ID de Prueba:	1.3.6.1.4.1.25623.1.0.703344
Categoría:	Debian Local Security Checks
Título:	Debian Security Advisory DSA 3344-1 (php5 - security update)
Resumen:	Multiple vulnerabilities have been;discovered in the PHP language:;;CVE-2015-4598;thoger at redhat dot com discovered that paths containing a NUL;character were improperly handled, thus allowing an attacker to;manipulate unexpected files on the server.;;CVE-2015-4643;Max Spelsberg discovered an integer overflow flaw leading to a;heap-based buffer overflow in PHP's FTP extension, when parsing;listings in FTP server responses. This could lead to a crash or;execution of arbitrary code.;;CVE-2015-4644;A denial of service through a crash could be caused by a segfault;in the php_pgsql_meta_data function.;;CVE-2015-5589;kwrnel at hotmail dot com discovered that PHP could crash when;processing an invalid phar file, thus leading to a denial of;service.;;CVE-2015-5590;jared at enhancesoft dot com discovered a buffer overflow in the;phar_fix_filepath function, that could causes a crash or execution;of arbitrary code.;;Additionally, several other vulnerabilities were fixed:;;sean dot heelan at gmail dot com discovered a problem in the;unserialization of some items, that could lead to arbitrary code;execution.;;stewie at mail dot ru discovered that the phar extension improperly;handled zip archives with relative paths, which would allow an;attacker to overwrite files outside of the destination directory.;;taoguangchen at icloud dot com discovered several use-after-free;vulnerabilities that could lead to arbitrary code execution.
Descripción:	Summary: Multiple vulnerabilities have been discovered in the PHP language: CVE-2015-4598 thoger at redhat dot com discovered that paths containing a NUL character were improperly handled, thus allowing an attacker to manipulate unexpected files on the server. CVE-2015-4643 Max Spelsberg discovered an integer overflow flaw leading to a heap-based buffer overflow in PHP's FTP extension, when parsing listings in FTP server responses. This could lead to a crash or execution of arbitrary code. CVE-2015-4644 A denial of service through a crash could be caused by a segfault in the php_pgsql_meta_data function. CVE-2015-5589 kwrnel at hotmail dot com discovered that PHP could crash when processing an invalid phar file, thus leading to a denial of service. CVE-2015-5590 jared at enhancesoft dot com discovered a buffer overflow in the phar_fix_filepath function, that could causes a crash or execution of arbitrary code. Additionally, several other vulnerabilities were fixed: sean dot heelan at gmail dot com discovered a problem in the unserialization of some items, that could lead to arbitrary code execution. stewie at mail dot ru discovered that the phar extension improperly handled zip archives with relative paths, which would allow an attacker to overwrite files outside of the destination directory. taoguangchen at icloud dot com discovered several use-after-free vulnerabilities that could lead to arbitrary code execution. Affected Software/OS: php5 on Debian Linux Solution: For the oldstable distribution (wheezy), these problems have been fixed in version 5.4.44-0+deb7u1. For the stable distribution (jessie), these problems have been fixed in version 5.6.12+dfsg-0+deb8u1. For the unstable distribution (sid), these problems have been fixed in version 5.6.12+dfsg-1. We recommend that you upgrade your php5 packages. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-4598 BugTraq ID: 75244 http://www.securityfocus.com/bid/75244 Debian Security Information: DSA-3344 (Google Search) http://www.debian.org/security/2015/dsa-3344 http://www.openwall.com/lists/oss-security/2015/06/16/12 RedHat Security Advisories: RHSA-2015:1135 http://rhn.redhat.com/errata/RHSA-2015-1135.html RedHat Security Advisories: RHSA-2015:1186 http://rhn.redhat.com/errata/RHSA-2015-1186.html RedHat Security Advisories: RHSA-2015:1187 http://rhn.redhat.com/errata/RHSA-2015-1187.html RedHat Security Advisories: RHSA-2015:1218 http://rhn.redhat.com/errata/RHSA-2015-1218.html RedHat Security Advisories: RHSA-2015:1219 http://rhn.redhat.com/errata/RHSA-2015-1219.html http://www.securitytracker.com/id/1032709 Common Vulnerability Exposure (CVE) ID: CVE-2015-4643 BugTraq ID: 75291 http://www.securityfocus.com/bid/75291 https://security.gentoo.org/glsa/201606-10 http://openwall.com/lists/oss-security/2015/06/18/6 Common Vulnerability Exposure (CVE) ID: CVE-2015-4644 BugTraq ID: 75292 http://www.securityfocus.com/bid/75292 Common Vulnerability Exposure (CVE) ID: CVE-2015-5589 BugTraq ID: 75974 http://www.securityfocus.com/bid/75974 http://openwall.com/lists/oss-security/2015/07/18/1 Common Vulnerability Exposure (CVE) ID: CVE-2015-5590 BugTraq ID: 75970 http://www.securityfocus.com/bid/75970
Copyright	Copyright (C) 2015 Greenbone Networks GmbH http://greenbone.net

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.