HP-UX update for Apache with PHP

Secunia ID	SA49541
CVE-ID	CVE-2011-4153, CVE-2012-0830, CVE-2012-0883, CVE-2012-1172, CVE-2012-1823, CVE-2012-2311
Release Date	15 Jun 2012
Last Change	23 Aug 2012
Criticality	Highly Critical
Solution Status	Vendor Patch
Where	From remote
Impact	System access This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user. Exposure of sensitive information Vulnerabilities where documents or credentials are leaked or can be revealed either locally or from remote. Privilege escalation This covers vulnerabilities where a user is able to conduct certain tasks with the privileges of other users or administrative users. This typically includes cases where a local user on a client or server system can gain access to the administrator or root account thus taking full control of the system.
Description	HP-UX has issued an update for Apache with PHP. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to disclose certain sensitive information or compromise a vulnerable system. For more information: SA47806 SA48849 SA49014 The vulnerabilities are reported in the following versions: * HP-UX versions B.11.23 and B.11.31 running Apache Web Server Suite version 3.24 or prior * HP-UX version B.11.11 running HP-UX Apache Web Server Suite v2.35 or prior
Solution	Update to a fixed version (please see the vendor's advisory for more information).
Original Advisory	HPSBUX02791 SSRT100856: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03368475

© 1997-2013 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.
The authors' opinions do not necessarily reflect the official positions of Kaspersky Lab.