English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.51816
Category:Fedora Local Security Checks
Title:Fedora Legacy Security Advisory FLSA-2005:2344
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory FLSA-2005:2344.

An information disclosure bug was discovered in the parsing of GPC
variables in PHP (query strings or cookies, and POST form data). If
particular scripts used the values of the GPC variables, portions of the
memory space of an httpd child process could be revealed to the client.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-0958 to this issue.

A file access bug was discovered in the parsing of multipart/form-data
forms, used by PHP scripts which allow file uploads. In particular
configurations, some scripts could allow a malicious client to upload
files to an arbitrary directory where the apache user has write
access. The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2004-0959 to this issue.

Flaws were found in shmop_write, pack, and unpack PHP functions. These
functions are not normally passed user supplied data, so would require a
malicious PHP script to be exploited. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2004-1018 to
this issue.

Flaws including possible information disclosure, double free, and
negative reference index array underflow were found in the
deserialization code of PHP. PHP applications may use the unserialize
function on untrusted user data, which could allow a remote attacker to
gain access to memory or potentially execute arbitrary code. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2004-1019 to this issue.

A flaw in the exif extension of PHP was found which lead to a stack
overflow. An attacker could create a carefully crafted image file in
such a way that if parsed by a PHP script using the exif extension it
could cause a crash or potentially execute arbitrary code. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2004-1065 to this issue.

A flaw in the PHP cURL functions allows remote attackers to bypass the
open_basedir setting and read arbitrary files via a file: URL argument
to the curl_init function. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CVE-2004-1392 to this
issue.

Users of PHP should upgrade to these updated packages, which contain
fixes for these issues.

Affected platforms:
Redhat 7.3
Redhat 9
Fedora Core 1

Solution:
http://www.securityspace.com/smysecure/catid.html?in=FLSA-2005:2344

Risk factor : Critical

CVSS Score:
10.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2004-0958
Bugtraq: 20040915 PHP Vulnerability N. 1 (Google Search)
http://marc.info/?l=bugtraq&m=109527531130492&w=2
https://bugzilla.fedora.us/show_bug.cgi?id=2344
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10863
http://www.redhat.com/support/errata/RHSA-2004-687.html
http://securitytracker.com/id?1011279
http://secunia.com/advisories/12560/
http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0053.html
XForce ISS Database: php-phpinfo-disclose-memory(17393)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17393
Common Vulnerability Exposure (CVE) ID: CVE-2004-0959
Bugtraq: 20040915 Php Vulnerability N. 2 (Google Search)
http://marc.info/?l=bugtraq&m=109534848430404&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10961
http://securitytracker.com/id?1011307
http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0054.html
XForce ISS Database: php-mime-array-execute-code(17392)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17392
Common Vulnerability Exposure (CVE) ID: CVE-2004-1018
BugTraq ID: 12045
http://www.securityfocus.com/bid/12045
Bugtraq: 20041215 Advisory 01/2004: Multiple vulnerabilities in PHP 4/5 (Google Search)
http://marc.info/?l=bugtraq&m=110314318531298&w=2
Bugtraq: 20041219 PHP shmop.c module permits write of arbitrary memory. (Google Search)
http://www.securityfocus.com/archive/1/384920
HPdes Security Advisory: HPSBMA01212
http://www.securityfocus.com/advisories/9028
http://www.mandriva.com/security/advisories?name=MDKSA-2004:151
http://www.mandriva.com/security/advisories?name=MDKSA-2005:072
http://www.hardened-php.net/advisories/012004.txt
http://www.osvdb.org/12411
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10949
http://www.redhat.com/support/errata/RHSA-2005-032.html
http://www.redhat.com/support/errata/RHSA-2005-816.html
https://www.ubuntu.com/usn/usn-99-1/
XForce ISS Database: php-shmopwrite-outofbounds-memory(18515)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18515
Common Vulnerability Exposure (CVE) ID: CVE-2004-1019
http://msgs.securepoint.com/cgi-bin/get/bugtraq0412/157.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10511
SuSE Security Announcement: SUSE-SA:2005:002 (Google Search)
http://www.novell.com/linux/security/advisories/2005_02_php4_mod_php4.html
SuSE Security Announcement: SUSE-SU-2015:0365 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00029.html
SuSE Security Announcement: openSUSE-SU-2015:0325 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-02/msg00079.html
XForce ISS Database: php-unserialize-code-execution(18514)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18514
Common Vulnerability Exposure (CVE) ID: CVE-2004-1065
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10877
XForce ISS Database: php-exifreaddata-bo(18517)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18517
Common Vulnerability Exposure (CVE) ID: CVE-2004-1392
BugTraq ID: 11557
http://www.securityfocus.com/bid/11557
Bugtraq: 20041027 PHP4 cURL functions bypass open_basedir (Google Search)
http://marc.info/?l=bugtraq&m=109898213806099&w=2
Bugtraq: 20050120 [USN-66-1] PHP vulnerabilities (Google Search)
http://marc.info/?l=bugtraq&m=110625060220934&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9279
http://www.redhat.com/support/errata/RHSA-2005-405.html
http://www.redhat.com/support/errata/RHSA-2005-406.html
http://securitytracker.com/id?1011984
XForce ISS Database: php-openbasedir-restriction-bypass(17900)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17900
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.