Support
Eng
òÕÓ
Company
Home
Services
Solutions
Documentation
News and Events
 
 
 
Knowledgebase
Downloads
Glossary
Ask a Question
Search:     Advanced search
SHALB.com / Security Knowledgebase / Network Security / CGI abuses / PHP < 5.2.1 Multiple Vulnerabilities
server monitoring

PHP < 5.2.1 Multiple Vulnerabilities
Article ID: 24907
Last updated: 27 Jan, 2009
Print
Email to friend
Views: 731
Posted: 22 Jan, 2009
by: Tech Pubs S.
Updated: 27 Jan, 2009
by: Tech Pubs S.

PHP < 5.2.1 Multiple Vulnerabilities
This script is Copyright (C) 2007-2008 Tenable Network Security, Inc.

FamilyCGI abuses
Plugin ID24907
Bugtraq ID21508
22496
22805
22806
22862
22922
23119
23120
23219
23233
23234
23235
23236
23237
23238
CVE IDCVE-2006-6383
CVE-2007-0905
CVE-2007-0906
CVE-2007-0907
CVE-2007-0908
CVE-2007-0909
CVE-2007-0910
CVE-2007-1376
CVE-2007-1380
CVE-2007-1453
CVE-2007-1700
CVE-2007-1701
CVE-2007-1824
CVE-2007-1825
CVE-2007-1884
CVE-2007-1885
CVE-2007-1886

Description:

Synopsis :

The remote web server uses a version of PHP that is affected by
multiple flaws.

Description :

According to its banner, the version of PHP installed on the remote
host is older than 5.2.1. Such versions may be affected by several
issues, including buffer overflows, format string vulnerabilities,
arbitrary code execution, safe_mode and open_basedir bypasses, and
clobbering of super-globals.

See also :

http://www.php.net/releases/5_2_1.php

Solution :

Upgrade to PHP version 5.2.1 or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
This article was:   Helpful | Not Helpful
Prev   Next
Vignette StoryServer TCL code injection     Webmin / Usermin miniserv.pl Arbitrary File Disclosure

server monitoring

¿ 2010 "SHALB.com" All rights reserved
SHALB Home
Services
Solutions
Documentation
News and Events