ID de Prueba:	1.3.6.1.4.1.25623.1.0.51840
Categoría:	CGI abuses
Título:	PHP Socket Integer Overflow
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is running a version of PHP older than 4.3.2. If PHP is completed with --enable-sockets, and a user is permitted to pass parameters to certain functions, then the user is able to crash the service or possibly execute arbitrary code. Affedtec functions include socket_iovec_alloc(), openlog(), socket_recv(), socket_recvfrom() and emalloc(). Solution : Upgrade to PHP 4.3.2 or later. Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	BugTraq ID: 7187 BugTraq ID: 7197 BugTraq ID: 7198 BugTraq ID: 7199 BugTraq ID: 7210 BugTraq ID: 7256 BugTraq ID: 7259 Common Vulnerability Exposure (CVE) ID: CVE-2003-0172 http://www.securityfocus.com/bid/7210 Bugtraq: 20030327 @(#)Mordred Labs advisory - PHP for Win32: buffer overflow in openlog() function (Google Search) http://marc.info/?l=bugtraq&m=104878149020152&w=2 Bugtraq: 20030327 Re: @(#)Mordred Labs advisory - PHP for Win32: buffer overflow in openlog() function (Google Search) http://www.securityfocus.com/archive/1/316583 Bugtraq: 20030402 Inaccurate Reports Concerning PHP Vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=104931415307111&w=2 Bugtraq: 20041222 PHP v4.3.x exploit for Windows. (Google Search) http://www.securityfocus.com/archive/1/385238 http://www.osvdb.org/2113 XForce ISS Database: php-openlog-stack-bo(11637) https://exchange.xforce.ibmcloud.com/vulnerabilities/11637
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.