English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.58612
Category:Mandrake Local Security Checks
Title:Mandrake Security Advisory MDKSA-2007:187 (php)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to php
announced via advisory MDKSA-2007:187.

Numerous vulnerabilities were discovered in the PHP scripting language
that are corrected with this update. For details, please visit
the referenced security advisories.

Updated packages have been patched to prevent these issues.
In addition, PECL ZIP version 1.8.10 is being provided for Corporate
Server 4.0.

Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0,
Multi Network Firewall 2.0


Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2007:187

Risk factor : Critical

CVSS Score:
10.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-1375
BugTraq ID: 22851
http://www.securityfocus.com/bid/22851
Debian Security Information: DSA-1283 (Google Search)
http://www.debian.org/security/2007/dsa-1283
https://www.exploit-db.com/exploits/3424
http://security.gentoo.org/glsa/glsa-200703-21.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:187
http://www.php-security.org/MOPB/MOPB-14-2007.html
http://www.osvdb.org/32780
http://secunia.com/advisories/24606
http://secunia.com/advisories/25056
http://secunia.com/advisories/25057
http://secunia.com/advisories/25062
http://secunia.com/advisories/26895
SuSE Security Announcement: SUSE-SA:2007:032 (Google Search)
http://www.novell.com/linux/security/advisories/2007_32_php.html
http://www.ubuntu.com/usn/usn-455-1
Common Vulnerability Exposure (CVE) ID: CVE-2007-1399
BugTraq ID: 22883
http://www.securityfocus.com/bid/22883
Debian Security Information: DSA-1330 (Google Search)
http://www.debian.org/security/2007/dsa-1330
http://www.php-security.org/MOPB/MOPB-16-2007.html
http://www.osvdb.org/32782
http://secunia.com/advisories/24471
http://secunia.com/advisories/24514
http://secunia.com/advisories/25938
SuSE Security Announcement: SUSE-SA:2007:020 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html
http://www.vupen.com/english/advisories/2007/0898
XForce ISS Database: pecl-url-wrapper-bo(32889)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32889
Common Vulnerability Exposure (CVE) ID: CVE-2007-1900
BugTraq ID: 23359
http://www.securityfocus.com/bid/23359
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html
http://security.gentoo.org/glsa/glsa-200705-19.xml
http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml
HPdes Security Advisory: HPSBUX02262
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
HPdes Security Advisory: SSRT071447
http://www.php-security.org/MOPB/PMOPB-45-2007.html
http://www.osvdb.org/33962
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6067
http://secunia.com/advisories/24824
http://secunia.com/advisories/25445
http://secunia.com/advisories/25535
http://secunia.com/advisories/26231
http://secunia.com/advisories/27037
http://secunia.com/advisories/27102
http://secunia.com/advisories/27110
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.482863
http://www.trustix.org/errata/2007/0023/
http://www.vupen.com/english/advisories/2007/2016
http://www.vupen.com/english/advisories/2007/3386
XForce ISS Database: php-filtervalidateemail-header-injection(33510)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33510
Common Vulnerability Exposure (CVE) ID: CVE-2007-2727
BugTraq ID: 23984
http://www.securityfocus.com/bid/23984
http://blog.php-security.org/archives/80-Watching-the-PHP-CVS.html
http://www.fortheloot.com/public/mcrypt.patch
http://osvdb.org/36087
SuSE Security Announcement: SUSE-SR:2007:015 (Google Search)
http://www.novell.com/linux/security/advisories/2007_15_sr.html
Common Vulnerability Exposure (CVE) ID: CVE-2007-2728
http://osvdb.org/36086
http://secunia.com/advisories/25306
http://secunia.com/advisories/26102
http://www.ubuntu.com/usn/usn-485-1
http://www.vupen.com/english/advisories/2007/1839
Common Vulnerability Exposure (CVE) ID: CVE-2007-2748
BugTraq ID: 24012
http://www.securityfocus.com/bid/24012
http://osvdb.org/34730
http://www.attrition.org/pipermail/vim/2007-May/001621.html
Common Vulnerability Exposure (CVE) ID: CVE-2007-2756
BugTraq ID: 24089
http://www.securityfocus.com/bid/24089
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html
http://security.gentoo.org/glsa/glsa-200708-05.xml
http://security.gentoo.org/glsa/glsa-200711-34.xml
http://security.gentoo.org/glsa/glsa-200805-13.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:122
http://www.mandriva.com/security/advisories?name=MDKSA-2007:123
http://www.mandriva.com/security/advisories?name=MDKSA-2007:124
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.020.html
http://osvdb.org/35788
http://osvdb.org/36643
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10779
RedHat Security Advisories: RHSA-2007:0889
http://rhn.redhat.com/errata/RHSA-2007-0889.html
http://www.redhat.com/support/errata/RHSA-2007-0890.html
http://www.redhat.com/support/errata/RHSA-2007-0891.html
http://www.redhat.com/support/errata/RHSA-2008-0146.html
http://www.securitytracker.com/id?1018187
http://secunia.com/advisories/25353
http://secunia.com/advisories/25362
http://secunia.com/advisories/25378
http://secunia.com/advisories/25575
http://secunia.com/advisories/25590
http://secunia.com/advisories/25646
http://secunia.com/advisories/25657
http://secunia.com/advisories/25658
http://secunia.com/advisories/25787
http://secunia.com/advisories/25855
http://secunia.com/advisories/26048
http://secunia.com/advisories/26390
http://secunia.com/advisories/26871
http://secunia.com/advisories/26930
http://secunia.com/advisories/26967
http://secunia.com/advisories/27545
http://secunia.com/advisories/29157
http://secunia.com/advisories/30168
SuSE Security Announcement: SUSE-SA:2007:044 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html
SuSE Security Announcement: SUSE-SR:2007:013 (Google Search)
http://www.novell.com/linux/security/advisories/2007_13_sr.html
http://www.trustix.org/errata/2007/0019/
http://www.ubuntu.com/usn/usn-473-1
http://www.vupen.com/english/advisories/2007/1904
http://www.vupen.com/english/advisories/2007/1905
http://www.vupen.com/english/advisories/2007/2336
XForce ISS Database: gd-gdpngreaddata-dos(34420)
https://exchange.xforce.ibmcloud.com/vulnerabilities/34420
Common Vulnerability Exposure (CVE) ID: CVE-2007-2872
1018186
http://www.securitytracker.com/id?1018186
2007-0023
20070601 SEC Consult SA-20070601-0 :: PHP chunk_split() integer overflow
http://www.securityfocus.com/archive/1/470244/100/0/threaded
24261
http://www.securityfocus.com/bid/24261
25456
http://secunia.com/advisories/25456
25535
26048
26231
26838
http://secunia.com/advisories/26838
26871
26895
26930
26967
27037
27102
27110
27351
http://secunia.com/advisories/27351
27377
http://secunia.com/advisories/27377
27545
27864
http://secunia.com/advisories/27864
28318
http://secunia.com/advisories/28318
28658
http://secunia.com/advisories/28658
28750
http://secunia.com/advisories/28750
28936
http://secunia.com/advisories/28936
30040
http://secunia.com/advisories/30040
36083
http://osvdb.org/36083
ADV-2007-2061
http://www.vupen.com/english/advisories/2007/2061
ADV-2007-3386
ADV-2008-0059
http://www.vupen.com/english/advisories/2008/0059
ADV-2008-0398
http://www.vupen.com/english/advisories/2008/0398
FEDORA-2007-2215
FEDORA-2007-709
GLSA-200710-02
HPSBUX02262
HPSBUX02308
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501
HPSBUX02332
http://www.securityfocus.com/archive/1/491693/100/0/threaded
MDKSA-2007:187
OpenPKG-SA-2007.020
RHSA-2007:0888
http://www.redhat.com/support/errata/RHSA-2007-0888.html
RHSA-2007:0889
RHSA-2007:0890
RHSA-2007:0891
SSA:2007-152-01
SSA:2008-045-03
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136
SSRT071447
SSRT080010
SSRT080056
SUSE-SA:2007:044
SUSE-SA:2008:004
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html
USN-549-1
https://usn.ubuntu.com/549-1/
USN-549-2
http://www.ubuntu.com/usn/usn-549-2
http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm
http://www.php.net/ChangeLog-4.php
http://www.php.net/releases/4_4_8.php
http://www.php.net/releases/5_2_3.php
http://www.sec-consult.com/291.html
https://issues.rpath.com/browse/RPL-1693
https://issues.rpath.com/browse/RPL-1702
https://launchpad.net/bugs/173043
oval:org.mitre.oval:def:9424
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9424
php-chunksplit-security-bypass(39398)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39398
Common Vulnerability Exposure (CVE) ID: CVE-2007-3799
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
BugTraq ID: 24268
http://www.securityfocus.com/bid/24268
Debian Security Information: DSA-1444 (Google Search)
http://www.debian.org/security/2008/dsa-1444
Debian Security Information: DSA-1578 (Google Search)
http://www.debian.org/security/2008/dsa-1578
http://www.php-security.org/MOPB/PMOPB-46-2007.html
http://osvdb.org/36855
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9792
http://secunia.com/advisories/28249
http://secunia.com/advisories/29420
http://secunia.com/advisories/30288
http://www.vupen.com/english/advisories/2008/0924/references
Common Vulnerability Exposure (CVE) ID: CVE-2007-3996
Debian Security Information: DSA-1613 (Google Search)
http://www.debian.org/security/2008/dsa-1613
http://security.gentoo.org/glsa/glsa-200712-13.xml
http://secweb.se/en/advisories/php-imagecopyresized-integer-overflow/
http://secweb.se/en/advisories/php-imagecreatetruecolor-integer-overflow/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11147
http://secunia.com/advisories/26642
http://secunia.com/advisories/26822
http://secunia.com/advisories/28009
http://secunia.com/advisories/28147
http://secunia.com/advisories/31168
http://securityreason.com/securityalert/3103
SuSE Security Announcement: SUSE-SA:2008:004 (Google Search)
http://www.trustix.org/errata/2007/0026/
http://www.ubuntu.com/usn/usn-557-1
http://www.vupen.com/english/advisories/2007/3023
XForce ISS Database: php-gdimagecopyresized-bo(36383)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36383
XForce ISS Database: php-gdimagecreate-bo(36382)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36382
Common Vulnerability Exposure (CVE) ID: CVE-2007-3998
http://secweb.se/en/advisories/php-wordwrap-vulnerability/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10603
Common Vulnerability Exposure (CVE) ID: CVE-2007-4658
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10363
XForce ISS Database: php-moneyformat-unspecified(36377)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36377
Common Vulnerability Exposure (CVE) ID: CVE-2007-4670
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11028
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.