Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2014.0062.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2014:0062-1)
Summary:The remote host is missing an update for the 'PHP5' package(s) announced via the SUSE-SU-2014:0062-1 advisory.
Description:Summary:
The remote host is missing an update for the 'PHP5' package(s) announced via the SUSE-SU-2014:0062-1 advisory.

Vulnerability Insight:
This update fixes the following issues:

* memory corruption in openssl_parse_x509
(CVE-2013-6420)
* man-in-the-middle attacks by specially crafting certificates (CVE-2013-4248)

Security Issue references:

* CVE-2013-6420
>
* CVE-2013-4248
>

Affected Software/OS:
'PHP5' package(s) on SUSE Linux Enterprise Software Development Kit 11 SP2, SUSE Linux Enterprise Server 11 SP2

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-4248
BugTraq ID: 61776
http://www.securityfocus.com/bid/61776
Debian Security Information: DSA-2742 (Google Search)
http://www.debian.org/security/2013/dsa-2742
HPdes Security Advisory: HPSBUX03150
http://marc.info/?l=bugtraq&m=141390017113542&w=2
RedHat Security Advisories: RHSA-2013:1307
http://rhn.redhat.com/errata/RHSA-2013-1307.html
RedHat Security Advisories: RHSA-2013:1615
http://rhn.redhat.com/errata/RHSA-2013-1615.html
http://www.securitytracker.com/id/1028924
http://secunia.com/advisories/54478
http://secunia.com/advisories/54657
http://secunia.com/advisories/55078
http://secunia.com/advisories/59652
SuSE Security Announcement: openSUSE-SU-2013:1963 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00125.html
SuSE Security Announcement: openSUSE-SU-2013:1964 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-12/msg00126.html
http://www.ubuntu.com/usn/USN-1937-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-6420
BugTraq ID: 64225
http://www.securityfocus.com/bid/64225
Debian Security Information: DSA-2816 (Google Search)
http://www.debian.org/security/2013/dsa-2816
HPdes Security Advisory: HPSBMU03112
https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04463322
HPdes Security Advisory: SSRT101447
https://www.sektioneins.de/advisories/advisory-012013-php-openssl_x509_parse-memory-corruption-vulnerability.html
RedHat Security Advisories: RHSA-2013:1813
http://rhn.redhat.com/errata/RHSA-2013-1813.html
RedHat Security Advisories: RHSA-2013:1815
http://rhn.redhat.com/errata/RHSA-2013-1815.html
RedHat Security Advisories: RHSA-2013:1824
http://rhn.redhat.com/errata/RHSA-2013-1824.html
RedHat Security Advisories: RHSA-2013:1825
http://rhn.redhat.com/errata/RHSA-2013-1825.html
RedHat Security Advisories: RHSA-2013:1826
http://rhn.redhat.com/errata/RHSA-2013-1826.html
http://www.securitytracker.com/id/1029472
http://www.ubuntu.com/usn/USN-2055-1
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.