---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. Join the FREE BETA test of the Network Software Inspector (NSI)! http://secunia.com/network_software_inspector/ The NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. ---------------------------------------------------------------------- TITLE: Slackware update for php SECUNIA ADVISORY ID: SA25151 VERIFY ADVISORY: http://secunia.com/advisories/25151/ CRITICAL: Moderately critical IMPACT: Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of system information, Exposure of sensitive information, DoS, System access WHERE: >From remote OPERATING SYSTEM: Slackware Linux 11.0 http://secunia.com/product/13491/ DESCRIPTION: Slackware has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious users to manipulate certain data, disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), or to compromise a vulnerable system, and by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, or cause a DoS. For more information: SA24356 SA24505 SA24542 SA24630 SA24814 SA25123 SOLUTION: Apply updated packages. Slackware 10.2: ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/php-4.4.7-i486-1_slack10.2.tgz ftp://ftp.slackware.com/pub/slackware/slackware-10.2/testing/packages/php5/php-5.2.2-i486-1_slack10.2.tgz Slackware 11.0: ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/php-4.4.7-i486-1_slack11.0.tgz ftp://ftp.slackware.com/pub/slackware/slackware-11.0/extra/php5/php-5.2.2-i486-1_slack11.0.tgz Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-4.4.7-i486-1.tgz ftp://ftp.slackware.com/pub/slackware/slackware-current/extra/php5/php-5.2.2-i486-1.tgz ORIGINAL ADVISORY: http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.470053 OTHER REFERENCES: SA24356: http://secunia.com/advisories/24356/ SA24505: http://secunia.com/advisories/24505/ SA24542: http://secunia.com/advisories/24542/ SA24630: http://secunia.com/advisories/24630/ SA24814: http://secunia.com/advisories/24814/ SA25123: http://secunia.com/advisories/25123/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------