This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
A number of vulnerabilities have been found and corrected in PHP :
PHP 5.2.1 would allow context-dependent attackers to read portions of
heap memory by executing certain scripts with a serialized data input
string beginning with 'S:', which did not properly track the number of
input bytes being processed (CVE-2007-1649).
A vulnerability in the chunk_split() function in PHP prior to 5.2.4
has unknown impact and attack vectors, related to an incorrect size
The htmlentities() and htmlspecialchars() functions in PHP prior to
5.2.5 accepted partial multibyte sequences, which has unknown impact
and attack vectors (CVE-2007-5898).
The output_add_rewrite_var() function in PHP prior to 5.2.5 rewrites
local forms in which the ACTION attribute references a non-local URL,
which could allow a remote attacker to obtain potentially sensitive
information by reading the requests for this URL (CVE-2007-5899).
The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown
impact and context-dependent attack vectors related to incomplete
multibyte characters (CVE-2008-2051).
Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5
were discovered that could produce a zero seed in rare circumstances
on 32bit systems and generations a portion of zero bits during
conversion due to insufficient precision on 64bit systems
The IMAP module in PHP uses obsolete API calls that allow
context-dependent attackers to cause a denial of service (crash) via a
long IMAP request (CVE-2008-2829).
The updated packages have been patched to correct these issues.
Update the affected packages.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.7
Public Exploit Available : true
Family: Mandriva Local Security Checks
Nessus Plugin ID: 37584 (mandriva_MDVSA-2008-126.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now