SUSE Linux Security Vulnerability: CVE-2012-0831
7
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
02/10/2012
07/25/2018
02/17/2015
07/04/2017
Description
PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c.
Solution(s)
- suse-upgrade-apache2-mod_php5
- suse-upgrade-apache2-mod_php5-debuginfo
- suse-upgrade-apache2-mod_php53
- suse-upgrade-php5
- suse-upgrade-php5-bcmath
- suse-upgrade-php5-bcmath-debuginfo
- suse-upgrade-php5-bz2
- suse-upgrade-php5-bz2-debuginfo
- suse-upgrade-php5-calendar
- suse-upgrade-php5-calendar-debuginfo
- suse-upgrade-php5-ctype
- suse-upgrade-php5-ctype-debuginfo
- suse-upgrade-php5-curl
- suse-upgrade-php5-curl-debuginfo
- suse-upgrade-php5-dba
- suse-upgrade-php5-dba-debuginfo
- suse-upgrade-php5-dbase
- suse-upgrade-php5-debuginfo
- suse-upgrade-php5-debugsource
- suse-upgrade-php5-devel
- suse-upgrade-php5-dom
- suse-upgrade-php5-dom-debuginfo
- suse-upgrade-php5-enchant
- suse-upgrade-php5-enchant-debuginfo
- suse-upgrade-php5-exif
- suse-upgrade-php5-exif-debuginfo
- suse-upgrade-php5-fastcgi
- suse-upgrade-php5-fastcgi-debuginfo
- suse-upgrade-php5-fileinfo
- suse-upgrade-php5-fileinfo-debuginfo
- suse-upgrade-php5-fpm
- suse-upgrade-php5-fpm-debuginfo
- suse-upgrade-php5-ftp
- suse-upgrade-php5-ftp-debuginfo
- suse-upgrade-php5-gd
- suse-upgrade-php5-gd-debuginfo
- suse-upgrade-php5-gettext
- suse-upgrade-php5-gettext-debuginfo
- suse-upgrade-php5-gmp
- suse-upgrade-php5-gmp-debuginfo
- suse-upgrade-php5-hash
- suse-upgrade-php5-iconv
- suse-upgrade-php5-iconv-debuginfo
- suse-upgrade-php5-imap
- suse-upgrade-php5-imap-debuginfo
- suse-upgrade-php5-intl
- suse-upgrade-php5-intl-debuginfo
- suse-upgrade-php5-json
- suse-upgrade-php5-json-debuginfo
- suse-upgrade-php5-ldap
- suse-upgrade-php5-ldap-debuginfo
- suse-upgrade-php5-mbstring
- suse-upgrade-php5-mbstring-debuginfo
- suse-upgrade-php5-mcrypt
- suse-upgrade-php5-mcrypt-debuginfo
- suse-upgrade-php5-mhash
- suse-upgrade-php5-mssql
- suse-upgrade-php5-mssql-debuginfo
- suse-upgrade-php5-mysql
- suse-upgrade-php5-mysql-debuginfo
- suse-upgrade-php5-ncurses
- suse-upgrade-php5-odbc
- suse-upgrade-php5-odbc-debuginfo
- suse-upgrade-php5-openssl
- suse-upgrade-php5-openssl-debuginfo
- suse-upgrade-php5-pcntl
- suse-upgrade-php5-pcntl-debuginfo
- suse-upgrade-php5-pdo
- suse-upgrade-php5-pdo-debuginfo
- suse-upgrade-php5-pear
- suse-upgrade-php5-pgsql
- suse-upgrade-php5-pgsql-debuginfo
- suse-upgrade-php5-phar
- suse-upgrade-php5-phar-debuginfo
- suse-upgrade-php5-posix
- suse-upgrade-php5-posix-debuginfo
- suse-upgrade-php5-pspell
- suse-upgrade-php5-pspell-debuginfo
- suse-upgrade-php5-readline
- suse-upgrade-php5-readline-debuginfo
- suse-upgrade-php5-shmop
- suse-upgrade-php5-shmop-debuginfo
- suse-upgrade-php5-snmp
- suse-upgrade-php5-snmp-debuginfo
- suse-upgrade-php5-soap
- suse-upgrade-php5-soap-debuginfo
- suse-upgrade-php5-sockets
- suse-upgrade-php5-sockets-debuginfo
- suse-upgrade-php5-sqlite
- suse-upgrade-php5-sqlite-debuginfo
- suse-upgrade-php5-suhosin
- suse-upgrade-php5-suhosin-debuginfo
- suse-upgrade-php5-sysvmsg
- suse-upgrade-php5-sysvmsg-debuginfo
- suse-upgrade-php5-sysvsem
- suse-upgrade-php5-sysvsem-debuginfo
- suse-upgrade-php5-sysvshm
- suse-upgrade-php5-sysvshm-debuginfo
- suse-upgrade-php5-tidy
- suse-upgrade-php5-tidy-debuginfo
- suse-upgrade-php5-tokenizer
- suse-upgrade-php5-tokenizer-debuginfo
- suse-upgrade-php5-wddx
- suse-upgrade-php5-wddx-debuginfo
- suse-upgrade-php5-xmlreader
- suse-upgrade-php5-xmlreader-debuginfo
- suse-upgrade-php5-xmlrpc
- suse-upgrade-php5-xmlrpc-debuginfo
- suse-upgrade-php5-xmlwriter
- suse-upgrade-php5-xmlwriter-debuginfo
- suse-upgrade-php5-xsl
- suse-upgrade-php5-xsl-debuginfo
- suse-upgrade-php5-zip
- suse-upgrade-php5-zip-debuginfo
- suse-upgrade-php5-zlib
- suse-upgrade-php5-zlib-debuginfo
- suse-upgrade-php53
- suse-upgrade-php53-bcmath
- suse-upgrade-php53-bz2
- suse-upgrade-php53-calendar
- suse-upgrade-php53-ctype
- suse-upgrade-php53-curl
- suse-upgrade-php53-dba
- suse-upgrade-php53-devel
- suse-upgrade-php53-dom
- suse-upgrade-php53-exif
- suse-upgrade-php53-fastcgi
- suse-upgrade-php53-fileinfo
- suse-upgrade-php53-ftp
- suse-upgrade-php53-gd
- suse-upgrade-php53-gettext
- suse-upgrade-php53-gmp
- suse-upgrade-php53-iconv
- suse-upgrade-php53-imap
- suse-upgrade-php53-intl
- suse-upgrade-php53-json
- suse-upgrade-php53-ldap
- suse-upgrade-php53-mbstring
- suse-upgrade-php53-mcrypt
- suse-upgrade-php53-mysql
- suse-upgrade-php53-odbc
- suse-upgrade-php53-openssl
- suse-upgrade-php53-pcntl
- suse-upgrade-php53-pdo
- suse-upgrade-php53-pear
- suse-upgrade-php53-pgsql
- suse-upgrade-php53-posix
- suse-upgrade-php53-pspell
- suse-upgrade-php53-readline
- suse-upgrade-php53-shmop
- suse-upgrade-php53-snmp
- suse-upgrade-php53-soap
- suse-upgrade-php53-sockets
- suse-upgrade-php53-sqlite
- suse-upgrade-php53-suhosin
- suse-upgrade-php53-sysvmsg
- suse-upgrade-php53-sysvsem
- suse-upgrade-php53-sysvshm
- suse-upgrade-php53-tidy
- suse-upgrade-php53-tokenizer
- suse-upgrade-php53-wddx
- suse-upgrade-php53-xmlreader
- suse-upgrade-php53-xmlrpc
- suse-upgrade-php53-xmlwriter
- suse-upgrade-php53-xsl
- suse-upgrade-php53-zip
- suse-upgrade-php53-zlib
- suse-upgrade-sle-sdk-release
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center