This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
Multiple vulnerabilities has been discovered and corrected in php :
The openssl_x509_parse function in openssl.c in the OpenSSL module in
PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a
'\0' character in a domain name in the Subject Alternative Name field
of an X.509 certificate, which allows man-in-the-middle attackers to
spoof arbitrary SSL servers via a crafted certificate issued by a
legitimate Certification Authority, a related issue to CVE-2009-2408
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP
before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not
properly parse (1) notBefore and (2) notAfter timestamps in X.509
certificates, which allows remote attackers to execute arbitrary code
or cause a denial of service (memory corruption) via a crafted
certificate that is not properly handled by the openssl_x509_parse
The scan function in ext/date/lib/parse_iso_intervals.c in PHP through
5.5.6 does not properly restrict creation of DateInterval objects,
which might allow remote attackers to cause a denial of service
(heap-based buffer over-read) via a crafted interval specification
The updated php packages have been upgraded to the 5.5.8 version which
is not vulnerable to these issues.
Additionally, the PECL packages which requires so has been rebuilt for
php-5.5.8 and some has been upgraded to their latest versions.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : false
Family: Mandriva Local Security Checks
Nessus Plugin ID: 72082 ()
Bugtraq ID: 617766401864225
CVE ID: CVE-2013-4248CVE-2013-6420CVE-2013-6712
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.