Test ID:	1.3.6.1.4.1.25623.1.1.4.2012.1156.1
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory (SUSE-SU-2012:1156-1)
Summary:	The remote host is missing an update for the 'PHP5' package(s) announced via the SUSE-SU-2012:1156-1 advisory.
Description:	Summary: The remote host is missing an update for the 'PHP5' package(s) announced via the SUSE-SU-2012:1156-1 advisory. Vulnerability Insight: This update fixes CVE-2011-1398 and CVE-2011-4388 (header injection via CR). This update also changes the default configuration to use FilesMatch with 'SetHandler' rather than 'AddHandler' to protect weakly written web applications from content confusion. Since this is a hardening measure, no CVE was assigned. Security Issue references: * CVE-2011-1398 > * CVE-2011-4388 > Affected Software/OS: 'PHP5' package(s) on SUSE Linux Enterprise Server 11-SP2, SUSE Linux Enterprise Software Development Kit 11-SP2. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1398 https://bugs.php.net/bug.php?id=60227 http://article.gmane.org/gmane.comp.php.devel/70584 http://openwall.com/lists/oss-security/2012/08/29/5 http://openwall.com/lists/oss-security/2012/09/05/15 RedHat Security Advisories: RHSA-2013:1307 http://rhn.redhat.com/errata/RHSA-2013-1307.html http://www.securitytracker.com/id?1027463 http://secunia.com/advisories/55078 SuSE Security Announcement: SUSE-SU-2013:1315 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html http://www.ubuntu.com/usn/USN-1569-1 Common Vulnerability Exposure (CVE) ID: CVE-2011-4388
Copyright	Copyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.