Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2010:239 (php)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.68567

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2010:239 (php)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to php
announced via advisory MDVSA-2010:239.

A possible double free flaw was found in the imap extension for php
(CVE-2010-4150).

A GC corrupting flaw was found in Zend/zend_gc.c for php-5.3.x that
under certain circumstances could case a segmention fault (crash).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct these issues.

Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2010:239
http://svn.php.net/viewvc?view=revision&revision=305032
http://bugs.php.net/bug.php?id=50027
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/Zend/zend_gc.c?r1=297307&r2=303016

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-4150
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
BugTraq ID: 44980
http://www.securityfocus.com/bid/44980
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html
HPdes Security Advisory: HPSBOV02763
http://marc.info/?l=bugtraq&m=133469208622507&w=2
HPdes Security Advisory: SSRT100826
http://www.mandriva.com/security/advisories?name=MDVSA-2010:239
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12489
http://www.securitytracker.com/id?1024761
http://secunia.com/advisories/42729
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.490619
http://www.vupen.com/english/advisories/2010/3027
http://www.vupen.com/english/advisories/2010/3313
http://www.vupen.com/english/advisories/2011/0020
http://www.vupen.com/english/advisories/2011/0021
XForce ISS Database: php-phpimapc-dos(63390)
https://exchange.xforce.ibmcloud.com/vulnerabilities/63390

Copyright Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.68567
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2010:239 (php)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to php announced via advisory MDVSA-2010:239. A possible double free flaw was found in the imap extension for php (CVE-2010-4150). A GC corrupting flaw was found in Zend/zend_gc.c for php-5.3.x that under certain circumstances could case a segmention fault (crash). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2010:239 http://svn.php.net/viewvc?view=revision&revision=305032 http://bugs.php.net/bug.php?id=50027 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/Zend/zend_gc.c?r1=297307&r2=303016 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4150 http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html BugTraq ID: 44980 http://www.securityfocus.com/bid/44980 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html HPdes Security Advisory: HPSBOV02763 http://marc.info/?l=bugtraq&m=133469208622507&w=2 HPdes Security Advisory: SSRT100826 http://www.mandriva.com/security/advisories?name=MDVSA-2010:239 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12489 http://www.securitytracker.com/id?1024761 http://secunia.com/advisories/42729 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.490619 http://www.vupen.com/english/advisories/2010/3027 http://www.vupen.com/english/advisories/2010/3313 http://www.vupen.com/english/advisories/2011/0020 http://www.vupen.com/english/advisories/2011/0021 XForce ISS Database: php-phpimapc-dos(63390) https://exchange.xforce.ibmcloud.com/vulnerabilities/63390
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com