SUSE-SA:2006:059: php4,php5

Medium Nessus Plugin ID 24437


The remote host is missing a vendor-supplied security patch


The remote host is missing the patch for the advisory SUSE-SA:2006:059 (php4,php5).

The ini_restore() method could be exploited to reset options such as open_basedir when set via the web server config file to their default value set in php.ini (CVE-2006-4625).

Additionally php5 on all products as well as php4 on SLES8 were vulnerable to an integer overflow problem in the memory allocation routine. This bug can be exploited to execute arbitrary code with the uid of the web server (CVE-2006-4812).
Thanks to Stefan Esser for reporting the problem.


Plugin Details

Severity: Medium

ID: 24437

File Name: suse_SA_2006_059.nasl

Version: $Revision: 1.5 $

Agent: unix

Published: 2007/02/18

Dependencies: 12634

Risk Information

Risk Factor: Medium

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list