Slackware 10.2 / 11.0 : php (SSA:2007-053-01)

This script is Copyright (C) 2007-2013 Tenable Network Security, Inc.


Synopsis :

The remote Slackware host is missing a security update.

Description :

New php packages are available for Slackware 10.2 and 11.0 to improve
the stability and security of PHP. Quite a few bugs were fixed --
please see http://www.php.net for a detailed list. All sites that use
PHP are encouraged to upgrade. Please note that we haven't tested all
PHP applications for backwards compatibility with this new upgrade, so
you should have the old package on hand just in case. Both PHP 4.4.5
and PHP 5.2.1 updates have been provided. Some of these issues have
been assigned CVE numbers and may be referenced in the Common
Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0988

See also :

http://www.php.net
http://www.nessus.org/u?6ec7ea49

Solution :

Update the affected php package.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: Slackware Local Security Checks

Nessus Plugin ID: 24691 ()

Bugtraq ID:

CVE ID: CVE-2007-0906
CVE-2007-0907
CVE-2007-0908
CVE-2007-0909
CVE-2007-0910
CVE-2007-0988