Web application abuses : PHP < 5.3.1 Multiple Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.110178

Categoría: Web application abuses

Título: PHP < 5.3.1 Multiple Vulnerabilities

Resumen: PHP is prone to multiple vulnerabilities.

Descripción: Summary:
PHP is prone to multiple vulnerabilities.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-3557
37412
http://secunia.com/advisories/37412
37821
http://secunia.com/advisories/37821
40262
http://secunia.com/advisories/40262
6601
http://securityreason.com/securityalert/6601
ADV-2009-3593
http://www.vupen.com/english/advisories/2009/3593
APPLE-SA-2010-03-29-1
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
HPSBUX02543
http://marc.info/?l=bugtraq&m=127680701405735&w=2
MDVSA-2009:285
http://www.mandriva.com/security/advisories?name=MDVSA-2009:285
MDVSA-2009:302
http://www.mandriva.com/security/advisories?name=MDVSA-2009:302
MDVSA-2009:303
http://www.mandriva.com/security/advisories?name=MDVSA-2009:303
SSRT100152
[oss-security] 20091120 CVE request: php 5.3.1 update
http://www.openwall.com/lists/oss-security/2009/11/20/2
[oss-security] 20091120 Re: CVE request: php 5.3.1 update
http://www.openwall.com/lists/oss-security/2009/11/20/3
http://www.openwall.com/lists/oss-security/2009/11/20/5
[php-announce] 20091119 5.3.1 Release announcement
http://news.php.net/php.announce/79
http://support.apple.com/kb/HT4077
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/standard/file.c?view=log
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/standard/file.c?view=log
http://svn.php.net/viewvc?view=revision&revision=288945
http://www.php.net/ChangeLog-5.php
http://www.php.net/releases/5_2_12.php
http://www.php.net/releases/5_3_1.php
oval:org.mitre.oval:def:7396
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7396
Common Vulnerability Exposure (CVE) ID: CVE-2009-3559
http://bugs.php.net/bug.php?id=50063
Common Vulnerability Exposure (CVE) ID: CVE-2009-4017
20091120 PHP "multipart/form-data" denial of service
http://seclists.org/fulldisclosure/2009/Nov/228
http://www.securityfocus.com/archive/1/507982/100/0/threaded
37482
http://secunia.com/advisories/37482
41480
http://secunia.com/advisories/41480
41490
http://secunia.com/advisories/41490
DSA-1940
http://www.debian.org/security/2009/dsa-1940
HPSBMA02568
http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995
MDVSA-2009:305
http://www.mandriva.com/security/advisories?name=MDVSA-2009:305
SSRT100219
http://www.openwall.com/lists/oss-security/2009/11/20/7
http://www.acunetix.com/blog/websecuritynews/php-multipartform-data-denial-of-service/
oval:org.mitre.oval:def:10483
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10483
oval:org.mitre.oval:def:6667
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6667
php-multipart-formdata-dos(54455)
https://exchange.xforce.ibmcloud.com/vulnerabilities/54455
Common Vulnerability Exposure (CVE) ID: CVE-2009-4018
37138
http://www.securityfocus.com/bid/37138
[oss-security] 20091122 Re: CVE request: php 5.3.1 update
http://marc.info/?l=oss-security&m=125886770008678&w=2
[oss-security] 20091123 Re: CVE request: php 5.3.1 - proc_open() bypass PHP Bug #49026 [was: Re: CVE request: php 5.3.1 update]
http://marc.info/?l=oss-security&m=125897935330618&w=2
http://www.openwall.com/lists/oss-security/2009/11/23/15
http://bugs.php.net/bug.php?id=49026
http://svn.php.net/viewvc/?view=revision&revision=286360
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/standard/proc_open.c?r1=286360&r2=286359&pathrev=286360
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/standard/proc_open.c?r1=286360&r2=286359&pathrev=286360
oval:org.mitre.oval:def:7256
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7256
Common Vulnerability Exposure (CVE) ID: CVE-2010-1128
BugTraq ID: 38430
http://www.securityfocus.com/bid/38430
http://www.redhat.com/support/errata/RHSA-2010-0919.html
http://secunia.com/advisories/38708
http://secunia.com/advisories/42410
http://www.vupen.com/english/advisories/2010/0479
http://www.vupen.com/english/advisories/2010/3081

Copyright Copyright (C) 2012 NopSec Inc.

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.110178
Categoría:	Web application abuses
Título:	PHP < 5.3.1 Multiple Vulnerabilities
Resumen:	PHP is prone to multiple vulnerabilities.
Descripción:	Summary: PHP is prone to multiple vulnerabilities. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3557 37412 http://secunia.com/advisories/37412 37821 http://secunia.com/advisories/37821 40262 http://secunia.com/advisories/40262 6601 http://securityreason.com/securityalert/6601 ADV-2009-3593 http://www.vupen.com/english/advisories/2009/3593 APPLE-SA-2010-03-29-1 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html HPSBUX02543 http://marc.info/?l=bugtraq&m=127680701405735&w=2 MDVSA-2009:285 http://www.mandriva.com/security/advisories?name=MDVSA-2009:285 MDVSA-2009:302 http://www.mandriva.com/security/advisories?name=MDVSA-2009:302 MDVSA-2009:303 http://www.mandriva.com/security/advisories?name=MDVSA-2009:303 SSRT100152 [oss-security] 20091120 CVE request: php 5.3.1 update http://www.openwall.com/lists/oss-security/2009/11/20/2 [oss-security] 20091120 Re: CVE request: php 5.3.1 update http://www.openwall.com/lists/oss-security/2009/11/20/3 http://www.openwall.com/lists/oss-security/2009/11/20/5 [php-announce] 20091119 5.3.1 Release announcement http://news.php.net/php.announce/79 http://support.apple.com/kb/HT4077 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/standard/file.c?view=log http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/standard/file.c?view=log http://svn.php.net/viewvc?view=revision&revision=288945 http://www.php.net/ChangeLog-5.php http://www.php.net/releases/5_2_12.php http://www.php.net/releases/5_3_1.php oval:org.mitre.oval:def:7396 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7396 Common Vulnerability Exposure (CVE) ID: CVE-2009-3559 http://bugs.php.net/bug.php?id=50063 Common Vulnerability Exposure (CVE) ID: CVE-2009-4017 20091120 PHP "multipart/form-data" denial of service http://seclists.org/fulldisclosure/2009/Nov/228 http://www.securityfocus.com/archive/1/507982/100/0/threaded 37482 http://secunia.com/advisories/37482 41480 http://secunia.com/advisories/41480 41490 http://secunia.com/advisories/41490 DSA-1940 http://www.debian.org/security/2009/dsa-1940 HPSBMA02568 http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995 MDVSA-2009:305 http://www.mandriva.com/security/advisories?name=MDVSA-2009:305 SSRT100219 http://www.openwall.com/lists/oss-security/2009/11/20/7 http://www.acunetix.com/blog/websecuritynews/php-multipartform-data-denial-of-service/ oval:org.mitre.oval:def:10483 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10483 oval:org.mitre.oval:def:6667 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6667 php-multipart-formdata-dos(54455) https://exchange.xforce.ibmcloud.com/vulnerabilities/54455 Common Vulnerability Exposure (CVE) ID: CVE-2009-4018 37138 http://www.securityfocus.com/bid/37138 [oss-security] 20091122 Re: CVE request: php 5.3.1 update http://marc.info/?l=oss-security&m=125886770008678&w=2 [oss-security] 20091123 Re: CVE request: php 5.3.1 - proc_open() bypass PHP Bug #49026 [was: Re: CVE request: php 5.3.1 update] http://marc.info/?l=oss-security&m=125897935330618&w=2 http://www.openwall.com/lists/oss-security/2009/11/23/15 http://bugs.php.net/bug.php?id=49026 http://svn.php.net/viewvc/?view=revision&revision=286360 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/standard/proc_open.c?r1=286360&r2=286359&pathrev=286360 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/standard/proc_open.c?r1=286360&r2=286359&pathrev=286360 oval:org.mitre.oval:def:7256 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7256 Common Vulnerability Exposure (CVE) ID: CVE-2010-1128 BugTraq ID: 38430 http://www.securityfocus.com/bid/38430 http://www.redhat.com/support/errata/RHSA-2010-0919.html http://secunia.com/advisories/38708 http://secunia.com/advisories/42410 http://www.vupen.com/english/advisories/2010/0479 http://www.vupen.com/english/advisories/2010/3081
Copyright	Copyright (C) 2012 NopSec Inc.