Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.850783
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory for PHP (SUSE-SU-2015:1265-1)
Summary:The remote host is missing an update for the 'PHP'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'PHP'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The PHP script interpreter was updated to fix various security issues:

* CVE-2015-4602 [bnc#935224]: Fixed an incomplete Class
unserialization type confusion.

* CVE-2015-4599, CVE-2015-4600, CVE-2015-4601 [bnc#935226]: Fixed type
confusion issues in unserialize() with various SOAP methods.

* CVE-2015-4603 [bnc#935234]: Fixed exception::getTraceAsString type
confusion issue after unserialize.

* CVE-2015-4644 [bnc#935274]: Fixed a crash in php_pgsql_meta_data.

* CVE-2015-4643 [bnc#935275]: Fixed an integer overflow in
ftp_genlist() that could result in a heap overflow.

* CVE-2015-3411, CVE-2015-3412, CVE-2015-4598 [bnc#935227],
[bnc#935232]: Added missing null byte checks for paths in various
PHP extensions.

* CVE-2015-4148 [bnc#933227]: Fixed a SoapClient's do_soap_call() type
confusion after unserialize() information disclosure.

Also the following bug were fixed:

* fix a segmentation fault in odbc_fetch_array [bnc#935074]

* fix timezone map [bnc#919080]

Affected Software/OS:
PHP on SUSE Linux Enterprise Server 11 SP3

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-3411
BugTraq ID: 75255
http://www.securityfocus.com/bid/75255
RedHat Security Advisories: RHSA-2015:1135
http://rhn.redhat.com/errata/RHSA-2015-1135.html
RedHat Security Advisories: RHSA-2015:1186
http://rhn.redhat.com/errata/RHSA-2015-1186.html
RedHat Security Advisories: RHSA-2015:1187
http://rhn.redhat.com/errata/RHSA-2015-1187.html
RedHat Security Advisories: RHSA-2015:1218
http://rhn.redhat.com/errata/RHSA-2015-1218.html
http://www.securitytracker.com/id/1032709
Common Vulnerability Exposure (CVE) ID: CVE-2015-3412
BugTraq ID: 75250
http://www.securityfocus.com/bid/75250
Common Vulnerability Exposure (CVE) ID: CVE-2015-4148
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
BugTraq ID: 75103
http://www.securityfocus.com/bid/75103
https://security.gentoo.org/glsa/201606-10
http://openwall.com/lists/oss-security/2015/06/01/4
RedHat Security Advisories: RHSA-2015:1053
http://rhn.redhat.com/errata/RHSA-2015-1053.html
RedHat Security Advisories: RHSA-2015:1066
http://rhn.redhat.com/errata/RHSA-2015-1066.html
http://www.securitytracker.com/id/1032459
SuSE Security Announcement: openSUSE-SU-2015:1057 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-06/msg00028.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-4598
BugTraq ID: 75244
http://www.securityfocus.com/bid/75244
Debian Security Information: DSA-3344 (Google Search)
http://www.debian.org/security/2015/dsa-3344
http://www.openwall.com/lists/oss-security/2015/06/16/12
RedHat Security Advisories: RHSA-2015:1219
http://rhn.redhat.com/errata/RHSA-2015-1219.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-4599
BugTraq ID: 75251
http://www.securityfocus.com/bid/75251
Common Vulnerability Exposure (CVE) ID: CVE-2015-4600
BugTraq ID: 74413
http://www.securityfocus.com/bid/74413
Common Vulnerability Exposure (CVE) ID: CVE-2015-4601
BugTraq ID: 75246
http://www.securityfocus.com/bid/75246
Common Vulnerability Exposure (CVE) ID: CVE-2015-4602
BugTraq ID: 75249
http://www.securityfocus.com/bid/75249
Common Vulnerability Exposure (CVE) ID: CVE-2015-4603
BugTraq ID: 75252
http://www.securityfocus.com/bid/75252
Common Vulnerability Exposure (CVE) ID: CVE-2015-4643
BugTraq ID: 75291
http://www.securityfocus.com/bid/75291
http://openwall.com/lists/oss-security/2015/06/18/6
Common Vulnerability Exposure (CVE) ID: CVE-2015-4644
BugTraq ID: 75292
http://www.securityfocus.com/bid/75292
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.