ID de Prueba:	1.3.6.1.4.1.25623.1.0.831372
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Update for php MDVSA-2011:069 (php)
Resumen:	The remote host is missing an update for the 'php'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'php' package(s) announced via the referenced advisory. Vulnerability Insight: It was discovered that the /etc/cron.d/php cron job for php-session allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php (CVE-2011-0441). Packages for 2009.0 are provided as of the Extended Maintenance Program. The updated packages contains a fix that corrects this flaw. Affected Software/OS: php on Mandriva Linux 2009.0, Mandriva Linux 2009.0/X86_64, Mandriva Linux 2010.0, Mandriva Linux 2010.0/X86_64, Mandriva Linux 2010.1, Mandriva Linux 2010.1/X86_64, Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64 Solution: Please Install the Updated Packages. CVSS Score: 6.3 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0441 BugTraq ID: 46928 http://www.securityfocus.com/bid/46928 http://www.mandriva.com/security/advisories?name=MDVSA-2011:069 http://www.vupen.com/english/advisories/2011/0910 XForce ISS Database: php-php5common-file-deletion(66180) https://exchange.xforce.ibmcloud.com/vulnerabilities/66180
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.