Test ID:	1.3.6.1.4.1.25623.1.0.62575
Category:	CentOS Local Security Checks
Title:	CentOS Security Advisory CESA-2005:838-01 (php)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates to php announced in advisory CESA-2005:838-01. For details on the issues addressed in this update, please visit the referenced security advisories. Solution: Update the appropriate packages on your system. http://www.securityspace.com/smysecure/catid.html?in=CESA-2005:838-01 http://www.securityspace.com/smysecure/catid.html?in=RHSA-2005:838 https://rhn.redhat.com/errata/rh21as-errata.html Risk factor : Critical CVSS Score: 10.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-3388 BugTraq ID: 15248 http://www.securityfocus.com/bid/15248 Bugtraq: 20051031 Advisory 18/2005: PHP Cross Site Scripting (XSS) Vulnerability in phpinfo() (Google Search) http://www.securityfocus.com/archive/1/415292 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIRZJHM6UDNWNHZ3PCMEZ2YUK3CWY2UE/ http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml HPdes Security Advisory: HPSBMA02159 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522 HPdes Security Advisory: SSRT061238 http://www.mandriva.com/security/advisories?name=MDKSA-2005:213 http://www.hardened-php.net/advisory_182005.77.html http://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10542 http://www.redhat.com/support/errata/RHSA-2005-831.html http://www.redhat.com/support/errata/RHSA-2005-838.html RedHat Security Advisories: RHSA-2006:0549 http://rhn.redhat.com/errata/RHSA-2006-0549.html http://securitytracker.com/id?1015130 http://secunia.com/advisories/17371 http://secunia.com/advisories/17490 http://secunia.com/advisories/17510 http://secunia.com/advisories/17531 http://secunia.com/advisories/17557 http://secunia.com/advisories/17559 http://secunia.com/advisories/18198 http://secunia.com/advisories/18669 http://secunia.com/advisories/21252 http://secunia.com/advisories/22691 http://securityreason.com/securityalert/133 SuSE Security Announcement: SUSE-SR:2005:026 (Google Search) SuSE Security Announcement: SUSE-SR:2005:027 (Google Search) http://www.novell.com/linux/security/advisories/2005_27_sr.html TurboLinux Advisory: TLSA-2006-38 http://www.turbolinux.com/security/2006/TLSA-2006-38.txt https://www.ubuntu.com/usn/usn-232-1/ http://www.vupen.com/english/advisories/2005/2254 http://www.vupen.com/english/advisories/2006/4320 Common Vulnerability Exposure (CVE) ID: CVE-2005-3389 BugTraq ID: 15249 http://www.securityfocus.com/bid/15249 Bugtraq: 20051031 Advisory 19/2005: PHP register_globals Activation Vulnerability in parse_str() (Google Search) http://www.securityfocus.com/archive/1/415291 http://www.hardened-php.net/advisory_192005.78.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11481 http://securitytracker.com/id?1015131 http://secunia.com/advisories/18054 http://securityreason.com/securityalert/134 SuSE Security Announcement: SUSE-SA:2005:069 (Google Search) http://www.securityfocus.com/archive/1/419504/100/0/threaded Common Vulnerability Exposure (CVE) ID: CVE-2005-3390 BugTraq ID: 15250 http://www.securityfocus.com/bid/15250 Bugtraq: 20051031 Advisory 20/2005: PHP File-Upload $GLOBALS Overwrite Vulnerability (Google Search) http://www.securityfocus.com/archive/1/415290/30/0/threaded http://www.hardened-php.net/advisory_202005.79.html http://www.hardened-php.net/globals-problem https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10537 http://securitytracker.com/id?1015129 http://securityreason.com/securityalert/132 Common Vulnerability Exposure (CVE) ID: CVE-2004-1019 Bugtraq: 20041215 Advisory 01/2004: Multiple vulnerabilities in PHP 4/5 (Google Search) http://marc.info/?l=bugtraq&m=110314318531298&w=2 https://bugzilla.fedora.us/show_bug.cgi?id=2344 HPdes Security Advisory: HPSBMA01212 http://www.securityfocus.com/advisories/9028 http://www.mandriva.com/security/advisories?name=MDKSA-2004:151 http://www.hardened-php.net/advisories/012004.txt http://msgs.securepoint.com/cgi-bin/get/bugtraq0412/157.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10511 http://www.redhat.com/support/errata/RHSA-2004-687.html http://www.redhat.com/support/errata/RHSA-2005-032.html http://www.redhat.com/support/errata/RHSA-2005-816.html SuSE Security Announcement: SUSE-SA:2005:002 (Google Search) http://www.novell.com/linux/security/advisories/2005_02_php4_mod_php4.html SuSE Security Announcement: SUSE-SU-2015:0365 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00029.html SuSE Security Announcement: openSUSE-SU-2015:0325 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-02/msg00079.html XForce ISS Database: php-unserialize-code-execution(18514) https://exchange.xforce.ibmcloud.com/vulnerabilities/18514
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.