Re: Vulnerable PHP version according to nessus

To: Dave Henley <dhenley1@live.com>
Cc: j.andradas@gmail.com, jmm@debian.org, debian-security@lists.debian.org
Subject: Re: Vulnerable PHP version according to nessus
From: Henri Salo <henri@nerv.fi>
Date: Wed, 28 Dec 2011 15:31:53 +0200
Message-id: <[🔎] 20111228133153.GA15261@foo.fgeek.fi>
In-reply-to: <[🔎] BLU158-W1634D140193DD1F773C494E5AC0@phx.gbl>
References: <[🔎] BLU158-W3718F107C250F651101134E5AC0@phx.gbl> <[🔎] slrnjflq7n.3ki.jmm@inutil.org> <[🔎] CAGFMKp-xMmnvEmaQBQG4R-i_KZ2y1LFe5xkoXCgX0kFPxorb2w@mail.gmail.com> <[🔎] BLU158-W1634D140193DD1F773C494E5AC0@phx.gbl>

On Wed, Dec 28, 2011 at 12:53:13PM +0000, Dave Henley wrote:
> Thnaks, I checked the CVE`s against the changelogs and approx. 50% is covered.
> Is there a website of some sort to check what kind of CVE`s have been patched?
> If nessus does not provide a reliable report, what is the best next step to take here?
> Are there any howto`s or tutorials on howto secure a php installation on a debian system?
> Any suggestions would be very helpful.

Update all software in your www-server. Some useful links:

http://security-tracker.debian.org/tracker/
http://www.debian.org/doc/manuals/securing-debian-howto/

- Henri Salo

Reply to:

Follow-Ups:
- RE: Vulnerable PHP version according to nessus
  - From: Dave Henley <dhenley1@live.com>

References:
- Vulnerable PHP version according to nessus
  - From: Dave Henley <dhenley1@live.com>
- Re: Vulnerable PHP version according to nessus
  - From: Moritz Mühlenhoff <jmm@debian.org>
- Re: Vulnerable PHP version according to nessus
  - From: Jonas Andradas <j.andradas@gmail.com>
- RE: Vulnerable PHP version according to nessus
  - From: Dave Henley <dhenley1@live.com>

Prev by Date: RE: Vulnerable PHP version according to nessus
Next by Date: RE: Vulnerable PHP version according to nessus
Previous by thread: RE: Vulnerable PHP version according to nessus
Next by thread: RE: Vulnerable PHP version according to nessus
Index(es):
- Date
- Thread