English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.12.2006.362.1
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-362-1)
Summary:The remote host is missing an update for the 'php4, php5' package(s) announced via the USN-362-1 advisory.
Description:Summary:
The remote host is missing an update for the 'php4, php5' package(s) announced via the USN-362-1 advisory.

Vulnerability Insight:
The stripos() function did not check for invalidly long or empty
haystack strings. In an application that uses this function on
arbitrary untrusted data this could be exploited to crash the PHP
interpreter. (CVE-2006-4485)

An integer overflow was discovered in the PHP memory allocation
handling. On 64-bit platforms, the 'memory_limit' setting was not
enforced correctly. A remote attacker could exploit this to cause a
Denial of Service attack through memory exhaustion. (CVE-2006-4486)

Maksymilian Arciemowicz discovered that security relevant
configuration options like open_basedir and safe_mode (which can be
configured in Apache's httpd.conf) could be bypassed and reset to
their default value in php.ini by using the ini_restore() function.
(CVE-2006-4625)

Stefan Esser discovered that the ecalloc() function in the Zend engine
did not check for integer overflows. This particularly affected the
unserialize() function. In applications which unserialize untrusted
user-defined data, this could be exploited to execute arbitrary code
with the application's privileges. (CVE-2006-4812)

Affected Software/OS:
'php4, php5' package(s) on Ubuntu 5.04, Ubuntu 5.10, Ubuntu 6.06.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-4485
BugTraq ID: 19582
http://www.securityfocus.com/bid/19582
http://www.mandriva.com/security/advisories?name=MDKSA-2006:162
RedHat Security Advisories: RHSA-2006:0688
http://rhn.redhat.com/errata/RHSA-2006-0688.html
http://securitytracker.com/id?1016984
http://secunia.com/advisories/21546
http://secunia.com/advisories/21842
http://secunia.com/advisories/22331
http://secunia.com/advisories/22538
http://www.ubuntu.com/usn/usn-362-1
http://www.vupen.com/english/advisories/2006/3318
Common Vulnerability Exposure (CVE) ID: CVE-2006-4486
Bugtraq: 20061005 rPSA-2006-0182-1 php php-mysql php-pgsql (Google Search)
http://www.securityfocus.com/archive/1/447866/100/0/threaded
Debian Security Information: DSA-1331 (Google Search)
http://www.debian.org/security/2007/dsa-1331
http://www.hardened-php.net/hphp/changelog.html#hardening_patch_0.4.14
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11086
http://www.redhat.com/support/errata/RHSA-2006-0669.html
http://www.redhat.com/support/errata/RHSA-2006-0682.html
http://secunia.com/advisories/22004
http://secunia.com/advisories/22069
http://secunia.com/advisories/22225
http://secunia.com/advisories/22440
http://secunia.com/advisories/22487
http://secunia.com/advisories/25945
SGI Security Advisory: 20061001-01-P
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
SuSE Security Announcement: SUSE-SA:2006:052 (Google Search)
http://www.novell.com/linux/security/advisories/2006_52_php.html
TurboLinux Advisory: TLSA-2006-38
http://www.turbolinux.com/security/2006/TLSA-2006-38.txt
Common Vulnerability Exposure (CVE) ID: CVE-2006-4625
BugTraq ID: 19933
http://www.securityfocus.com/bid/19933
Bugtraq: 20060913 Re: PHP 5.1.6 / 4.4.4 Critical php_admin* bypass by ini_restore() (Google Search)
http://www.securityfocus.com/archive/1/445712/100/0/threaded
http://www.securityfocus.com/archive/1/445882/100/0/threaded
HPdes Security Advisory: HPSBMA02215
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506
HPdes Security Advisory: HPSBTU02232
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137
HPdes Security Advisory: SSRT071423
HPdes Security Advisory: SSRT071429
http://www.mandriva.com/security/advisories?name=MDKSA-2006:185
http://www.securityfocus.com/archive/1/448953/100/0/threaded
http://secunia.com/advisories/22282
http://secunia.com/advisories/22338
http://secunia.com/advisories/22424
http://secunia.com/advisories/25423
http://secunia.com/advisories/25850
http://securityreason.com/securityalert/1519
http://securityreason.com/achievement_securityalert/42
SuSE Security Announcement: SUSE-SA:2006:059 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2006-Oct/0002.html
http://www.vupen.com/english/advisories/2007/1991
http://www.vupen.com/english/advisories/2007/2374
XForce ISS Database: php-inirestore-security-bypass(28853)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28853
Common Vulnerability Exposure (CVE) ID: CVE-2006-4812
1016984
1691
http://securityreason.com/securityalert/1691
2006-0055
http://www.trustix.org/errata/2006/0055
20061009 Advisory 09/2006: PHP unserialize() Array Creation Integer Overflow
http://www.securityfocus.com/archive/1/448014/100/0/threaded
20349
http://www.securityfocus.com/bid/20349
22280
http://secunia.com/advisories/22280
22281
http://secunia.com/advisories/22281
22300
http://secunia.com/advisories/22300
22331
22338
22533
http://secunia.com/advisories/22533
22538
22650
http://secunia.com/advisories/22650
ADV-2006-3922
http://www.vupen.com/english/advisories/2006/3922
GLSA-200610-14
http://www.gentoo.org/security/en/glsa/glsa-200610-14.xml
OpenPKG-SA-2006.023
RHSA-2006:0688
RHSA-2006:0708
http://rhn.redhat.com/errata/RHSA-2006-0708.html
SUSE-SA:2006:059
USN-362-1
http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_alloc.c?r1=1.161&r2=1.162
http://support.avaya.com/elmodocs2/security/ASA-2006-223.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-234.htm
http://www.hardened-php.net/advisory_092006.133.html
http://www.hardened-php.net/files/CVE-2006-4812.patch
php-ecalloc-integer-overflow(29362)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29362
CopyrightCopyright (C) 2022 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.