FreeBSD : php -- multiple vulnerabilities (7fcf1727-be71-11db-b2ec-000c6ec775d9)

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Multiple vulnerabilities have been found in PHP, including : buffer
overflows, stack overflows, format string, and information disclosure
vulnerabilities.

The session extension contained safe_mode and open_basedir bypasses,
but the FreeBSD Security Officer does not consider these real security
vulnerabilities, since safe_mode and open_basedir are insecure by
design and should not be relied upon.

See also :

http://www.php.net/releases/4_4_5.php
http://www.php.net/releases/5_2_1.php
http://www.nessus.org/u?00696e94

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 24365 (freebsd_pkg_7fcf1727be7111dbb2ec000c6ec775d9.nasl)

Bugtraq ID:

CVE ID: CVE-2007-0905
CVE-2007-0906
CVE-2007-0907
CVE-2007-0908
CVE-2007-0909
CVE-2007-0910
CVE-2007-0988

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now