Conectiva Local Security Checks : Conectiva Security Advisory CLSA-2005:1024 (php4)

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 61204 CVE descriptions and 32582 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

Test ID:	1.3.6.1.4.1.25623.1.0.55581
Category:	Conectiva Local Security Checks
Title:	Conectiva Security Advisory CLSA-2005:1024 (php4)
Summary:	Conectiva Security Advisory CLSA-2005:1024
Description:	The remote host is missing updates announced in advisory CLSA-2005:1024. This announcement fixes an eval injection vulnerability in PEAR XML-RPC allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=001024 http://www.php.net/ Risk factor : Medium
Cross-Ref:	BugTraq ID: 14560 Common Vulnerability Exposure (CVE) ID: CVE-2005-2498 Bugtraq: 20050815 Advisory 15/2005: PHPXMLRPC Remote PHP Code Injection Vulnerability (Google Search) http://www.securityfocus.com/archive/1/408125 http://www.hardened-php.net/advisory_152005.67.html Bugtraq: 20050817 [PHPADSNEW-SA-2005-001] phpAdsNew and phpPgAds 2.0.6 fix multiple vulnerabilities (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=112431497300344&w=2 Bugtraq: 20050815 [DRUPAL-SA-2005-004] Drupal 4.6.3 / 4.5.5 fixes critical XML-RPC issue (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=112412415822890&w=2 Debian Security Information: DSA-789 (Google Search) http://www.debian.org/security/2005/dsa-789 Debian Security Information: DSA-798 (Google Search) http://www.debian.org/security/2005/dsa-798 Debian Security Information: DSA-840 (Google Search) http://www.debian.org/security/2005/dsa-840 Debian Security Information: DSA-842 (Google Search) http://www.debian.org/security/2005/dsa-842 http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html http://www.gentoo.org/security/en/glsa/glsa-200509-19.xml http://www.redhat.com/support/errata/RHSA-2005-748.html SuSE Security Announcement: SUSE-SA:2005:051 (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=112605112027335&w=2 SuSE Security Announcement: SUSE-SA:2005:049 (Google Search) http://www.novell.com/linux/security/advisories/2005_49_php.html http://www.securityfocus.com/bid/14560 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9569 http://secunia.com/advisories/16431 http://secunia.com/advisories/16432 http://secunia.com/advisories/16441 http://secunia.com/advisories/16460 http://secunia.com/advisories/16465 http://secunia.com/advisories/16468 http://secunia.com/advisories/16469 http://secunia.com/advisories/16491 http://secunia.com/advisories/16550 http://secunia.com/advisories/16558 http://secunia.com/advisories/16563 http://secunia.com/advisories/16619 http://secunia.com/advisories/16635 http://secunia.com/advisories/16693 http://secunia.com/advisories/16976 http://secunia.com/advisories/17440 http://secunia.com/advisories/17053 http://secunia.com/advisories/17066
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com