Test ID:	1.3.6.1.4.1.25623.1.0.61830
Category:	Fedora Local Security Checks
Title:	Fedora Core 9 FEDORA-2008-9420 (php-Smarty)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to php-Smarty announced via advisory FEDORA-2008-9420. ChangeLog: * Sun Nov 2 2008 Christopher Stone 2.6.20-2 - Add security patch (bz #469648) - Add RHL dist tag conditional for Requires * Mon Oct 13 2008 Christopher Stone 2.6.20-1 - Upstream sync References: [ 1 ] Bug #469648 - CVE-2008-4811 php-Smarty: PHP code execution via templates with \ escaped $ sign https://bugzilla.redhat.com/show_bug.cgi?id=469648 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update php-Smarty' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2008-9420 Risk factor : High CVSS Score: 7.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4811 BugTraq ID: 31862 http://www.securityfocus.com/bid/31862 Debian Security Information: DSA-1691 (Google Search) http://www.debian.org/security/2008/dsa-1691 http://securityvulns.ru/Udocument746.html http://www.openwall.com/lists/oss-security/2008/10/25/2 http://secunia.com/advisories/32329 XForce ISS Database: smarty-expandquotedtext-code-execution1(46406) https://exchange.xforce.ibmcloud.com/vulnerabilities/46406
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.