TOC & Recently Viewed

Recently Viewed Topics

PHP/Apache Vulnerability Patch Release Notes - 7/16/2014

The SecurityCenter patch for the PHP/Apache vulnerabilities (CVE-2014-3515, CVE-2014-0098) is now available. For CVE-2014-0098 (Apache HTTP Server), patches are provided for SC 4.8.1, SC 4.7.1, and SC 4.6.2.2. The SecurityCenter 4.8.1 patch also fixes CVE-2014-3515 (PHP). Users are encouraged to update immediately.

Customers with SecurityCenter 4.6.x and 4.7.x that wish to apply a patch for the PHP related vulnerabilities can upgrade to SecurityCenter 4.8.1 and apply the patch mentioned above.

Note that this patch will re-apply the patches for OpenSSL as noted in TNS-2014-02 and TNS-2014-03.

For more information, see the Security Advisory.

To patch SecurityCenter, download the appropriate patch to the SecurityCenter host. Files are named "--.tgz". We recommend you put it in /tmp or its own folder.

Untar patchfile: # tar zxf ./--.tgz

Run the install script: # ./install.sh

File Names & MD5 Checksums

File MD5
sc4.8.1-rh6-64.tgz 4ad4fb7bee4546d4c3a59b3ae3da39a6
sc4.8.1-rh6-32.tgz 7a9b66ac070bb322d9eb9127beedab57
sc4.8.1-rh5-64.tgz 003fd53de9d56568d3c29e08c93bcb90
sc4.8.1-rh5-32.tgz 639d867aee00d05f10d71c35ea5683bc
sc4.7.1-rh6-64.tgz 0c23ec8403b4f865953eb5aca6248f16
sc4.7.1-rh6-32.tgz 31e802c05658d9e363174cdaca5461ac
sc4.7.1-rh5-64.tgz d88d8e5842122da166fcb45ccda01233
sc4.7.1-rh5-32.tgz 3e9f009924e692aeae0e795c74b17a2f
sc4.6.2.2-rh6-64.tgz 4df5e9904c58a881fa01ca5ac6c52dde
sc4.6.2.2-rh6-32.tgz c014d0258a8af365e5cd609741ea8aab
sc4.6.2.2-rh5-64.tgz fd160d7edb47a00a015624048b941583
sc4.6.2.2-rh5-32.tgz ca22c43ca32b9bc6698c3cc2300ef8f7

Copyright 2017 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.  Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc.  All other products or services are trademarks of their respective owners.