Slackware 10.2 / 11.0 / 12.0 / 12.1 / current : php (SSA:2008-128-01)

critical Nessus Plugin ID 32444

Synopsis

The remote Slackware host is missing a security update.

Description

New php packages are available for Slackware 10.2, 11.0, 12.0, 12.1, and -current to fix security issues. Note that PHP5 is not the default PHP for Slackware 10.2 or 11.0 (those use PHP4), so if your PHP code is not ready for PHP5, don't upgrade until it is or you'll (by definition) run into problems.

Solution

Update the affected php package.

See Also

http://www.nessus.org/u?6629f5e7

Plugin Details

Severity: Critical

ID: 32444

File Name: Slackware_SSA_2008-128-01.nasl

Version: 1.17

Type: local

Published: 5/28/2008

Updated: 1/14/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:slackware:slackware_linux:php, cpe:/o:slackware:slackware_linux, cpe:/o:slackware:slackware_linux:10.2, cpe:/o:slackware:slackware_linux:11.0, cpe:/o:slackware:slackware_linux:12.0, cpe:/o:slackware:slackware_linux:12.1

Required KB Items: Host/local_checks_enabled, Host/Slackware/release, Host/Slackware/packages

Exploit Ease: No known exploits are available

Patch Publication Date: 5/7/2008

Reference Information

CVE: CVE-2008-0599, CVE-2008-2050, CVE-2008-2051

BID: 29009

CWE: 119

SSA: 2008-128-01