MDKA-2007:027 : php-session

High Nessus Plugin ID 25112


The remote Mandrake host is missing one or more security-related patches.


The php-session package includes a cron setting to remove PHP sessions that are no longer in use. Previously, it could expire the session even if it was still in use. This update will prevent the cron job from removing sessions that are still actively being used, and will only expire after the last action done in the session is older than the number of minutes defined in /var/lib/php/maxlifetime.


Update the affected package(s).

See Also

Plugin Details

Severity: High

ID: 25112

File Name: mandrake_MDKA-2007-027.nasl

Version: $Revision: 1.9 $

Type: local

Published: 2007/04/30

Modified: 2012/09/07

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: cpe:/o:mandriva:linux

Required KB Items: Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2007/04/23