oval:org.mitre.oval:def:8065

Definition Id: oval:org.mitre.oval:def:8065

Oval ID:	oval:org.mitre.oval:def:8065
Title:	DSA-1578 php4 -- several vulnerabilities
Description:	Several vulnerabilities have been discovered in PHP version 4, a server-side, HTML-embedded scripting language. The Common Vulnerabilities and Exposures project identifies the following problems: The session_start function allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from various parameters. A denial of service was possible through a malicious script abusing the glob() function. Certain maliciously constructed input to the wordwrap() function could lead to a denial of service attack. Large len values of the stspn() or strcspn() functions could allow an attacker to trigger integer overflows to expose memory or cause denial of service. The escapeshellcmd API function could be attacked via incomplete multibyte chars.
Family:	unix	Class:	patch
Reference(s):	DSA-1578 CVE-2007-3799 CVE-2007-3806 CVE-2007-3998 CVE-2007-4657 CVE-2008-2051	Version:	5
Platform(s):	Debian GNU/Linux 4.0	Product(s):	php4
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. Architecture section Architecture independent section Installed architecture is all AND Packages section php4 is earlier than 6:4.4.4-8+etch6 AND php4-pear is earlier than 6:4.4.4-8+etch6 AND libapache-mod-php4 is earlier than 6:4.4.4-8+etch6 AND php4-recode is earlier than 6:4.4.4-8+etch6 AND php4-xslt is earlier than 6:4.4.4-8+etch6 AND php4-mcal is earlier than 6:4.4.4-8+etch6 AND php4-domxml is earlier than 6:4.4.4-8+etch6 AND php4-mhash is earlier than 6:4.4.4-8+etch6 AND php4-snmp is earlier than 6:4.4.4-8+etch6 AND libapache2-mod-php4 is earlier than 6:4.4.4-8+etch6 AND php4-cli is earlier than 6:4.4.4-8+etch6 AND php4-mcrypt is earlier than 6:4.4.4-8+etch6 AND php4-gd is earlier than 6:4.4.4-8+etch6 AND php4-mysql is earlier than 6:4.4.4-8+etch6 AND php4-imap is earlier than 6:4.4.4-8+etch6 AND php4-cgi is earlier than 6:4.4.4-8+etch6 AND php4-pgsql is earlier than 6:4.4.4-8+etch6 AND php4-odbc is earlier than 6:4.4.4-8+etch6 AND php4-dev is earlier than 6:4.4.4-8+etch6 AND php4-pspell is earlier than 6:4.4.4-8+etch6 AND php4-ldap is earlier than 6:4.4.4-8+etch6 AND php4-common is earlier than 6:4.4.4-8+etch6 AND php4-curl is earlier than 6:4.4.4-8+etch6 AND php4-sybase is earlier than 6:4.4.4-8+etch6 OR Architecture dependent section Supported architectures section Installed architecture is i386 AND Installed architecture is amd64 AND php4-interbase is earlier than 6:4.4.4-8+etch6

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:8065

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0344s

Facebook rss twitter linkedin mail