TOC & Recently Viewed

Recently Viewed Topics

PHP/Apache Vulnerability Patch Release Notes - 7/16/2014

The SecurityCenter patch for the PHP/Apache vulnerabilities (CVE-2014-3515, CVE-2014-0098) is now available. Appliance users can apply a patch that has been created for SecurityCenter 4.6.2.2, 4.7.1, or 4.8.1 running on it. When applied to an appliance running SecurityCenter 4.8.1, the vulnerabilities identified as CVE-2014-0098 (Apache HTTP Server) and CVE-2014-3515 (PHP) will be patched. When applied to an appliance running SecurityCenter 4.7.1 or SecurityCenter 4.6.2.2, the vulnerability for CVE-2014-0098 (Apache HTTP Server) will be patched.

If a user running SecurityCenter 4.6.x or 4.7.x wants to address the two PHP vulnerabilities, they will need to upgrade to an appliance running SecurityCenter 4.8.1.

In addition, please note that this patch will re-apply the patches for OpenSSL as noted in TNS-2014-02 and TNS-2014-03 for SecurityCenter 4.6.2.2, 4.7.1, and 4.8.1.

Tenable Appliance versions 2.4.1, 2.4.1-1, 2.6.0, 2.6.1, 2.6.2, and 2.8.1 require this patch.

For more information, see the Security Advisory.

File Names & MD5 Checksums

File MD5
SC4-ApacheUpgrade.tar.gz 3dd17e456d34326050d501dac02d4eda

Copyright 2017 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.  Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc.  All other products or services are trademarks of their respective owners.