Test ID:	1.3.6.1.4.1.25623.1.0.54016
Category:	SuSE Local Security Checks
Title:	SuSE Security Advisory SUSE-SA:2005:023 (php4, php5)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory SUSE-SA:2005:023. This update fixes the following security issues in the PHP scripting language: - A bug in getimagesize() EXIF handling which could lead to a denial of service attack. This is tracked by the Mitre CVE IDs CVE-2005-0524 and CVE-2005-0525. Additionally this non-security bug was fixed: - Performance problems of unserialize() caused by previous security fix to unserialize were fixed. All SUSE Linux based distributions shipping php4 and php5 were affected. Solution: Update your system with the packages as indicated in the referenced security advisory. https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2005:023 Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0524 http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html http://www.gentoo.org/security/en/glsa/glsa-200504-15.xml http://www.securityfocus.com/archive/1/394797 http://www.mandriva.com/security/advisories?name=MDKSA-2005:072 http://www.osvdb.org/15183 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9310 http://www.redhat.com/support/errata/RHSA-2005-405.html http://www.redhat.com/support/errata/RHSA-2005-406.html http://securitytracker.com/id?1013619 http://secunia.com/advisories/14792 SuSE Security Announcement: SUSE-SA:2005:023 (Google Search) http://www.vupen.com/english/advisories/2005/0305 XForce ISS Database: php-phphandleiff-dos(19920) https://exchange.xforce.ibmcloud.com/vulnerabilities/19920 Common Vulnerability Exposure (CVE) ID: CVE-2005-0525 Debian Security Information: DSA-708 (Google Search) http://www.debian.org/security/2005/dsa-708 Debian Security Information: DSA-729 (Google Search) http://www.debian.org/security/2005/dsa-729 http://www.osvdb.org/15184 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11703
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.