Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: SuSE Local Security Checks --> Category: infos

SUSE-SA:2006:031: PHP4,PHP5 Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the PHP4,PHP5 package

Detailed Explanation for this Vulnerability Test

The remote host is missing the patch for the advisory SUSE-SA:2006:031 (PHP4,PHP5).

This update fixes the following security issues in the PHP scripting
language, both version 4 and 5:

- Invalid characters in session names were not blocked.

- CVE-2006-2657: A bug in zend_hash_del() allowed attackers to prevent
unsetting of some variables

- CVE-2006-1991, CVE-2006-1990: Bugs in the substr_compare() and
wordwrap function could crash the php interpreter.

- CVE-2006-2906: A CPU consumption denial of service attack in php-gd
was fixed.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.