[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: Vulnerable PHP version according to nessus



Thnaks, I checked the CVE`s against the changelogs and approx. 50% is covered.
Is there a website of some sort to check what kind of CVE`s have been patched?
If nessus does not provide a reliable report, what is the best next step to take here?
Are there any howto`s or tutorials on howto secure a php installation on a debian system?
Any suggestions would be very helpful.



From: j.andradas@gmail.com
Date: Wed, 28 Dec 2011 12:47:48 +0100
Subject: Re: Vulnerable PHP version according to nessus
To: jmm@debian.org
CC: debian-security@lists.debian.org

2011/12/28 Moritz Mühlenhoff <jmm@debian.org>
Dave Henley <dhenley1@live.com> schrieb:
> --_08b89ad2-8af0-454c-bd3d-7274adf10707_
> Content-Type: text/plain; charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
>
> I recently installed a Debian Squeeze system along with apache2 and PHP5.
> The system is fully up-to-date and the following php packages are installed=

Nearly all Nessus checks are junk; they only check version
numbers, but not whether a vulnerability has actually been fixed.


In order to try to be more accurate, you could enable the "Thorough scan" option in Nessus. Disable the "safe checks" options might help, so Nessus does not rely (only) on version number and banners but actually tries to exploit the vulnerability (depending on how the NASL script/plugin is written, of course). However, this could cause that, if there is a denial of service vulnerability or any other that might impact on running services, these might be affected, and maybe the service would have to be restarted or even the host rebooted (for example, if it's a vulnerability that crashes the OS)
 
Since we address security vulnerabilities with backports this
leads to numerous false positives.

Cheers,
       Moritz



Best Regards,

--
Jonás Andradas
GPG Fingerprint:  678F 7BD0 83C3 28CE 9E8F
                           3F7F 4D87 9996 E0C6 9372


Reply to: