Web application abuses : PHP < 5.2.11 Multiple Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.110176

Categoría: Web application abuses

Título: PHP < 5.2.11 Multiple Vulnerabilities

Resumen: PHP is prone to multiple vulnerabilities.

Descripción: Summary:
PHP is prone to multiple vulnerabilities.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-3291
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
Debian Security Information: DSA-1940 (Google Search)
http://www.debian.org/security/2009/dsa-1940
HPdes Security Advisory: HPSBOV02683
http://marc.info/?l=bugtraq&m=130497311408250&w=2
HPdes Security Advisory: HPSBUX02543
http://marc.info/?l=bugtraq&m=127680701405735&w=2
HPdes Security Advisory: SSRT090208
HPdes Security Advisory: SSRT100152
http://www.osvdb.org/58185
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10438
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7394
http://www.securitytracker.com/id?1022914
http://secunia.com/advisories/36791
http://secunia.com/advisories/37482
http://secunia.com/advisories/40262
SuSE Security Announcement: SUSE-SR:2009:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
http://www.vupen.com/english/advisories/2009/3184
XForce ISS Database: php-certificate-unspecified(53334)
https://exchange.xforce.ibmcloud.com/vulnerabilities/53334
Common Vulnerability Exposure (CVE) ID: CVE-2009-3292
http://www.mandriva.com/security/advisories?name=MDVSA-2009:302
http://www.openwall.com/lists/oss-security/2009/11/20/2
http://www.openwall.com/lists/oss-security/2009/11/20/3
http://news.php.net/php.announce/79
http://www.osvdb.org/58186
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7652
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9982
http://secunia.com/advisories/37412
Common Vulnerability Exposure (CVE) ID: CVE-2009-3293
http://www.osvdb.org/58187
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7047
Common Vulnerability Exposure (CVE) ID: CVE-2009-3294
http://www.openwall.com/lists/oss-security/2009/09/20/1
http://www.osvdb.org/58188
Common Vulnerability Exposure (CVE) ID: CVE-2009-4018
37138
http://www.securityfocus.com/bid/37138
40262
41480
http://secunia.com/advisories/41480
41490
http://secunia.com/advisories/41490
HPSBMA02568
http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995
HPSBUX02543
MDVSA-2009:303
http://www.mandriva.com/security/advisories?name=MDVSA-2009:303
SSRT100152
SSRT100219
[oss-security] 20091122 Re: CVE request: php 5.3.1 update
http://marc.info/?l=oss-security&m=125886770008678&w=2
[oss-security] 20091123 Re: CVE request: php 5.3.1 - proc_open() bypass PHP Bug #49026 [was: Re: CVE request: php 5.3.1 update]
http://marc.info/?l=oss-security&m=125897935330618&w=2
http://www.openwall.com/lists/oss-security/2009/11/23/15
http://bugs.php.net/bug.php?id=49026
http://svn.php.net/viewvc/?view=revision&revision=286360
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/standard/proc_open.c?r1=286360&r2=286359&pathrev=286360
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/standard/proc_open.c?r1=286360&r2=286359&pathrev=286360
http://www.php.net/ChangeLog-5.php
oval:org.mitre.oval:def:7256
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7256
Common Vulnerability Exposure (CVE) ID: CVE-2009-5016
BugTraq ID: 44889
http://www.securityfocus.com/bid/44889
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html
http://sirdarckcat.blogspot.com/2009/10/couple-of-unicode-issues-on-php-and.html
http://www.blackhat.com/presentations/bh-usa-09/VELANAVA/BHUSA09-VelaNava-FavoriteXSS-SLIDES.pdf
http://www.redhat.com/support/errata/RHSA-2010-0919.html
http://www.redhat.com/support/errata/RHSA-2011-0195.html
http://secunia.com/advisories/42410
http://secunia.com/advisories/42812
http://www.ubuntu.com/usn/USN-1042-1
http://www.vupen.com/english/advisories/2010/3081
http://www.vupen.com/english/advisories/2011/0020
http://www.vupen.com/english/advisories/2011/0021
http://www.vupen.com/english/advisories/2011/0077

Copyright Copyright (C) 2012 NopSec Inc.

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.110176
Categoría:	Web application abuses
Título:	PHP < 5.2.11 Multiple Vulnerabilities
Resumen:	PHP is prone to multiple vulnerabilities.
Descripción:	Summary: PHP is prone to multiple vulnerabilities. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3291 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html Debian Security Information: DSA-1940 (Google Search) http://www.debian.org/security/2009/dsa-1940 HPdes Security Advisory: HPSBOV02683 http://marc.info/?l=bugtraq&m=130497311408250&w=2 HPdes Security Advisory: HPSBUX02543 http://marc.info/?l=bugtraq&m=127680701405735&w=2 HPdes Security Advisory: SSRT090208 HPdes Security Advisory: SSRT100152 http://www.osvdb.org/58185 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10438 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7394 http://www.securitytracker.com/id?1022914 http://secunia.com/advisories/36791 http://secunia.com/advisories/37482 http://secunia.com/advisories/40262 SuSE Security Announcement: SUSE-SR:2009:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html http://www.vupen.com/english/advisories/2009/3184 XForce ISS Database: php-certificate-unspecified(53334) https://exchange.xforce.ibmcloud.com/vulnerabilities/53334 Common Vulnerability Exposure (CVE) ID: CVE-2009-3292 http://www.mandriva.com/security/advisories?name=MDVSA-2009:302 http://www.openwall.com/lists/oss-security/2009/11/20/2 http://www.openwall.com/lists/oss-security/2009/11/20/3 http://news.php.net/php.announce/79 http://www.osvdb.org/58186 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7652 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9982 http://secunia.com/advisories/37412 Common Vulnerability Exposure (CVE) ID: CVE-2009-3293 http://www.osvdb.org/58187 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7047 Common Vulnerability Exposure (CVE) ID: CVE-2009-3294 http://www.openwall.com/lists/oss-security/2009/09/20/1 http://www.osvdb.org/58188 Common Vulnerability Exposure (CVE) ID: CVE-2009-4018 37138 http://www.securityfocus.com/bid/37138 40262 41480 http://secunia.com/advisories/41480 41490 http://secunia.com/advisories/41490 HPSBMA02568 http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995 HPSBUX02543 MDVSA-2009:303 http://www.mandriva.com/security/advisories?name=MDVSA-2009:303 SSRT100152 SSRT100219 [oss-security] 20091122 Re: CVE request: php 5.3.1 update http://marc.info/?l=oss-security&m=125886770008678&w=2 [oss-security] 20091123 Re: CVE request: php 5.3.1 - proc_open() bypass PHP Bug #49026 [was: Re: CVE request: php 5.3.1 update] http://marc.info/?l=oss-security&m=125897935330618&w=2 http://www.openwall.com/lists/oss-security/2009/11/23/15 http://bugs.php.net/bug.php?id=49026 http://svn.php.net/viewvc/?view=revision&revision=286360 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/standard/proc_open.c?r1=286360&r2=286359&pathrev=286360 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/standard/proc_open.c?r1=286360&r2=286359&pathrev=286360 http://www.php.net/ChangeLog-5.php oval:org.mitre.oval:def:7256 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7256 Common Vulnerability Exposure (CVE) ID: CVE-2009-5016 BugTraq ID: 44889 http://www.securityfocus.com/bid/44889 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html http://sirdarckcat.blogspot.com/2009/10/couple-of-unicode-issues-on-php-and.html http://www.blackhat.com/presentations/bh-usa-09/VELANAVA/BHUSA09-VelaNava-FavoriteXSS-SLIDES.pdf http://www.redhat.com/support/errata/RHSA-2010-0919.html http://www.redhat.com/support/errata/RHSA-2011-0195.html http://secunia.com/advisories/42410 http://secunia.com/advisories/42812 http://www.ubuntu.com/usn/USN-1042-1 http://www.vupen.com/english/advisories/2010/3081 http://www.vupen.com/english/advisories/2011/0020 http://www.vupen.com/english/advisories/2011/0021 http://www.vupen.com/english/advisories/2011/0077
Copyright	Copyright (C) 2012 NopSec Inc.