Test Kennung:	1.3.6.1.4.1.25623.1.0.120231
Kategorie:	Amazon Linux Local Security Checks
Titel:	Amazon Linux: Security Advisory (ALAS-2013-153)
Zusammenfassung:	The remote host is missing an update for the 'php-ZendFramework' package(s) announced via the ALAS-2013-153 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'php-ZendFramework' package(s) announced via the ALAS-2013-153 advisory. Vulnerability Insight: The (1) Zend_Feed_Rss and (2) Zend_Feed_Atom classes in Zend_Feed in Zend Framework 1.11.x before 1.11.15 and 1.12.x before 1.12.1 allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service (CPU and memory consumption) via an XML External Entity (XXE) attack. Affected Software/OS: 'php-ZendFramework' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-5657 51583 http://secunia.com/advisories/51583 DSA-2602 http://www.debian.org/security/2012/dsa-2602 MDVSA-2013:115 http://www.mandriva.com/security/advisories?name=MDVSA-2013:115 [oss-security] 20121219 CVE request: information disclosure flaw in php-ZendFramework (ZF2012-05) http://openwall.com/lists/oss-security/2012/12/20/2 [oss-security] 20121219 Re: CVE request: information disclosure flaw in php-ZendFramework (ZF2012-05) http://openwall.com/lists/oss-security/2012/12/20/4 http://framework.zend.com/security/advisory/ZF2012-05
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.