Test ID:	1.3.6.1.4.1.25623.1.0.110186
Category:	Web application abuses
Title:	PHP < 4.4.8 Multiple Vulnerabilities
Summary:	PHP is prone to multiple vulnerabilities.
Description:	Summary: PHP is prone to multiple vulnerabilities. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3378 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html BugTraq ID: 24661 http://www.securityfocus.com/bid/24661 BugTraq ID: 25498 http://www.securityfocus.com/bid/25498 Bugtraq: 20070627 PHP 4/5 htaccess safemode and open_basedir Bypass (Google Search) http://www.securityfocus.com/archive/1/472343/100/0/threaded http://seclists.org/fulldisclosure/2020/Sep/34 http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml HPdes Security Advisory: HPSBUX02308 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501 HPdes Security Advisory: HPSBUX02332 http://www.securityfocus.com/archive/1/491693/100/0/threaded HPdes Security Advisory: SSRT080010 HPdes Security Advisory: SSRT080056 http://securityreason.com/achievement_exploitalert/9 http://www.openwall.com/lists/oss-security/2020/09/17/3 http://www.osvdb.org/38682 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6056 http://secunia.com/advisories/26642 http://secunia.com/advisories/26822 http://secunia.com/advisories/26838 http://secunia.com/advisories/27102 http://secunia.com/advisories/27377 http://secunia.com/advisories/27648 http://secunia.com/advisories/28318 http://secunia.com/advisories/28750 http://secunia.com/advisories/28936 http://secunia.com/advisories/29420 http://secunia.com/advisories/30040 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136 http://securityreason.com/securityalert/2831 http://securityreason.com/securityalert/3389 http://securityreason.com/achievement_securityalert/45 http://www.trustix.org/errata/2007/0026/ http://www.vupen.com/english/advisories/2007/3023 http://www.vupen.com/english/advisories/2008/0059 http://www.vupen.com/english/advisories/2008/0398 http://www.vupen.com/english/advisories/2008/0924/references XForce ISS Database: php-htaccess-security-bypass(35102) https://exchange.xforce.ibmcloud.com/vulnerabilities/35102 XForce ISS Database: php-sessionsavepath-errorlog-security-bypass(39403) https://exchange.xforce.ibmcloud.com/vulnerabilities/39403 Common Vulnerability Exposure (CVE) ID: CVE-2007-3997 https://www.exploit-db.com/exploits/4392 http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/ http://securityreason.com/securityalert/3102 XForce ISS Database: php-local-infile-security-bypass(36384) https://exchange.xforce.ibmcloud.com/vulnerabilities/36384 XForce ISS Database: php-localinfile-mysql-security-bypass(39402) https://exchange.xforce.ibmcloud.com/vulnerabilities/39402 Common Vulnerability Exposure (CVE) ID: CVE-2007-3799 BugTraq ID: 24268 http://www.securityfocus.com/bid/24268 Debian Security Information: DSA-1444 (Google Search) http://www.debian.org/security/2008/dsa-1444 Debian Security Information: DSA-1578 (Google Search) http://www.debian.org/security/2008/dsa-1578 https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html http://www.mandriva.com/security/advisories?name=MDKSA-2007:187 http://www.php-security.org/MOPB/PMOPB-46-2007.html http://osvdb.org/36855 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9792 http://www.redhat.com/support/errata/RHSA-2007-0888.html RedHat Security Advisories: RHSA-2007:0889 http://rhn.redhat.com/errata/RHSA-2007-0889.html http://www.redhat.com/support/errata/RHSA-2007-0890.html http://www.redhat.com/support/errata/RHSA-2007-0891.html http://secunia.com/advisories/26871 http://secunia.com/advisories/26895 http://secunia.com/advisories/26930 http://secunia.com/advisories/26967 http://secunia.com/advisories/27351 http://secunia.com/advisories/27545 http://secunia.com/advisories/27864 http://secunia.com/advisories/28249 http://secunia.com/advisories/30288 SuSE Security Announcement: SUSE-SR:2007:015 (Google Search) http://www.novell.com/linux/security/advisories/2007_15_sr.html https://usn.ubuntu.com/549-1/ http://www.ubuntu.com/usn/usn-549-2 Common Vulnerability Exposure (CVE) ID: CVE-2007-4657 http://secweb.se/en/advisories/php-strcspn-information-leak-vulnerability/ XForce ISS Database: php-strcspn-overflow(36388) https://exchange.xforce.ibmcloud.com/vulnerabilities/36388 XForce ISS Database: php-strcspn-strspn-unspecified(39399) https://exchange.xforce.ibmcloud.com/vulnerabilities/39399 Common Vulnerability Exposure (CVE) ID: CVE-2007-4658 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10363 http://secunia.com/advisories/28658 SuSE Security Announcement: SUSE-SA:2008:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html XForce ISS Database: php-moneyformat-unspecified(36377) https://exchange.xforce.ibmcloud.com/vulnerabilities/36377 Common Vulnerability Exposure (CVE) ID: CVE-2008-0145 XForce ISS Database: php-glob-openbasedir-security-bypass(39401) https://exchange.xforce.ibmcloud.com/vulnerabilities/39401 Common Vulnerability Exposure (CVE) ID: CVE-2008-2108 Bugtraq: 20080506 Advisory SE-2008-02: PHP GENERATE_SEED() Weak Random Number Seed Vulnerability (Google Search) http://www.securityfocus.com/archive/1/491683/100/0/threaded Debian Security Information: DSA-1789 (Google Search) http://www.debian.org/security/2009/dsa-1789 https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.html https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html http://archives.neohapsis.com/archives/fulldisclosure/2008-05/0103.html http://security.gentoo.org/glsa/glsa-200811-05.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:125 http://www.mandriva.com/security/advisories?name=MDVSA-2008:126 http://www.mandriva.com/security/advisories?name=MDVSA-2008:127 http://www.mandriva.com/security/advisories?name=MDVSA-2008:128 http://www.mandriva.com/security/advisories?name=MDVSA-2008:129 http://www.mandriva.com/security/advisories?name=MDVSA-2008:130 http://www.sektioneins.de/advisories/SE-2008-02.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10844 http://www.redhat.com/support/errata/RHSA-2008-0505.html http://www.redhat.com/support/errata/RHSA-2008-0544.html http://www.redhat.com/support/errata/RHSA-2008-0545.html http://www.redhat.com/support/errata/RHSA-2008-0546.html http://www.redhat.com/support/errata/RHSA-2008-0582.html http://secunia.com/advisories/30757 http://secunia.com/advisories/30828 http://secunia.com/advisories/31119 http://secunia.com/advisories/31124 http://secunia.com/advisories/31200 http://secunia.com/advisories/32746 http://secunia.com/advisories/35003 http://securityreason.com/securityalert/3859 http://www.ubuntu.com/usn/usn-628-1 XForce ISS Database: php-generateseed-weak-security(42226) https://exchange.xforce.ibmcloud.com/vulnerabilities/42226
Copyright	Copyright (C) 2012 NopSec Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.