SUSE-SA:2005:069: php4,php5

Medium Nessus Plugin ID 20335


The remote host is missing a vendor-supplied security patch


The remote host is missing the patch for the advisory SUSE-SA:2005:069 (php4,php5).

Updated PHP packages fix the following security issues:

- Stefan Esser found out that a bug in parse_str() could lead to activation of register_globals (CVE-2005-3389) and additionally that file uploads could overwrite $GLOBALS (CVE-2005-3390)

- Bugs in the exif code could lead to a crash (CVE-2005-3353)

- Missing safe_mode checks in image processing code and cURL functions allowed to bypass safe_mode and open_basedir (CVE-2005-3391)

- Information leakage via the virtual() function (CVE-2005-3392)

- Missing input sanitation in the mb_send_mail() function potentially allowed to inject arbitrary mail headers (CVE-2005-3883)

The previous security update for php caused crashes when mod_rewrite was used. The updated packages fix that problem as well.


Plugin Details

Severity: Medium

ID: 20335

File Name: suse_SA_2005_069.nasl

Version: $Revision: 1.4 $

Agent: unix

Published: 2005/12/20

Dependencies: 12634

Risk Information

Risk Factor: Medium

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list