English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.55195
Kategorie:SuSE Local Security Checks
Titel:SuSE Security Advisory SUSE-SA:2005:049 (php4, php5)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing updates announced in
advisory SUSE-SA:2005:049.

This update fixes the following security issues in the PHP scripting
language.

- Bugs in the PEAR::XML_RPC library allowed remote attackers to pass
arbitrary PHP code to the eval() function (CVE-2005-1921,
CVE-2005-2498).

The Pear::XML_RPC library is not used by default in SUSE Linux, but
might be used by third-party PHP applications.

- A integer overflow bug was found in the PCRE (perl compatible regular
expression) library which could be used by an attacker to potentially
execute code. (CVE-2005-2491)

Solution:
Update your system with the packages as indicated in
the referenced security advisory.

http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2005:049

Risk factor : High

CVSS Score:
7.5

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2005-2498
BugTraq ID: 14560
http://www.securityfocus.com/bid/14560
Bugtraq: 20050815 Advisory 15/2005: PHPXMLRPC Remote PHP Code Injection Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/408125
Bugtraq: 20050815 [DRUPAL-SA-2005-004] Drupal 4.6.3 / 4.5.5 fixes critical XML-RPC issue (Google Search)
http://marc.info/?l=bugtraq&m=112412415822890&w=2
Bugtraq: 20050817 [PHPADSNEW-SA-2005-001] phpAdsNew and phpPgAds 2.0.6 fix multiple vulnerabilities (Google Search)
http://marc.info/?l=bugtraq&m=112431497300344&w=2
Debian Security Information: DSA-789 (Google Search)
http://www.debian.org/security/2005/dsa-789
Debian Security Information: DSA-798 (Google Search)
http://www.debian.org/security/2005/dsa-798
Debian Security Information: DSA-840 (Google Search)
http://www.debian.org/security/2005/dsa-840
Debian Security Information: DSA-842 (Google Search)
http://www.debian.org/security/2005/dsa-842
http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html
http://www.gentoo.org/security/en/glsa/glsa-200509-19.xml
http://www.hardened-php.net/advisory_152005.67.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9569
http://www.redhat.com/support/errata/RHSA-2005-748.html
http://secunia.com/advisories/16431
http://secunia.com/advisories/16432
http://secunia.com/advisories/16441
http://secunia.com/advisories/16460
http://secunia.com/advisories/16465
http://secunia.com/advisories/16468
http://secunia.com/advisories/16469
http://secunia.com/advisories/16491
http://secunia.com/advisories/16550
http://secunia.com/advisories/16558
http://secunia.com/advisories/16563
http://secunia.com/advisories/16619
http://secunia.com/advisories/16635
http://secunia.com/advisories/16693
http://secunia.com/advisories/16976
http://secunia.com/advisories/17053
http://secunia.com/advisories/17066
http://secunia.com/advisories/17440
SuSE Security Announcement: SUSE-SA:2005:049 (Google Search)
http://www.novell.com/linux/security/advisories/2005_49_php.html
SuSE Security Announcement: SUSE-SA:2005:051 (Google Search)
http://marc.info/?l=bugtraq&m=112605112027335&w=2
Common Vulnerability Exposure (CVE) ID: CVE-2005-2491
http://docs.info.apple.com/article.html?artnum=302847
BugTraq ID: 14620
http://www.securityfocus.com/bid/14620
BugTraq ID: 15647
http://www.securityfocus.com/bid/15647
Debian Security Information: DSA-800 (Google Search)
http://www.debian.org/security/2005/dsa-800
Debian Security Information: DSA-817 (Google Search)
http://www.debian.org/security/2005/dsa-817
Debian Security Information: DSA-819 (Google Search)
http://www.debian.org/security/2005/dsa-819
Debian Security Information: DSA-821 (Google Search)
http://www.debian.org/security/2005/dsa-821
http://www.securityfocus.com/archive/1/427046/100/0/threaded
http://www.gentoo.org/security/en/glsa/glsa-200508-17.xml
http://www.gentoo.org/security/en/glsa/glsa-200509-02.xml
http://www.gentoo.org/security/en/glsa/glsa-200509-08.xml
http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml
HPdes Security Advisory: HPSBMA02159
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522
HPdes Security Advisory: HPSBOV02683
http://marc.info/?l=bugtraq&m=130497311408250&w=2
HPdes Security Advisory: HPSBUX02074
http://www.securityfocus.com/archive/1/428138/100/0/threaded
HPdes Security Advisory: SSRT051251
HPdes Security Advisory: SSRT061238
HPdes Security Advisory: SSRT090208
https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E
http://marc.info/?l=bugtraq&m=112606064317223&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11516
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1496
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1659
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A735
http://www.redhat.com/support/errata/RHSA-2005-358.html
http://www.redhat.com/support/errata/RHSA-2005-761.html
http://www.redhat.com/support/errata/RHSA-2006-0197.html
SCO Security Bulletin: SCOSA-2006.10
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt
http://securitytracker.com/id?1014744
http://secunia.com/advisories/16502
http://secunia.com/advisories/16679
http://secunia.com/advisories/17252
http://secunia.com/advisories/17813
http://secunia.com/advisories/19072
http://secunia.com/advisories/19193
http://secunia.com/advisories/19532
http://secunia.com/advisories/21522
http://secunia.com/advisories/22691
http://secunia.com/advisories/22875
SGI Security Advisory: 20060401-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U
http://securityreason.com/securityalert/604
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1
SuSE Security Announcement: SUSE-SA:2005:048 (Google Search)
http://www.novell.com/linux/security/advisories/2005_48_pcre.html
SuSE Security Announcement: SUSE-SA:2005:052 (Google Search)
http://www.novell.com/linux/security/advisories/2005_52_apache2.html
http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
http://www.vupen.com/english/advisories/2005/1511
http://www.vupen.com/english/advisories/2005/2659
http://www.vupen.com/english/advisories/2006/0789
http://www.vupen.com/english/advisories/2006/4320
http://www.vupen.com/english/advisories/2006/4502
Common Vulnerability Exposure (CVE) ID: CVE-2005-1921
BugTraq ID: 14088
http://www.securityfocus.com/bid/14088
Bugtraq: 20050629 Advisory 02/2005: Remote code execution in Serendipity (Google Search)
http://marc.info/?l=bugtraq&m=112008638320145&w=2
Bugtraq: 20050629 [DRUPAL-SA-2005-003] Drupal 4.6.2 / 4.5.4 fixes critical XML-RPC issue (Google Search)
http://marc.info/?l=bugtraq&m=112015336720867&w=2
Debian Security Information: DSA-745 (Google Search)
http://www.debian.org/security/2005/dsa-745
Debian Security Information: DSA-746 (Google Search)
http://www.debian.org/security/2005/dsa-746
Debian Security Information: DSA-747 (Google Search)
http://www.debian.org/security/2005/dsa-747
http://security.gentoo.org/glsa/glsa-200507-01.xml
http://security.gentoo.org/glsa/glsa-200507-06.xml
http://security.gentoo.org/glsa/glsa-200507-07.xml
HPdes Security Advisory: HPSBTU02083
http://www.securityfocus.com/archive/1/419064/100/0/threaded
HPdes Security Advisory: SSRT051069
http://www.mandriva.com/security/advisories?name=MDKSA-2005:109
http://pear.php.net/package/XML_RPC/download/1.3.1
http://www.gulftech.org/?node=research&article_id=00087-07012005
http://www.hardened-php.net/advisory-022005.php
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11294
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A350
http://www.redhat.com/support/errata/RHSA-2005-564.html
http://securitytracker.com/id?1015336
http://secunia.com/advisories/15810
http://secunia.com/advisories/15852
http://secunia.com/advisories/15855
http://secunia.com/advisories/15861
http://secunia.com/advisories/15872
http://secunia.com/advisories/15883
http://secunia.com/advisories/15884
http://secunia.com/advisories/15895
http://secunia.com/advisories/15903
http://secunia.com/advisories/15904
http://secunia.com/advisories/15916
http://secunia.com/advisories/15917
http://secunia.com/advisories/15922
http://secunia.com/advisories/15944
http://secunia.com/advisories/15947
http://secunia.com/advisories/15957
http://secunia.com/advisories/16001
http://secunia.com/advisories/16339
http://secunia.com/advisories/17674
http://secunia.com/advisories/18003
SuSE Security Announcement: SUSE-SA:2005:041 (Google Search)
http://www.novell.com/linux/security/advisories/2005_41_php_pear.html
SuSE Security Announcement: SUSE-SR:2005:018 (Google Search)
http://www.novell.com/linux/security/advisories/2005_18_sr.html
http://www.vupen.com/english/advisories/2005/2827
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.