<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.6002.18255" name=GENERATOR></HEAD>
<BODY text=#000000 bgColor=#ffffff>
<DIV dir=ltr align=left><SPAN class=090382117-27082010><FONT face=Arial
color=#0000ff size=2>We have had Zendto in production for a little over a week
now without issue.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=090382117-27082010><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=090382117-27082010><FONT face=Arial
color=#0000ff size=2>We are still waiting on the OK to use MyZendto with our
users in production.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=090382117-27082010><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=090382117-27082010><FONT face=Arial
color=#0000ff size=2>Everyone so far seems to like it much better then
using our Firm FTP site. </FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=090382117-27082010><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN class=090382117-27082010>Any
chance that every pickup of a drop-off could be listed in the picked-up on
date section?</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
class=090382117-27082010></SPAN></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN class=090382117-27082010><IMG
src="cid:090382117@27082010-309D"></SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
class=090382117-27082010></SPAN></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN class=090382117-27082010>Like
the above drop-off shows the first time it was picked up. Even though it
was picked up from multiple machines (link was forwarded to other
users)</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
class=090382117-27082010></SPAN></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN class=090382117-27082010>The
feature request would be:</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
class=090382117-27082010></SPAN></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN class=090382117-27082010>If it
was picked up 3 times, it would show all 3 pickups and list 3 pickups instead of
1 pickup?</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
class=090382117-27082010></SPAN></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
class=090382117-27082010>Thanks</SPAN></FONT></DIV><!-- Converted from text/plain format -->
<P><FONT size=2>BRIAN M. DUNCAN<BR>Data Security Administrator<BR>Katten Muchin
Rosenman LLP<BR>525 W. Monroe Street / Chicago, IL 60661-3693<BR>p / (312)
577-8045 f / (312) 577-4490<BR>brian.duncan@kattenlaw.com /
www.kattenlaw.com<BR> </FONT></P>
<DIV> </DIV><BR>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> zendto-bounces@zend.to
[mailto:zendto-bounces@zend.to] <B>On Behalf Of </B>Jules<BR><B>Sent:</B>
Tuesday, August 24, 2010 9:44 AM<BR><B>To:</B> ZendTo Users<BR><B>Subject:</B>
[ZendTo] Re: Question related to version of PHP in CentOS VM's
:..<BR></FONT><BR></DIV>
<DIV></DIV>Back-porting fixes is standard practise amongst all OS vendors.
Moving to a newer version will change the behaviour of existing features (almost
always) which will break customers' working systems, which is A Very Bad
Thing(tm).<BR>So instead you back-port fixes to keep the functional behaviour
the same.<BR><BR>Jules.<BR><BR>On 23/08/2010 21:47, Duncan, Brian M. wrote:
<BLOCKQUOTE
cite=mid:65234743FE1555428435CE39E6AC40780379518A@CHI-US-EXCH-01.us.kmz.com
type="cite">
<META content="MSHTML 6.00.6002.18255" name=GENERATOR>
<DIV dir=ltr align=left><SPAN class=732284420-23082010><FONT face=Arial
color=#0000ff size=2>Thanks Jules,</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=732284420-23082010></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=732284420-23082010><FONT face=Arial
color=#0000ff size=2>I did not realize they back ported fixes for
PHP.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=732284420-23082010></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=732284420-23082010><FONT face=Arial
color=#0000ff size=2>Since Nessus displays information based on version
banner, it is probably a false positive then. (When advertising
version in the php.ini)</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=732284420-23082010></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=732284420-23082010></SPAN> </DIV>
<DIV> </DIV><!-- Converted from text/plain format -->
<P><FONT size=2>BRIAN M. DUNCAN<BR>Data Security Administrator<BR>Katten
Muchin Rosenman LLP<BR>525 W. Monroe Street / Chicago, IL 60661-3693<BR>p /
(312) 577-8045 f / (312) 577-4490<BR><A class=moz-txt-link-abbreviated
href="mailto:brian.duncan@kattenlaw.com">brian.duncan@kattenlaw.com</A> / <A
class=moz-txt-link-abbreviated
href="http://www.kattenlaw.com">www.kattenlaw.com</A><BR> </FONT></P>
<DIV> </DIV><BR>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> <A class=moz-txt-link-abbreviated
href="mailto:zendto-bounces@zend.to">zendto-bounces@zend.to</A> [<A
class=moz-txt-link-freetext
href="mailto:zendto-bounces@zend.to">mailto:zendto-bounces@zend.to</A>] <B>On
Behalf Of </B>Julian Field<BR><B>Sent:</B> Monday, August 23, 2010 12:53
PM<BR><B>To:</B> ZendTo Users<BR><B>Subject:</B> [ZendTo] Re: Question related
to version of PHP in CentOS VM's :..<BR></FONT><BR></DIV>
<DIV><BR>RedHat and hence CentOS back port security fixes, so the version
number is a poor indicator of security holes.</DIV>
<DIV><BR>--
<DIV>Jules</DIV></DIV>
<DIV><BR>On 18 Aug 2010, at 07:47 PM, "Duncan, Brian M." <<A
href="mailto:brian.duncan@kattenlaw.com"
moz-do-not-send="true">brian.duncan@kattenlaw.com</A>> wrote:<BR><BR></DIV>
<DIV><SPAN></SPAN></DIV>
<BLOCKQUOTE type="cite">
<DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=823452818-18082010>I've always shied away from using PHP with apache
on externally facing web sites in the past due to always seeing a
constant flow of new vulnerabilities.</SPAN></FONT></DIV>
<DIV> </DIV>
<DIV><SPAN class=823452818-18082010><FONT face=Arial color=#0000ff
size=2>Does anyone know if the version of PHP that is current according to
CentOS safe?</FONT></SPAN></DIV>
<DIV><SPAN class=823452818-18082010></SPAN> </DIV>
<DIV><SPAN class=823452818-18082010><FONT face=Arial color=#0000ff size=2>I
ran a Nessus scan against my Zendto box and it is listing 6
"HIGH" security risks so far that are supposedly tied to PHP
version. I just noticed they all refer so far to using PHP 5.2.5 or
later. Not sure if any of these are false positives
yet.</FONT></SPAN></DIV>
<DIV><SPAN class=823452818-18082010></SPAN> </DIV>
<DIV><SPAN class=823452818-18082010></SPAN> </DIV>
<DIV><SPAN class=823452818-18082010><FONT face=Arial color=#0000ff
size=2>Here is some of the Nessus "HIGH" security scan listed output for any
interested:</FONT></SPAN></DIV>
<DIV><SPAN class=823452818-18082010></SPAN> </DIV>
<DIV><SPAN class=823452818-18082010></SPAN> </DIV>
<DIV><SPAN class=823452818-18082010></SPAN> </DIV>
<DIV><SPAN class=823452818-18082010>
<TABLE cellSpacing=0 cellPadding=2 width="70%" align=center border=0>
<TBODY>
<TR class=plugin_sev_high>
<TD class=plugin_label align=left>PHP < 5.2.5 Multiple
Vulnerabilities</TD></TR>
<TR class=info_bg>
<TD class=info_text colSpan=2>
<DIV class=plugin_output><BR><B>Synopsis:</B><BR>The remote web server
uses a version of PHP that is affected by multiple
flaws.<BR><BR><B>Description:</B><BR>According to its banner, the
version of PHP installed on the remote host is older than 5.2.5. Such
versions may be affected by various issues, including but not limited
to several buffer overflows.<BR><BR><B>Risk
factor:</B><BR>High<BR><BR><B>CVSS Base
Score:</B>7.5<BR>CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P<BR><BR><B>See
also:</B><BR><A href="http://www.php.net/releases/5_2_5.php"
moz-do-not-send="true">http://www.php.net/releases/5_2_5.php</A><BR><BR><B>Solution:</B><BR>Upgrade
to PHP version 5.2.5 or later.<BR><BR><B>Plugin output:</B><BR>PHP
version 5.1.6 appears to be running on the remote host based on the
following X-Powered-By response header : X-Powered-By: PHP/5.1.6
<BR><BR><B>Plugin ID:</B><BR><A
href="http://www.nessus.org/plugins/index.php?view=single&id=28181"
moz-do-not-send="true">28181</A><BR><BR><B>CVE: </B><BR>CVE-2007-4887,
CVE-2007-5898, CVE-2007-5900<BR><BR><B>BID: </B><BR><A
href="http://www.securityfocus.com/bid/26403"
moz-do-not-send="true">26403</A><BR><BR><B>Other references:
</B><BR>OSVDB:38680, OSVDB:38681, OSVDB:38682, OSVDB:38683,
OSVDB:38684, OSVDB:38685</DIV></TD></TR></TBODY></TABLE>
<TABLE cellSpacing=0 cellPadding=2 width="70%" align=center border=0>
<TBODY>
<TR class=plugin_sev_high>
<TD class=plugin_label align=left>PHP < 5.2.1 Multiple
Vulnerabilities</TD></TR>
<TR class=info_bg>
<TD class=info_text colSpan=2>
<DIV class=plugin_output><BR><B>Synopsis:</B><BR>The remote web server
uses a version of PHP that is affected by multiple
flaws.<BR><BR><B>Description:</B><BR>According to its banner, the
version of PHP installed on the remote host is older than 5.2.1. Such
versions may be affected by several issues, including buffer
overflows, format string vulnerabilities, arbitrary code execution,
'safe_mode' and 'open_basedir' bypasses, and clobbering of
super-globals.<BR><BR><B>Risk factor:</B><BR>High<BR><BR><B>CVSS Base
Score:</B>7.5<BR>CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P<BR><BR><B>See
also:</B><BR><A href="http://www.php.net/releases/5_2_1.php"
moz-do-not-send="true">http://www.php.net/releases/5_2_1.php</A><BR><BR><B>Solution:</B><BR>Upgrade
to PHP version 5.2.1 or later.<BR><BR><B>Plugin output:</B><BR>PHP
version 5.1.6 appears to be running on the remote host based on the
following X-Powered-By response header : X-Powered-By: PHP/5.1.6
<BR><BR><B>Plugin ID:</B><BR><A
href="http://www.nessus.org/plugins/index.php?view=single&id=24907"
moz-do-not-send="true">24907</A><BR><BR><B>CVE: </B><BR>CVE-2006-6383,
CVE-2007-0905, CVE-2007-0906, CVE-2007-0907, CVE-2007-0908,
CVE-2007-0909, CVE-2007-0910, CVE-2007-1376, CVE-2007-1380,
CVE-2007-1453, CVE-2007-1700, CVE-2007-1701, CVE-2007-1824,
CVE-2007-1825, CVE-2007-1884, CVE-2007-1885, CVE-2007-1886,
CVE-2007-1887, CVE-2007-1890<BR><BR><B>BID: </B><BR><A
href="http://www.securityfocus.com/bid/21508"
moz-do-not-send="true">21508</A>, <A
href="http://www.securityfocus.com/bid/22496"
moz-do-not-send="true">22496</A>, <A
href="http://www.securityfocus.com/bid/22805"
moz-do-not-send="true">22805</A>, <A
href="http://www.securityfocus.com/bid/22806"
moz-do-not-send="true">22806</A>, <A
href="http://www.securityfocus.com/bid/22862"
moz-do-not-send="true">22862</A>, <A
href="http://www.securityfocus.com/bid/22922"
moz-do-not-send="true">22922</A>, <A
href="http://www.securityfocus.com/bid/23119"
moz-do-not-send="true">23119</A>, <A
href="http://www.securityfocus.com/bid/23120"
moz-do-not-send="true">23120</A>, <A
href="http://www.securityfocus.com/bid/23219"
moz-do-not-send="true">23219</A>, <A
href="http://www.securityfocus.com/bid/23233"
moz-do-not-send="true">23233</A>, <A
href="http://www.securityfocus.com/bid/23234"
moz-do-not-send="true">23234</A>, <A
href="http://www.securityfocus.com/bid/23235"
moz-do-not-send="true">23235</A>, <A
href="http://www.securityfocus.com/bid/23236"
moz-do-not-send="true">23236</A>, <A
href="http://www.securityfocus.com/bid/23237"
moz-do-not-send="true">23237</A>, <A
href="http://www.securityfocus.com/bid/23238"
moz-do-not-send="true">23238</A><BR><BR><B>Other references:
</B><BR>OSVDB:32763, OSVDB:32764, OSVDB:32765, OSVDB:32766,
OSVDB:32767, OSVDB:32768, OSVDB:32776, OSVDB:32781, OSVDB:33269,
OSVDB:33933, OSVDB:33944, OSVDB:33945, OSVDB:33955, OSVDB:33957,
OSVDB:33958, OSVDB:33959, OSVDB:33960,
OSVDB:34767</DIV></TD></TR></TBODY></TABLE>
<TABLE cellSpacing=0 cellPadding=2 width="70%" align=center border=0>
<TBODY>
<TR class=plugin_sev_high>
<TD class=plugin_label align=left>PHP < 5.2.4 Multiple
Vulnerabilities</TD></TR>
<TR class=info_bg>
<TD class=info_text colSpan=2>
<DIV class=plugin_output><BR><B>Synopsis:</B><BR>The remote web server
uses a version of PHP that is affected by multiple
flaws.<BR><BR><B>Description:</B><BR>According to its banner, the
version of PHP installed on the remote host is older than 5.2.4. Such
versions may be affected by various issues, including but not limited
to several overflows.<BR><BR><B>Risk
factor:</B><BR>High<BR><BR><B>CVSS Base
Score:</B>7.5<BR>CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P<BR><BR><B>See
also:</B><BR><A href="http://www.php.net/releases/5_2_4.php"
moz-do-not-send="true">http://www.php.net/releases/5_2_4.php</A><BR><BR><B>Solution:</B><BR>Upgrade
to PHP version 5.2.4 or later.<BR><BR><B>Plugin output:</B><BR>PHP
version 5.1.6 appears to be running on the remote host based on the
following X-Powered-By response header : X-Powered-By: PHP/5.1.6
<BR><BR><B>Plugin ID:</B><BR><A
href="http://www.nessus.org/plugins/index.php?view=single&id=25971"
moz-do-not-send="true">25971</A><BR><BR><B>CVE: </B><BR>CVE-2007-2872,
CVE-2007-3378, CVE-2007-3806<BR><BR><B>BID: </B><BR><A
href="http://www.securityfocus.com/bid/24661"
moz-do-not-send="true">24661</A>, <A
href="http://www.securityfocus.com/bid/24261"
moz-do-not-send="true">24261</A>, <A
href="http://www.securityfocus.com/bid/24922"
moz-do-not-send="true">24922</A>, <A
href="http://www.securityfocus.com/bid/25498"
moz-do-not-send="true">25498</A><BR><BR><B>Other references:
</B><BR>OSVDB:36083, OSVDB:36085,
OSVDB:36869</DIV></TD></TR></TBODY></TABLE>
<TABLE cellSpacing=0 cellPadding=2 width="70%" align=center border=0>
<TBODY>
<TR class=plugin_sev_high>
<TD class=plugin_label align=left>PHP < 5.2 Multiple
Vulnerabilities</TD></TR>
<TR class=info_bg>
<TD class=info_text colSpan=2>
<DIV class=plugin_output><BR><B>Synopsis:</B><BR>The remote web server
uses a version of PHP that is affected by multiple buffer
overflows.<BR><BR><B>Description:</B><BR>According to its banner, the
version of PHP installed on the remote host is older than 5.2. Such
versions may be affected by several buffer overflows. To exploit these
issues, an attacker would need the ability to upload an arbitrary PHP
script on the remote server, or to be able to manipulate several
variables processed by some PHP functions such as
htmlentities().<BR><BR><B>Risk factor:</B><BR>High<BR><BR><B>CVSS Base
Score:</B>7.5<BR>CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P<BR><BR><B>See
also:</B><BR><A href="http://www.php.net/releases/5_2_0.php"
moz-do-not-send="true">http://www.php.net/releases/5_2_0.php</A><BR><BR><B>Solution:</B><BR>Upgrade
to PHP version 5.2.0 or later.<BR><BR><B>Plugin output:</B><BR>PHP
version 5.1.6 appears to be running on the remote host based on the
following X-Powered-By response header : X-Powered-By: PHP/5.1.6
<BR><BR><B>Plugin ID:</B><BR><A
href="http://www.nessus.org/plugins/index.php?view=single&id=31649"
moz-do-not-send="true">31649</A><BR><BR><B>CVE:
</B><BR>CVE-2006-5465<BR><BR><B>BID: </B><BR><A
href="http://www.securityfocus.com/bid/20879"
moz-do-not-send="true">20879</A><BR><BR><B>Other references:
</B><BR>OSVDB:30178, OSVDB:30179</DIV></TD></TR></TBODY></TABLE>
<TABLE cellSpacing=0 cellPadding=2 width="70%" align=center border=0>
<TBODY>
<TR class=plugin_sev_high>
<TD class=plugin_label align=left>PHP 5 < 5.2.7 Multiple
Vulnerabilities</TD></TR>
<TR class=info_bg>
<TD class=info_text colSpan=2>
<DIV class=plugin_output><BR><B>Synopsis:</B><BR>The remote web server
uses a version of PHP that is affected by multiple
flaws.<BR><BR><B>Description:</B><BR>According to its banner, the
version of PHP installed on the remote host is older than 5.2.7. Such
versions may be affected by several security issues : - File
truncation can occur when calling 'dba_replace()' with an invalid
argument. - There is a buffer overflow in the bundled PCRE library
fixed by 7.8. (CVE-2008-2371) - A buffer overflow in the
'imageloadfont()' function in 'ext/gd/gd.c' can be triggered when a
specially crafted font is given. (CVE-2008-3658) - There is a buffer
overflow in PHP's internal function 'memnstr()', which is exposed to
userspace as 'explode()'. (CVE-2008-3659) - When used as a FastCGI
module, PHP segfaults when opening a file whose name contains two dots
(eg, 'file..php'). (CVE-2008-3660) - Multiple directory traversal
vulnerabilities in functions such as 'posix_access()', 'chdir()',
'ftok()' may allow a remote attacker to bypass 'safe_mode'
restrictions. (CVE-2008-2665 and CVE-2008-2666). - A buffer overflow
may be triggered when processing long message headers in 'php_imap.c'
due to use of an obsolete API call. (CVE-2008-2829) - A heap-based
buffer overflow may be triggered via a call to 'mb_check_encoding()',
part of the 'mbstring' extension. (CVE-2008-5557) - Missing
initialization of 'BG(page_uid)' and 'BG(page_gid)' when PHP is used
as an Apache module may allow for bypassing security restriction due
to SAPI 'php_getuid()' overloading. (CVE-2008-5624) - Incorrect
'php_value' order for Apache configuration may allow bypassing PHP's
'safe_mode' setting. (CVE-2008-5625) - The ZipArchive:extractTo()
method in the ZipArchive extension fails to filter directory traversal
sequences from file names. (CVE-2008-5658)<BR><BR><B>Risk
factor:</B><BR>High<BR><BR><B>CVSS Base
Score:</B>7.5<BR>CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P<BR><BR><B>See
also:</B><BR><A
href="http://securityreason.com/achievement_securityalert/57"
moz-do-not-send="true">http://securityreason.com/achievement_securityalert/57</A><BR><BR><B>See
also:</B><BR><A class=moz-txt-link-freetext
href="http://securityreason.com/achievement_securityalert/58">http://securityreason.com/achievement_securityalert/58</A><BR><BR><B>See
also:</B><BR><A class=moz-txt-link-freetext
href="http://securityreason.com/achievement_securityalert/59">http://securityreason.com/achievement_securityalert/59</A><BR><BR><B>See
also:</B><BR><A class=moz-txt-link-freetext
href="http://www.sektioneins.de/advisories/SE-2008-06.txt">http://www.sektioneins.de/advisories/SE-2008-06.txt</A><BR><BR><B>See
also:</B><BR><A class=moz-txt-link-freetext
href="http://archives.neohapsis.com/archives/fulldisclosure/2008-06/0238.html">http://archives.neohapsis.com/archives/fulldisclosure/2008-06/0238.html</A><BR><BR><B>See
also:</B><BR><A class=moz-txt-link-freetext
href="http://archives.neohapsis.com/archives/fulldisclosure/2008-06/0239.html">http://archives.neohapsis.com/archives/fulldisclosure/2008-06/0239.html</A><BR><BR><B>See
also:</B><BR><A class=moz-txt-link-freetext
href="http://www.openwall.com/lists/oss-security/2008/08/08/2">http://www.openwall.com/lists/oss-security/2008/08/08/2</A><BR><BR><B>See
also:</B><BR><A class=moz-txt-link-freetext
href="http://www.openwall.com/lists/oss-security/2008/08/13/8">http://www.openwall.com/lists/oss-security/2008/08/13/8</A><BR><BR><B>See
also:</B><BR><A class=moz-txt-link-freetext
href="http://archives.neohapsis.com/archives/fulldisclosure/2008-11/0433.html">http://archives.neohapsis.com/archives/fulldisclosure/2008-11/0433.html</A><BR><BR><B>See
also:</B><BR><A class=moz-txt-link-freetext
href="http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0089.html">http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0089.html</A><BR><BR><B>See
also:</B><BR><A class=moz-txt-link-freetext
href="http://bugs.php.net/bug.php?id=42862">http://bugs.php.net/bug.php?id=42862</A><BR><BR><B>See
also:</B><BR><A class=moz-txt-link-freetext
href="http://bugs.php.net/bug.php?id=45151">http://bugs.php.net/bug.php?id=45151</A><BR><BR><B>See
also:</B><BR><A class=moz-txt-link-freetext
href="http://bugs.php.net/bug.php?id=45722">http://bugs.php.net/bug.php?id=45722</A><BR><BR><B>See
also:</B><BR><A class=moz-txt-link-freetext
href="http://www.php.net/releases/5_2_7.php">http://www.php.net/releases/5_2_7.php</A><BR><BR><B>See
also:</B><BR><A class=moz-txt-link-freetext
href="http://www.php.net/ChageLog-5.php#5.2.7">http://www.php.net/ChageLog-5.php#5.2.7</A><BR><BR><B>Solution:</B><BR>Upgrade
to PHP version 5.2.8 or later. Note that 5.2.7 was been removed from
distribution because of a regression in that version that results in
the 'magic_quotes_gpc' setting remaining off even if it was set to
on.<BR><BR><B>Plugin output:</B><BR>PHP version 5.1.6 appears to be
running on the remote host based on the following X-Powered-By
response header : X-Powered-By: PHP/5.1.6 <BR><BR><B>Plugin
ID:</B><BR><A
href="http://www.nessus.org/plugins/index.php?view=single&id=35043"
moz-do-not-send="true">35043</A><BR><BR><B>CVE: </B><BR>CVE-2008-2371,
CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-3658,
CVE-2008-3659, CVE-2008-3660, CVE-2008-5557, CVE-2008-5624,
CVE-2008-5625, CVE-2008-5658<BR><BR><B>BID: </B><BR><A
href="http://www.securityfocus.com/bid/29796"
moz-do-not-send="true">29796</A>, <A
href="http://www.securityfocus.com/bid/29797"
moz-do-not-send="true">29797</A>, <A
href="http://www.securityfocus.com/bid/29829"
moz-do-not-send="true">29829</A>, <A
href="http://www.securityfocus.com/bid/30087"
moz-do-not-send="true">30087</A>, <A
href="http://www.securityfocus.com/bid/30649"
moz-do-not-send="true">30649</A>, <A
href="http://www.securityfocus.com/bid/31612"
moz-do-not-send="true">31612</A>, <A
href="http://www.securityfocus.com/bid/32383"
moz-do-not-send="true">32383</A>, <A
href="http://www.securityfocus.com/bid/32625"
moz-do-not-send="true">32625</A>, <A
href="http://www.securityfocus.com/bid/32688"
moz-do-not-send="true">32688</A>, <A
href="http://www.securityfocus.com/bid/32948"
moz-do-not-send="true">32948</A><BR><BR><B>Other references:
</B><BR>OSVDB:46584, OSVDB:46638, OSVDB:46639, OSVDB:46641,
OSVDB:46690, OSVDB:47796, OSVDB:47797, OSVDB:47798, OSVDB:50480,
OSVDB:51477, OSVDB:52205, OSVDB:52206,
OSVDB:52207</DIV></TD></TR></TBODY></TABLE>
<TABLE cellSpacing=0 cellPadding=2 width="70%" align=center border=0>
<TBODY>
<TR class=plugin_sev_high>
<TD class=plugin_label align=left>PHP < 5.2.6 Multiple
Vulnerabilities</TD></TR>
<TR class=info_bg>
<TD class=info_text colSpan=2>
<DIV class=plugin_output><BR><B>Synopsis:</B><BR>The remote web server
uses a version of PHP that is affected by multiple
flaws.<BR><BR><B>Description:</B><BR>According to its banner, the
version of PHP installed on the remote host is older than 5.2.6. Such
versions may be affected by the following issues : - A stack buffer
overflow in FastCGI SAPI. - An integer overflow in printf(). - An
security issue arising from improper calculation of the length of
PATH_TRANSLATED in cgi_main.c. - A safe_mode bypass in cURL. -
Incomplete handling of multibyte chars inside escapeshellcmd(). -
Issues in the bundled PCRE fixed by version 7.6.<BR><BR><B>Risk
factor:</B><BR>High<BR><BR><B>CVSS Base
Score:</B>7.5<BR>CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P<BR><BR><B>See
also:</B><BR><A
href="http://archives.neohapsis.com/archives/bugtraq/2008-03/0321.html"
moz-do-not-send="true">http://archives.neohapsis.com/archives/bugtraq/2008-03/0321.html</A><BR><BR><B>See
also:</B><BR><A class=moz-txt-link-freetext
href="http://archives.neohapsis.com/archives/fulldisclosure/2008-05/0103.html">http://archives.neohapsis.com/archives/fulldisclosure/2008-05/0103.html</A><BR><BR><B>See
also:</B><BR><A class=moz-txt-link-freetext
href="http://archives.neohapsis.com/archives/fulldisclosure/2008-05/0107.html">http://archives.neohapsis.com/archives/fulldisclosure/2008-05/0107.html</A><BR><BR><B>See
also:</B><BR><A class=moz-txt-link-freetext
href="http://www.php.net/releases/5_2_6.php">http://www.php.net/releases/5_2_6.php</A><BR><BR><B>Solution:</B><BR>Upgrade
to PHP version 5.2.6 or later.<BR><BR><B>Plugin output:</B><BR>PHP
version 5.1.6 appears to be running on the remote host based on the
following X-Powered-By response header : X-Powered-By: PHP/5.1.6
<BR><BR><B>Plugin ID:</B><BR><A
href="http://www.nessus.org/plugins/index.php?view=single&id=32123"
moz-do-not-send="true">32123</A><BR><BR><B>CVE: </B><BR>CVE-2007-4850,
CVE-2008-0599, CVE-2008-1384, CVE-2008-2050,
CVE-2008-2051<BR><BR><B>BID: </B><BR><A
href="http://www.securityfocus.com/bid/27413"
moz-do-not-send="true">27413</A>, <A
href="http://www.securityfocus.com/bid/28392"
moz-do-not-send="true">28392</A>, <A
href="http://www.securityfocus.com/bid/29009"
moz-do-not-send="true">29009</A><BR><BR><B>Other references:
</B><BR>OSVDB:43219, OSVDB:44057, OSVDB:44906, OSVDB:44907,
OSVDB:44908, Secunia:30048</DIV></TD></TR></TBODY></TABLE></SPAN></DIV>
<DIV><SPAN class=823452818-18082010></SPAN> </DIV><!-- Converted from text/plain format -->
<P><FONT size=2>BRIAN M. DUNCAN<BR>Data Security Administrator<BR>Katten
Muchin Rosenman LLP<BR>525 W. Monroe Street / Chicago, IL 60661-3693<BR>p /
(312) 577-8045 f / (312) 577-4490<BR><A
href="mailto:brian.duncan@kattenlaw.com"
moz-do-not-send="true">brian.duncan@kattenlaw.com</A> / <A
href="http://www.kattenlaw.com"
moz-do-not-send="true">www.kattenlaw.com</A><BR></FONT></P>
<DIV class=moz-signature>
<CENTER> </CENTER></DIV>
<TABLE>
<TBODY>
<TR>
<TD bgColor=#ffffff><FONT color=#000000><PRE>===========================================================
CIRCULAR 230 DISCLOSURE: Pursuant to Regulations Governing Practice Before the Internal Revenue
Service, any tax advice contained herein is not intended or written to be used and cannot be used
by a taxpayer for the purpose of avoiding tax penalties that may be imposed on the taxpayer.
===========================================================
CONFIDENTIALITY NOTICE:
This electronic mail message and any attached files contain information intended for the exclusive
use of the individual or entity to whom it is addressed and may contain information that is
proprietary, privileged, confidential and/or exempt from disclosure under applicable law. If you
are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or
distribution of this information may be subject to legal restriction or sanction. Please notify
the sender, by electronic mail or telephone, of any unintended recipients and delete the original
message without making any copies.
===========================================================
NOTIFICATION: Katten Muchin Rosenman LLP is an Illinois limited liability partnership that has
elected to be governed by the Illinois Uniform Partnership Act (1997).
===========================================================</PRE></FONT></TD></TR></TBODY></TABLE></DIV>
<DIV><SPAN>_______________________________________________</SPAN><BR><SPAN>ZendTo
mailing list</SPAN><BR><SPAN><A href="mailto:ZendTo@zend.to"
moz-do-not-send="true">ZendTo@zend.to</A></SPAN><BR><SPAN><A
href="http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto"
moz-do-not-send="true">http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto</A></SPAN></DIV></BLOCKQUOTE><PRE wrap=""><FIELDSET class=mimeAttachmentHeader></FIELDSET>
_______________________________________________
ZendTo mailing list
<A class=moz-txt-link-abbreviated href="mailto:ZendTo@zend.to">ZendTo@zend.to</A>
<A class=moz-txt-link-freetext href="http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto">http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto</A></PRE></BLOCKQUOTE><BR><PRE class=moz-signature cols="72">Jules
--
Julian Field MEng CITP CEng
<A class=moz-txt-link-abbreviated href="http://www.Zend.To">www.Zend.To</A>
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Follow me at twitter.com/JulesFM
</PRE></BODY></HTML>