Mandriva Linux Security Advisory : php (MDVSA-2010:139)

This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing one or more security
updates.

Description :

This is a maintenance and security update that upgrades php to 5.2.14
for CS4/MES5/2008.0/2009.0/2009.1.

Security Enhancements and Fixes in PHP 5.2.14 :

- Rewrote var_export() to use smart_str rather than output
buffering, prevents data disclosure if a fatal error
occurs (CVE-2010-2531).

- Fixed a possible interruption array leak in
strrchr().(CVE-2010-2484)

- Fixed a possible interruption array leak in strchr(),
strstr(), substr(), chunk_split(), strtok(),
addcslashes(), str_repeat(), trim().

- Fixed a possible memory corruption in substr_replace().

- Fixed SplObjectStorage unserialization problems
(CVE-2010-2225).

- Fixed a possible stack exaustion inside fnmatch().

- Fixed a NULL pointer dereference when processing
invalid XML-RPC requests (Fixes CVE-2010-0397, bug
#51288).

- Fixed handling of session variable serialization on
certain prefix characters.

- Fixed a possible arbitrary memory access inside sqlite
extension. Reported by Mateusz Kocielski.

Additionally some of the third-party extensions has been upgraded
and/or rebuilt for the new php version.

Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=4
90

See also :

http://www.php.net/ChangeLog-5.php#5.2.14

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 48197 (mandriva_MDVSA-2010-139.nasl)

Bugtraq ID:

CVE ID: CVE-2010-0397
CVE-2010-2225
CVE-2010-2484
CVE-2010-2531

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now