Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Mandriva Update for php MDVSA-2008:128 (php)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Check for the Version of php
Insight
Insight
A number of vulnerabilities have been found and corrected in PHP: php-cgi in PHP prior to 5.2.6 does not properly calculate the length of PATH_TRANSLATED, which has unknown impact and attack vectors (CVE-2008-0599). The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown impact and context-dependent attack vectors related to incomplete multibyte characters (CVE-2008-2051). Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems (CVE-2008-2107, CVE-2008-2108). The IMAP module in PHP uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) via a long IMAP request (CVE-2008-2829). In addition, the updated packages provide a number of bug fixes. The updated packages have been patched to correct these issues.
Affected Software
Affected Software
php on Mandriva Linux 2008.1, Mandriva Linux 2008.1/X86_64
Solution
Solution
Please Install the Updated Packages.