ID de Prueba:	1.3.6.1.4.1.25623.1.1.4.2015.1253.2
Categoría:	SuSE Local Security Checks
Título:	SUSE: Security Advisory (SUSE-SU-2015:1253-2)
Resumen:	The remote host is missing an update for the 'php5' package(s) announced via the SUSE-SU-2015:1253-2 advisory.
Descripción:	Summary: The remote host is missing an update for the 'php5' package(s) announced via the SUSE-SU-2015:1253-2 advisory. Vulnerability Insight: This security update of PHP fixes the following issues: Security issues fixed: * CVE-2015-4024 [bnc#931421]: Fixed multipart/form-data remote DOS Vulnerability. * CVE-2015-4026 [bnc#931776]: pcntl_exec() did not check path validity. * CVE-2015-4022 [bnc#931772]: Fixed and overflow in ftp_genlist() that resulted in a heap overflow. * CVE-2015-4021 [bnc#931769]: Fixed memory corruption in phar_parse_tarfile when entry filename starts with NULL. * CVE-2015-4148 [bnc#933227]: Fixed SoapClient's do_soap_call() type confusion after unserialize() information disclosure. * CVE-2015-4602 [bnc#935224]: Fixed an incomplete Class unserialization type confusion. * CVE-2015-4599, CVE-2015-4600, CVE-2015-4601 [bnc#935226]: Fixed type confusion issues in unserialize() with various SOAP methods. * CVE-2015-4603 [bnc#935234]: Fixed exception::getTraceAsString type confusion issue after unserialize. * CVE-2015-4644 [bnc#935274]: Fixed a crash in php_pgsql_meta_data. * CVE-2015-4643 [bnc#935275]: Fixed an integer overflow in ftp_genlist() that could result in a heap overflow. * CVE-2015-3411, CVE-2015-3412, CVE-2015-4598 [bnc#935227], [bnc#935232]: Added missing null byte checks for paths in various PHP extensions. Bugs fixed: * configure php-fpm with --localstatedir=/var [bnc#927147] * fix timezone map [bnc#919080] Affected Software/OS: 'php5' package(s) on SUSE Linux Enterprise Module for Web Scripting 12. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3411 BugTraq ID: 75255 http://www.securityfocus.com/bid/75255 RedHat Security Advisories: RHSA-2015:1135 http://rhn.redhat.com/errata/RHSA-2015-1135.html RedHat Security Advisories: RHSA-2015:1186 http://rhn.redhat.com/errata/RHSA-2015-1186.html RedHat Security Advisories: RHSA-2015:1187 http://rhn.redhat.com/errata/RHSA-2015-1187.html RedHat Security Advisories: RHSA-2015:1218 http://rhn.redhat.com/errata/RHSA-2015-1218.html http://www.securitytracker.com/id/1032709 Common Vulnerability Exposure (CVE) ID: CVE-2015-3412 BugTraq ID: 75250 http://www.securityfocus.com/bid/75250 Common Vulnerability Exposure (CVE) ID: CVE-2015-4021 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html BugTraq ID: 74700 http://www.securityfocus.com/bid/74700 Debian Security Information: DSA-3280 (Google Search) http://www.debian.org/security/2015/dsa-3280 http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html https://security.gentoo.org/glsa/201606-10 RedHat Security Advisories: RHSA-2015:1219 http://rhn.redhat.com/errata/RHSA-2015-1219.html http://www.securitytracker.com/id/1032433 SuSE Security Announcement: openSUSE-SU-2015:0993 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html Common Vulnerability Exposure (CVE) ID: CVE-2015-4022 BugTraq ID: 74902 http://www.securityfocus.com/bid/74902 Common Vulnerability Exposure (CVE) ID: CVE-2015-4024 BugTraq ID: 74903 http://www.securityfocus.com/bid/74903 http://www.securitytracker.com/id/1032432 Common Vulnerability Exposure (CVE) ID: CVE-2015-4026 BugTraq ID: 75056 http://www.securityfocus.com/bid/75056 http://www.securitytracker.com/id/1032431 Common Vulnerability Exposure (CVE) ID: CVE-2015-4148 BugTraq ID: 75103 http://www.securityfocus.com/bid/75103 http://openwall.com/lists/oss-security/2015/06/01/4 RedHat Security Advisories: RHSA-2015:1053 http://rhn.redhat.com/errata/RHSA-2015-1053.html RedHat Security Advisories: RHSA-2015:1066 http://rhn.redhat.com/errata/RHSA-2015-1066.html http://www.securitytracker.com/id/1032459 SuSE Security Announcement: openSUSE-SU-2015:1057 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-06/msg00028.html Common Vulnerability Exposure (CVE) ID: CVE-2015-4598 BugTraq ID: 75244 http://www.securityfocus.com/bid/75244 Debian Security Information: DSA-3344 (Google Search) http://www.debian.org/security/2015/dsa-3344 http://www.openwall.com/lists/oss-security/2015/06/16/12 Common Vulnerability Exposure (CVE) ID: CVE-2015-4599 BugTraq ID: 75251 http://www.securityfocus.com/bid/75251 Common Vulnerability Exposure (CVE) ID: CVE-2015-4600 BugTraq ID: 74413 http://www.securityfocus.com/bid/74413 Common Vulnerability Exposure (CVE) ID: CVE-2015-4601 BugTraq ID: 75246 http://www.securityfocus.com/bid/75246 Common Vulnerability Exposure (CVE) ID: CVE-2015-4602 BugTraq ID: 75249 http://www.securityfocus.com/bid/75249 Common Vulnerability Exposure (CVE) ID: CVE-2015-4603 BugTraq ID: 75252 http://www.securityfocus.com/bid/75252 Common Vulnerability Exposure (CVE) ID: CVE-2015-4643 BugTraq ID: 75291 http://www.securityfocus.com/bid/75291 http://openwall.com/lists/oss-security/2015/06/18/6 Common Vulnerability Exposure (CVE) ID: CVE-2015-4644 BugTraq ID: 75292 http://www.securityfocus.com/bid/75292
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.