|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Fedora Local Security Checks >> Fedora Core 5 2006-289: php Vulnerability Assessment Details
|
Fedora Core 5 2006-289: php |
||
Check for the version of the php package Detailed Explanation for this Vulnerability Assessment The remote host is missing the patch for the advisory FEDORA-2006-289 (php). PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The mod_php module enables the Apache Web server to understand and process the embedded PHP language in Web pages. Update Information: This update includes the latest release of PHP 5, version 5.1.4. This release includes fixes for several security issues and many bug fixes. The phpinfo() PHP function did not properly sanitize long strings. A possible hacker could use this to perform cross-site scripting attacks against sites that have publicly-available PHP scripts that call phpinfo(). (CVE-2006-0996) The html_entity_decode() PHP function was found to not be binary safe. A possible hacker could use this flaw to disclose a certain part of the memory. In order for this issue to be exploitable the target site would need to have a PHP script which called the 'html_entity_decode()' function with untrusted input from the user and displayed the result. (CVE-2006-1490) Solution : Get the newest Fedora Updates Network Security Threat Level: High Networks Security ID: Vulnerability Assessment Copyright: This script is Copyright (C) 2007 Tenable Network Security |
||
Cables, Connectors |
Samsung Galaxy Tab A8 10.5" SM-X200 128GB Wifi Only Tablet Open Box
$149.99
EXCELLENT SAMSUNG GALAXY TAB 4 10.1in SM-T537V 16GB WIFI VERIZON ANDROID TABLET
$37.99
Case for Samsung Galaxy Tab A9+ 5G/A9 Plus 11"/A9 8.7"Shockproof Stand Full Body
$17.99
Genuine Samsung Book Cover Keyboard for 14.6" Galaxy Tab S8 Ultra | S8 Ultra 5G
$89.99
Samsung USB 3.1 Flash Drive Bar Plus 256gb TITAN Gray
$24.10
Samsung Galaxy Tab A9 (X110) 64GB 4GB RAM International Version (New)
$129.99
Samsung Galaxy 12.4 Inch Slim Keyboard For S7+ | S7 FE | S8+ | S8+ 5G EF-DT730
$49.99
Samsung Galaxy Chromebook Go, 14-inch, 32GB, Unlocked All Carriers - Silver
$109.99
SAMSUNG 24" Monitor Full HD LED/LCD - GRADE A CONDITION - S24E650PL
$69.95
Samsung Galaxy Tab Active Pro SM-T540 64GB, Wi-Fi 10.1 in - Black USED Condition
$129.00
|
||
No Discussions have been posted on this vulnerability. |