CGI abuses : PHP glob vulnerability via open

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.60130

Categoría: CGI abuses

Título: PHP glob vulnerability via open_basedir

Resumen: NOSUMMARY

Descripción: Description:

The remote host is running a version of PHP older than 4.4.8.
These versions are reportedly susceptible to a glob
vulnerability when open_basedir is enabled. While the specific
impact and attack vector are unknown, the issue appears to
have been introduced as a regression when fixing CVE-2007-4663.

Solution : Upgrade to PHP 4.4.8 or later.

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-0145
http://secunia.com/advisories/28318
http://secunia.com/advisories/28936
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136
http://www.vupen.com/english/advisories/2008/0059
XForce ISS Database: php-glob-openbasedir-security-bypass(39401)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39401
Common Vulnerability Exposure (CVE) ID: CVE-2007-4663
http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml
http://secunia.com/advisories/26642
http://secunia.com/advisories/26838
http://secunia.com/advisories/27102
http://secunia.com/advisories/27377
http://www.vupen.com/english/advisories/2007/3023
XForce ISS Database: php-glob-security-bypass(36386)
https://exchange.xforce.ibmcloud.com/vulnerabilities/36386

Copyright Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.60130
Categoría:	CGI abuses
Título:	PHP glob vulnerability via open_basedir
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is running a version of PHP older than 4.4.8. These versions are reportedly susceptible to a glob vulnerability when open_basedir is enabled. While the specific impact and attack vector are unknown, the issue appears to have been introduced as a regression when fixing CVE-2007-4663. Solution : Upgrade to PHP 4.4.8 or later. Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0145 http://secunia.com/advisories/28318 http://secunia.com/advisories/28936 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136 http://www.vupen.com/english/advisories/2008/0059 XForce ISS Database: php-glob-openbasedir-security-bypass(39401) https://exchange.xforce.ibmcloud.com/vulnerabilities/39401 Common Vulnerability Exposure (CVE) ID: CVE-2007-4663 http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml http://secunia.com/advisories/26642 http://secunia.com/advisories/26838 http://secunia.com/advisories/27102 http://secunia.com/advisories/27377 http://www.vupen.com/english/advisories/2007/3023 XForce ISS Database: php-glob-security-bypass(36386) https://exchange.xforce.ibmcloud.com/vulnerabilities/36386
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com