Mandriva Linux Security Advisory : php (MDVSA-2010:140)

This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote Mandriva Linux host is missing one or more security
updates.

Description :

This is a maintenance and security update that upgrades php to 5.3.3
for 2010.0/2010.1.

Security Enhancements and Fixes in PHP 5.3.3 :

- Rewrote var_export() to use smart_str rather than output
buffering, prevents data disclosure if a fatal error
occurs (CVE-2010-2531).

- Fixed a possible resource destruction issues in
shm_put_var().

- Fixed a possible information leak because of
interruption of XOR operator.

- Fixed a possible memory corruption because of unexpected
call-time pass by refernce and following memory
clobbering through callbacks.

- Fixed a possible memory corruption in
ArrayObject::uasort().

- Fixed a possible memory corruption in parse_str().

- Fixed a possible memory corruption in pack().

- Fixed a possible memory corruption in
substr_replace().

- Fixed a possible memory corruption in addcslashes().

- Fixed a possible stack exhaustion inside fnmatch().

- Fixed a possible dechunking filter buffer overflow.

- Fixed a possible arbitrary memory access inside sqlite
extension.

- Fixed string format validation inside phar extension.

- Fixed handling of session variable serialization on
certain prefix characters.

- Fixed a NULL pointer dereference when processing invalid
XML-RPC requests (Fixes CVE-2010-0397, bug #51288).

- Fixed SplObjectStorage unserialization problems
(CVE-2010-2225).

- Fixed possible buffer overflows in
mysqlnd_list_fields, mysqlnd_change_user.

- Fixed possible buffer overflows when handling error
packets in mysqlnd.

Additionally some of the third-party extensions and required
dependencies has been upgraded and/or rebuilt for the new php version.

See also :

http://www.php.net/ChangeLog-5.php#5.3.3

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 48198 (mandriva_MDVSA-2010-140.nasl)

Bugtraq ID:

CVE ID: CVE-2010-0397
CVE-2010-2225
CVE-2010-2531

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now