Detections
Analytics

Fedora 12 : php-pecl-apc-3.1.4-2.fc12 (2010-15004)

medium Nessus Plugin ID 49722

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

Upstream Changelog for Version 3.1.4 - API 3.1.0 (beta)

 - Renamed the memory protection configure option to
 --enable-apc-memprotect (Kalle, Shire)

 - ZTS fixes and optimizations (Kalle, Felipe)

 - Added support for interned strings, run-time caches and Zend Engine 2.4 (Dmitry)

 - Added apc_exists() (Rasmus)

 - Fixed potential XSS in apc.php (Pierre, Matt Chapman)

 - Fixed pecl bug #17597 (keys with embedded NUL) (Gopal)

 - Fixed pecl bug #17650 (Fix goto jump offsets) (Gopal)

 - Fixed pecl bug #17527 (Standardized error reporting) (Gopal, Paul Dragoonis)

 - Fixed pecl bug #17089 (Scrub the constant table of all inherited members before caching) (Gopal)

 - Fixed pecl bug #16860 (files can be included more than once even when include/require_once are used) (Pierre)

 - Fixed pecl bug #16717 (apc_fetch dies after 1 hour, regardless of ttl settings) (Kalle)

 - Fixed pecl bug #17597 (apc user cache keys with embedded NULs) (Gopal)

 - Fixed pecl bug #13583 (apc upload progress fixes) (Gopal)

Improves default configuration file provided.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected php-pecl-apc package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=634334

http://www.nessus.org/u?c2b5a281

Plugin Details

Severity: Medium

ID: 49722

File Name: fedora_2010-15004.nasl

Version: 1.11

Type: local

Agent: unix

Published: 10/6/2010

Updated: 1/11/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.0

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:php-pecl-apc, cpe:/o:fedoraproject:fedora:12

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 9/21/2010

Reference Information

CVE: CVE-2010-3294

BID: 43218

FEDORA: 2010-15004