This script is Copyright (C) 2006-2014 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
A number of vulnerabilities were discovered in PHP :
An issue with fopen_wrappers.c would not properly restrict access to
other directories when the open_basedir directive included a trailing
slash (CVE-2005-3054); this issue does not affect Corporate Server
An issue with the apache2handler SAPI in mod_php could allow an
attacker to cause a Denial of Service via the session.save_path option
in an .htaccess file or VirtualHost stanza (CVE-2005-3319); this issue
does not affect Corporate Server 2.1.
A Denial of Service vulnerability was discovered in the way that PHP
processes EXIF image data which could allow an attacker to cause PHP
to crash by supplying carefully crafted EXIF image data
A cross-site scripting vulnerability was discovered in the phpinfo()
content onto a page displaying phpinfo() output, or to steal data such
as cookies (CVE-2005-3388).
A flaw in the parse_str() function could allow for the enabling of
register_globals, even if it was disabled in the PHP configuration
A vulnerability in the way that PHP registers global variables during
a file upload request could allow a remote attacker to overwrite the
$GLOBALS array which could potentially lead the execution of arbitrary
PHP commands. This vulnerability only affects systems with
register_globals enabled (CVE-2005-3390).
The updated packages have been patched to address this issue. Once the
new packages have been installed, you will need to restart your Apache
server using 'service httpd restart' in order for the new packages to
take effect ('service httpd2-naat restart' for MNF2).
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5
Family: Mandriva Local Security Checks
Nessus Plugin ID: 20445 (mandrake_MDKSA-2005-213.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now