Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.58284
Kategorie:Turbolinux Local Security Tests
Titel:Turbolinux TLSA-2007-29 (php)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to php
announced via advisory TLSA-2007-29.

PHP is an HTML-embedded scripting language.

Multiple vulnerabilities (Integer overflows, Double free, CRLF injection) exist in php.

These vulnerabilities may allow remote attackers to execute arbitrary
code or to cause a denial of service via a crafted data.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2007-29

Risk factor : High

CVSS Score:
7.8

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2007-1001
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
BugTraq ID: 23357
http://www.securityfocus.com/bid/23357
BugTraq ID: 25159
http://www.securityfocus.com/bid/25159
Bugtraq: 20070407 PHP <= 5.2.1 wbmp file handling integer overflow (Google Search)
http://www.securityfocus.com/archive/1/464957/100/0/threaded
Bugtraq: 20070418 rPSA-2007-0073-1 php php-mysql php-pgsql (Google Search)
http://www.securityfocus.com/archive/1/466166/100/0/threaded
http://security.gentoo.org/glsa/glsa-200705-19.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:087
http://www.mandriva.com/security/advisories?name=MDKSA-2007:088
http://www.mandriva.com/security/advisories?name=MDKSA-2007:089
http://www.mandriva.com/security/advisories?name=MDKSA-2007:090
http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?r1=1.2.4.1&r2=1.2.4.1.8.1
http://ifsec.blogspot.com/2007/04/php-521-wbmp-file-handling-integer.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10179
http://www.redhat.com/support/errata/RHSA-2007-0153.html
RedHat Security Advisories: RHSA-2007:0155
http://rhn.redhat.com/errata/RHSA-2007-0155.html
http://www.redhat.com/support/errata/RHSA-2007-0162.html
http://secunia.com/advisories/24814
http://secunia.com/advisories/24909
http://secunia.com/advisories/24924
http://secunia.com/advisories/24945
http://secunia.com/advisories/24965
http://secunia.com/advisories/25056
http://secunia.com/advisories/25151
http://secunia.com/advisories/25445
http://secunia.com/advisories/26235
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.470053
SuSE Security Announcement: SUSE-SA:2007:032 (Google Search)
http://www.novell.com/linux/security/advisories/2007_32_php.html
http://www.vupen.com/english/advisories/2007/1269
http://www.vupen.com/english/advisories/2007/2732
XForce ISS Database: php-gd-overflow(33453)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33453
Common Vulnerability Exposure (CVE) ID: CVE-2007-1285
BugTraq ID: 22764
http://www.securityfocus.com/bid/22764
http://www.php-security.org/MOPB/MOPB-03-2007.html
http://www.osvdb.org/32769
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11017
http://www.redhat.com/support/errata/RHSA-2007-0082.html
RedHat Security Advisories: RHSA-2007:0154
http://rhn.redhat.com/errata/RHSA-2007-0154.html
RedHat Security Advisories: RHSA-2007:0163
http://rhn.redhat.com/errata/RHSA-2007-0163.html
http://www.securitytracker.com/id?1017771
http://secunia.com/advisories/24910
http://secunia.com/advisories/24941
http://secunia.com/advisories/26048
http://secunia.com/advisories/26642
http://secunia.com/advisories/27864
http://secunia.com/advisories/28936
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136
SuSE Security Announcement: SUSE-SA:2007:044 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html
https://usn.ubuntu.com/549-1/
http://www.ubuntu.com/usn/usn-549-2
Common Vulnerability Exposure (CVE) ID: CVE-2007-1286
BugTraq ID: 22765
http://www.securityfocus.com/bid/22765
Debian Security Information: DSA-1282 (Google Search)
http://www.debian.org/security/2007/dsa-1282
Debian Security Information: DSA-1283 (Google Search)
http://www.debian.org/security/2007/dsa-1283
http://security.gentoo.org/glsa/glsa-200703-21.xml
HPdes Security Advisory: HPSBMA02215
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506
HPdes Security Advisory: HPSBTU02232
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137
HPdes Security Advisory: SSRT071423
HPdes Security Advisory: SSRT071429
http://www.php-security.org/MOPB/MOPB-04-2007.html
http://www.osvdb.org/32771
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11575
http://secunia.com/advisories/24419
http://secunia.com/advisories/24606
http://secunia.com/advisories/25025
http://secunia.com/advisories/25062
http://secunia.com/advisories/25423
http://secunia.com/advisories/25850
http://www.trustix.org/errata/2007/0009/
http://www.vupen.com/english/advisories/2007/1991
http://www.vupen.com/english/advisories/2007/2374
XForce ISS Database: php-zval-code-execution(32796)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32796
Common Vulnerability Exposure (CVE) ID: CVE-2007-1583
BugTraq ID: 23016
http://www.securityfocus.com/bid/23016
http://www.php-security.org/MOPB/MOPB-26-2007.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10245
http://secunia.com/advisories/25057
http://www.ubuntu.com/usn/usn-455-1
Common Vulnerability Exposure (CVE) ID: CVE-2007-1711
BugTraq ID: 23121
http://www.securityfocus.com/bid/23121
http://www.php-security.org/MOPB/MOPB-32-2007.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10406
XForce ISS Database: php-deserializer-code-execution(33575)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33575
Common Vulnerability Exposure (CVE) ID: CVE-2007-1718
BugTraq ID: 23145
http://www.securityfocus.com/bid/23145
http://www.php-security.org/MOPB/MOPB-34-2007.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10951
http://www.securitytracker.com/id?1017946
XForce ISS Database: php-mailfunction-header-injection(33516)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33516
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.