SuSE 10 Security Update : PHP5 (ZYPP Patch Number 2102)
Medium Nessus Plugin ID 29374
SynopsisThe remote SuSE 10 host is missing a security-related patch.
Description- the CURL module lacked checks for control characters (CVE-2006-2563))
- str_repeat() contained an integer overflow
- ext/wddx contained a buffer overflow
- memory_limit() lacked checks for integer overflows
- a bug in sscanf() could potentially be exploited to execute arbitrary code. (CVE-2006-4020)
- an uninitialized varable caused apache to crash during startup
- corrupt gif images could crash php
SolutionApply ZYPP patch number 2102.