Scientific Linux Security Update : php-pear on SL6.x

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote Scientific Linux host is missing a security update.

Description :

The php-pear package contains the PHP Extension and Application
Repository (PEAR), a framework and distribution system for reusable
PHP components.

It was found that the 'pear' command created temporary files in an
insecure way when installing packages. A malicious, local user could
use this flaw to conduct a symbolic link attack, allowing them to
overwrite the contents of arbitrary files accessible to the victim
running the 'pear install' command. (CVE-2011-1072)

This update also fixes the following bugs :

- The php-pear package has been upgraded to version 1.9.4,
which provides a number of bug fixes over the previous
version.

- Prior to this update, php-pear created a cache in the
'/var/cache/php-pear/' directory when attempting to list
all packages. As a consequence, php-pear failed to
create or update the cache file as a regular user
without sufficient file permissions and could not list
all packages. With this update, php-pear no longer fails
if writing to the cache directory is not permitted. Now,
all packages are listed as expected.

All users of php-pear are advised to upgrade to this updated package,
which corrects these issues.

See also :

http://www.nessus.org/u?6d132378

Solution :

Update the affected php-pear package.

Risk factor :

Low / CVSS Base Score : 3.3
(CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:P)

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 61194 ()

Bugtraq ID:

CVE ID: CVE-2011-1072