Mandrake Linux Security Advisory : php (MDKSA-2006:144)

This script is Copyright (C) 2006-2015 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

A vulnerability was discovered in the sscanf function that could allow
attackers in certain circumstances to execute arbitrary code via
argument swapping which incremented an index past the end of an array
and triggered a buffer over-read.

Updated packages have been patched to correct these issues.

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 4.6
(CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 4.0
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 23893 (mandrake_MDKSA-2006-144.nasl)

Bugtraq ID: 19415

CVE ID: CVE-2006-4020

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now