ID de Prueba:	1.3.6.1.4.1.25623.1.0.110186
Categoría:	Web application abuses
Título:	PHP < 4.4.8 Multiple Vulnerabilities
Resumen:	PHP is prone to multiple vulnerabilities.
Descripción:	Summary: PHP is prone to multiple vulnerabilities. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3378 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html BugTraq ID: 24661 http://www.securityfocus.com/bid/24661 BugTraq ID: 25498 http://www.securityfocus.com/bid/25498 Bugtraq: 20070627 PHP 4/5 htaccess safemode and open_basedir Bypass (Google Search) http://www.securityfocus.com/archive/1/472343/100/0/threaded http://seclists.org/fulldisclosure/2020/Sep/34 http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml HPdes Security Advisory: HPSBUX02308 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501 HPdes Security Advisory: HPSBUX02332 http://www.securityfocus.com/archive/1/491693/100/0/threaded HPdes Security Advisory: SSRT080010 HPdes Security Advisory: SSRT080056 http://securityreason.com/achievement_exploitalert/9 http://www.openwall.com/lists/oss-security/2020/09/17/3 http://www.osvdb.org/38682 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6056 http://secunia.com/advisories/26642 http://secunia.com/advisories/26822 http://secunia.com/advisories/26838 http://secunia.com/advisories/27102 http://secunia.com/advisories/27377 http://secunia.com/advisories/27648 http://secunia.com/advisories/28318 http://secunia.com/advisories/28750 http://secunia.com/advisories/28936 http://secunia.com/advisories/29420 http://secunia.com/advisories/30040 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136 http://securityreason.com/securityalert/2831 http://securityreason.com/securityalert/3389 http://securityreason.com/achievement_securityalert/45 http://www.trustix.org/errata/2007/0026/ http://www.vupen.com/english/advisories/2007/3023 http://www.vupen.com/english/advisories/2008/0059 http://www.vupen.com/english/advisories/2008/0398 http://www.vupen.com/english/advisories/2008/0924/references XForce ISS Database: php-htaccess-security-bypass(35102) https://exchange.xforce.ibmcloud.com/vulnerabilities/35102 XForce ISS Database: php-sessionsavepath-errorlog-security-bypass(39403) https://exchange.xforce.ibmcloud.com/vulnerabilities/39403 Common Vulnerability Exposure (CVE) ID: CVE-2007-3997 https://www.exploit-db.com/exploits/4392 http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/ http://securityreason.com/securityalert/3102 XForce ISS Database: php-local-infile-security-bypass(36384) https://exchange.xforce.ibmcloud.com/vulnerabilities/36384 XForce ISS Database: php-localinfile-mysql-security-bypass(39402) https://exchange.xforce.ibmcloud.com/vulnerabilities/39402 Common Vulnerability Exposure (CVE) ID: CVE-2007-3799 BugTraq ID: 24268 http://www.securityfocus.com/bid/24268 Debian Security Information: DSA-1444 (Google Search) http://www.debian.org/security/2008/dsa-1444 Debian Security Information: DSA-1578 (Google Search) http://www.debian.org/security/2008/dsa-1578 https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html http://www.mandriva.com/security/advisories?name=MDKSA-2007:187 http://www.php-security.org/MOPB/PMOPB-46-2007.html http://osvdb.org/36855 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9792 http://www.redhat.com/support/errata/RHSA-2007-0888.html RedHat Security Advisories: RHSA-2007:0889 http://rhn.redhat.com/errata/RHSA-2007-0889.html http://www.redhat.com/support/errata/RHSA-2007-0890.html http://www.redhat.com/support/errata/RHSA-2007-0891.html http://secunia.com/advisories/26871 http://secunia.com/advisories/26895 http://secunia.com/advisories/26930 http://secunia.com/advisories/26967 http://secunia.com/advisories/27351 http://secunia.com/advisories/27545 http://secunia.com/advisories/27864 http://secunia.com/advisories/28249 http://secunia.com/advisories/30288 SuSE Security Announcement: SUSE-SR:2007:015 (Google Search) http://www.novell.com/linux/security/advisories/2007_15_sr.html https://usn.ubuntu.com/549-1/ http://www.ubuntu.com/usn/usn-549-2 Common Vulnerability Exposure (CVE) ID: CVE-2007-4657 http://secweb.se/en/advisories/php-strcspn-information-leak-vulnerability/ XForce ISS Database: php-strcspn-overflow(36388) https://exchange.xforce.ibmcloud.com/vulnerabilities/36388 XForce ISS Database: php-strcspn-strspn-unspecified(39399) https://exchange.xforce.ibmcloud.com/vulnerabilities/39399 Common Vulnerability Exposure (CVE) ID: CVE-2007-4658 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10363 http://secunia.com/advisories/28658 SuSE Security Announcement: SUSE-SA:2008:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html XForce ISS Database: php-moneyformat-unspecified(36377) https://exchange.xforce.ibmcloud.com/vulnerabilities/36377 Common Vulnerability Exposure (CVE) ID: CVE-2008-0145 XForce ISS Database: php-glob-openbasedir-security-bypass(39401) https://exchange.xforce.ibmcloud.com/vulnerabilities/39401 Common Vulnerability Exposure (CVE) ID: CVE-2008-2108 Bugtraq: 20080506 Advisory SE-2008-02: PHP GENERATE_SEED() Weak Random Number Seed Vulnerability (Google Search) http://www.securityfocus.com/archive/1/491683/100/0/threaded Debian Security Information: DSA-1789 (Google Search) http://www.debian.org/security/2009/dsa-1789 https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.html https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html http://archives.neohapsis.com/archives/fulldisclosure/2008-05/0103.html http://security.gentoo.org/glsa/glsa-200811-05.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:125 http://www.mandriva.com/security/advisories?name=MDVSA-2008:126 http://www.mandriva.com/security/advisories?name=MDVSA-2008:127 http://www.mandriva.com/security/advisories?name=MDVSA-2008:128 http://www.mandriva.com/security/advisories?name=MDVSA-2008:129 http://www.mandriva.com/security/advisories?name=MDVSA-2008:130 http://www.sektioneins.de/advisories/SE-2008-02.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10844 http://www.redhat.com/support/errata/RHSA-2008-0505.html http://www.redhat.com/support/errata/RHSA-2008-0544.html http://www.redhat.com/support/errata/RHSA-2008-0545.html http://www.redhat.com/support/errata/RHSA-2008-0546.html http://www.redhat.com/support/errata/RHSA-2008-0582.html http://secunia.com/advisories/30757 http://secunia.com/advisories/30828 http://secunia.com/advisories/31119 http://secunia.com/advisories/31124 http://secunia.com/advisories/31200 http://secunia.com/advisories/32746 http://secunia.com/advisories/35003 http://securityreason.com/securityalert/3859 http://www.ubuntu.com/usn/usn-628-1 XForce ISS Database: php-generateseed-weak-security(42226) https://exchange.xforce.ibmcloud.com/vulnerabilities/42226
Copyright	Copyright (C) 2012 NopSec Inc.

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.