Test ID:	1.3.6.1.4.1.25623.1.0.100605
Category:	Web application abuses
Title:	PHP Shared Memory Functions Resource Verification Arbitrary Code Execution Vulnerability
Summary:	PHP shared memory functions (shmop) are prone to an arbitrary-code-; execution vulnerability.
Description:	Summary: PHP shared memory functions (shmop) are prone to an arbitrary-code- execution vulnerability. Vulnerability Impact: An attacker may exploit this issue to execute arbitrary code within the context of the affected webserver. The attacker may also gain access to RSA keys of the SSL certificate. Affected Software/OS: This issue affects PHP 4 versions prior to 4.4.5 and PHP 5 versions prior to 5.2.1. Solution: The vendor released versions 4.4.5 and 5.2.1 to address this issue. Please see the references for more information. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1376 BugTraq ID: 22862 http://www.securityfocus.com/bid/22862 Debian Security Information: DSA-1283 (Google Search) http://www.debian.org/security/2007/dsa-1283 https://www.exploit-db.com/exploits/3426 https://www.exploit-db.com/exploits/3427 http://security.gentoo.org/glsa/glsa-200703-21.xml http://www.php-security.org/MOPB/MOPB-15-2007.html http://www.osvdb.org/32781 http://secunia.com/advisories/24606 http://secunia.com/advisories/25056 http://secunia.com/advisories/25057 http://secunia.com/advisories/25062 SuSE Security Announcement: SUSE-SA:2007:032 (Google Search) http://www.novell.com/linux/security/advisories/2007_32_php.html http://www.ubuntu.com/usn/usn-455-1
Copyright	Copyright (C) 2010 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.