Test ID:	1.3.6.1.4.1.25623.1.0.69016
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 201006-13 (smarty)
Summary:	The remote host is missing updates announced in;advisory GLSA 201006-13.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 201006-13. Vulnerability Insight: Multiple vulnerabilities in the Smarty template engine might allow remote attackers to execute arbitrary PHP code. Solution: All Smarty users should upgrade to an unaffected version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-php/smarty-2.6.23' CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1066 BugTraq ID: 28105 http://www.securityfocus.com/bid/28105 Debian Security Information: DSA-1520 (Google Search) http://www.debian.org/security/2008/dsa-1520 https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00358.html https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00298.html https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00551.html http://security.gentoo.org/glsa/glsa-201111-04.xml http://secunia.com/advisories/29241 http://secunia.com/advisories/29392 http://secunia.com/advisories/29398 http://secunia.com/advisories/29405 http://secunia.com/advisories/29562 http://secunia.com/advisories/29839 SuSE Security Announcement: SUSE-SR:2008:007 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html XForce ISS Database: smarty-modifierregexreplace-security-bypass(41002) https://exchange.xforce.ibmcloud.com/vulnerabilities/41002 Common Vulnerability Exposure (CVE) ID: CVE-2008-4810 BugTraq ID: 31862 http://www.securityfocus.com/bid/31862 Debian Security Information: DSA-1691 (Google Search) http://www.debian.org/security/2008/dsa-1691 http://securityvulns.ru/Udocument746.html http://www.openwall.com/lists/oss-security/2008/10/25/2 http://secunia.com/advisories/32329 XForce ISS Database: smarty-expandquotedtext-code-execution(46031) https://exchange.xforce.ibmcloud.com/vulnerabilities/46031 Common Vulnerability Exposure (CVE) ID: CVE-2008-4811 XForce ISS Database: smarty-expandquotedtext-code-execution1(46406) https://exchange.xforce.ibmcloud.com/vulnerabilities/46406 Common Vulnerability Exposure (CVE) ID: CVE-2009-1669 BugTraq ID: 34918 http://www.securityfocus.com/bid/34918 https://www.exploit-db.com/exploits/8659 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01283.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01287.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01274.html http://osvdb.org/54380 http://secunia.com/advisories/35072 http://secunia.com/advisories/35219 http://www.ubuntu.com/usn/usn-791-3 XForce ISS Database: smarty-smartyfunctionmath-cmd-execution(50457) https://exchange.xforce.ibmcloud.com/vulnerabilities/50457
Copyright	Copyright (C) 2011 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.