English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.66641
Category:Gentoo Local Security Checks
Title:Gentoo Security Advisory GLSA 201001-03 (php)
Summary:The remote host is missing updates announced in;advisory GLSA 201001-03.
Description:Summary:
The remote host is missing updates announced in
advisory GLSA 201001-03.

Vulnerability Insight:
Multiple vulnerabilities were found in PHP, the worst of which leading to
the remote execution of arbitrary code.

Solution:
All PHP users should upgrade to the latest version. As PHP is
statically linked against a vulnerable version of the c-client library
when the imap or kolab USE flag is enabled (GLSA 200911-03), users
should upgrade net-libs/c-client beforehand:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-libs/c-client-2007e'
# emerge --ask --oneshot --verbose '>=dev-lang/php-5.2.12'

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-5498
http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
BugTraq ID: 33002
http://www.securityfocus.com/bid/33002
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html
HPdes Security Advisory: HPSBUX02431
http://marc.info/?l=bugtraq&m=124654546101607&w=2
HPdes Security Advisory: HPSBUX02465
http://marc.info/?l=bugtraq&m=125631037611762&w=2
HPdes Security Advisory: SSRT090085
HPdes Security Advisory: SSRT090192
http://www.mandriva.com/security/advisories?name=MDVSA-2009:021
http://www.mandriva.com/security/advisories?name=MDVSA-2009:022
http://www.mandriva.com/security/advisories?name=MDVSA-2009:023
http://downloads.securityfocus.com/vulnerabilities/exploits/33002-2.php
http://downloads.securityfocus.com/vulnerabilities/exploits/33002.php
http://osvdb.org/51031
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9667
http://www.redhat.com/support/errata/RHSA-2009-0350.html
http://securitytracker.com/id?1021494
http://secunia.com/advisories/34642
http://secunia.com/advisories/35306
http://secunia.com/advisories/35650
http://secunia.com/advisories/36701
SuSE Security Announcement: SUSE-SR:2009:008 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
XForce ISS Database: php-imagerotate-info-disclosure(47635)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47635
Common Vulnerability Exposure (CVE) ID: CVE-2008-5514
1021485
http://securitytracker.com/id?1021485
32958
http://www.securityfocus.com/bid/32958
33275
http://secunia.com/advisories/33275
33638
http://secunia.com/advisories/33638
ADV-2008-3490
http://www.vupen.com/english/advisories/2008/3490
FEDORA-2009-0371
https://www.redhat.com/archives/fedora-package-announce/2009-January/msg00846.html
MDVSA-2009:146
http://www.mandriva.com/security/advisories?name=MDVSA-2009:146
http://www.washington.edu/imap/documentation/RELNOTES.html
https://bugzilla.redhat.com/show_bug.cgi?id=477227
uwimapd-rfc822outputchar-dos(47526)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47526
Common Vulnerability Exposure (CVE) ID: CVE-2008-5557
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
BugTraq ID: 32948
http://www.securityfocus.com/bid/32948
Bugtraq: 20090302 rPSA-2009-0035-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl (Google Search)
http://www.securityfocus.com/archive/1/501376/100/0/threaded
Cert/CC Advisory: TA09-133A
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
Debian Security Information: DSA-1789 (Google Search)
http://www.debian.org/security/2009/dsa-1789
http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0477.html
HPdes Security Advisory: HPSBMA02492
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444
HPdes Security Advisory: SSRT100079
http://www.mandriva.com/security/advisories?name=MDVSA-2009:045
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10286
http://securitytracker.com/id?1021482
http://secunia.com/advisories/35003
http://secunia.com/advisories/35074
SuSE Security Announcement: SUSE-SR:2009:004 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
http://www.vupen.com/english/advisories/2009/1297
XForce ISS Database: php-multibyte-bo(47525)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47525
Common Vulnerability Exposure (CVE) ID: CVE-2008-5624
BugTraq ID: 32688
http://www.securityfocus.com/bid/32688
Bugtraq: 20081206 SecurityReason: PHP 5.2.6 SAPI php_getuid() overload (Google Search)
http://www.securityfocus.com/archive/1/498985/100/0/threaded
http://osvdb.org/50483
http://osvdb.org/52207
http://securityreason.com/achievement_securityalert/59
XForce ISS Database: php-getuid-safemode-bypass(47318)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47318
Common Vulnerability Exposure (CVE) ID: CVE-2008-5625
BugTraq ID: 32383
http://www.securityfocus.com/bid/32383
Bugtraq: 20081120 SecurityReason : PHP 5.2.6 (error_log) safe_mode bypass (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2008-11/0152.html
https://www.exploit-db.com/exploits/7171
http://osvdb.org/52205
http://securityreason.com/achievement_securityalert/57
XForce ISS Database: php-error-safemode-bypass(47314)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47314
Common Vulnerability Exposure (CVE) ID: CVE-2008-5658
BugTraq ID: 32625
http://www.securityfocus.com/bid/32625
Bugtraq: 20081204 Advisory 06/2008: PHP ZipArchive::extractTo() Directory Traversal Vulnerability (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2008-12/0039.html
http://www.sektioneins.de/advisories/SE-2008-06.txt
http://www.openwall.com/lists/oss-security/2008/12/04/3
http://osvdb.org/50480
http://www.securitytracker.com/id?1021303
XForce ISS Database: php-ziparchive-directory-traversal(47079)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47079
Common Vulnerability Exposure (CVE) ID: CVE-2008-5814
HPdes Security Advisory: HPSBMA02426
http://marc.info/?l=bugtraq&m=124277349419254&w=2
HPdes Security Advisory: SSRT090053
http://jvn.jp/en/jp/JVN50327700/index.html
http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000084.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10501
http://secunia.com/advisories/34830
http://secunia.com/advisories/34933
http://secunia.com/advisories/35007
http://secunia.com/advisories/35108
https://usn.ubuntu.com/761-1/
http://www.ubuntu.com/usn/USN-761-2
http://www.vupen.com/english/advisories/2009/1338
XForce ISS Database: php-directives-xss(47496)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47496
Common Vulnerability Exposure (CVE) ID: CVE-2008-5844
BugTraq ID: 32673
http://www.securityfocus.com/bid/32673
http://www.securitytracker.com/id?1021393
Common Vulnerability Exposure (CVE) ID: CVE-2008-7002
BugTraq ID: 31064
http://www.securityfocus.com/bid/31064
http://downloads.securityfocus.com/vulnerabilities/exploits/31064.php
Common Vulnerability Exposure (CVE) ID: CVE-2009-0754
http://www.openwall.com/lists/oss-security/2009/01/30/1
http://www.openwall.com/lists/oss-security/2009/02/03/3
http://www.openwall.com/lists/oss-security/2009/02/25/3
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11035
http://www.securitytracker.com/id?1021979
Common Vulnerability Exposure (CVE) ID: CVE-2009-1271
Debian Security Information: DSA-1775 (Google Search)
http://www.debian.org/security/2009/dsa-1775
http://www.mandriva.com/security/advisories?name=MDVSA-2009:090
http://cvs.php.net/viewvc.cgi/php-src/ext/json/JSON_parser.c?r1=1.1.2.14&r2=1.1.2.15
http://www.openwall.com/lists/oss-security/2009/04/01/9
http://secunia.com/advisories/34770
http://secunia.com/advisories/35685
SuSE Security Announcement: SUSE-SR:2009:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
Common Vulnerability Exposure (CVE) ID: CVE-2009-1272
HPdes Security Advisory: HPSBMA02447
http://marc.info/?l=bugtraq&m=125017764422557&w=2
HPdes Security Advisory: SSRT090062
http://cvs.php.net/viewvc.cgi/php-src/ext/zip/php_zip.c?r1=1.1.2.48&r2=1.1.2.49
http://www.openwall.com/lists/oss-security/2009/04/09/1
Common Vulnerability Exposure (CVE) ID: CVE-2009-2626
BugTraq ID: 36009
http://www.securityfocus.com/bid/36009
Debian Security Information: DSA-1940 (Google Search)
http://www.debian.org/security/2009/dsa-1940
http://secunia.com/advisories/37482
http://securityreason.com/achievement_securityalert/65
Common Vulnerability Exposure (CVE) ID: CVE-2009-2687
BugTraq ID: 35440
http://www.securityfocus.com/bid/35440
HPdes Security Advisory: HPSBUX02543
http://marc.info/?l=bugtraq&m=127680701405735&w=2
HPdes Security Advisory: SSRT100152
http://www.mandriva.com/security/advisories?name=MDVSA-2009:145
http://www.mandriva.com/security/advisories?name=MDVSA-2009:167
http://osvdb.org/55222
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10695
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6655
http://secunia.com/advisories/35441
http://secunia.com/advisories/36462
http://secunia.com/advisories/40262
SuSE Security Announcement: SUSE-SR:2009:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
https://usn.ubuntu.com/824-1/
http://www.vupen.com/english/advisories/2009/1632
XForce ISS Database: php-exifreaddata-dos(51253)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51253
Common Vulnerability Exposure (CVE) ID: CVE-2009-3291
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
HPdes Security Advisory: HPSBOV02683
http://marc.info/?l=bugtraq&m=130497311408250&w=2
HPdes Security Advisory: SSRT090208
http://www.osvdb.org/58185
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10438
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7394
http://www.securitytracker.com/id?1022914
http://secunia.com/advisories/36791
http://www.vupen.com/english/advisories/2009/3184
XForce ISS Database: php-certificate-unspecified(53334)
https://exchange.xforce.ibmcloud.com/vulnerabilities/53334
CopyrightCopyright (C) 2010 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.