Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200811-05 (php)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.61860
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200811-05 (php)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory GLSA 200811-05. PHP contains several vulnerabilities including buffer and integer overflows which could lead to the remote execution of arbitrary code. Solution: All PHP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-lang/php-5.2.6-r6' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200811-05 http://bugs.gentoo.org/show_bug.cgi?id=209148 http://bugs.gentoo.org/show_bug.cgi?id=212211 http://bugs.gentoo.org/show_bug.cgi?id=215266 http://bugs.gentoo.org/show_bug.cgi?id=228369 http://bugs.gentoo.org/show_bug.cgi?id=230575 http://bugs.gentoo.org/show_bug.cgi?id=234102 CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0599 http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html BugTraq ID: 29009 http://www.securityfocus.com/bid/29009 Bugtraq: 20080523 rPSA-2008-0176-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl (Google Search) http://www.securityfocus.com/archive/1/492535/100/0/threaded CERT/CC vulnerability note: VU#147027 http://www.kb.cert.org/vuls/id/147027 https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.html https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html http://security.gentoo.org/glsa/glsa-200811-05.xml HPdes Security Advisory: HPSBUX02342 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01476437 HPdes Security Advisory: HPSBUX02431 http://marc.info/?l=bugtraq&m=124654546101607&w=2 HPdes Security Advisory: HPSBUX02465 http://marc.info/?l=bugtraq&m=125631037611762&w=2 HPdes Security Advisory: SSRT080063 HPdes Security Advisory: SSRT090085 HPdes Security Advisory: SSRT090192 http://www.mandriva.com/security/advisories?name=MDVSA-2008:127 http://www.mandriva.com/security/advisories?name=MDVSA-2008:128 http://www.openwall.com/lists/oss-security/2008/05/02/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5510 http://www.redhat.com/support/errata/RHSA-2008-0505.html http://www.securitytracker.com/id?1019958 http://secunia.com/advisories/30048 http://secunia.com/advisories/30083 http://secunia.com/advisories/30345 http://secunia.com/advisories/30616 http://secunia.com/advisories/30757 http://secunia.com/advisories/30828 http://secunia.com/advisories/31200 http://secunia.com/advisories/31326 http://secunia.com/advisories/32746 http://secunia.com/advisories/35650 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.488951 http://www.ubuntu.com/usn/usn-628-1 http://www.vupen.com/english/advisories/2008/1412 http://www.vupen.com/english/advisories/2008/1810/references http://www.vupen.com/english/advisories/2008/2268 XForce ISS Database: php-vector-unspecified(42137) https://exchange.xforce.ibmcloud.com/vulnerabilities/42137 Common Vulnerability Exposure (CVE) ID: CVE-2008-0674 http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html BugTraq ID: 27786 http://www.securityfocus.com/bid/27786 BugTraq ID: 31681 http://www.securityfocus.com/bid/31681 Bugtraq: 20080228 rPSA-2008-0086-1 pcre (Google Search) http://www.securityfocus.com/archive/1/488927/100/0/threaded Cert/CC Advisory: TA09-218A http://www.us-cert.gov/cas/techalerts/TA09-218A.html Debian Security Information: DSA-1499 (Google Search) http://www.debian.org/security/2008/dsa-1499 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00371.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00632.html https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html http://security.gentoo.org/glsa/glsa-200803-24.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:053 http://www.securitytracker.com/id?1022674 http://secunia.com/advisories/28923 http://secunia.com/advisories/28957 http://secunia.com/advisories/28960 http://secunia.com/advisories/28985 http://secunia.com/advisories/28996 http://secunia.com/advisories/29027 http://secunia.com/advisories/29048 http://secunia.com/advisories/29175 http://secunia.com/advisories/29267 http://secunia.com/advisories/29282 http://secunia.com/advisories/32222 http://secunia.com/advisories/36096 SuSE Security Announcement: SUSE-SR:2008:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html https://usn.ubuntu.com/581-1/ http://www.vupen.com/english/advisories/2008/0570 http://www.vupen.com/english/advisories/2008/0592 http://www.vupen.com/english/advisories/2008/2780 http://www.vupen.com/english/advisories/2009/2172 XForce ISS Database: pcre-characterclass-bo(40505) https://exchange.xforce.ibmcloud.com/vulnerabilities/40505 Common Vulnerability Exposure (CVE) ID: CVE-2008-1384 BugTraq ID: 28392 http://www.securityfocus.com/bid/28392 Bugtraq: 20080321 {securityreason.com}PHP 5 *printf() - Integer Overflow (Google Search) http://www.securityfocus.com/archive/1/489962/100/0/threaded Bugtraq: 20080527 rPSA-2008-0178-1 php php-mysql php-pgsql (Google Search) http://www.securityfocus.com/archive/1/492671/100/0/threaded Debian Security Information: DSA-1572 (Google Search) http://www.debian.org/security/2008/dsa-1572 http://www.mandriva.com/security/advisories?name=MDVSA-2009:022 http://www.mandriva.com/security/advisories?name=MDVSA-2009:023 http://secunia.com/advisories/30158 http://secunia.com/advisories/30411 http://secunia.com/advisories/30967 http://securityreason.com/achievement_securityalert/52 SuSE Security Announcement: SUSE-SR:2008:014 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html XForce ISS Database: php-phpsprintfappendstring-overflow(41386) https://exchange.xforce.ibmcloud.com/vulnerabilities/41386 Common Vulnerability Exposure (CVE) ID: CVE-2008-2050 XForce ISS Database: php-fastcgisapi-bo(42133) https://exchange.xforce.ibmcloud.com/vulnerabilities/42133 Common Vulnerability Exposure (CVE) ID: CVE-2008-2051 Debian Security Information: DSA-1578 (Google Search) http://www.debian.org/security/2008/dsa-1578 http://www.mandriva.com/security/advisories?name=MDVSA-2008:125 http://www.mandriva.com/security/advisories?name=MDVSA-2008:126 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10256 http://www.redhat.com/support/errata/RHSA-2008-0544.html http://www.redhat.com/support/errata/RHSA-2008-0545.html http://www.redhat.com/support/errata/RHSA-2008-0546.html http://www.redhat.com/support/errata/RHSA-2008-0582.html http://secunia.com/advisories/30288 http://secunia.com/advisories/31119 http://secunia.com/advisories/31124 Common Vulnerability Exposure (CVE) ID: CVE-2008-2107 Bugtraq: 20080506 Advisory SE-2008-02: PHP GENERATE_SEED() Weak Random Number Seed Vulnerability (Google Search) http://www.securityfocus.com/archive/1/491683/100/0/threaded Debian Security Information: DSA-1789 (Google Search) http://www.debian.org/security/2009/dsa-1789 http://archives.neohapsis.com/archives/fulldisclosure/2008-05/0103.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:129 http://www.mandriva.com/security/advisories?name=MDVSA-2008:130 http://www.sektioneins.de/advisories/SE-2008-02.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10644 http://secunia.com/advisories/35003 http://securityreason.com/securityalert/3859 XForce ISS Database: php-generateseed-security-bypass(42284) https://exchange.xforce.ibmcloud.com/vulnerabilities/42284 XForce ISS Database: php-generateseed-weak-security(42226) https://exchange.xforce.ibmcloud.com/vulnerabilities/42226 Common Vulnerability Exposure (CVE) ID: CVE-2008-2108 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10844 Common Vulnerability Exposure (CVE) ID: CVE-2008-2371 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html BugTraq ID: 30087 http://www.securityfocus.com/bid/30087 Bugtraq: 20081027 rPSA-2008-0305-1 pcre (Google Search) http://www.securityfocus.com/archive/1/497828/100/0/threaded Cert/CC Advisory: TA09-133A http://www.us-cert.gov/cas/techalerts/TA09-133A.html Debian Security Information: DSA-1602 (Google Search) http://www.debian.org/security/2008/dsa-1602 https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00105.html https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00123.html http://www.gentoo.org/security/en/glsa/glsa-200807-03.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:147 http://secunia.com/advisories/30916 http://secunia.com/advisories/30944 http://secunia.com/advisories/30945 http://secunia.com/advisories/30958 http://secunia.com/advisories/30961 http://secunia.com/advisories/30972 http://secunia.com/advisories/30990 http://secunia.com/advisories/32454 http://secunia.com/advisories/35074 http://secunia.com/advisories/39300 http://www.ubuntu.com/usn/usn-624-1 http://ubuntu.com/usn/usn-624-2 http://www.vupen.com/english/advisories/2008/2005 http://www.vupen.com/english/advisories/2008/2006 http://www.vupen.com/english/advisories/2008/2336 http://www.vupen.com/english/advisories/2009/1297 http://www.vupen.com/english/advisories/2010/0833 Common Vulnerability Exposure (CVE) ID: CVE-2008-2665 BugTraq ID: 29797 http://www.securityfocus.com/bid/29797 Bugtraq: 20090302 rPSA-2009-0035-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl (Google Search) http://www.securityfocus.com/archive/1/501376/100/0/threaded http://www.securitytracker.com/id?1020327 http://securityreason.com/securityalert/3941 http://securityreason.com/achievement_securityalert/54 XForce ISS Database: php-posixaccess-security-bypass(43196) https://exchange.xforce.ibmcloud.com/vulnerabilities/43196 Common Vulnerability Exposure (CVE) ID: CVE-2008-2666 BugTraq ID: 29796 http://www.securityfocus.com/bid/29796 http://www.securitytracker.com/id?1020328 http://securityreason.com/securityalert/3942 http://securityreason.com/achievement_securityalert/55 XForce ISS Database: php-chdir-ftoc-security-bypass(43198) https://exchange.xforce.ibmcloud.com/vulnerabilities/43198 Common Vulnerability Exposure (CVE) ID: CVE-2008-2829 BugTraq ID: 29829 http://www.securityfocus.com/bid/29829 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html http://bugs.php.net/bug.php?id=42862 http://www.openwall.com/lists/oss-security/2008/06/19/6 http://www.openwall.com/lists/oss-security/2008/06/24/2 http://osvdb.org/46641 http://secunia.com/advisories/35306 SuSE Security Announcement: SUSE-SR:2008:027 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html XForce ISS Database: php-phpimap-dos(43357) https://exchange.xforce.ibmcloud.com/vulnerabilities/43357 Common Vulnerability Exposure (CVE) ID: CVE-2008-3658 BugTraq ID: 30649 http://www.securityfocus.com/bid/30649 Debian Security Information: DSA-1647 (Google Search) http://www.debian.org/security/2008/dsa-1647 HPdes Security Advisory: HPSBTU02382 http://www.securityfocus.com/archive/1/498647/100/0/threaded HPdes Security Advisory: HPSBUX02401 http://marc.info/?l=bugtraq&m=123376588623823&w=2 HPdes Security Advisory: SSRT080132 HPdes Security Advisory: SSRT090005 http://www.mandriva.com/security/advisories?name=MDVSA-2009:021 http://www.mandriva.com/security/advisories?name=MDVSA-2009:024 http://news.php.net/php.cvs/51219 http://www.openwall.com/lists/oss-security/2008/08/08/2 http://www.openwall.com/lists/oss-security/2008/08/13/8 http://osvdb.org/47484 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9724 http://www.redhat.com/support/errata/RHSA-2009-0350.html http://secunia.com/advisories/31982 http://secunia.com/advisories/32148 http://secunia.com/advisories/32316 http://secunia.com/advisories/32884 http://secunia.com/advisories/33797 SuSE Security Announcement: SUSE-SR:2008:018 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html SuSE Security Announcement: SUSE-SR:2008:021 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html http://www.vupen.com/english/advisories/2008/3275 http://www.vupen.com/english/advisories/2009/0320 XForce ISS Database: php-imageloadfont-dos(44401) https://exchange.xforce.ibmcloud.com/vulnerabilities/44401 Common Vulnerability Exposure (CVE) ID: CVE-2008-3659 http://www.openwall.com/lists/oss-security/2008/08/08/3 http://www.openwall.com/lists/oss-security/2008/08/08/4 http://osvdb.org/47483 http://www.securitytracker.com/id?1020995 XForce ISS Database: php-memnstr-bo(44405) https://exchange.xforce.ibmcloud.com/vulnerabilities/44405 Common Vulnerability Exposure (CVE) ID: CVE-2008-3660 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9597 http://www.securitytracker.com/id?1020994 XForce ISS Database: php-curl-unspecified(44402) https://exchange.xforce.ibmcloud.com/vulnerabilities/44402
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com