English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
146377 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.57603
Categoría:Turbolinux Local Security Tests
Título:Turbolinux TLSA-2006-38 (php)
Resumen:NOSUMMARY
Descripción:Description:

The remote host is missing an update to php
announced via advisory TLSA-2006-38.

PHP is an HTML-embedded scripting language.
The multiple vulnerabilities exist in php.

Please refer to the References section.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2006-38

Risk factor : Critical

CVSS Score:
9.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-3353
15358
http://www.securityfocus.com/bid/15358
16907
http://www.securityfocus.com/bid/16907
17371
http://secunia.com/advisories/17371
17490
http://secunia.com/advisories/17490
17531
http://secunia.com/advisories/17531
17557
http://secunia.com/advisories/17557
18054
http://secunia.com/advisories/18054
18198
http://secunia.com/advisories/18198
19064
http://secunia.com/advisories/19064
22691
http://secunia.com/advisories/22691
22713
http://secunia.com/advisories/22713
525
http://securityreason.com/securityalert/525
ADV-2006-0791
http://www.vupen.com/english/advisories/2006/0791
ADV-2006-4320
http://www.vupen.com/english/advisories/2006/4320
APPLE-SA-2006-03-01
http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html
DSA-1206
http://www.debian.org/security/2006/dsa-1206
FLSA:166943
http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html
HPSBMA02159
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522
MDKSA-2005:213
http://www.mandriva.com/security/advisories?name=MDKSA-2005:213
OpenPKG-SA-2005.027
http://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html
RHSA-2005:831
http://rhn.redhat.com/errata/RHSA-2005-831.html
SSRT061238
SUSE-SA:2005:069
http://www.securityfocus.com/archive/1/419504/100/0/threaded
TA06-062A
http://www.us-cert.gov/cas/techalerts/TA06-062A.html
TLSA-2006-38
http://www.turbolinux.com/security/2006/TLSA-2006-38.txt
USN-232-1
https://www.ubuntu.com/usn/usn-232-1/
http://bugs.php.net/bug.php?id=34704
http://docs.info.apple.com/article.html?artnum=303382
http://www.php.net/ChangeLog-4.php#4.4.1
oval:org.mitre.oval:def:11032
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11032
php-exif-dos(24351)
https://exchange.xforce.ibmcloud.com/vulnerabilities/24351
Common Vulnerability Exposure (CVE) ID: CVE-2005-3388
BugTraq ID: 15248
http://www.securityfocus.com/bid/15248
Bugtraq: 20051031 Advisory 18/2005: PHP Cross Site Scripting (XSS) Vulnerability in phpinfo() (Google Search)
http://www.securityfocus.com/archive/1/415292
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIRZJHM6UDNWNHZ3PCMEZ2YUK3CWY2UE/
http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml
HPdes Security Advisory: HPSBMA02159
HPdes Security Advisory: SSRT061238
http://www.hardened-php.net/advisory_182005.77.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10542
http://www.redhat.com/support/errata/RHSA-2005-831.html
http://www.redhat.com/support/errata/RHSA-2005-838.html
RedHat Security Advisories: RHSA-2006:0549
http://rhn.redhat.com/errata/RHSA-2006-0549.html
http://securitytracker.com/id?1015130
http://secunia.com/advisories/17510
http://secunia.com/advisories/17559
http://secunia.com/advisories/18669
http://secunia.com/advisories/21252
http://securityreason.com/securityalert/133
SuSE Security Announcement: SUSE-SR:2005:026 (Google Search)
SuSE Security Announcement: SUSE-SR:2005:027 (Google Search)
http://www.novell.com/linux/security/advisories/2005_27_sr.html
TurboLinux Advisory: TLSA-2006-38
http://www.vupen.com/english/advisories/2005/2254
Common Vulnerability Exposure (CVE) ID: CVE-2005-3389
BugTraq ID: 15249
http://www.securityfocus.com/bid/15249
Bugtraq: 20051031 Advisory 19/2005: PHP register_globals Activation Vulnerability in parse_str() (Google Search)
http://www.securityfocus.com/archive/1/415291
http://www.hardened-php.net/advisory_192005.78.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11481
http://securitytracker.com/id?1015131
http://securityreason.com/securityalert/134
SuSE Security Announcement: SUSE-SA:2005:069 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2005-3883
BugTraq ID: 15571
http://www.securityfocus.com/bid/15571
http://www.mandriva.com/security/advisories?name=MDKSA-2005:238
http://bugs.php.net/bug.php?id=35307
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10332
RedHat Security Advisories: RHSA-2006:0276
http://rhn.redhat.com/errata/RHSA-2006-0276.html
http://securitytracker.com/id?1015296
http://secunia.com/advisories/17763
http://secunia.com/advisories/19832
http://secunia.com/advisories/20210
http://secunia.com/advisories/20951
SGI Security Advisory: 20060501-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc
http://www.vupen.com/english/advisories/2006/2685
XForce ISS Database: php-mbsendmail-header-injection(23270)
https://exchange.xforce.ibmcloud.com/vulnerabilities/23270
Common Vulnerability Exposure (CVE) ID: CVE-2006-1990
1015979
http://securitytracker.com/id?1015979
19803
http://secunia.com/advisories/19803
20052
http://secunia.com/advisories/20052
20060701-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U
20061005 rPSA-2006-0182-1 php php-mysql php-pgsql
http://www.securityfocus.com/archive/1/447866/100/0/threaded
20222
http://secunia.com/advisories/20222
20269
http://secunia.com/advisories/20269
20676
http://secunia.com/advisories/20676
21031
http://secunia.com/advisories/21031
21050
http://secunia.com/advisories/21050
21125
http://secunia.com/advisories/21125
21135
http://secunia.com/advisories/21135
21252
21564
http://secunia.com/advisories/21564
21723
http://secunia.com/advisories/21723
22225
http://secunia.com/advisories/22225
23155
http://secunia.com/advisories/23155
ADV-2006-1500
http://www.vupen.com/english/advisories/2006/1500
ADV-2006-4750
http://www.vupen.com/english/advisories/2006/4750
APPLE-SA-2006-11-28
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
GLSA-200605-08
http://security.gentoo.org/glsa/glsa-200605-08.xml
MDKSA-2006:091
http://www.mandriva.com/security/advisories?name=MDKSA-2006:091
MDKSA-2006:122
http://www.mandriva.com/security/advisories?name=MDKSA-2006:122
RHSA-2006:0501
http://www.redhat.com/support/errata/RHSA-2006-0501.html
RHSA-2006:0549
RHSA-2006:0568
http://www.redhat.com/support/errata/RHSA-2006-0568.html
SUSE-SA:2006:031
http://www.novell.com/linux/security/advisories/2006_31_php.html
TA06-333A
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
USN-320-1
http://www.ubuntu.com/usn/usn-320-1
http://docs.info.apple.com/article.html?artnum=304829
http://support.avaya.com/elmodocs2/security/ASA-2006-160.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-175.htm
http://www.infigo.hr/en/in_focus/advisories/INFIGO-2006-04-02
https://issues.rpath.com/browse/RPL-683
oval:org.mitre.oval:def:9696
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9696
php-wordwrap-string-bo(26001)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26001
Common Vulnerability Exposure (CVE) ID: CVE-2006-2657
Common Vulnerability Exposure (CVE) ID: CVE-2006-3016
BugTraq ID: 17843
http://www.securityfocus.com/bid/17843
Bugtraq: 20061005 rPSA-2006-0182-1 php php-mysql php-pgsql (Google Search)
http://www.osvdb.org/25253
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10597
http://www.redhat.com/support/errata/RHSA-2006-0669.html
http://www.redhat.com/support/errata/RHSA-2006-0682.html
RedHat Security Advisories: RHSA-2006:0736
http://rhn.redhat.com/errata/RHSA-2006-0736.html
http://securitytracker.com/id?1016306
http://secunia.com/advisories/19927
http://secunia.com/advisories/22004
http://secunia.com/advisories/22069
http://secunia.com/advisories/22440
http://secunia.com/advisories/22487
http://secunia.com/advisories/23247
SGI Security Advisory: 20061001-01-P
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
Common Vulnerability Exposure (CVE) ID: CVE-2006-4482
BugTraq ID: 19582
http://www.securityfocus.com/bid/19582
Debian Security Information: DSA-1206 (Google Search)
http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.10&r2=1.445.2.14.2.11
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10121
RedHat Security Advisories: RHSA-2006:0688
http://rhn.redhat.com/errata/RHSA-2006-0688.html
http://securitytracker.com/id?1016984
http://secunia.com/advisories/21546
http://secunia.com/advisories/21768
http://secunia.com/advisories/22039
http://secunia.com/advisories/22538
SuSE Security Announcement: SUSE-SA:2006:052 (Google Search)
http://www.novell.com/linux/security/advisories/2006_52_php.html
http://www.ubuntu.com/usn/usn-342-1
http://www.vupen.com/english/advisories/2006/3318
Common Vulnerability Exposure (CVE) ID: CVE-2006-4484
Bugtraq: 20080206 rPSA-2008-0046-1 gd (Google Search)
http://www.securityfocus.com/archive/1/487683/100/0/threaded
Bugtraq: 20080212 FLEA-2008-0007-1 gd (Google Search)
http://www.securityfocus.com/archive/1/488008/100/0/threaded
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00502.html
http://www.mandriva.com/security/advisories?name=MDKSA-2006:162
http://www.mandriva.com/security/advisories?name=MDVSA-2008:038
http://www.mandriva.com/security/advisories?name=MDVSA-2008:077
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9004
http://www.redhat.com/support/errata/RHSA-2008-0146.html
http://secunia.com/advisories/21842
http://secunia.com/advisories/28768
http://secunia.com/advisories/28838
http://secunia.com/advisories/28845
http://secunia.com/advisories/28866
http://secunia.com/advisories/28959
http://secunia.com/advisories/29157
http://secunia.com/advisories/29242
http://secunia.com/advisories/29546
http://secunia.com/advisories/30717
SuSE Security Announcement: SUSE-SR:2008:003 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html
SuSE Security Announcement: SUSE-SR:2008:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
SuSE Security Announcement: SUSE-SR:2008:013 (Google Search)
http://www.novell.com/linux/security/advisories/2008_13_sr.html
Common Vulnerability Exposure (CVE) ID: CVE-2006-4486
Debian Security Information: DSA-1331 (Google Search)
http://www.debian.org/security/2007/dsa-1331
http://www.hardened-php.net/hphp/changelog.html#hardening_patch_0.4.14
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11086
http://secunia.com/advisories/22331
http://secunia.com/advisories/25945
http://www.ubuntu.com/usn/usn-362-1
Common Vulnerability Exposure (CVE) ID: CVE-2006-4625
BugTraq ID: 19933
http://www.securityfocus.com/bid/19933
Bugtraq: 20060913 Re: PHP 5.1.6 / 4.4.4 Critical php_admin* bypass by ini_restore() (Google Search)
http://www.securityfocus.com/archive/1/445712/100/0/threaded
http://www.securityfocus.com/archive/1/445882/100/0/threaded
HPdes Security Advisory: HPSBMA02215
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506
HPdes Security Advisory: HPSBTU02232
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137
HPdes Security Advisory: SSRT071423
HPdes Security Advisory: SSRT071429
http://www.mandriva.com/security/advisories?name=MDKSA-2006:185
http://www.securityfocus.com/archive/1/448953/100/0/threaded
http://secunia.com/advisories/22282
http://secunia.com/advisories/22338
http://secunia.com/advisories/22424
http://secunia.com/advisories/25423
http://secunia.com/advisories/25850
http://securityreason.com/securityalert/1519
http://securityreason.com/achievement_securityalert/42
SuSE Security Announcement: SUSE-SA:2006:059 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2006-Oct/0002.html
http://www.vupen.com/english/advisories/2007/1991
http://www.vupen.com/english/advisories/2007/2374
XForce ISS Database: php-inirestore-security-bypass(28853)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28853
Common Vulnerability Exposure (CVE) ID: CVE-2006-5178
BugTraq ID: 20326
http://www.securityfocus.com/bid/20326
Bugtraq: 20061003 Advisory 08/2006: PHP open_basedir Race Condition Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/447649/100/0/threaded
Bugtraq: 20061009 PHP open_basedir with symlink() function Race Condition PoC exploit (Google Search)
http://www.securityfocus.com/archive/1/448020/100/0/threaded
http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049850.html
http://www.hardened-php.net/advisory_082006.132.html
http://www.neosecurityteam.net/index.php?action=advisories&id=26
http://securitytracker.com/id?1016977
http://secunia.com/advisories/22235
http://securityreason.com/securityalert/1692
http://www.vupen.com/english/advisories/2006/3901
XForce ISS Database: php-openbasedir-security-bypass(29340)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29340
Common Vulnerability Exposure (CVE) ID: CVE-2006-5465
BugTraq ID: 20879
http://www.securityfocus.com/bid/20879
Bugtraq: 20061102 Advisory 13/2006: PHP HTML Entity Encoder Heap Overflow Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/450431/100/0/threaded
Bugtraq: 20061109 rPSA-2006-0205-1 php php-mysql php-pgsql (Google Search)
http://www.securityfocus.com/archive/1/451098/100/0/threaded
Bugtraq: 20061129 SYM06-023, Symantec NetBackup PureDisk: PHP update to Address Reported Security Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/453024/100/0/threaded
Cert/CC Advisory: TA06-333A
Cisco Security Advisory: 20070425 Cisco Applied Intelligence Response: Identifying and Mitigating Exploitation of the PHP HTML Entity Encoder Heap Overflow Vulnerability in Multiple Web-Based Management Interfaces
http://www.cisco.com/warp/public/707/cisco-air-20070425-http.shtml
Cisco Security Advisory: 20070425 PHP HTML Entity Encoder Heap Overflow Vulnerability in Multiple Web-Based Management Interfaces
http://www.cisco.com/en/US/products/products_security_response09186a008082c4fe.html
http://security.gentoo.org/glsa/glsa-200703-21.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:196
http://www.hardened-php.net/advisory_132006.138.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.028.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10240
http://www.redhat.com/support/errata/RHSA-2006-0730.html
http://www.redhat.com/support/errata/RHSA-2006-0731.html
http://securitytracker.com/id?1017152
http://securitytracker.com/id?1017296
http://secunia.com/advisories/22653
http://secunia.com/advisories/22685
http://secunia.com/advisories/22688
http://secunia.com/advisories/22693
http://secunia.com/advisories/22753
http://secunia.com/advisories/22759
http://secunia.com/advisories/22779
http://secunia.com/advisories/22881
http://secunia.com/advisories/22929
http://secunia.com/advisories/23139
http://secunia.com/advisories/24606
http://secunia.com/advisories/25047
SGI Security Advisory: 20061101-01-P
ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P
SuSE Security Announcement: SUSE-SA:2006:067 (Google Search)
http://www.novell.com/linux/security/advisories/2006_67_php.html
http://www.trustix.org/errata/2006/0061/
http://www.ubuntu.com/usn/usn-375-1
http://www.vupen.com/english/advisories/2006/4317
http://www.vupen.com/english/advisories/2006/4749
http://www.vupen.com/english/advisories/2007/1546
XForce ISS Database: php-htmlentities-bo(29971)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29971
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.