SuSE 10 Security Update : PHP5 (ZYPP Patch Number 2684)

This script is Copyright (C) 2007-2012 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 10 host is missing a security-related patch.

Description :

This update fixes security problems also fixed in PHP 5.2.1, including
following problems :

- Multiple buffer overflows in PHP before 5.2.1 allow
attackers to cause a denial of service and possibly
execute arbitrary code via unspecified vectors in the
(1) session, (2) zip, (3) imap, and (4) sqlite
extensions; (5) stream filters; and the (6) str_replace,
(7) mail, (8) ibase_delete_user, (9) ibase_add_user, and
(10) ibase_modify_user functions. (CVE-2007-0906)

- Buffer underflow in PHP before 5.2.1 allows attackers to
cause a denial of service via unspecified vectors
involving the sapi_header_op function. (CVE-2007-0907)

- The wddx extension in PHP before 5.2.1 allows remote
attackers to obtain sensitive information via
unspecified vectors. (CVE-2007-0908)

- Multiple format string vulnerabilities in PHP before
5.2.1 might allow attackers to execute arbitrary code
via format string specifiers to (1) all of the *print
functions on 64-bit systems, and (2) the odbc_result_all
function. (CVE-2007-0909)

- Unspecified vulnerability in PHP before 5.2.1 allows
attackers to 'clobber' certain super-global variables
via unspecified vectors. (CVE-2007-0910)

- Off-by-one error in the str_ireplace function in PHP
5.2.1 might allow context-dependent attackers to cause a
denial of service (crash). (CVE-2007-0911)

- PHP 5.2.0 and 4.4 allows local users to bypass safe_mode
and open_basedir restrictions via a malicious path and a
null byte before a ';' in a session_save_path argument,
followed by an allowed path, which causes a parsing
inconsistency in which PHP validates the allowed path
but sets session.save_path to the malicious path. And
another fix for open_basedir was added to stop mixing up
its setting in a virtual host environment.
(CVE-2006-6383)

See also :

http://support.novell.com/security/cve/CVE-2006-6383.html
http://support.novell.com/security/cve/CVE-2007-0906.html
http://support.novell.com/security/cve/CVE-2007-0907.html
http://support.novell.com/security/cve/CVE-2007-0908.html
http://support.novell.com/security/cve/CVE-2007-0909.html
http://support.novell.com/security/cve/CVE-2007-0910.html
http://support.novell.com/security/cve/CVE-2007-0911.html

Solution :

Apply ZYPP patch number 2684.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 29377 ()

Bugtraq ID:

CVE ID: CVE-2006-6383
CVE-2007-0906
CVE-2007-0907
CVE-2007-0908
CVE-2007-0909
CVE-2007-0910
CVE-2007-0911

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now