE-SA-2011-10-12-3
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
MDVSA-2010:218
http://www.mandriva.com/security/advisories?name=MDVSA-2010:218
SSA:2010-357-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.490619
USN-1042-1
http://www.ubuntu.com/usn/USN-1042-1
http://security-tracker.debian.org/tracker/CVE-2010-3436
http://support.apple.com/kb/HT4581
http://support.apple.com/kb/HT5002
http://svn.php.net/viewvc/php/php-src/trunk/main/fopen_wrappers.c?r1=303824&r2=303823&pathrev=303824
http://svn.php.net/viewvc?view=revision&revision=303824
http://www.php.net/ChangeLog-5.php
http://www.php.net/archive/2010.php#id2010-12-10-1
http://www.php.net/releases/5_2_15.php
http://www.php.net/releases/5_3_4.php

Copyright Copyright (C) 2011 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.68833
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: php5
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: php5 php52 CVE-2010-3436 fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass open_basedir restrictions via vectors related to the length of a filename. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3436 42729 http://secunia.com/advisories/42729 42812 http://secunia.com/advisories/42812 44723 http://www.securityfocus.com/bid/44723 ADV-2010-3313 http://www.vupen.com/english/advisories/2010/3313 ADV-2011-0077 http://www.vupen.com/english/advisories/2011/0077 APPLE-SA-2011-03-21-1 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html APPLE-SA-2011-10-12-3 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html MDVSA-2010:218 http://www.mandriva.com/security/advisories?name=MDVSA-2010:218 SSA:2010-357-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.490619 USN-1042-1 http://www.ubuntu.com/usn/USN-1042-1 http://security-tracker.debian.org/tracker/CVE-2010-3436 http://support.apple.com/kb/HT4581 http://support.apple.com/kb/HT5002 http://svn.php.net/viewvc/php/php-src/trunk/main/fopen_wrappers.c?r1=303824&r2=303823&pathrev=303824 http://svn.php.net/viewvc?view=revision&revision=303824 http://www.php.net/ChangeLog-5.php http://www.php.net/archive/2010.php#id2010-12-10-1 http://www.php.net/releases/5_2_15.php http://www.php.net/releases/5_3_4.php
Copyright	Copyright (C) 2011 E-Soft Inc.