Ubuntu Update For Php5 USN-1937-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

It was discovered that PHP did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

Affected

php5 on Ubuntu 13.04 , Ubuntu 12.10 , Ubuntu 12.04 LTS , Ubuntu 10.04 LTS

Severity

Classification

CVE CVE-2013-4248

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Ubuntu Update for bzip2 vulnerability USN-590-1
Ubuntu Update for clamav USN-1258-1
Ubuntu Update for dbus vulnerabilities USN-653-1
Ubuntu Update for audiofile vulnerability USN-912-1
Ubuntu Update for avahi vulnerabilities USN-696-1

Ubuntu Update for php5 USN-1937-1

Take action and discover your vulnerabilities