Test ID:	1.3.6.1.4.1.25623.1.0.122061
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2011-1423)
Summary:	The remote host is missing an update for the 'php, php53' package(s) announced via the ELSA-2011-1423 advisory.
Description:	Summary: The remote host is missing an update for the 'php, php53' package(s) announced via the ELSA-2011-1423 advisory. Vulnerability Insight: [5.3.3-3.3] - improve CVE-2011-1466 fix to cover CAL_GREGORIAN, CAL_JEWISH [5.3.3-3.1] - add security fixes for CVE-2011-2483, CVE-2011-0708, CVE-2011-1148, CVE-2011-1466, CVE-2011-1468, CVE-2011-1469, CVE-2011-1470, CVE-2011-1471, CVE-2011-1938, and CVE-2011-2202 (#740731) Affected Software/OS: 'php, php53' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0708 16261 http://www.exploit-db.com/exploits/16261/ 46365 http://www.securityfocus.com/bid/46365 8114 http://securityreason.com/securityalert/8114 ADV-2011-0744 http://www.vupen.com/english/advisories/2011/0744 ADV-2011-0764 http://www.vupen.com/english/advisories/2011/0764 ADV-2011-0890 http://www.vupen.com/english/advisories/2011/0890 APPLE-SA-2011-10-12-3 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html DSA-2266 http://www.debian.org/security/2011/dsa-2266 FEDORA-2011-3614 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html FEDORA-2011-3636 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html FEDORA-2011-3666 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html HPSBOV02763 http://marc.info/?l=bugtraq&m=133469208622507&w=2 MDVSA-2011:052 http://www.mandriva.com/security/advisories?name=MDVSA-2011:052 MDVSA-2011:053 http://www.mandriva.com/security/advisories?name=MDVSA-2011:053 RHSA-2011:1423 http://www.redhat.com/support/errata/RHSA-2011-1423.html RHSA-2012:0071 http://rhn.redhat.com/errata/RHSA-2012-0071.html SSRT100826 [oss-security] 20110214 PHP Exif 64bit Casting Vulnerability, CVE request http://openwall.com/lists/oss-security/2011/02/14/1 [oss-security] 20110216 Re: Re: PHP Exif 64bit Casting Vulnerability, CVE request http://openwall.com/lists/oss-security/2011/02/16/7 http://bugs.php.net/bug.php?id=54002 http://support.apple.com/kb/HT5002 http://svn.php.net/viewvc?view=revision&revision=308316 http://www.php.net/ChangeLog-5.php http://www.php.net/archive/2011.php http://www.php.net/releases/5_3_6.php https://bugzilla.redhat.com/show_bug.cgi?id=680972 Common Vulnerability Exposure (CVE) ID: CVE-2011-1148 http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html BugTraq ID: 46843 http://www.securityfocus.com/bid/46843 BugTraq ID: 49241 http://www.securityfocus.com/bid/49241 HPdes Security Advisory: HPSBOV02763 HPdes Security Advisory: SSRT100826 http://www.mandriva.com/security/advisories?name=MDVSA-2011:165 http://openwall.com/lists/oss-security/2011/03/13/2 http://openwall.com/lists/oss-security/2011/03/13/3 http://openwall.com/lists/oss-security/2011/03/13/9 XForce ISS Database: php-substrreplace-code-exec(66080) https://exchange.xforce.ibmcloud.com/vulnerabilities/66080 Common Vulnerability Exposure (CVE) ID: CVE-2011-1466 BugTraq ID: 46967 http://www.securityfocus.com/bid/46967 Debian Security Information: DSA-2266 (Google Search) RedHat Security Advisories: RHSA-2012:0071 http://secunia.com/advisories/48668 SuSE Security Announcement: openSUSE-SU-2012:0426 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html Common Vulnerability Exposure (CVE) ID: CVE-2011-1468 BugTraq ID: 46977 http://www.securityfocus.com/bid/46977 Common Vulnerability Exposure (CVE) ID: CVE-2011-1469 BugTraq ID: 46970 http://www.securityfocus.com/bid/46970 Common Vulnerability Exposure (CVE) ID: CVE-2011-1471 BugTraq ID: 46975 http://www.securityfocus.com/bid/46975 Common Vulnerability Exposure (CVE) ID: CVE-2011-1938 Debian Security Information: DSA-2399 (Google Search) http://www.debian.org/security/2012/dsa-2399 http://www.exploit-db.com/exploits/17318/ http://openwall.com/lists/oss-security/2011/05/24/1 http://openwall.com/lists/oss-security/2011/05/24/9 http://osvdb.org/72644 http://securityreason.com/securityalert/8262 http://securityreason.com/securityalert/8294 XForce ISS Database: php-socketconnect-bo(67606) https://exchange.xforce.ibmcloud.com/vulnerabilities/67606 Common Vulnerability Exposure (CVE) ID: CVE-2011-2202 BugTraq ID: 48259 http://www.securityfocus.com/bid/48259 http://pastebin.com/1edSuSVN http://openwall.com/lists/oss-security/2011/06/12/5 http://openwall.com/lists/oss-security/2011/06/13/15 http://securitytracker.com/id?1025659 http://secunia.com/advisories/44874 XForce ISS Database: php-sapiposthandlerfunc-sec-bypass(67999) https://exchange.xforce.ibmcloud.com/vulnerabilities/67999 Common Vulnerability Exposure (CVE) ID: CVE-2011-2483 Debian Security Information: DSA-2340 (Google Search) http://www.debian.org/security/2011/dsa-2340 http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 http://www.mandriva.com/security/advisories?name=MDVSA-2011:179 http://www.mandriva.com/security/advisories?name=MDVSA-2011:180 http://freshmeat.net/projects/crypt_blowfish http://www.redhat.com/support/errata/RHSA-2011-1377.html http://www.redhat.com/support/errata/RHSA-2011-1378.html SuSE Security Announcement: SUSE-SA:2011:035 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00015.html http://www.ubuntu.com/usn/USN-1229-1 XForce ISS Database: php-cryptblowfish-info-disclosure(69319) https://exchange.xforce.ibmcloud.com/vulnerabilities/69319
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.