English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 74154 CVE descriptions
and 39337 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.70959
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-1231-1 (libapache2-mod-php5)
Summary:Ubuntu USN-1231-1 (libapache2-mod-php5)
Description:The remote host is missing an update to libapache2-mod-php5
announced via advisory USN-1231-1.

Details:

Mateusz Kocielski, Marek Kroemeke and Filip Palian discovered that a
stack-based buffer overflow existed in the socket_connect function's
handling of long pathnames for AF_UNIX sockets. A remote attacker
might be able to exploit this to execute arbitrary code
however,
the default compiler options for affected releases should reduce
the vulnerability to a denial of service. This issue affected Ubuntu
10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1938)

Krzysztof Kotowicz discovered that the PHP post handler function
does not properly restrict filenames in multipart/form-data POST
requests. This may allow remote attackers to conduct absolute
path traversal attacks and possibly create or overwrite arbitrary
files. This issue affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu
10.10 and Ubuntu 11.04. (CVE-2011-2202)

It was discovered that the crypt function for blowfish does not
properly handle 8-bit characters. This could make it easier for an
attacker to discover a cleartext password containing an 8-bit character
that has a matching blowfish crypt value. This issue affected Ubuntu
10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-2483)

It was discovered that PHP did not properly check the return values of
the malloc(3), calloc(3) and realloc(3) library functions in multiple
locations. This could allow an attacker to cause a denial of service
via a NULL pointer dereference or possibly execute arbitrary code.
This issue affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10
and Ubuntu 11.04. (CVE-2011-3182)

Maksymilian Arciemowicz discovered that PHP did not properly implement
the error_log function. This could allow an attacker to cause a denial
of service via an application crash. This issue affected Ubuntu 10.04
LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3267)

Maksymilian Arciemowicz discovered that the ZipArchive functions
addGlob() and addPattern() did not properly check their flag arguments.
This could allow a malicious script author to cause a denial of
service via application crash. This issue affected Ubuntu 10.04 LTS,
Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-1657)

It was discovered that the Xend opcode parser in PHP could be interrupted
while handling the shift-left, shift-right, and bitwise-xor opcodes.
This could allow a malicious script author to expose memory
contents. This issue affected Ubuntu 10.04 LTS. (CVE-2010-1914)

It was discovered that the strrchr function in PHP could be interrupted
by a malicious script, allowing the exposure of memory contents. This
issue affected Ubuntu 8.04 LTS. (CVE-2010-2484)

Solution:
The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.10:
libapache2-mod-php5 5.3.6-13ubuntu3.2
php5-cgi 5.3.6-13ubuntu3.2
php5-cli 5.3.6-13ubuntu3.2
php5-common 5.3.6-13ubuntu3.2

Ubuntu 11.04:
libapache2-mod-php5 5.3.5-1ubuntu7.3
php5-cgi 5.3.5-1ubuntu7.3
php5-cli 5.3.5-1ubuntu7.3
php5-common 5.3.5-1ubuntu7.3

Ubuntu 10.10:
libapache2-mod-php5 5.3.3-1ubuntu9.6
php5-cgi 5.3.3-1ubuntu9.6
php5-cli 5.3.3-1ubuntu9.6
php5-common 5.3.3-1ubuntu9.6

Ubuntu 10.04 LTS:
libapache2-mod-php5 5.3.2-1ubuntu4.10
php5-cgi 5.3.2-1ubuntu4.10
php5-cli 5.3.2-1ubuntu4.10
php5-common 5.3.2-1ubuntu4.10

Ubuntu 8.04 LTS:
libapache2-mod-php5 5.2.4-2ubuntu5.18
php5-cgi 5.2.4-2ubuntu5.18
php5-cli 5.2.4-2ubuntu5.18
php5-common 5.2.4-2ubuntu5.18

http://www.securityspace.com/smysecure/catid.html?in=USN-1231-1
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-1938
http://www.exploit-db.com/exploits/17318/
http://openwall.com/lists/oss-security/2011/05/24/1
http://openwall.com/lists/oss-security/2011/05/24/9
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
Debian Security Information: DSA-2399 (Google Search)
http://www.debian.org/security/2012/dsa-2399
http://www.mandriva.com/security/advisories?name=MDVSA-2011:165
http://www.redhat.com/support/errata/RHSA-2011-1423.html
BugTraq ID: 49241
http://www.securityfocus.com/bid/49241
http://osvdb.org/72644
http://securityreason.com/securityalert/8262
http://securityreason.com/securityalert/8294
XForce ISS Database: php-socketconnect-bo(67606)
http://xforce.iss.net/xforce/xfdb/67606
Common Vulnerability Exposure (CVE) ID: CVE-2011-2202
http://openwall.com/lists/oss-security/2011/06/12/5
http://openwall.com/lists/oss-security/2011/06/13/15
http://pastebin.com/1edSuSVN
Debian Security Information: DSA-2266 (Google Search)
http://www.debian.org/security/2011/dsa-2266
RedHat Security Advisories: RHSA-2012:0071
http://rhn.redhat.com/errata/RHSA-2012-0071.html
BugTraq ID: 48259
http://www.securityfocus.com/bid/48259
http://securitytracker.com/id?1025659
http://secunia.com/advisories/44874
XForce ISS Database: php-sapiposthandlerfunc-sec-bypass(67999)
http://xforce.iss.net/xforce/xfdb/67999
Common Vulnerability Exposure (CVE) ID: CVE-2011-2483
http://freshmeat.net/projects/crypt_blowfish
Debian Security Information: DSA-2340 (Google Search)
http://www.debian.org/security/2011/dsa-2340
http://www.mandriva.com/security/advisories?name=MDVSA-2011:180
http://www.mandriva.com/security/advisories?name=MDVSA-2011:178
http://www.mandriva.com/security/advisories?name=MDVSA-2011:179
http://www.redhat.com/support/errata/RHSA-2011-1377.html
http://www.redhat.com/support/errata/RHSA-2011-1378.html
SuSE Security Announcement: SUSE-SA:2011:035 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00015.html
http://www.ubuntu.com/usn/USN-1229-1
XForce ISS Database: php-cryptblowfish-info-disclosure(69319)
http://xforce.iss.net/xforce/xfdb/69319
Common Vulnerability Exposure (CVE) ID: CVE-2011-3182
http://securityreason.com/achievement_securityalert/101
http://marc.info/?l=full-disclosure&m=131373057621672&w=2
http://www.openwall.com/lists/oss-security/2011/08/22/9
BugTraq ID: 49249
http://www.securityfocus.com/bid/49249
XForce ISS Database: php-library-functions-dos(69430)
http://xforce.iss.net/xforce/xfdb/69430
Common Vulnerability Exposure (CVE) ID: CVE-2011-3267
http://osvdb.org/74739
XForce ISS Database: php-errorlog-dos(69428)
http://xforce.iss.net/xforce/xfdb/69428
Common Vulnerability Exposure (CVE) ID: CVE-2011-1657
http://securityreason.com/achievement_securityalert/100
Bugtraq: 20110819 PHP 5.3.6 ZipArchive invalid use glob(3) (Google Search)
http://www.securityfocus.com/archive/1/archive/1/519385/100/0/threaded
http://www.openwall.com/lists/oss-security/2011/07/01/8
http://www.openwall.com/lists/oss-security/2011/07/01/7
http://www.openwall.com/lists/oss-security/2011/07/01/6
BugTraq ID: 49252
http://www.securityfocus.com/bid/49252
http://securityreason.com/securityalert/8342
XForce ISS Database: php-ziparchiveaddglob-dos(69320)
http://xforce.iss.net/xforce/xfdb/69320
Common Vulnerability Exposure (CVE) ID: CVE-2010-1914
http://www.php-security.org/2010/05/08/mops-2010-014-php-zend_bw_xor-opcode-interruption-address-information-leak-vulnerability/index.html
http://www.php-security.org/2010/05/08/mops-2010-015-php-zend_sl-opcode-interruption-address-information-leak-vulnerability/index.html
http://www.php-security.org/2010/05/08/mops-2010-016-php-zend_sr-opcode-interruption-address-information-leak-vulnerability/index.html
SuSE Security Announcement: SUSE-SR:2010:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
SuSE Security Announcement: SUSE-SR:2010:018 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html
XForce ISS Database: php-zendengine-info-disclosure(58587)
http://xforce.iss.net/xforce/xfdb/58587
Common Vulnerability Exposure (CVE) ID: CVE-2010-2484
http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
CopyrightCopyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 39337 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.