This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
A number of vulnerabilities were discovered in PHP language.
Many buffer overflow flaws were discovered in the PHP session
extension, the str_replace() function, and the imap_mail_compose()
function. An attacker able to use a PHP application using any of these
functions could trigger these flaws and possibly execute arbitrary
code as the apache user (CVE-2007-0906).
A one-byte memory read will always occur prior to the beginning of a
buffer, which could be triggered, for example, by any use of the
header() function in a script (CVE-2007-0907).
The wddx extension, if used to import WDDX data from an untrusted
source, may allow a random portion of heap memory to be exposed due to
certain WDDX input packets (CVE-2007-0908).
The odbc_result_all() function, if used to display data from a
database, and if the contents of the database are under the control of
an attacker, could lead to the execution of arbitrary code due to a
format string vulnerability (CVE-2007-0909).
Several flaws in the PHP could allow attackers to clobber certain
super-global variables via unspecified vectors (CVE-2007-0910).
The zend_hash_init() function can be forced into an infinite loop if
unserializing untrusted data on a 64-bit platform, resulting in the
consumption of CPU resources until the script timeout alarm aborts the
execution of the script (CVE-2007-0988).
Updated package have been patched to correct this issue.
Update the affected packages.
Risk factor :
Critical / CVSS Base Score : 10.0
Family: Mandriva Local Security Checks
Nessus Plugin ID: 24695 (mandrake_MDKSA-2007-048.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now