Test Kennung:	1.3.6.1.4.1.25623.1.0.123295
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2014-1327)
Zusammenfassung:	The remote host is missing an update for the 'php' package(s) announced via the ELSA-2014-1327 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'php' package(s) announced via the ELSA-2014-1327 advisory. Vulnerability Insight: [5.4.16-23.1] - gd: fix NULL pointer dereference in gdImageCreateFromXpm(). CVE-2014-2497 - gd: fix NUL byte injection in file names. CVE-2014-5120 - fileinfo: fix extensive backtracking in regular expression (incomplete fix for CVE-2013-7345). CVE-2014-3538 - fileinfo: fix mconvert incorrect handling of truncated pascal string size. CVE-2014-3478 - fileinfo: fix cdf_read_property_info (incomplete fix for CVE-2012-1571). CVE-2014-3587 - spl: fix use-after-free in ArrayIterator due to object change during sorting. CVE-2014-4698 - spl: fix use-after-free in SPL Iterators. CVE-2014-4670 - network: fix segfault in dns_get_record (incomplete fix for CVE-2014-4049). CVE-2014-3597 Affected Software/OS: 'php' package(s) on Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-2497 http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html BugTraq ID: 66233 http://www.securityfocus.com/bid/66233 Debian Security Information: DSA-3215 (Google Search) http://www.debian.org/security/2015/dsa-3215 https://security.gentoo.org/glsa/201607-04 http://www.mandriva.com/security/advisories?name=MDVSA-2015:153 RedHat Security Advisories: RHSA-2014:1326 http://rhn.redhat.com/errata/RHSA-2014-1326.html RedHat Security Advisories: RHSA-2014:1327 http://rhn.redhat.com/errata/RHSA-2014-1327.html RedHat Security Advisories: RHSA-2014:1765 http://rhn.redhat.com/errata/RHSA-2014-1765.html RedHat Security Advisories: RHSA-2014:1766 http://rhn.redhat.com/errata/RHSA-2014-1766.html http://secunia.com/advisories/59061 http://secunia.com/advisories/59418 http://secunia.com/advisories/59496 http://secunia.com/advisories/59652 SuSE Security Announcement: SUSE-SU-2014:0868 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00001.html SuSE Security Announcement: SUSE-SU-2014:0869 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00002.html http://www.ubuntu.com/usn/USN-2987-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-3478 59794 http://secunia.com/advisories/59794 59831 http://secunia.com/advisories/59831 68239 http://www.securityfocus.com/bid/68239 APPLE-SA-2015-04-08-2 DSA-2974 http://www.debian.org/security/2014/dsa-2974 DSA-3021 http://www.debian.org/security/2014/dsa-3021 HPSBUX03102 http://marc.info/?l=bugtraq&m=141017844705317&w=2 RHSA-2014:1327 RHSA-2014:1765 RHSA-2014:1766 SSRT101681 [file] 20140612 file-5.19 is now available http://mx.gw.com/pipermail/file/2014/001553.html http://support.apple.com/kb/HT6443 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.php.net/ChangeLog-5.php https://bugs.php.net/bug.php?id=67410 https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08 https://support.apple.com/HT204659 openSUSE-SU-2014:1236 http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html Common Vulnerability Exposure (CVE) ID: CVE-2014-3538 BugTraq ID: 68348 http://www.securityfocus.com/bid/68348 Debian Security Information: DSA-3008 (Google Search) http://www.debian.org/security/2014/dsa-3008 Debian Security Information: DSA-3021 (Google Search) http://openwall.com/lists/oss-security/2014/06/30/7 RedHat Security Advisories: RHSA-2016:0760 http://rhn.redhat.com/errata/RHSA-2016-0760.html http://secunia.com/advisories/60696 Common Vulnerability Exposure (CVE) ID: CVE-2014-3587 BugTraq ID: 69325 http://www.securityfocus.com/bid/69325 http://secunia.com/advisories/60609 http://www.ubuntu.com/usn/USN-2344-1 http://www.ubuntu.com/usn/USN-2369-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-3597 BugTraq ID: 69322 http://www.securityfocus.com/bid/69322 SuSE Security Announcement: openSUSE-SU-2014:1133 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-09/msg00024.html SuSE Security Announcement: openSUSE-SU-2014:1245 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-09/msg00055.html Common Vulnerability Exposure (CVE) ID: CVE-2014-4670 http://secunia.com/advisories/54553 SuSE Security Announcement: openSUSE-SU-2014:0945 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-07/msg00035.html SuSE Security Announcement: openSUSE-SU-2014:1236 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2014-4698 Common Vulnerability Exposure (CVE) ID: CVE-2014-5120
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.