SuSE 10 Security Update : PHP5 (ZYPP Patch Number 8114)
High Nessus Plugin ID 59053
The remote SuSE 10 host is missing a security-related patch.
This update fixes several security issues in PHP5 : - A directory traversal bug has been fixed in php5. (CVE-2012-1172) - A command injection was possible when PHP5 was operated in CGI mode using commandline options. This problem does not affect PHP5 in the normal Apache module mode setup. (CVE-2012-1823 / CVE-2012-2311) - Also a pack/unpacking bug on big endian 64bit architectures (ppc64 and s390x) has been fixed. bnc#753778