Gentoo Security Advisory GLSA 200811-05 (php) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200811-05.

Solution

All PHP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-lang/php-5.2.6-r6' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200811-05 http://bugs.gentoo.org/show_bug.cgi?id=209148 http://bugs.gentoo.org/show_bug.cgi?id=212211 http://bugs.gentoo.org/show_bug.cgi?id=215266 http://bugs.gentoo.org/show_bug.cgi?id=228369 http://bugs.gentoo.org/show_bug.cgi?id=230575 http://bugs.gentoo.org/show_bug.cgi?id=234102

Insight

PHP contains several vulnerabilities including buffer and integer overflows which could lead to the remote execution of arbitrary code.

Severity

Classification

CVE	CVE-2008-0599, CVE-2008-0674, CVE-2008-1384, CVE-2008-2050, CVE-2008-2051, CVE-2008-2107, CVE-2008-2108, CVE-2008-2371, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Take action and discover your vulnerabilities