Fedora 16 : php-5.3.8-3.fc16 (2011-13472)

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

- Revert is_a() behavior to php <= 5.3.6 and add a new new
option (allow_string) for the new behavior (accept
string and raise autoload if needed)

- Provides MySQL Native Driver in new php-mysqlnd package.

Upstream documentation:
http://www.php.net/manual/en/mysqlnd.overview.php

This is a drop-in replacement of MySQL Client Library used by
php-mysql package.

See also :

http://www.php.net/manual/en/mysqlnd.overview.php
https://bugzilla.redhat.com/show_bug.cgi?id=741020
http://www.nessus.org/u?ef3e7e86

Solution :

Update the affected php package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Fedora Local Security Checks

Nessus Plugin ID: 56423 ()

Bugtraq ID:

CVE ID: CVE-2011-3379