openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0599-1)

High Nessus Plugin ID 49210

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 7.4

Synopsis

The remote openSUSE host is missing a security update.

Description

PHP was updated to version 5.3.3 to fix serveral security issues.

(CVE-2010-0397, CVE-2010-1860, CVE-2010-1862, CVE-2010-1864, CVE-2010-1866, CVE-2010-1914, CVE-2010-1915, CVE-2010-1917, CVE-2010-2093, CVE-2010-2094, CVE-2010-2097, CVE-2010-2100, CVE-2010-2101, CVE-2010-2190, CVE-2010-2191, CVE-2010-2225, CVE-2010-2531, CVE-2010-2950, CVE-2010-3062, CVE-2010-3063, CVE-2010-3064, CVE-2010-3065)

Solution

Update the affected apache2-mod_php5 packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=588975

https://bugzilla.novell.com/show_bug.cgi?id=604315

https://bugzilla.novell.com/show_bug.cgi?id=604652

https://bugzilla.novell.com/show_bug.cgi?id=604654

https://bugzilla.novell.com/show_bug.cgi?id=604656

https://bugzilla.novell.com/show_bug.cgi?id=605097

https://bugzilla.novell.com/show_bug.cgi?id=605100

https://bugzilla.novell.com/show_bug.cgi?id=609763

https://bugzilla.novell.com/show_bug.cgi?id=609766

https://bugzilla.novell.com/show_bug.cgi?id=609768

https://bugzilla.novell.com/show_bug.cgi?id=609769

https://bugzilla.novell.com/show_bug.cgi?id=612555

https://bugzilla.novell.com/show_bug.cgi?id=612556

https://bugzilla.novell.com/show_bug.cgi?id=616232

https://bugzilla.novell.com/show_bug.cgi?id=619483

https://bugzilla.novell.com/show_bug.cgi?id=619486

https://bugzilla.novell.com/show_bug.cgi?id=619487

https://bugzilla.novell.com/show_bug.cgi?id=619489

https://bugzilla.novell.com/show_bug.cgi?id=633932

https://bugzilla.novell.com/show_bug.cgi?id=633934

https://bugzilla.novell.com/show_bug.cgi?id=636923

https://lists.opensuse.org/opensuse-updates/2010-09/msg00013.html

Plugin Details

Severity: High

ID: 49210

File Name: suse_11_2_apache2-mod_php5-100813.nasl

Version: 1.6

Type: local

Agent: unix

Published: 2010/09/13

Updated: 2019/10/25

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 7.4

CVSS v2.0

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:apache2-mod_php5, p-cpe:/a:novell:opensuse:php5, p-cpe:/a:novell:opensuse:php5-bcmath, p-cpe:/a:novell:opensuse:php5-bz2, p-cpe:/a:novell:opensuse:php5-calendar, p-cpe:/a:novell:opensuse:php5-ctype, p-cpe:/a:novell:opensuse:php5-curl, p-cpe:/a:novell:opensuse:php5-dba, p-cpe:/a:novell:opensuse:php5-devel, p-cpe:/a:novell:opensuse:php5-dom, p-cpe:/a:novell:opensuse:php5-enchant, p-cpe:/a:novell:opensuse:php5-exif, p-cpe:/a:novell:opensuse:php5-fastcgi, p-cpe:/a:novell:opensuse:php5-fileinfo, p-cpe:/a:novell:opensuse:php5-ftp, p-cpe:/a:novell:opensuse:php5-gd, p-cpe:/a:novell:opensuse:php5-gettext, p-cpe:/a:novell:opensuse:php5-gmp, p-cpe:/a:novell:opensuse:php5-hash, p-cpe:/a:novell:opensuse:php5-iconv, p-cpe:/a:novell:opensuse:php5-imap, p-cpe:/a:novell:opensuse:php5-intl, p-cpe:/a:novell:opensuse:php5-json, p-cpe:/a:novell:opensuse:php5-ldap, p-cpe:/a:novell:opensuse:php5-mbstring, p-cpe:/a:novell:opensuse:php5-mcrypt, p-cpe:/a:novell:opensuse:php5-mysql, p-cpe:/a:novell:opensuse:php5-odbc, p-cpe:/a:novell:opensuse:php5-openssl, p-cpe:/a:novell:opensuse:php5-pcntl, p-cpe:/a:novell:opensuse:php5-pdo, p-cpe:/a:novell:opensuse:php5-pear, p-cpe:/a:novell:opensuse:php5-pgsql, p-cpe:/a:novell:opensuse:php5-phar, p-cpe:/a:novell:opensuse:php5-posix, p-cpe:/a:novell:opensuse:php5-pspell, p-cpe:/a:novell:opensuse:php5-readline, p-cpe:/a:novell:opensuse:php5-shmop, p-cpe:/a:novell:opensuse:php5-snmp, p-cpe:/a:novell:opensuse:php5-soap, p-cpe:/a:novell:opensuse:php5-sockets, p-cpe:/a:novell:opensuse:php5-sqlite, p-cpe:/a:novell:opensuse:php5-suhosin, p-cpe:/a:novell:opensuse:php5-sysvmsg, p-cpe:/a:novell:opensuse:php5-sysvsem, p-cpe:/a:novell:opensuse:php5-sysvshm, p-cpe:/a:novell:opensuse:php5-tidy, p-cpe:/a:novell:opensuse:php5-tokenizer, p-cpe:/a:novell:opensuse:php5-wddx, p-cpe:/a:novell:opensuse:php5-xmlreader, p-cpe:/a:novell:opensuse:php5-xmlrpc, p-cpe:/a:novell:opensuse:php5-xmlwriter, p-cpe:/a:novell:opensuse:php5-xsl, p-cpe:/a:novell:opensuse:php5-zip, p-cpe:/a:novell:opensuse:php5-zlib, cpe:/o:novell:opensuse:11.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2010/08/13

Reference Information

CVE: CVE-2010-0397, CVE-2010-1860, CVE-2010-1862, CVE-2010-1864, CVE-2010-1866, CVE-2010-1914, CVE-2010-1915, CVE-2010-1917, CVE-2010-2093, CVE-2010-2094, CVE-2010-2097, CVE-2010-2100, CVE-2010-2101, CVE-2010-2190, CVE-2010-2191, CVE-2010-2225, CVE-2010-2531, CVE-2010-2950, CVE-2010-3062, CVE-2010-3063, CVE-2010-3064, CVE-2010-3065