|Category:||Debian Local Security Checks|
|Title:||Debian Security Advisory DSA 2639-1 (php5 - several vulnerabilities)|
|Summary:||Several vulnerabilities have been discovered in PHP, the web scripting;language. The Common Vulnerabilities and Exposures project identifies;the following issues:;;CVE-2013-1635;If a PHP application accepted untrusted SOAP object input remotely;from clients, an attacker could read system files readable for the;webserver.;;CVE-2013-1643;The soap.wsdl_cache_dir function did not take PHP open_basedir;restrictions into account. Note that Debian advises against relying;on open_basedir restrictions for security.|
Several vulnerabilities have been discovered in PHP, the web scripting
language. The Common Vulnerabilities and Exposures project identifies
the following issues:
If a PHP application accepted untrusted SOAP object input remotely
from clients, an attacker could read system files readable for the
The soap.wsdl_cache_dir function did not take PHP open_basedir
restrictions into account. Note that Debian advises against relying
on open_basedir restrictions for security.
php5 on Debian Linux
For the stable distribution (squeeze), these problems have been fixed in
For the testing distribution (wheezy), these problems will be fixed soon.
For the unstable distribution (sid), these problems have been fixed in
We recommend that you upgrade your php5 packages.
Common Vulnerability Exposure (CVE) ID: CVE-2013-1643|
Debian Security Information: DSA-2639 (Google Search)
RedHat Security Advisories: RHSA-2013:1307
RedHat Security Advisories: RHSA-2013:1615
SuSE Security Announcement: SUSE-SU-2013:1285 (Google Search)
SuSE Security Announcement: SUSE-SU-2013:1315 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2013-1635
|Copyright||Copyright (C) 2013 Greenbone Networks GmbH http://greenbone.net|
|This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.