Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2002:017: php Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the php package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2002:017 (php).
Several flaws exist in various versions of PHP in the way it handles
multipart/form-data POST requests, which are used for file uploads. The
php_mime_split() function could be used by a possible hacker to execute arbitrary code
on the server. This affects both PHP4 and PHP3. The authors have fixed this in
PHP 4.1.2 and provided patches for older versions of PHP.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2002:017
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.