Test Kennung:	1.3.6.1.4.1.25623.1.0.54519
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200402-01 (PHP)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory GLSA 200402-01. If the server configuration ' php.ini ' file has ' register_globals = on ' and a request is made to one virtual host (which has ' php_admin_flag register_globals off ' ) and the next request is sent to the another virtual host (which does not have the setting) global variables may leak and may be used to exploit the site. Solution: All users are recommended to upgrade their PHP installation to 4.3.4-r4: # emerge sync # emerge -pv '>=dev-php/mod_php-4.3.4-r4' # emerge '>=dev-php/mod_php-4.3.4-r4' https://secure1.securityspace.com/smysecure/catid.html?in=GLSA%20200402-01 http://bugs.gentoo.org/show_bug.cgi?id=39952 http://bugs.php.net/bug.php?id=25753 CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0263 BugTraq ID: 9599 http://www.securityfocus.com/bid/9599 http://security.gentoo.org/glsa/glsa-200402-01.xml http://www.osvdb.org/3878 XForce ISS Database: php-virtualhost-info-disclosure(15072) https://exchange.xforce.ibmcloud.com/vulnerabilities/15072
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.