Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.831621
Category:Mandrake Local Security Checks
Title:Mandriva Update for php MDVSA-2012:065 (php)
Summary:The remote host is missing an update for the 'php'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'php'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Multiple vulnerabilities has been identified and fixed in php:

The PDORow implementation in PHP before 5.3.9 does not properly
interact with the session feature, which allows remote attackers to
cause a denial of service (application crash) via a crafted application
that uses a PDO driver for a fetch and then calls the session_start
function, as demonstrated by a crash of the Apache HTTP Server
(CVE-2012-0788). Note: this was fixed with php-5.3.10

The php_register_variable_ex function in php_variables.c in PHP
5.3.9 allows remote attackers to execute arbitrary code via a request
containing a large number of variables, related to improper handling
of array variables. NOTE: this vulnerability exists because of an
incorrect fix for CVE-2011-4885 (CVE-2012-0830). Note: this was fixed
with php-5.3.10

PHP before 5.3.10 does not properly perform a temporary change
to the magic_quotes_gpc directive during the importing of
environment variables, which makes it easier for remote attackers
to conduct SQL injection attacks via a crafted request, related to
main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c
(CVE-2012-0831).

Insufficient validating of upload name leading to corrupted $_FILES
indices (CVE-2012-1172).

The updated php packages have been upgraded to 5.3.11 which is not
vulnerable to these issues.

Stack-based buffer overflow in the suhosin_encrypt_single_cookie
function in the transparent cookie-encryption feature in the Suhosin
extension before 0.9.33 for PHP, when suhosin.cookie.encrypt and
suhosin.multiheader are enabled, might allow remote attackers to
execute arbitrary code via a long string that is used in a Set-Cookie
HTTP header (CVE-2012-0807). The php-suhosin packages has been upgraded
to the 0.9.33 version which is not affected by this issue.

Additionally some of the PECL extensions has been upgraded to their
latest respective versions which resolves various upstream bugs.

Affected Software/OS:
php on Mandriva Linux 2011.0,
Mandriva Linux 2010.1

Solution:
Please Install the Updated Packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2012-0788
http://secunia.com/advisories/48668
SuSE Security Announcement: SUSE-SU-2012:0411 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html
SuSE Security Announcement: openSUSE-SU-2012:0426 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-4885
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
BugTraq ID: 51193
http://www.securityfocus.com/bid/51193
Bugtraq: 20111228 n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html
CERT/CC vulnerability note: VU#903934
http://www.kb.cert.org/vuls/id/903934
Debian Security Information: DSA-2399 (Google Search)
http://www.debian.org/security/2012/dsa-2399
http://www.exploit-db.com/exploits/18296
http://www.exploit-db.com/exploits/18305
HPdes Security Advisory: HPSBMU02786
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
HPdes Security Advisory: HPSBOV02763
http://marc.info/?l=bugtraq&m=133469208622507&w=2
HPdes Security Advisory: HPSBUX02741
http://marc.info/?l=bugtraq&m=132871655717248&w=2
HPdes Security Advisory: SSRT100728
HPdes Security Advisory: SSRT100826
HPdes Security Advisory: SSRT100877
http://www.mandriva.com/security/advisories?name=MDVSA-2011:197
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.nruns.com/_downloads/advisory28122011.pdf
http://www.ocert.org/advisories/ocert-2011-003.html
https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py
http://www.redhat.com/support/errata/RHSA-2012-0019.html
RedHat Security Advisories: RHSA-2012:0071
http://rhn.redhat.com/errata/RHSA-2012-0071.html
http://www.securitytracker.com/id?1026473
http://secunia.com/advisories/47404
XForce ISS Database: php-hash-dos(72021)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72021
Common Vulnerability Exposure (CVE) ID: CVE-2012-0830
BugTraq ID: 51830
http://www.securityfocus.com/bid/51830
Debian Security Information: DSA-2403 (Google Search)
http://www.debian.org/security/2012/dsa-2403
HPdes Security Advisory: HPSBUX02791
http://marc.info/?l=bugtraq&m=134012830914727&w=2
HPdes Security Advisory: SSRT100856
http://thexploit.com/sec/critical-php-remote-vulnerability-introduced-in-fix-for-php-hashtable-collision-dos/
http://www.h-online.com/security/news/item/Critical-PHP-vulnerability-being-fixed-1427316.html
https://gist.github.com/1725489
http://openwall.com/lists/oss-security/2012/02/02/12
http://openwall.com/lists/oss-security/2012/02/03/1
http://www.osvdb.org/78819
RedHat Security Advisories: RHSA-2012:0092
http://rhn.redhat.com/errata/RHSA-2012-0092.html
http://securitytracker.com/id?1026631
http://secunia.com/advisories/47801
http://secunia.com/advisories/47806
http://secunia.com/advisories/47813
XForce ISS Database: php-phpregistervariableex-code-exec(72911)
https://exchange.xforce.ibmcloud.com/vulnerabilities/72911
Common Vulnerability Exposure (CVE) ID: CVE-2012-0831
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
BugTraq ID: 51954
http://www.securityfocus.com/bid/51954
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080041.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080037.html
RedHat Security Advisories: RHSA-2013:1307
http://rhn.redhat.com/errata/RHSA-2013-1307.html
http://secunia.com/advisories/55078
SuSE Security Announcement: SUSE-SU-2012:0472 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html
http://www.ubuntu.com/usn/USN-1358-1
XForce ISS Database: php-magicquotesgpc-sec-bypass(73125)
https://exchange.xforce.ibmcloud.com/vulnerabilities/73125
Common Vulnerability Exposure (CVE) ID: CVE-2012-1172
Debian Security Information: DSA-2465 (Google Search)
http://www.debian.org/security/2012/dsa-2465
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080070.html
http://isisblogs.poly.edu/2011/08/11/php-not-properly-checking-params/
https://bugs.php.net/bug.php?id=48597
https://bugs.php.net/bug.php?id=49683
https://nealpoole.com/blog/2011/10/directory-traversal-via-php-multi-file-uploads/
https://students.mimuw.edu.pl/~ai292615/php_multipleupload_overwrite.pdf
http://openwall.com/lists/oss-security/2012/03/13/4
SuSE Security Announcement: SUSE-SU-2012:0598 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html
SuSE Security Announcement: SUSE-SU-2012:0604 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-0807
http://archives.neohapsis.com/archives/fulldisclosure/2012-01/0296.html
http://www.openwall.com/lists/oss-security/2012/01/24/7
http://www.openwall.com/lists/oss-security/2012/01/24/11
CopyrightCopyright (c) 2012 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.