Slackware 10.2 / 11.0 / current : php (SSA:2007-127-01)

medium Nessus Plugin ID 25174

Synopsis

The remote Slackware host is missing a security update.

Description

New php packages are available for Slackware 10.2, 11.0, and -current to improve the stability and security of PHP. Quite a few bugs were fixed -- please see http://www.php.net for a detailed list. All sites that use PHP are encouraged to upgrade. Please note that we haven't tested all PHP applications for backwards compatibility with this new upgrade, so you should have the old package on hand just in case. Both PHP 4.4.7 and PHP 5.2.2 updates have been provided.

Solution

Update the affected php package.

See Also

http://www.php.net

http://www.nessus.org/u?6b93491f

Plugin Details

Severity: Medium

ID: 25174

File Name: Slackware_SSA_2007-127-01.nasl

Version: 1.16

Type: local

Published: 5/10/2007

Updated: 1/14/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.6

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:slackware:slackware_linux:php, cpe:/o:slackware:slackware_linux, cpe:/o:slackware:slackware_linux:10.2, cpe:/o:slackware:slackware_linux:11.0

Required KB Items: Host/local_checks_enabled, Host/Slackware/release, Host/Slackware/packages

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/8/2007

Vulnerability Publication Date: 4/10/2007

Reference Information

CVE: CVE-2007-1001

SSA: 2007-127-01