ID de Prueba:	1.3.6.1.4.1.25623.1.0.65581
Categoría:	SuSE Local Security Checks
Título:	SLES9: Security update for PHP4
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache-mod_php4 php4-servlet mod_php4-servlet php4-pear php4-sysvshm php4-exif mod_php4-core php4-mbstring php4 apache2-mod_php4 php4-fastcgi php4-session php4-recode php4-devel php4-mysql php4-imap For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5014967 within the SuSE Enterprise Server 9 patch database at http://download.novell.com/patch/finder/ Solution: Please install the updates provided by SuSE. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-3353 http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html BugTraq ID: 15358 http://www.securityfocus.com/bid/15358 BugTraq ID: 16907 http://www.securityfocus.com/bid/16907 Cert/CC Advisory: TA06-062A http://www.us-cert.gov/cas/techalerts/TA06-062A.html Debian Security Information: DSA-1206 (Google Search) http://www.debian.org/security/2006/dsa-1206 http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html HPdes Security Advisory: HPSBMA02159 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522 HPdes Security Advisory: SSRT061238 http://www.mandriva.com/security/advisories?name=MDKSA-2005:213 http://bugs.php.net/bug.php?id=34704 http://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11032 http://www.redhat.com/support/errata/RHSA-2005-831.html http://rhn.redhat.com/errata/RHSA-2005-831.html http://secunia.com/advisories/17371 http://secunia.com/advisories/17490 http://secunia.com/advisories/17531 http://secunia.com/advisories/17557 http://secunia.com/advisories/18054 http://secunia.com/advisories/18198 http://secunia.com/advisories/19064 http://secunia.com/advisories/22691 http://secunia.com/advisories/22713 http://securityreason.com/securityalert/525 SuSE Security Announcement: SUSE-SA:2005:069 (Google Search) http://www.securityfocus.com/archive/1/419504/100/0/threaded TurboLinux Advisory: TLSA-2006-38 http://www.turbolinux.com/security/2006/TLSA-2006-38.txt https://www.ubuntu.com/usn/usn-232-1/ http://www.vupen.com/english/advisories/2006/0791 http://www.vupen.com/english/advisories/2006/4320 XForce ISS Database: php-exif-dos(24351) https://exchange.xforce.ibmcloud.com/vulnerabilities/24351 Common Vulnerability Exposure (CVE) ID: CVE-2005-3389 BugTraq ID: 15249 http://www.securityfocus.com/bid/15249 Bugtraq: 20051031 Advisory 19/2005: PHP register_globals Activation Vulnerability in parse_str() (Google Search) http://www.securityfocus.com/archive/1/415291 http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml http://www.hardened-php.net/advisory_192005.78.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11481 http://www.redhat.com/support/errata/RHSA-2005-838.html RedHat Security Advisories: RHSA-2006:0549 http://rhn.redhat.com/errata/RHSA-2006-0549.html http://securitytracker.com/id?1015131 http://secunia.com/advisories/17510 http://secunia.com/advisories/17559 http://secunia.com/advisories/18669 http://secunia.com/advisories/21252 http://securityreason.com/securityalert/134 SuSE Security Announcement: SUSE-SR:2005:026 (Google Search) SuSE Security Announcement: SUSE-SR:2005:027 (Google Search) http://www.novell.com/linux/security/advisories/2005_27_sr.html http://www.vupen.com/english/advisories/2005/2254 Common Vulnerability Exposure (CVE) ID: CVE-2005-3390 BugTraq ID: 15250 http://www.securityfocus.com/bid/15250 Bugtraq: 20051031 Advisory 20/2005: PHP File-Upload $GLOBALS Overwrite Vulnerability (Google Search) http://www.securityfocus.com/archive/1/415290/30/0/threaded http://www.hardened-php.net/advisory_202005.79.html http://www.hardened-php.net/globals-problem https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10537 http://securitytracker.com/id?1015129 http://securityreason.com/securityalert/132 Common Vulnerability Exposure (CVE) ID: CVE-2005-3391 BugTraq ID: 15411 http://www.securityfocus.com/bid/15411 http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:035 http://www.osvdb.org/20898 http://secunia.com/advisories/18763 Common Vulnerability Exposure (CVE) ID: CVE-2005-3392 BugTraq ID: 15413 http://www.securityfocus.com/bid/15413 http://www.osvdb.org/20897 XForce ISS Database: php-virtual-bypass-security(22924) https://exchange.xforce.ibmcloud.com/vulnerabilities/22924 Common Vulnerability Exposure (CVE) ID: CVE-2005-3883 BugTraq ID: 15571 http://www.securityfocus.com/bid/15571 http://www.mandriva.com/security/advisories?name=MDKSA-2005:238 http://bugs.php.net/bug.php?id=35307 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10332 RedHat Security Advisories: RHSA-2006:0276 http://rhn.redhat.com/errata/RHSA-2006-0276.html http://securitytracker.com/id?1015296 http://secunia.com/advisories/17763 http://secunia.com/advisories/19832 http://secunia.com/advisories/20210 http://secunia.com/advisories/20951 SGI Security Advisory: 20060501-01-U ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc http://www.vupen.com/english/advisories/2006/2685 XForce ISS Database: php-mbsendmail-header-injection(23270) https://exchange.xforce.ibmcloud.com/vulnerabilities/23270
Copyright	Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.