|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Fedora Local Security Checks >> Fedora Core 1 2004-222: php Vulnerability Assessment Details
|
Fedora Core 1 2004-222: php |
||
Check for the version of the php package Detailed Explanation for this Vulnerability Assessment The remote host is missing the patch for the advisory FEDORA-2004-222 (php). PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The mod_php module enables the Apache Web server to understand and process the embedded PHP language in Web pages. Update Information: This update includes the latest release of PHP 4, including fixes for security issues in memory limit handling (CVE CVE-2004-0594), and the strip_tags function (CVE CVE-2004-0595). CVE-2004-0595 is not known to be exploitable in the default configuration if using httpd 2.0.50, but can be triggered if the 'register_globals' setting has been enabled. CVE-2004-0595 can permit a possible cross-site-scripting attack with some browsers. The mbstring extension has been moved into the php-mbstring subpackage in this update to reduce the overall package size. Solution : http://www.fedoranews.org/updates/FEDORA-2004-222.shtml Network Security Threat Level: High Networks Security ID: Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security |
||
Cables, Connectors |
Samsung 16GB 2Rx4 PC4-2133P DDR4-17000 1.2V RDIMM ECC Registered Server Memory
$16.29
A-Tech 8GB DDR3 1600 PC3-12800 Laptop SODIMM 204-Pin Memory RAM PC3L DDR3L 1x 8G
$13.99
G. SKILL Ripjaws S5 32GB (2 x 16GB) Memory Kit (F5-6000J3636F16GX2-RS5K)
$83.00
HyperX FURY DDR3 8GB 16GB 32GB 1600 MHz PC3-12800 Desktop RAM Memory DIMM 240pin
$12.90
Samsung 16GB (2x8GB) DDR4 2400MHz PC4-19200 Desktop RAM Memory M378A1K43CB2-CRC
$19.95
HyperX FURY RAM DDR4 16GB 8GB 32GB 4GB 3200 2666 2400 2133 Desktop Memory DIMM
$9.64
A-Tech 8GB PC3-12800 Desktop DDR3 1600 MHz Non ECC 240-Pin DIMM Memory RAM 1x 8G
$13.99
Kingston HyperX FURY DDR3 8GB 16GB 32G 1600 1866 1333 Desktop Memory RAM DIMM
$13.25
A-Tech 256GB 4x 64GB 4Rx4 PC4-19200 ECC Load Reduced LRDIMM Server Memory RAM
$287.96
A-Tech 256GB 8x 32GB 4Rx4 PC4-17000L DDR4 2133 MHz ECC LRDIMM Server Memory RAM
$319.92
|
||
No Discussions have been posted on this vulnerability. |