FreeBSD : php -- multiple vulnerabilities (6b771fe2-b84e-11e5-92f9-485d605f4717)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

PHP reports :

- Core :

- Fixed bug #70755 (fpm_log.c memory leak and buffer overflow).

- GD :

- Fixed bug #70976 (Memory Read via gdImageRotateInterpolated Array
Index Out of Bounds).

- SOAP :

- Fixed bug #70900 (SoapClient systematic out of memory error).

- Wddx

- Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet
Deserialization).

- Fixed bug #70741 (Session WDDX Packet Deserialization Type Confusion
Vulnerability).

- XMLRPC :

- Fixed bug #70728 (Type Confusion Vulnerability in
PHP_to_XMLRPC_worker()).

See also :

http://www.php.net/ChangeLog-5.php#5.5.31
http://www.php.net/ChangeLog-5.php#5.6.17
http://www.nessus.org/u?6bf26094

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 87854 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now