ID de Prueba:	1.3.6.1.4.1.25623.1.0.71968
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2012-041-02)
Resumen:	The remote host is missing an update for the 'php' package(s) announced via the SSA:2012-041-02 advisory.
Descripción:	Summary: The remote host is missing an update for the 'php' package(s) announced via the SSA:2012-041-02 advisory. Vulnerability Insight: New php packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: +--------------------------+ patches/packages/php-5.3.10-i486-1_slack13.37.txz: Upgraded. Fixed arbitrary remote code execution vulnerability reported by Stefan Esser, CVE-2012-0830. (Stas, Dmitry) For more information, see: [link moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'php' package(s) on Slackware 12.0, Slackware 12.1, Slackware 12.2, Slackware 13.0, Slackware 13.1, Slackware 13.37, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0830 1026631 http://securitytracker.com/id?1026631 47801 http://secunia.com/advisories/47801 47806 http://secunia.com/advisories/47806 47813 http://secunia.com/advisories/47813 48668 http://secunia.com/advisories/48668 51830 http://www.securityfocus.com/bid/51830 78819 http://www.osvdb.org/78819 APPLE-SA-2012-05-09-1 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html DSA-2403 http://www.debian.org/security/2012/dsa-2403 HPSBMU02786 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 HPSBUX02791 http://marc.info/?l=bugtraq&m=134012830914727&w=2 RHSA-2012:0092 http://rhn.redhat.com/errata/RHSA-2012-0092.html SSRT100856 SSRT100877 SUSE-SU-2012:0411 http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html [oss-security] 20120202 PHP remote code execution introduced via HashDoS fix http://openwall.com/lists/oss-security/2012/02/02/12 [oss-security] 20120203 Re: PHP remote code execution introduced via HashDoS fix http://openwall.com/lists/oss-security/2012/02/03/1 http://support.apple.com/kb/HT5281 http://svn.php.net/viewvc?view=revision&revision=323007 http://thexploit.com/sec/critical-php-remote-vulnerability-introduced-in-fix-for-php-hashtable-collision-dos/ http://www.h-online.com/security/news/item/Critical-PHP-vulnerability-being-fixed-1427316.html http://www.php.net/ChangeLog-5.php#5.3.10 https://gist.github.com/1725489 openSUSE-SU-2012:0426 http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html php-phpregistervariableex-code-exec(72911) https://exchange.xforce.ibmcloud.com/vulnerabilities/72911
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.