Mandrake Linux Security Advisory : php (MDKSA-2007:038)

This script is Copyright (C) 2007-2013 Tenable Network Security, Inc.

Synopsis :

The remote Mandrake Linux host is missing one or more security

Description :

PHP 5.2.0 and 4.4 allows local users to bypass safe_mode and
open_basedir restrictions via a malicious path and a null byte before
a ';' in a session_save_path argument, followed by an allowed path,
which causes a parsing inconsistency in which PHP validates the
allowed path but sets session.save_path to the malicious path.

Buffer overflow in the gdImageStringFTEx function in gdft.c in GD
Graphics Library 2.0.33 and earlier allows remote attackers to cause a
denial of service (application crash) and possibly execute arbitrary
code via a crafted string with a JIS encoded font. PHP uses an
embedded copy of GD and may be susceptible to the same issue.

Updated packages have been patched to correct these issues. Users must
restart Apache for the changes to take effect.

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5

Family: Mandriva Local Security Checks

Nessus Plugin ID: 24651 (mandrake_MDKSA-2007-038.nasl)

Bugtraq ID:

CVE ID: CVE-2006-6383

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now