SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6777)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

This update fixes CVE-2011-1398 / CVE-2011-4388 (header injection via
CR).

This update also changes the default configuration to use FilesMatch
with 'SetHandler' rather than 'AddHandler' to protect weakly written
web applications from content confusion. Since this is a hardening
measure, no CVE was assigned.

See also :

https://bugzilla.novell.com/show_bug.cgi?id=775852
https://bugzilla.novell.com/show_bug.cgi?id=778003
http://support.novell.com/security/cve/CVE-2011-1398.html
http://support.novell.com/security/cve/CVE-2011-4388.html

Solution :

Apply SAT patch number 6777.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

Family: SuSE Local Security Checks

Nessus Plugin ID: 64102 ()

Bugtraq ID:

CVE ID: CVE-2011-1398

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now