ID de Prueba:	1.3.6.1.4.1.25623.1.0.69451
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2011:069 (php)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to php announced via advisory MDVSA-2011:069. It was discovered that the /etc/cron.d/php cron job for php-session allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php (CVE-2011-0441). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages contains a fix that corrects this flaw. Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2011:069 Risk factor : High CVSS Score: 6.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0441 BugTraq ID: 46928 http://www.securityfocus.com/bid/46928 http://www.mandriva.com/security/advisories?name=MDVSA-2011:069 http://www.vupen.com/english/advisories/2011/0910 XForce ISS Database: php-php5common-file-deletion(66180) https://exchange.xforce.ibmcloud.com/vulnerabilities/66180
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.