English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 72151 CVE descriptions
and 38907 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.68239
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-989-1 (php5)
Summary:Ubuntu USN-989-1 (php5)
Description:The remote host is missing an update to php5
announced via advisory USN-989-1.

Details follow:

Auke van Slooten discovered that PHP incorrectly handled certain xmlrpc
requests. An attacker could exploit this issue to cause the PHP server to
crash, resulting in a denial of service. This issue only affected Ubuntu
6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2010-0397)

It was discovered that the pseudorandom number generator in PHP did not
provide the expected entropy. An attacker could exploit this issue to
predict values that were intended to be random, such as session cookies.
This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10.
(CVE-2010-1128)

It was discovered that PHP did not properly handle directory pathnames that
lacked a trailing slash character. An attacker could exploit this issue to
bypass safe_mode restrictions. This issue only affected Ubuntu 6.06 LTS,
8.04 LTS, 9.04 and 9.10. (CVE-2010-1129)

Grzegorz Stachowiak discovered that the PHP session extension did not
properly handle semicolon characters. An attacker could exploit this issue
to bypass safe_mode restrictions. This issue only affected Ubuntu 8.04 LTS,
9.04 and 9.10. (CVE-2010-1130)

Stefan Esser discovered that PHP incorrectly decoded remote HTTP chunked
encoding streams. An attacker could exploit this issue to cause the PHP
server to crash and possibly execute arbitrary code with application
privileges. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-1866)

Mateusz Kocielski discovered that certain PHP SQLite functions incorrectly
handled empty SQL queries. An attacker could exploit this issue to possibly
execute arbitrary code with application privileges. (CVE-2010-1868)

Mateusz Kocielski discovered that PHP incorrectly handled certain arguments
to the fnmatch function. An attacker could exploit this flaw and cause the
PHP server to consume all available stack memory, resulting in a denial of
service. (CVE-2010-1917)

Stefan Esser discovered that PHP incorrectly handled certain strings in the
phar extension. An attacker could exploit this flaw to possibly view
sensitive information. This issue only affected Ubuntu 10.04 LTS.
(CVE-2010-2094, CVE-2010-2950)

Stefan Esser discovered that PHP incorrectly handled deserialization of
SPLObjectStorage objects. A remote attacker could exploit this issue to
view sensitive information and possibly execute arbitrary code with
application privileges. This issue only affected Ubuntu 8.04 LTS, 9.04,
9.10 and 10.04 LTS. (CVE-2010-2225)

It was discovered that PHP incorrectly filtered error messages when limits
for memory, execution time, or recursion were exceeded. A remote attacker
could exploit this issue to possibly view sensitive information.
(CVE-2010-2531)

Stefan Esser discovered that the PHP session serializer incorrectly handled
the PS_UNDEF_MARKER marker. An attacker could exploit this issue to alter
arbitrary session variables. (CVE-2010-3065)

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
libapache2-mod-php5 5.1.2-1ubuntu3.19
php5-cgi 5.1.2-1ubuntu3.19
php5-cli 5.1.2-1ubuntu3.19

Ubuntu 8.04 LTS:
libapache2-mod-php5 5.2.4-2ubuntu5.12
php5-cgi 5.2.4-2ubuntu5.12
php5-cli 5.2.4-2ubuntu5.12

Ubuntu 9.04:
libapache2-mod-php5 5.2.6.dfsg.1-3ubuntu4.6
php5-cgi 5.2.6.dfsg.1-3ubuntu4.6
php5-cli 5.2.6.dfsg.1-3ubuntu4.6

Ubuntu 9.10:
libapache2-mod-php5 5.2.10.dfsg.1-2ubuntu6.5
php5-cgi 5.2.10.dfsg.1-2ubuntu6.5
php5-cli 5.2.10.dfsg.1-2ubuntu6.5

Ubuntu 10.04 LTS:
libapache2-mod-php5 5.3.2-1ubuntu4.5
php5-cgi 5.3.2-1ubuntu4.5
php5-cli 5.3.2-1ubuntu4.5

In general, a standard system update will make all the necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-989-1

Risk factor : High
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-0397
http://www.openwall.com/lists/oss-security/2010/03/12/5
http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:068
http://www.redhat.com/support/errata/RHSA-2010-0919.html
SuSE Security Announcement: SUSE-SR:2010:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
SuSE Security Announcement: SUSE-SR:2010:013 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
SuSE Security Announcement: SUSE-SR:2010:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
BugTraq ID: 38708
http://www.securityfocus.com/bid/38708
http://secunia.com/advisories/42410
http://www.vupen.com/english/advisories/2010/0724
http://www.vupen.com/english/advisories/2010/3081
Common Vulnerability Exposure (CVE) ID: CVE-2010-1128
BugTraq ID: 38430
http://www.securityfocus.com/bid/38430
http://secunia.com/advisories/38708
http://www.vupen.com/english/advisories/2010/0479
Common Vulnerability Exposure (CVE) ID: CVE-2010-1129
HPdes Security Advisory: HPSBMA02554
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083
HPdes Security Advisory: SSRT100018
BugTraq ID: 38431
http://www.securityfocus.com/bid/38431
http://securitytracker.com/id?1023661
http://secunia.com/advisories/40551
http://www.vupen.com/english/advisories/2010/1796
Common Vulnerability Exposure (CVE) ID: CVE-2010-1130
http://securityreason.com/achievement_securityalert/82
http://securityreason.com/securityalert/7008
Common Vulnerability Exposure (CVE) ID: CVE-2010-1866
http://php-security.org/2010/05/02/mops-2010-003-php-dechunk-filter-signed-comparison-vulnerability/index.html
Common Vulnerability Exposure (CVE) ID: CVE-2010-1868
http://php-security.org/2010/05/07/mops-2010-012-php-sqlite_single_query-uninitialized-memory-usage-vulnerability/index.html
http://php-security.org/2010/05/07/mops-2010-013-php-sqlite_array_query-uninitialized-memory-usage-vulnerability/index.html
http://php-security.org/2010/05/07/mops-submission-03-sqlite_single_query-sqlite_array_query-uninitialized-memory-usage/index.html
Common Vulnerability Exposure (CVE) ID: CVE-2010-1917
http://www.php-security.org/2010/05/11/mops-2010-021-php-fnmatch-stack-exhaustion-vulnerability/index.html
Debian Security Information: DSA-2089 (Google Search)
http://www.debian.org/security/2010/dsa-2089
HPdes Security Advisory: HPSBMA02662
http://marc.info/?l=bugtraq&m=130331363227777&w=2
HPdes Security Advisory: SSRT100409
SuSE Security Announcement: SUSE-SR:2010:018 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html
http://secunia.com/advisories/40860
XForce ISS Database: php-fnmatchfunction-dos(58585)
http://xforce.iss.net/xforce/xfdb/58585
Common Vulnerability Exposure (CVE) ID: CVE-2010-2094
http://php-security.org/2010/05/14/mops-2010-024-php-phar_stream_flush-format-string-vulnerability/index.html
http://php-security.org/2010/05/14/mops-2010-025-php-phar_wrapper_open_dir-format-string-vulnerability/index.html
http://php-security.org/2010/05/14/mops-2010-026-php-phar_wrapper_unlink-format-string-vulnerability/index.html
http://php-security.org/2010/05/14/mops-2010-027-php-phar_parse_url-format-string-vulnerabilities/index.html
http://php-security.org/2010/05/14/mops-2010-028-php-phar_wrapper_open_url-format-string-vulnerabilities/index.html
http://www.mandriva.com/security/advisories?name=MDVSA-2011:004
http://www.vupen.com/english/advisories/2011/0068
Common Vulnerability Exposure (CVE) ID: CVE-2010-2225
http://pastebin.com/mXGidCsd
http://twitter.com/i0n1c/statuses/16373156076
http://twitter.com/i0n1c/statuses/16447867829
https://bugzilla.redhat.com/show_bug.cgi?id=605641
BugTraq ID: 40948
http://www.securityfocus.com/bid/40948
XForce ISS Database: php-splobjectstorage-code-execution(59610)
http://xforce.iss.net/xforce/xfdb/59610
Common Vulnerability Exposure (CVE) ID: CVE-2010-2531
http://www.openwall.com/lists/oss-security/2010/07/13/1
http://www.openwall.com/lists/oss-security/2010/07/16/3
Debian Security Information: DSA-2266 (Google Search)
http://www.debian.org/security/2011/dsa-2266
Common Vulnerability Exposure (CVE) ID: CVE-2010-2950
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:254
Common Vulnerability Exposure (CVE) ID: CVE-2010-3065
http://php-security.org/2010/05/31/mops-2010-060-php-session-serializer-session-data-injection-vulnerability/index.html
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 38907 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.