English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
146377 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.58312
Categoría:CGI abuses
Título:PHP < 4.4.7/5.2.3 Multiple Vulnerabilities
Resumen:NOSUMMARY
Descripción:Description:

The remote host is vulnerable to denial of service attacks and
arbitrary code execution vulnerabilities via the 'chunk_split'
function. As well, open_basedir and safe_mode restrictions
are not enforced under certain situations.

Versions up to and including 4.4.6 and 5.2.2 are vulnerable.

Solution : Upgrade to PHP 5.2.3/4.4.7 or later.

Risk factor : High

CVSS Score:
6.8

Referencia Cruzada: BugTraq ID: 24261
BugTraq ID: 24259
Common Vulnerability Exposure (CVE) ID: CVE-2007-3007
http://www.securityfocus.com/bid/24259
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html
http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml
http://osvdb.org/36084
http://secunia.com/advisories/25456
http://secunia.com/advisories/26048
http://secunia.com/advisories/26231
http://secunia.com/advisories/27102
http://secunia.com/advisories/27110
SuSE Security Announcement: SUSE-SA:2007:044 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html
http://www.trustix.org/errata/2007/0023/
Common Vulnerability Exposure (CVE) ID: CVE-2007-2872
1018186
http://www.securitytracker.com/id?1018186
2007-0023
20070601 SEC Consult SA-20070601-0 :: PHP chunk_split() integer overflow
http://www.securityfocus.com/archive/1/470244/100/0/threaded
24261
http://www.securityfocus.com/bid/24261
25456
25535
http://secunia.com/advisories/25535
26048
26231
26838
http://secunia.com/advisories/26838
26871
http://secunia.com/advisories/26871
26895
http://secunia.com/advisories/26895
26930
http://secunia.com/advisories/26930
26967
http://secunia.com/advisories/26967
27037
http://secunia.com/advisories/27037
27102
27110
27351
http://secunia.com/advisories/27351
27377
http://secunia.com/advisories/27377
27545
http://secunia.com/advisories/27545
27864
http://secunia.com/advisories/27864
28318
http://secunia.com/advisories/28318
28658
http://secunia.com/advisories/28658
28750
http://secunia.com/advisories/28750
28936
http://secunia.com/advisories/28936
30040
http://secunia.com/advisories/30040
36083
http://osvdb.org/36083
ADV-2007-2061
http://www.vupen.com/english/advisories/2007/2061
ADV-2007-3386
http://www.vupen.com/english/advisories/2007/3386
ADV-2008-0059
http://www.vupen.com/english/advisories/2008/0059
ADV-2008-0398
http://www.vupen.com/english/advisories/2008/0398
FEDORA-2007-2215
FEDORA-2007-709
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html
GLSA-200710-02
HPSBUX02262
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
HPSBUX02308
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501
HPSBUX02332
http://www.securityfocus.com/archive/1/491693/100/0/threaded
MDKSA-2007:187
http://www.mandriva.com/security/advisories?name=MDKSA-2007:187
OpenPKG-SA-2007.020
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.020.html
RHSA-2007:0888
http://www.redhat.com/support/errata/RHSA-2007-0888.html
RHSA-2007:0889
http://rhn.redhat.com/errata/RHSA-2007-0889.html
RHSA-2007:0890
http://www.redhat.com/support/errata/RHSA-2007-0890.html
RHSA-2007:0891
http://www.redhat.com/support/errata/RHSA-2007-0891.html
SSA:2007-152-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.482863
SSA:2008-045-03
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136
SSRT071447
SSRT080010
SSRT080056
SUSE-SA:2007:044
SUSE-SA:2008:004
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html
USN-549-1
https://usn.ubuntu.com/549-1/
USN-549-2
http://www.ubuntu.com/usn/usn-549-2
http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm
http://www.php.net/ChangeLog-4.php
http://www.php.net/releases/4_4_8.php
http://www.php.net/releases/5_2_3.php
http://www.sec-consult.com/291.html
https://issues.rpath.com/browse/RPL-1693
https://issues.rpath.com/browse/RPL-1702
https://launchpad.net/bugs/173043
oval:org.mitre.oval:def:9424
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9424
php-chunksplit-security-bypass(39398)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39398
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.