Detections
Analytics
Mandrake Linux Security Advisory : php (MDKSA-2006:074)
medium Nessus Plugin ID 21281
Synopsis
The remote Mandrake Linux host is missing one or more security updates.Description
A cross-site scripting (XSS) vulnerability in phpinfo (info.c) in PHP <= 5.1.2 allows remote attackers to inject arbitrary web script or HTML via long array variables, including (1) a large number of dimensions or (2) long values, which prevents HTML tags from being removed. (CVE-2006-0996)Directory traversal vulnerability in file.c in PHP <= 5.1.2 allows local users to bypass open_basedir restrictions and allows remote attackers to create files in arbitrary directories via the tempnam function. (CVE-2006-1494)
The copy function in file.c in PHP <= 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI. (CVE-2006-1608)
Updated packages have been patched to address these issues. After upgrading these packages, please run 'service httpd restart'.
Solution
Update the affected packages.Plugin Details
Severity: Medium
ID: 21281
File Name: mandrake_MDKSA-2006-074.nasl
Version: 1.17
Type: local
Family: Mandriva Local Security Checks
Published: 4/26/2006
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.5
CVSS v2
Risk Factor: Medium
Base Score: 4.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
Vulnerability Information
CPE: p-cpe:/a:mandriva:linux:lib64php5_common5, p-cpe:/a:mandriva:linux:lib64php_common432, p-cpe:/a:mandriva:linux:libphp5_common5, p-cpe:/a:mandriva:linux:libphp_common432, p-cpe:/a:mandriva:linux:php-cgi, p-cpe:/a:mandriva:linux:php-cli, p-cpe:/a:mandriva:linux:php-devel, p-cpe:/a:mandriva:linux:php-fcgi, p-cpe:/a:mandriva:linux:php432-devel, cpe:/o:mandriva:linux:2006, x-cpe:/o:mandrakesoft:mandrake_linux:le2005
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list
Patch Publication Date: 4/24/2006
Reference Information
CVE: CVE-2006-0996, CVE-2006-1494, CVE-2006-1608
CWE: 79
MDKSA: 2006:074