Test Kennung:	1.3.6.1.4.1.25623.1.0.54620
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200407-13 (PHP)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory GLSA 200407-13. Multiple security vulnerabilities, potentially allowing remote code execution, were found and fixed in PHP. Solution: All PHP, mod_php and php-cgi users should upgrade to the latest stable version: # emerge sync # emerge -pv '>=dev-php/php-4.3.8' # emerge '>=dev-php/php-4.3.8' # emerge -pv '>=dev-php/mod_php-4.3.8' # emerge '>=dev-php/mod_php-4.3.8' # emerge -pv '>=dev-php/php-cgi-4.3.8' # emerge '>=dev-php/php-cgi-4.3.8' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200407-13 http://bugs.gentoo.org/show_bug.cgi?id=56985 http://security.e-matters.de/advisories/112004.html http://security.e-matters.de/advisories/122004.html CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0594 BugTraq ID: 10725 http://www.securityfocus.com/bid/10725 Bugtraq: 20040713 Advisory 11/2004: PHP memory_limit remote vulnerability (Google Search) http://marc.info/?l=bugtraq&m=108981780109154&w=2 Bugtraq: 20040714 TSSA-2004-013 - php (Google Search) http://marc.info/?l=bugtraq&m=108982983426031&w=2 Bugtraq: 20040722 [OpenPKG-SA-2004.034] OpenPKG Security Advisory (php) (Google Search) http://marc.info/?l=bugtraq&m=109051444105182&w=2 Conectiva Linux advisory: CLA-2004:847 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000847 Debian Security Information: DSA-531 (Google Search) http://www.debian.org/security/2004/dsa-531 Debian Security Information: DSA-669 (Google Search) http://www.debian.org/security/2005/dsa-669 http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023908.html http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml HPdes Security Advisory: SSRT4777 http://marc.info/?l=bugtraq&m=109181600614477&w=2 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10896 http://www.redhat.com/support/errata/RHSA-2004-392.html http://www.redhat.com/support/errata/RHSA-2004-395.html http://www.redhat.com/support/errata/RHSA-2004-405.html http://www.redhat.com/support/errata/RHSA-2005-816.html SuSE Security Announcement: SUSE-SA:2004:021 (Google Search) http://www.novell.com/linux/security/advisories/2004_21_php4.html http://www.trustix.org/errata/2004/0039/ XForce ISS Database: php-memorylimit-code-execution(16693) https://exchange.xforce.ibmcloud.com/vulnerabilities/16693 Common Vulnerability Exposure (CVE) ID: CVE-2004-0595 BugTraq ID: 10724 http://www.securityfocus.com/bid/10724 http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10619 XForce ISS Database: php-strip-tag-bypass(16692) https://exchange.xforce.ibmcloud.com/vulnerabilities/16692
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.