Test Kennung:	1.3.6.1.4.1.25623.1.0.123883
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2012-1047)
Zusammenfassung:	The remote host is missing an update for the 'php53' package(s) announced via the ELSA-2012-1047 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'php53' package(s) announced via the ELSA-2012-1047 advisory. Vulnerability Insight: [5.3.3-13] - add security fix for CVE-2010-2950 [5.3.3-11] - fix tests for CVE-2012-2143, CVE-2012-0789 [5.3.3-10] - add security fix for CVE-2012-2336 [5.3.3-9] - add security fixes for CVE-2011-4153, CVE-2012-0057, CVE-2012-0789, CVE-2012-1172, CVE-2012-2143, CVE-2012-2386 Affected Software/OS: 'php53' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2950 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html HPdes Security Advisory: HPSBMA02662 http://marc.info/?l=bugtraq&m=130331363227777&w=2 HPdes Security Advisory: SSRT100409 http://www.mandriva.com/security/advisories?name=MDVSA-2010:254 http://php-security.org/2010/05/14/mops-2010-024-php-phar_stream_flush-format-string-vulnerability/index.html SuSE Security Announcement: SUSE-SR:2010:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html Common Vulnerability Exposure (CVE) ID: CVE-2011-4153 Bugtraq: 20120114 PHP 5.3.8 Multiple vulnerabilities (Google Search) http://archives.neohapsis.com/archives/bugtraq/2012-01/0092.html http://www.exploit-db.com/exploits/18370/ HPdes Security Advisory: HPSBMU02786 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 HPdes Security Advisory: HPSBUX02791 http://marc.info/?l=bugtraq&m=134012830914727&w=2 HPdes Security Advisory: SSRT100856 HPdes Security Advisory: SSRT100877 http://cxsecurity.com/research/103 http://secunia.com/advisories/48668 SuSE Security Announcement: SUSE-SU-2012:0411 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html SuSE Security Announcement: SUSE-SU-2012:0472 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html SuSE Security Announcement: openSUSE-SU-2012:0426 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html Common Vulnerability Exposure (CVE) ID: CVE-2012-0057 Debian Security Information: DSA-2399 (Google Search) http://www.debian.org/security/2012/dsa-2399 http://openwall.com/lists/oss-security/2012/01/13/4 http://openwall.com/lists/oss-security/2012/01/13/10 http://openwall.com/lists/oss-security/2012/01/13/5 http://openwall.com/lists/oss-security/2012/01/13/6 http://openwall.com/lists/oss-security/2012/01/13/7 http://openwall.com/lists/oss-security/2012/01/14/1 http://openwall.com/lists/oss-security/2012/01/14/2 http://openwall.com/lists/oss-security/2012/01/14/3 http://openwall.com/lists/oss-security/2012/01/15/2 http://openwall.com/lists/oss-security/2012/01/15/1 http://openwall.com/lists/oss-security/2012/01/15/10 http://openwall.com/lists/oss-security/2012/01/18/3 XForce ISS Database: php-libxslt-security-bypass(72908) https://exchange.xforce.ibmcloud.com/vulnerabilities/72908 Common Vulnerability Exposure (CVE) ID: CVE-2012-0789 Common Vulnerability Exposure (CVE) ID: CVE-2012-1172 http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html Debian Security Information: DSA-2465 (Google Search) http://www.debian.org/security/2012/dsa-2465 http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080070.html http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080041.html http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080037.html http://isisblogs.poly.edu/2011/08/11/php-not-properly-checking-params/ https://bugs.php.net/bug.php?id=48597 https://bugs.php.net/bug.php?id=49683 https://nealpoole.com/blog/2011/10/directory-traversal-via-php-multi-file-uploads/ https://students.mimuw.edu.pl/~ai292615/php_multipleupload_overwrite.pdf http://openwall.com/lists/oss-security/2012/03/13/4 SuSE Security Announcement: SUSE-SU-2012:0598 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html SuSE Security Announcement: SUSE-SU-2012:0604 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html Common Vulnerability Exposure (CVE) ID: CVE-2012-2143 Debian Security Information: DSA-2491 (Google Search) http://www.debian.org/security/2012/dsa-2491 http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082258.html http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082294.html http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082292.html FreeBSD Security Advisory: FreeBSD-SA-12:02 http://security.freebsd.org/advisories/FreeBSD-SA-12:02.crypt.asc http://www.mandriva.com/security/advisories?name=MDVSA-2012:092 RedHat Security Advisories: RHSA-2012:1037 http://rhn.redhat.com/errata/RHSA-2012-1037.html http://www.securitytracker.com/id?1026995 http://secunia.com/advisories/49304 http://secunia.com/advisories/50718 SuSE Security Announcement: SUSE-SU-2012:0840 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00003.html SuSE Security Announcement: openSUSE-SU-2012:1251 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-09/msg00102.html SuSE Security Announcement: openSUSE-SU-2012:1288 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-10/msg00013.html SuSE Security Announcement: openSUSE-SU-2012:1299 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-10/msg00024.html Common Vulnerability Exposure (CVE) ID: CVE-2012-2336 49014 http://secunia.com/advisories/49014 HPSBMU02900 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 SSRT100992 SUSE-SU-2012:0721 http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00004.html SUSE-SU-2012:0840 http://www.php.net/ChangeLog-5.php#5.4.3 http://www.php.net/archive/2012.php#id2012-05-08-1 https://bugs.php.net/bug.php?id=61910 https://bugs.php.net/patch-display.php?bug_id=61910&patch=CVE-2012-1823.patch&revision=1336251592&display=1 Common Vulnerability Exposure (CVE) ID: CVE-2012-2386 APPLE-SA-2012-09-19-2 [oss-security] 20120522 Re: CVE request: PHP Phar - arbitrary code execution http://openwall.com/lists/oss-security/2012/05/22/10 http://0x1byte.blogspot.com/2011/04/php-phar-extension-heap-overflow.html http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=158d8a6b088662ce9d31e0c777c6ebe90efdc854 http://support.apple.com/kb/HT5501 http://www.php.net/ChangeLog-5.php https://bugs.php.net/bug.php?id=61065 https://bugzilla.redhat.com/show_bug.cgi?id=823594
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.