Search Engine: Elastic

Sphera Security Update - Updated php packages fix XSS and response splitting vulnerabilities February 5 2006

Article ID: 4214, created on Mar 24, 2008, last review on Apr 18, 2012

  • Applies to:
  • Sphera

Resolution

 February 5, 2006

Dear Sphera customer,

On February 2, 2006, a PHP security advisory was released.

Vulnerability Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0207

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0208

Solution:
This vulnerability applies to applications and end-users utilizing PHP version 4.3.11 and prior versions. Sphera customers running DCM1.5/4.1 and ServerDirector Linux 3.7 on RHEL ES/AS2.1 will have a patch available on February 28, 2006. The fix will be based on the RPM distribution tool. Detailed instructions on using the tool and applying the patch will be included with the release.

 

 

Should you have any questions, please contact us through your eService account at http://support.sphera.com

5f478287f7e74fe9b07217d8131cd741 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF