• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Уведомление безопасности SUSE-SA:2008:004

Главная Специалистам База уязвимостей Уведомление безопасности SUSE-SA:2008:004

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Производитель ПО
Наименование ПО
apache2-mod_php5 (any) php5 (any) php5-bcmath (any) php5-bz2 (any) php5-calendar (any) php5-ctype (any) php5-curl (any) php5-dba (any) php5-dbase (any) php5-devel (any) php5-dom (any) php5-exif (any) php5-fastcgi (any) php5-filepro (any) php5-ftp (any) php5-gd (any) php5-gettext (any) php5-gmp (any) php5-hash (any) php5-iconv (any) php5-imap (any) php5-json (any) php5-ldap (any) php5-mbstring (any) php5-mcrypt (any) php5-mhash (any) php5-mysql (any) php5-mysqli (any) php5-ncurses (any) php5-odbc (any) php5-openssl (any) php5-pcntl (any) php5-pdo (any) php5-pdo_mysql (any) php5-pdo_pgsql (any) php5-pdo_sqlite (any) php5-pear (any) php5-pgsql (any) php5-posix (any) php5-pspell (any) php5-readline (any) php5-shmop (any) php5-snmp (any) php5-soap (any) php5-sockets (any) php5-sqlite (any) php5-suhosin (any) php5-sysvmsg (any) php5-sysvsem (any) php5-sysvshm (any) php5-tidy (any) php5-tokenizer (any) php5-wddx (any) php5-xmlreader (any) php5-xmlrpc (any) php5-xmlwriter (any) php5-xsl (any) php5-zip (any) php5-zlib (any)
Описание
Уведомление безопасности об уязвимостях SUSE LINUX 10.1, openSUSE 10.2, openSUSE 10.3, SUSE SLES 9, Novell Linux Desktop 9 SDK, Open Enterprise Server, Novell Linux POS 9, SLE SDK 10 SP1, SUSE Linux Enterprise Server 10 SP1
Как исправить
Проблема может быть решена обновлением операционной системы до следующих версий пакетов в зависимости от архитектуры:
openSUSE 10.2:
i586:
php5-pdo - 5.2.5-18.1
php5-zip - 5.2.5-18.1
php5-sysvsem - 5.2.5-18.1
php5-fastcgi - 5.2.5-18.1
php5-bz2 - 5.2.5-18.1
php5-pgsql - 5.2.5-18.1
php5-pear - 5.2.5-18.1
php5-gmp - 5.2.5-18.1
php5-wddx - 5.2.5-18.1
php5-tokenizer - 5.2.5-18.1
php5-xmlreader - 5.2.5-18.1
php5-tidy - 5.2.5-18.1
php5-sockets - 5.2.5-18.1
php5-ctype - 5.2.5-18.1
php5-pspell - 5.2.5-18.1
php5 - 5.2.5-18.1
apache2-mod_php5 - 5.2.5-18.1
php5-pcntl - 5.2.5-18.1
php5-exif - 5.2.5-18.1
php5-mbstring - 5.2.5-18.1
php5-xmlwriter - 5.2.5-18.1
php5-xsl - 5.2.5-18.1
php5-gettext - 5.2.5-18.1
php5-dba - 5.2.5-18.1
php5-odbc - 5.2.5-18.1
php5-json - 5.2.5-18.1
php5-mcrypt - 5.2.5-18.1
php5-ncurses - 5.2.5-18.1
php5-calendar - 5.2.5-18.1
php5-zlib - 5.2.5-18.1
php5-dom - 5.2.5-18.1
php5-openssl - 5.2.5-18.1
php5-ldap - 5.2.5-18.1
php5-mhash - 5.2.5-18.1
php5-curl - 5.2.5-18.1
php5-shmop - 5.2.5-18.1
php5-suhosin - 5.2.5-18.1
php5-soap - 5.2.5-18.1
php5-sysvshm - 5.2.5-18.1
php5-imap - 5.2.5-18.1
php5-mysql - 5.2.5-18.1
php5-ftp - 5.2.5-18.1
php5-sqlite - 5.2.5-18.1
php5-bcmath - 5.2.5-18.1
php5-sysvmsg - 5.2.5-18.1
php5-hash - 5.2.5-18.1
php5-dbase - 5.2.5-18.1
php5-snmp - 5.2.5-18.1
php5-posix - 5.2.5-18.1
php5-iconv - 5.2.5-18.1
php5-devel - 5.2.5-18.1
php5-xmlrpc - 5.2.5-18.1
php5-gd - 5.2.5-18.1
openSUSE 10.3:
i586:
php5-fastcgi - 5.2.5-8.1
php5-odbc - 5.2.5-8.1
php5-gettext - 5.2.5-8.1
php5-pspell - 5.2.5-8.1
php5-dom - 5.2.5-8.1
php5-tidy - 5.2.5-8.1
php5-xmlreader - 5.2.5-8.1
php5-dba - 5.2.5-8.1
php5-ftp - 5.2.5-8.1
php5-gd - 5.2.5-8.1
php5-ldap - 5.2.5-8.1
php5-mbstring - 5.2.5-8.1
php5-exif - 5.2.5-8.1
php5-bcmath - 5.2.5-8.1
php5-snmp - 5.2.5-8.1
php5-hash - 5.2.5-8.1
php5-soap - 5.2.5-8.1
php5-xsl - 5.2.5-8.1
php5-shmop - 5.2.5-8.1
php5-pcntl - 5.2.5-8.1
php5-pgsql - 5.2.5-8.1
apache2-mod_php5 - 5.2.5-8.1
php5-ctype - 5.2.5-8.1
php5-wddx - 5.2.5-8.1
php5-suhosin - 5.2.5-8.1
php5-iconv - 5.2.5-8.1
php5-pdo - 5.2.5-8.1
php5-readline - 5.2.5-8.1
php5-mcrypt - 5.2.5-8.1
php5-sysvsem - 5.2.5-8.1
php5-zlib - 5.2.5-8.1
php5-bz2 - 5.2.5-8.1
php5-mysql - 5.2.5-8.1
php5-json - 5.2.5-8.1
php5-openssl - 5.2.5-8.1
php5-sysvshm - 5.2.5-8.1
php5-gmp - 5.2.5-8.1
php5-imap - 5.2.5-8.1
php5-tokenizer - 5.2.5-8.1
php5-curl - 5.2.5-8.1
php5-sqlite - 5.2.5-8.1
php5-ncurses - 5.2.5-8.1
php5-devel - 5.2.5-8.1
php5-posix - 5.2.5-8.1
php5-dbase - 5.2.5-8.1
php5-xmlrpc - 5.2.5-8.1
php5-sysvmsg - 5.2.5-8.1
php5-calendar - 5.2.5-8.1
php5-zip - 5.2.5-8.1
php5 - 5.2.5-8.1
php5-mhash - 5.2.5-8.1
php5-pear - 5.2.5-8.1
php5-sockets - 5.2.5-8.1
php5-xmlwriter - 5.2.5-8.1
openSUSE 10.1:
i586:
php5-shmop - 5.1.2-29.50
php5-bcmath - 5.1.2-29.50
php5-pgsql - 5.1.2-29.50
php5-imap - 5.1.2-29.50
php5-iconv - 5.1.2-29.50
php5-openssl - 5.1.2-29.50
php5-soap - 5.1.2-29.50
php5-mysqli - 5.1.2-29.50
php5-xmlreader - 5.1.2-29.50
php5-tidy - 5.1.2-29.50
php5-curl - 5.1.2-29.50
php5-dba - 5.1.2-29.50
php5-wddx - 5.1.2-29.50
php5 - 5.1.2-29.50
php5-dbase - 5.1.2-29.50
php5-sysvshm - 5.1.2-29.50
php5-pdo - 5.1.2-29.50
php5-mysql - 5.1.2-29.50
php5-ftp - 5.1.2-29.50
php5-xsl - 5.1.2-29.50
php5-gettext - 5.1.2-29.50
php5-devel - 5.1.2-29.50
php5-snmp - 5.1.2-29.50
php5-xmlwriter - 5.1.2-29.50
php5-sysvmsg - 5.1.2-29.50
php5-zlib - 5.1.2-29.50
apache2-mod_php5 - 5.1.2-29.50
php5-exif - 5.1.2-29.50
php5-pcntl - 5.1.2-29.50
php5-pdo_mysql - 5.1.2-29.50
php5-ldap - 5.1.2-29.50
php5-xmlrpc - 5.1.2-29.50
php5-tokenizer - 5.1.2-29.50
php5-mbstring - 5.1.2-29.50
php5-gd - 5.1.2-29.50
php5-pspell - 5.1.2-29.50
php5-ncurses - 5.1.2-29.50
php5-pear - 5.1.2-29.50
php5-ctype - 5.1.2-29.50
php5-posix - 5.1.2-29.50
php5-sockets - 5.1.2-29.50
php5-sqlite - 5.1.2-29.50
php5-fastcgi - 5.1.2-29.50
php5-pdo_pgsql - 5.1.2-29.50
php5-bz2 - 5.1.2-29.50
php5-mhash - 5.1.2-29.50
php5-dom - 5.1.2-29.50
php5-calendar - 5.1.2-29.50
php5-gmp - 5.1.2-29.50
php5-pdo_sqlite - 5.1.2-29.50
php5-sysvsem - 5.1.2-29.50
php5-filepro - 5.1.2-29.50
php5-odbc - 5.1.2-29.50
php5-mcrypt - 5.1.2-29.50
Novell Open Enterprise Server (OES), SUSE Linux Enterprise Server 9, Novell Linux Point of Service 9:
i586:
apache-mod_php4 - 4.3.4-43.85
apache2-mod_php4 - 4.3.4-43.85
mod_php4 - 4.3.4-43.85
mod_php4-apache2 - 4.3.4-43.85
mod_php4-core - 4.3.4-43.85
mod_php4-servlet - 4.3.4-43.85
php4 - 4.3.4-43.85
php4-bcmath - 4.3.4-43.85
php4-bz2 - 4.3.4-43.85
php4-calendar - 4.3.4-43.85
php4-ctype - 4.3.4-43.85
php4-curl - 4.3.4-43.85
php4-dba - 4.3.4-43.85
php4-dbase - 4.3.4-43.85
php4-devel - 4.3.4-43.85
php4-domxml - 4.3.4-43.85
php4-exif - 4.3.4-43.85
php4-fastcgi - 4.3.4-43.85
php4-filepro - 4.3.4-43.85
php4-ftp - 4.3.4-43.85
php4-gd - 4.3.4-43.85
php4-gettext - 4.3.4-43.85
php4-gmp - 4.3.4-43.85
php4-iconv - 4.3.4-43.85
php4-imap - 4.3.4-43.85
php4-ldap - 4.3.4-43.85
php4-mbstring - 4.3.4-43.85
php4-mcal - 4.3.4-43.85
php4-mcrypt - 4.3.4-43.85
php4-mhash - 4.3.4-43.85
php4-mime_magic - 4.3.4-43.85
php4-mysql - 4.3.4-43.85
php4-pear - 4.3.4-43.85
php4-pgsql - 4.3.4-43.85
php4-qtdom - 4.3.4-43.85
php4-readline - 4.3.4-43.85
php4-recode - 4.3.4-43.85
php4-servlet - 4.3.4-43.85
php4-session - 4.3.4-43.85
php4-shmop - 4.3.4-43.85
php4-snmp - 4.3.4-43.85
php4-sockets - 4.3.4-43.85
php4-swf - 4.3.4-43.85
php4-sysvsem - 4.3.4-43.85
php4-sysvshm - 4.3.4-43.85
php4-unixODBC - 4.3.4-43.85
php4-wddx - 4.3.4-43.85
php4-xslt - 4.3.4-43.85
php4-yp - 4.3.4-43.85
php4-zlib - 4.3.4-43.85
SUSE Linux Enterprise Software Development Kit 10 SP1:
x86_64:
apache2-mod_php5 - 5.1.2-29.50
php5 - 5.1.2-29.50
php5-bcmath - 5.1.2-29.50
php5-bz2 - 5.1.2-29.50
php5-calendar - 5.1.2-29.50
php5-ctype - 5.1.2-29.50
php5-curl - 5.1.2-29.50
php5-dba - 5.1.2-29.50
php5-dbase - 5.1.2-29.50
php5-devel - 5.1.2-29.50
php5-dom - 5.1.2-29.50
php5-exif - 5.1.2-29.50
php5-fastcgi - 5.1.2-29.50
php5-filepro - 5.1.2-29.50
php5-ftp - 5.1.2-29.50
php5-gd - 5.1.2-29.50
php5-gettext - 5.1.2-29.50
php5-gmp - 5.1.2-29.50
php5-iconv - 5.1.2-29.50
php5-imap - 5.1.2-29.50
php5-ldap - 5.1.2-29.50
php5-mbstring - 5.1.2-29.50
php5-mcrypt - 5.1.2-29.50
php5-mhash - 5.1.2-29.50
php5-mysql - 5.1.2-29.50
php5-mysqli - 5.1.2-29.50
php5-ncurses - 5.1.2-29.50
php5-odbc - 5.1.2-29.50
php5-openssl - 5.1.2-29.50
php5-pcntl - 5.1.2-29.50
php5-pdo - 5.1.2-29.50
php5-pear - 5.1.2-29.50
php5-pgsql - 5.1.2-29.50
php5-posix - 5.1.2-29.50
php5-pspell - 5.1.2-29.50
php5-shmop - 5.1.2-29.50
php5-snmp - 5.1.2-29.50
php5-soap - 5.1.2-29.50
php5-sockets - 5.1.2-29.50
php5-sqlite - 5.1.2-29.50
php5-sysvmsg - 5.1.2-29.50
php5-sysvsem - 5.1.2-29.50
php5-sysvshm - 5.1.2-29.50
php5-tidy - 5.1.2-29.50
php5-tokenizer - 5.1.2-29.50
php5-wddx - 5.1.2-29.50
php5-xmlreader - 5.1.2-29.50
php5-xmlrpc - 5.1.2-29.50
php5-xsl - 5.1.2-29.50
php5-zlib - 5.1.2-29.50
SUSE Linux Enterprise Server 9:
x86_64:
apache-mod_php4 - 4.3.4-43.85
apache2-mod_php4 - 4.3.4-43.85
mod_php4 - 4.3.4-43.85
mod_php4-apache2 - 4.3.4-43.85
mod_php4-core - 4.3.4-43.85
mod_php4-servlet - 4.3.4-43.85
php4 - 4.3.4-43.85
php4-bcmath - 4.3.4-43.85
php4-bz2 - 4.3.4-43.85
php4-calendar - 4.3.4-43.85
php4-ctype - 4.3.4-43.85
php4-curl - 4.3.4-43.85
php4-dba - 4.3.4-43.85
php4-dbase - 4.3.4-43.85
php4-devel - 4.3.4-43.85
php4-domxml - 4.3.4-43.85
php4-exif - 4.3.4-43.85
php4-fastcgi - 4.3.4-43.85
php4-filepro - 4.3.4-43.85
php4-ftp - 4.3.4-43.85
php4-gd - 4.3.4-43.85
php4-gettext - 4.3.4-43.85
php4-gmp - 4.3.4-43.85
php4-imap - 4.3.4-43.85
php4-ldap - 4.3.4-43.85
php4-mbstring - 4.3.4-43.85
php4-mcal - 4.3.4-43.85
php4-mcrypt - 4.3.4-43.85
php4-mhash - 4.3.4-43.85
php4-mime_magic - 4.3.4-43.85
php4-mysql - 4.3.4-43.85
php4-pear - 4.3.4-43.85
php4-pgsql - 4.3.4-43.85
php4-qtdom - 4.3.4-43.85
php4-readline - 4.3.4-43.85
php4-recode - 4.3.4-43.85
php4-servlet - 4.3.4-43.85
php4-session - 4.3.4-43.85
php4-shmop - 4.3.4-43.85
php4-snmp - 4.3.4-43.85
php4-sockets - 4.3.4-43.85
php4-sysvsem - 4.3.4-43.85
php4-sysvshm - 4.3.4-43.85
php4-unixODBC - 4.3.4-43.85
php4-wddx - 4.3.4-43.85
php4-xslt - 4.3.4-43.85
php4-yp - 4.3.4-43.85
php4-zlib - 4.3.4-43.85
SUSE Linux Enterprise Server 10 SP1:
x86_64:
apache2-mod_php5 - 5.1.2-29.50
php5 - 5.1.2-29.50
php5-bcmath - 5.1.2-29.50
php5-bz2 - 5.1.2-29.50
php5-calendar - 5.1.2-29.50
php5-ctype - 5.1.2-29.50
php5-curl - 5.1.2-29.50
php5-dba - 5.1.2-29.50
php5-dbase - 5.1.2-29.50
php5-devel - 5.1.2-29.50
php5-dom - 5.1.2-29.50
php5-exif - 5.1.2-29.50
php5-fastcgi - 5.1.2-29.50
php5-filepro - 5.1.2-29.50
php5-ftp - 5.1.2-29.50
php5-gd - 5.1.2-29.50
php5-gettext - 5.1.2-29.50
php5-gmp - 5.1.2-29.50
php5-iconv - 5.1.2-29.50
php5-imap - 5.1.2-29.50
php5-ldap - 5.1.2-29.50
php5-mbstring - 5.1.2-29.50
php5-mcrypt - 5.1.2-29.50
php5-mhash - 5.1.2-29.50
php5-mysql - 5.1.2-29.50
php5-mysqli - 5.1.2-29.50
php5-ncurses - 5.1.2-29.50
php5-odbc - 5.1.2-29.50
php5-openssl - 5.1.2-29.50
php5-pcntl - 5.1.2-29.50
php5-pdo - 5.1.2-29.50
php5-pear - 5.1.2-29.50
php5-pgsql - 5.1.2-29.50
php5-posix - 5.1.2-29.50
php5-pspell - 5.1.2-29.50
php5-shmop - 5.1.2-29.50
php5-snmp - 5.1.2-29.50
php5-soap - 5.1.2-29.50
php5-sockets - 5.1.2-29.50
php5-sqlite - 5.1.2-29.50
php5-suhosin - 5.1.2-29.50
php5-sysvmsg - 5.1.2-29.50
php5-sysvsem - 5.1.2-29.50
php5-sysvshm - 5.1.2-29.50
php5-tokenizer - 5.1.2-29.50
php5-wddx - 5.1.2-29.50
php5-xmlreader - 5.1.2-29.50
php5-xmlrpc - 5.1.2-29.50
php5-xsl - 5.1.2-29.50
php5-zlib - 5.1.2-29.50
Novell Linux Desktop 9 SDK:
i586:
mod_php4-core - 4.3.4-43.85
php4 - 4.3.4-43.85
php4-bcmath - 4.3.4-43.85
php4-bz2 - 4.3.4-43.85
php4-calendar - 4.3.4-43.85
php4-ctype - 4.3.4-43.85
php4-curl - 4.3.4-43.85
php4-dba - 4.3.4-43.85
php4-dbase - 4.3.4-43.85
php4-devel - 4.3.4-43.85
php4-domxml - 4.3.4-43.85
php4-exif - 4.3.4-43.85
php4-fastcgi - 4.3.4-43.85
php4-filepro - 4.3.4-43.85
php4-ftp - 4.3.4-43.85
php4-gd - 4.3.4-43.85
php4-gettext - 4.3.4-43.85
php4-gmp - 4.3.4-43.85
php4-iconv - 4.3.4-43.85
php4-imap - 4.3.4-43.85
php4-ldap - 4.3.4-43.85
php4-mbstring - 4.3.4-43.85
php4-mcal - 4.3.4-43.85
php4-mcrypt - 4.3.4-43.85
php4-mhash - 4.3.4-43.85
php4-mime_magic - 4.3.4-43.85
php4-mysql - 4.3.4-43.85
php4-pear - 4.3.4-43.85
php4-pgsql - 4.3.4-43.85
php4-qtdom - 4.3.4-43.85
php4-readline - 4.3.4-43.85
php4-recode - 4.3.4-43.85
php4-servlet - 4.3.4-43.85
php4-session - 4.3.4-43.85
php4-shmop - 4.3.4-43.85
php4-snmp - 4.3.4-43.85
php4-sockets - 4.3.4-43.85
php4-swf - 4.3.4-43.85
php4-sysvsem - 4.3.4-43.85
php4-sysvshm - 4.3.4-43.85
php4-unixODBC - 4.3.4-43.85
php4-wddx - 4.3.4-43.85
php4-xslt - 4.3.4-43.85
php4-yp - 4.3.4-43.85
php4-zlib - 4.3.4-43.85
Ссылки
https://www.suse.com/support/security/advisories/2008_04_php.html

Источник: CVE
Наименование: CVE-2007-4782
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4782

Источник: CVE
Наименование: CVE-2007-4825
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4825

Источник: CVE
Наименование: CVE-2007-5898
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5898

Источник: CVE
Наименование: CVE-2007-4784
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4784

Источник: CVE
Наименование: CVE-2007-1660
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1660

Источник: CVE
Наименование: CVE-2006-7230
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7230

Источник: CVE
Наименование: CVE-2006-7226
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7226

Источник: CVE
Наименование: CVE-2007-4658
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4658

Источник: CVE
Наименование: CVE-2006-7224
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7224

Источник: CVE
Наименование: CVE-2006-7225
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7225

Источник: CVE
Наименование: CVE-2006-7228
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7228

Источник: CVE
Наименование: CVE-2007-3996
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3996

Источник: CVE
Наименование: CVE-2005-4872
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4872

Источник: CVE
Наименование: CVE-2007-1659
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1659

Источник: CVE
Наименование: CVE-2007-3998
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3998

Источник: CVE
Наименование: CVE-2007-4840
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4840

Источник: CVE
Наименование: CVE-2007-2872
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2872

Источник: CVE
Наименование: CVE-2006-7227
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7227

Источник: CVE
Наименование: CVE-2007-4661
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4661