Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2013-0379)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2013.0379

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2013-0379)

Resumen: The remote host is missing an update for the 'php, php-apc, php-gd-bundled' package(s) announced via the MGASA-2013-0379 advisory.

Descripción: Summary:
The remote host is missing an update for the 'php, php-apc, php-gd-bundled' package(s) announced via the MGASA-2013-0379 advisory.

Vulnerability Insight:
Updated php packages fix security vulnerabilities:

Stefan Esser discovered that PHP incorrectly parsed certificates. An
attacker could use a malformed certificate to cause PHP to crash, resulting
in a denial of service, or possibly execute arbitrary code (CVE-2013-6420).

It was discovered that PHP incorrectly handled DateInterval objects. An
attacker could use this issue to cause PHP to crash, resulting in a denial
of service (CVE-2013-6712).

Affected Software/OS:
'php, php-apc, php-gd-bundled' package(s) on Mageia 3.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-6420
BugTraq ID: 64225
http://www.securityfocus.com/bid/64225
Debian Security Information: DSA-2816 (Google Search)
http://www.debian.org/security/2013/dsa-2816
HPdes Security Advisory: HPSBMU03112
https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04463322
HPdes Security Advisory: SSRT101447
https://www.sektioneins.de/advisories/advisory-012013-php-openssl_x509_parse-memory-corruption-vulnerability.html
RedHat Security Advisories: RHSA-2013:1813
http://rhn.redhat.com/errata/RHSA-2013-1813.html
RedHat Security Advisories: RHSA-2013:1815
http://rhn.redhat.com/errata/RHSA-2013-1815.html
RedHat Security Advisories: RHSA-2013:1824
http://rhn.redhat.com/errata/RHSA-2013-1824.html
RedHat Security Advisories: RHSA-2013:1825
http://rhn.redhat.com/errata/RHSA-2013-1825.html
RedHat Security Advisories: RHSA-2013:1826
http://rhn.redhat.com/errata/RHSA-2013-1826.html
http://www.securitytracker.com/id/1029472
http://secunia.com/advisories/59652
SuSE Security Announcement: openSUSE-SU-2013:1963 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00125.html
SuSE Security Announcement: openSUSE-SU-2013:1964 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00126.html
http://www.ubuntu.com/usn/USN-2055-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-6712
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
https://bugs.php.net/bug.php?id=66060
RedHat Security Advisories: RHSA-2014:1765
http://rhn.redhat.com/errata/RHSA-2014-1765.html

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2013.0379
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2013-0379)
Resumen:	The remote host is missing an update for the 'php, php-apc, php-gd-bundled' package(s) announced via the MGASA-2013-0379 advisory.
Descripción:	Summary: The remote host is missing an update for the 'php, php-apc, php-gd-bundled' package(s) announced via the MGASA-2013-0379 advisory. Vulnerability Insight: Updated php packages fix security vulnerabilities: Stefan Esser discovered that PHP incorrectly parsed certificates. An attacker could use a malformed certificate to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2013-6420). It was discovered that PHP incorrectly handled DateInterval objects. An attacker could use this issue to cause PHP to crash, resulting in a denial of service (CVE-2013-6712). Affected Software/OS: 'php, php-apc, php-gd-bundled' package(s) on Mageia 3. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-6420 BugTraq ID: 64225 http://www.securityfocus.com/bid/64225 Debian Security Information: DSA-2816 (Google Search) http://www.debian.org/security/2013/dsa-2816 HPdes Security Advisory: HPSBMU03112 https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04463322 HPdes Security Advisory: SSRT101447 https://www.sektioneins.de/advisories/advisory-012013-php-openssl_x509_parse-memory-corruption-vulnerability.html RedHat Security Advisories: RHSA-2013:1813 http://rhn.redhat.com/errata/RHSA-2013-1813.html RedHat Security Advisories: RHSA-2013:1815 http://rhn.redhat.com/errata/RHSA-2013-1815.html RedHat Security Advisories: RHSA-2013:1824 http://rhn.redhat.com/errata/RHSA-2013-1824.html RedHat Security Advisories: RHSA-2013:1825 http://rhn.redhat.com/errata/RHSA-2013-1825.html RedHat Security Advisories: RHSA-2013:1826 http://rhn.redhat.com/errata/RHSA-2013-1826.html http://www.securitytracker.com/id/1029472 http://secunia.com/advisories/59652 SuSE Security Announcement: openSUSE-SU-2013:1963 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00125.html SuSE Security Announcement: openSUSE-SU-2013:1964 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00126.html http://www.ubuntu.com/usn/USN-2055-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-6712 http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html https://bugs.php.net/bug.php?id=66060 RedHat Security Advisories: RHSA-2014:1765 http://rhn.redhat.com/errata/RHSA-2014-1765.html
Copyright	Copyright (C) 2022 Greenbone AG