ID ALAS-2017-924 Type amazon Reporter Amazon Modified 2017-11-15T20:05:00
Description
Issue Overview:
pcre: heap buffer overflow in handling of duplicate named groups (8.39/14)
The pcre_compile2 function in pcre_compile.c mishandles the /((?:F?+(?:^(?(R)a+\\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\\){97)?J)?J)(?'R'(?'R'\\){99|(:(?|(?'R')(\\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror. (CVE-2016-1283 __)
Affected Packages:
php56, php70, php71
Issue Correction:
Run yum update php56 to update your system.
Run yum update php70 to update your system.
Run yum update php71 to update your system.
{"cve": [{"lastseen": "2021-02-02T06:28:03", "description": "The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\\\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\\){97)?J)?J)(?'R'(?'R'\\){99|(:(?|(?'R')(\\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.", "edition": 4, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-01-03T00:59:00", "title": "CVE-2016-1283", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1283"], "modified": "2018-01-05T02:30:00", "cpe": ["cpe:/a:pcre:perl_compatible_regular_expression_library:8.38"], "id": "CVE-2016-1283", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1283", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:pcre:perl_compatible_regular_expression_library:8.38:*:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2019-02-20T21:07:56", "bulletinFamily": "software", "cvelist": ["CVE-2016-1283"], "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.1| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebSafe| None| 12.0.0 - 12.1.1 \n11.6.0 - 11.6.1| Not Vulnerable| None \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 - 5.1.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nTraffix SDC| None| 5.0.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "edition": 1, "modified": "2017-09-28T18:26:00", "published": "2016-10-07T20:37:00", "id": "F5:K98009539", "href": "https://support.f5.com/csp/article/K98009539", "title": "PHP/PCRE vulnerability CVE-2016-1283", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-10-07T21:24:35", "bulletinFamily": "software", "cvelist": ["CVE-2016-1283"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "modified": "2016-10-07T00:00:00", "published": "2016-10-07T00:00:00", "id": "SOL98009539", "href": "http://support.f5.com/kb/en-us/solutions/public/k/98/sol98009539.html", "type": "f5", "title": "SOL98009539 - PHP/PCRE vulnerability CVE-2016-1283", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-07T10:14:00", "description": "**PHP version 7.0.25** (26 Oct 2017)\n\n**Core:**\n\n - Fixed bug php#75241 (NULL pointer dereference in\n zend_mm_alloc_small()). (Laruence)\n\n - Fixed bug php#75236 (infinite loop when printing an\n error-message). (Andrea)\n\n - Fixed bug php#75252 (Incorrect token formatting on two\n parse errors in one request). (Nikita)\n\n - Fixed bug php#75220 (Segfault when calling is_callable\n on parent). (andrewnester)\n\n - Fixed bug php#75290 (debug info of Closures of internal\n functions contain garbage argument names). (Andrea)\n\n**Apache2Handler:**\n\n - Fixed bug php#75311 (error: 'zend_hash_key' has no\n member named 'arKey' in apache2handler). (mcarbonneaux)\n\n**Date:**\n\n - Fixed bug php#75055 (Out-Of-Bounds Read in\n timelib_meridian()). (Derick)\n\n**Intl:**\n\n - Fixed bug php#75318 (The parameter of\n UConverter::getAliases() is not optional). (cmb)\n\n**mcrypt:**\n\n - Fixed bug php#72535 (arcfour encryption stream filter\n crashes php). (Leigh)\n\n**PCRE:**\n\n - Fixed bug php#75207 (applied upstream patch for\n CVE-2016-1283). (Anatol)\n\n**litespeed:**\n\n - Fixed bug php#75248 (Binary directory doesn't get\n created when building only litespeed SAPI). (petk)\n\n - Fixed bug php#75251 (Missing program prefix and suffix).\n (petk)\n\n**SPL:**\n\n - Fixed bug php#73629\n (SplDoublyLinkedList::setIteratorMode masks intern\n flags). (J. Jeising, cmb)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 17, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-11-08T00:00:00", "title": "Fedora 25 : php (2017-cdaaf6ea12)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1283"], "modified": "2017-11-08T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:25", "p-cpe:/a:fedoraproject:fedora:php"], "id": "FEDORA_2017-CDAAF6EA12.NASL", "href": "https://www.tenable.com/plugins/nessus/104451", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-cdaaf6ea12.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104451);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-1283\");\n script_xref(name:\"FEDORA\", value:\"2017-cdaaf6ea12\");\n\n script_name(english:\"Fedora 25 : php (2017-cdaaf6ea12)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"**PHP version 7.0.25** (26 Oct 2017)\n\n**Core:**\n\n - Fixed bug php#75241 (NULL pointer dereference in\n zend_mm_alloc_small()). (Laruence)\n\n - Fixed bug php#75236 (infinite loop when printing an\n error-message). (Andrea)\n\n - Fixed bug php#75252 (Incorrect token formatting on two\n parse errors in one request). (Nikita)\n\n - Fixed bug php#75220 (Segfault when calling is_callable\n on parent). (andrewnester)\n\n - Fixed bug php#75290 (debug info of Closures of internal\n functions contain garbage argument names). (Andrea)\n\n**Apache2Handler:**\n\n - Fixed bug php#75311 (error: 'zend_hash_key' has no\n member named 'arKey' in apache2handler). (mcarbonneaux)\n\n**Date:**\n\n - Fixed bug php#75055 (Out-Of-Bounds Read in\n timelib_meridian()). (Derick)\n\n**Intl:**\n\n - Fixed bug php#75318 (The parameter of\n UConverter::getAliases() is not optional). (cmb)\n\n**mcrypt:**\n\n - Fixed bug php#72535 (arcfour encryption stream filter\n crashes php). (Leigh)\n\n**PCRE:**\n\n - Fixed bug php#75207 (applied upstream patch for\n CVE-2016-1283). (Anatol)\n\n**litespeed:**\n\n - Fixed bug php#75248 (Binary directory doesn't get\n created when building only litespeed SAPI). (petk)\n\n - Fixed bug php#75251 (Missing program prefix and suffix).\n (petk)\n\n**SPL:**\n\n - Fixed bug php#73629\n (SplDoublyLinkedList::setIteratorMode masks intern\n flags). (J. Jeising, cmb)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-cdaaf6ea12\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"php-7.0.25-1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T10:59:00", "description": "The PHP project reports :\n\nThe PHP development team announces the immediate availability of PHP\n5.6.32. This is a security release. Several security bugs were fixed\nin this release. All PHP 5.6 users are encouraged to upgrade to this\nversion.\n\nThe PHP development team announces the immediate availability of PHP\n7.0.25. This is a security release. Several security bugs were fixed\nin this release. All PHP 7.0 users are encouraged to upgrade to this\nversion.\n\nThe PHP development team announces the immediate availability of PHP\n7.1.11. This is a bugfix release, with several bug fixes included. All\nPHP 7.1 users are encouraged to upgrade to this version.", "edition": 24, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-10-31T00:00:00", "title": "FreeBSD : PHP -- denial of service attack (de7a2b32-bd7d-11e7-b627-d43d7e971a1b)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1283"], "modified": "2017-10-31T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:php70", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:php56", "p-cpe:/a:freebsd:freebsd:php71"], "id": "FREEBSD_PKG_DE7A2B32BD7D11E7B627D43D7E971A1B.NASL", "href": "https://www.tenable.com/plugins/nessus/104266", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104266);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-1283\");\n\n script_name(english:\"FreeBSD : PHP -- denial of service attack (de7a2b32-bd7d-11e7-b627-d43d7e971a1b)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The PHP project reports :\n\nThe PHP development team announces the immediate availability of PHP\n5.6.32. This is a security release. Several security bugs were fixed\nin this release. All PHP 5.6 users are encouraged to upgrade to this\nversion.\n\nThe PHP development team announces the immediate availability of PHP\n7.0.25. This is a security release. Several security bugs were fixed\nin this release. All PHP 7.0 users are encouraged to upgrade to this\nversion.\n\nThe PHP development team announces the immediate availability of PHP\n7.1.11. This is a bugfix release, with several bug fixes included. All\nPHP 7.1 users are encouraged to upgrade to this version.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/archive/2017.php#id2017-10-26-3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/archive/2017.php#id2017-10-26-1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/archive/2017.php#id2017-10-27-1\"\n );\n # https://vuxml.freebsd.org/freebsd/de7a2b32-bd7d-11e7-b627-d43d7e971a1b.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?846a3435\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php71\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/10/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"php56<5.6.32\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70<7.0.25\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php71<7.1.11\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T09:10:54", "description": "New pcre packages are available for Slackware 14.1 and -current to\nfix security issues.", "edition": 24, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-06-21T00:00:00", "title": "Slackware 14.1 / current : pcre (SSA:2016-172-02)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1283"], "modified": "2016-06-21T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux", "p-cpe:/a:slackware:slackware_linux:pcre"], "id": "SLACKWARE_SSA_2016-172-02.NASL", "href": "https://www.tenable.com/plugins/nessus/91719", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2016-172-02. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(91719);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-1283\");\n script_xref(name:\"SSA\", value:\"2016-172-02\");\n\n script_name(english:\"Slackware 14.1 / current : pcre (SSA:2016-172-02)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New pcre packages are available for Slackware 14.1 and -current to\nfix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.343110\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?94b919f6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected pcre package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:pcre\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/06/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.1\", pkgname:\"pcre\", pkgver:\"8.39\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"pcre\", pkgver:\"8.39\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"pcre\", pkgver:\"8.39\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"pcre\", pkgver:\"8.39\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:15:57", "description": "**PHP version 7.1.11** (26 Oct 2017)\n\n**Core:**\n\n - Fixed bug php#75241 (NULL pointer dereference in\n zend_mm_alloc_small()). (Laruence)\n\n - Fixed bug php#75236 (infinite loop when printing an\n error-message). (Andrea)\n\n - Fixed bug php#75252 (Incorrect token formatting on two\n parse errors in one request). (Nikita)\n\n - Fixed bug php#75220 (Segfault when calling is_callable\n on parent). (andrewnester)\n\n - Fixed bug php#75290 (debug info of Closures of internal\n functions contain garbage argument names). (Andrea)\n\n**Date:**\n\n - Fixed bug php#75055 (Out-Of-Bounds Read in\n timelib_meridian()). (Derick)\n\n**Apache2Handler:**\n\n - Fixed bug php#75311 (error: 'zend_hash_key' has no\n member named 'arKey' in apache2handler). (mcarbonneaux)\n\n**Hash:**\n\n - Fixed bug php#75303 (sha3 hangs on bigendian). (Remi)\n\n**Intl:**\n\n - Fixed bug php#75318 (The parameter of\n UConverter::getAliases() is not optional). (cmb)\n\n**mcrypt:**\n\n - Fixed bug php#72535 (arcfour encryption stream filter\n crashes php). (Leigh)\n\n**MySQLi:**\n\n - Fixed bug php#75018 (Data corruption when reading fields\n of bit type). (Anatol)\n\n**Opcache**\n\n - Fixed bug php#75255 (Request hangs and not finish).\n (Dmitry)\n\n**PCRE:**\n\n - Fixed bug php#75207 (applied upstream patch for\n CVE-2016-1283). (Anatol)\n\n**PDO_mysql:**\n\n - Fixed bug php#75177 (Type 'bit' is fetched as unexpected\n string). (Anatol)\n\n**SPL:**\n\n - Fixed bug php#73629\n (SplDoublyLinkedList::setIteratorMode masks intern\n flags). (J. Jeising, cmb)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 17, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-01-15T00:00:00", "title": "Fedora 27 : php (2017-46e8bdccef)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1283"], "modified": "2018-01-15T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:27", "p-cpe:/a:fedoraproject:fedora:php"], "id": "FEDORA_2017-46E8BDCCEF.NASL", "href": "https://www.tenable.com/plugins/nessus/105865", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-46e8bdccef.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105865);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-1283\");\n script_xref(name:\"FEDORA\", value:\"2017-46e8bdccef\");\n\n script_name(english:\"Fedora 27 : php (2017-46e8bdccef)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"**PHP version 7.1.11** (26 Oct 2017)\n\n**Core:**\n\n - Fixed bug php#75241 (NULL pointer dereference in\n zend_mm_alloc_small()). (Laruence)\n\n - Fixed bug php#75236 (infinite loop when printing an\n error-message). (Andrea)\n\n - Fixed bug php#75252 (Incorrect token formatting on two\n parse errors in one request). (Nikita)\n\n - Fixed bug php#75220 (Segfault when calling is_callable\n on parent). (andrewnester)\n\n - Fixed bug php#75290 (debug info of Closures of internal\n functions contain garbage argument names). (Andrea)\n\n**Date:**\n\n - Fixed bug php#75055 (Out-Of-Bounds Read in\n timelib_meridian()). (Derick)\n\n**Apache2Handler:**\n\n - Fixed bug php#75311 (error: 'zend_hash_key' has no\n member named 'arKey' in apache2handler). (mcarbonneaux)\n\n**Hash:**\n\n - Fixed bug php#75303 (sha3 hangs on bigendian). (Remi)\n\n**Intl:**\n\n - Fixed bug php#75318 (The parameter of\n UConverter::getAliases() is not optional). (cmb)\n\n**mcrypt:**\n\n - Fixed bug php#72535 (arcfour encryption stream filter\n crashes php). (Leigh)\n\n**MySQLi:**\n\n - Fixed bug php#75018 (Data corruption when reading fields\n of bit type). (Anatol)\n\n**Opcache**\n\n - Fixed bug php#75255 (Request hangs and not finish).\n (Dmitry)\n\n**PCRE:**\n\n - Fixed bug php#75207 (applied upstream patch for\n CVE-2016-1283). (Anatol)\n\n**PDO_mysql:**\n\n - Fixed bug php#75177 (Type 'bit' is fetched as unexpected\n string). (Anatol)\n\n**SPL:**\n\n - Fixed bug php#73629\n (SplDoublyLinkedList::setIteratorMode masks intern\n flags). (J. Jeising, cmb)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-46e8bdccef\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"php-7.1.11-1.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:15:03", "description": "This release fixes a heap buffer overflow in handling of nested\nduplicate named groups with a nested back reference and a heap buffer\noverflow in pcretest causing infinite loop when matching globally with\nan ovector less than 2.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-16T00:00:00", "title": "Fedora 22 : pcre-8.38-3.fc22 (2016-f5af8e27ce)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1283"], "modified": "2016-03-16T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pcre", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2016-F5AF8E27CE.NASL", "href": "https://www.tenable.com/plugins/nessus/89948", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-f5af8e27ce.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89948);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-1283\");\n script_xref(name:\"FEDORA\", value:\"2016-f5af8e27ce\");\n\n script_name(english:\"Fedora 22 : pcre-8.38-3.fc22 (2016-f5af8e27ce)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This release fixes a heap buffer overflow in handling of nested\nduplicate named groups with a nested back reference and a heap buffer\noverflow in pcretest causing infinite loop when matching globally with\nan ovector less than 2.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1295385\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1312782\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-March/178955.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?14a14851\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected pcre package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pcre\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"pcre-8.38-3.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pcre\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:15:10", "description": "**PHP version 7.1.11** (26 Oct 2017)\n\n**Core:**\n\n - Fixed bug php#75241 (NULL pointer dereference in\n zend_mm_alloc_small()). (Laruence)\n\n - Fixed bug php#75236 (infinite loop when printing an\n error-message). (Andrea)\n\n - Fixed bug php#75252 (Incorrect token formatting on two\n parse errors in one request). (Nikita)\n\n - Fixed bug php#75220 (Segfault when calling is_callable\n on parent). (andrewnester)\n\n - Fixed bug php#75290 (debug info of Closures of internal\n functions contain garbage argument names). (Andrea)\n\n**Date:**\n\n - Fixed bug php#75055 (Out-Of-Bounds Read in\n timelib_meridian()). (Derick)\n\n**Apache2Handler:**\n\n - Fixed bug php#75311 (error: 'zend_hash_key' has no\n member named 'arKey' in apache2handler). (mcarbonneaux)\n\n**Hash:**\n\n - Fixed bug php#75303 (sha3 hangs on bigendian). (Remi)\n\n**Intl:**\n\n - Fixed bug php#75318 (The parameter of\n UConverter::getAliases() is not optional). (cmb)\n\n**mcrypt:**\n\n - Fixed bug php#72535 (arcfour encryption stream filter\n crashes php). (Leigh)\n\n**MySQLi:**\n\n - Fixed bug php#75018 (Data corruption when reading fields\n of bit type). (Anatol)\n\n**Opcache**\n\n - Fixed bug php#75255 (Request hangs and not finish).\n (Dmitry)\n\n**PCRE:**\n\n - Fixed bug php#75207 (applied upstream patch for\n CVE-2016-1283). (Anatol)\n\n**PDO_mysql:**\n\n - Fixed bug php#75177 (Type 'bit' is fetched as unexpected\n string). (Anatol)\n\n**SPL:**\n\n - Fixed bug php#73629\n (SplDoublyLinkedList::setIteratorMode masks intern\n flags). (J. Jeising, cmb)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 17, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-11-08T00:00:00", "title": "Fedora 26 : php (2017-0af85ae851)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1283"], "modified": "2017-11-08T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2017-0AF85AE851.NASL", "href": "https://www.tenable.com/plugins/nessus/104443", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-0af85ae851.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104443);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-1283\");\n script_xref(name:\"FEDORA\", value:\"2017-0af85ae851\");\n\n script_name(english:\"Fedora 26 : php (2017-0af85ae851)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"**PHP version 7.1.11** (26 Oct 2017)\n\n**Core:**\n\n - Fixed bug php#75241 (NULL pointer dereference in\n zend_mm_alloc_small()). (Laruence)\n\n - Fixed bug php#75236 (infinite loop when printing an\n error-message). (Andrea)\n\n - Fixed bug php#75252 (Incorrect token formatting on two\n parse errors in one request). (Nikita)\n\n - Fixed bug php#75220 (Segfault when calling is_callable\n on parent). (andrewnester)\n\n - Fixed bug php#75290 (debug info of Closures of internal\n functions contain garbage argument names). (Andrea)\n\n**Date:**\n\n - Fixed bug php#75055 (Out-Of-Bounds Read in\n timelib_meridian()). (Derick)\n\n**Apache2Handler:**\n\n - Fixed bug php#75311 (error: 'zend_hash_key' has no\n member named 'arKey' in apache2handler). (mcarbonneaux)\n\n**Hash:**\n\n - Fixed bug php#75303 (sha3 hangs on bigendian). (Remi)\n\n**Intl:**\n\n - Fixed bug php#75318 (The parameter of\n UConverter::getAliases() is not optional). (cmb)\n\n**mcrypt:**\n\n - Fixed bug php#72535 (arcfour encryption stream filter\n crashes php). (Leigh)\n\n**MySQLi:**\n\n - Fixed bug php#75018 (Data corruption when reading fields\n of bit type). (Anatol)\n\n**Opcache**\n\n - Fixed bug php#75255 (Request hangs and not finish).\n (Dmitry)\n\n**PCRE:**\n\n - Fixed bug php#75207 (applied upstream patch for\n CVE-2016-1283). (Anatol)\n\n**PDO_mysql:**\n\n - Fixed bug php#75177 (Type 'bit' is fetched as unexpected\n string). (Anatol)\n\n**SPL:**\n\n - Fixed bug php#73629\n (SplDoublyLinkedList::setIteratorMode masks intern\n flags). (J. Jeising, cmb)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-0af85ae851\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"php-7.1.11-1.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-03-01T01:22:56", "description": "pcre: heap buffer overflow in handling of duplicate named groups\n(8.39/14)\n\nThe pcre_compile2 function in pcre_compile.c mishandles a specific\ntype of pattern with named subgroups, which allows remote attackers to\ncause a denial of service (heap-based buffer overflow) or possibly\nhave unspecified other impact via a crafted regular expression, as\ndemonstrated by a JavaScript RegExp object encountered by Konqueror.\n(CVE-2016-1283)", "edition": 24, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-11-21T00:00:00", "title": "Amazon Linux AMI : php56 / php70,php71 (ALAS-2017-924)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1283"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php56-embedded", "p-cpe:/a:amazon:linux:php70-pdo", "p-cpe:/a:amazon:linux:php70-xml", "p-cpe:/a:amazon:linux:php71-embedded", "p-cpe:/a:amazon:linux:php70-mcrypt", "p-cpe:/a:amazon:linux:php71-pspell", "p-cpe:/a:amazon:linux:php56-devel", "p-cpe:/a:amazon:linux:php56-opcache", "p-cpe:/a:amazon:linux:php71-ldap", "p-cpe:/a:amazon:linux:php71-xml", "p-cpe:/a:amazon:linux:php71-debuginfo", "p-cpe:/a:amazon:linux:php71-json", "p-cpe:/a:amazon:linux:php71-pdo", "p-cpe:/a:amazon:linux:php70-debuginfo", "p-cpe:/a:amazon:linux:php56-debuginfo", "p-cpe:/a:amazon:linux:php70-enchant", "p-cpe:/a:amazon:linux:php56-gmp", "p-cpe:/a:amazon:linux:php70-snmp", "p-cpe:/a:amazon:linux:php56-ldap", "p-cpe:/a:amazon:linux:php70-mbstring", "p-cpe:/a:amazon:linux:php56-dbg", "p-cpe:/a:amazon:linux:php71-gd", "p-cpe:/a:amazon:linux:php56-xml", "p-cpe:/a:amazon:linux:php71-mcrypt", "p-cpe:/a:amazon:linux:php70-embedded", "p-cpe:/a:amazon:linux:php70-cli", "p-cpe:/a:amazon:linux:php70-dba", "p-cpe:/a:amazon:linux:php70-dbg", "p-cpe:/a:amazon:linux:php56-tidy", "p-cpe:/a:amazon:linux:php56-cli", "p-cpe:/a:amazon:linux:php56-fpm", "p-cpe:/a:amazon:linux:php70", "p-cpe:/a:amazon:linux:php71-gmp", "p-cpe:/a:amazon:linux:php70-pspell", "p-cpe:/a:amazon:linux:php56-bcmath", "p-cpe:/a:amazon:linux:php56-snmp", "p-cpe:/a:amazon:linux:php71-snmp", "p-cpe:/a:amazon:linux:php70-pgsql", "p-cpe:/a:amazon:linux:php70-intl", "p-cpe:/a:amazon:linux:php70-xmlrpc", "p-cpe:/a:amazon:linux:php70-gd", "p-cpe:/a:amazon:linux:php56-mcrypt", "p-cpe:/a:amazon:linux:php71-pgsql", "p-cpe:/a:amazon:linux:php71-odbc", "p-cpe:/a:amazon:linux:php70-process", "p-cpe:/a:amazon:linux:php71-common", "p-cpe:/a:amazon:linux:php70-odbc", "p-cpe:/a:amazon:linux:php56", "p-cpe:/a:amazon:linux:php71-intl", "p-cpe:/a:amazon:linux:php70-mysqlnd", "p-cpe:/a:amazon:linux:php56-xmlrpc", "p-cpe:/a:amazon:linux:php56-mssql", "p-cpe:/a:amazon:linux:php56-process", "p-cpe:/a:amazon:linux:php71-fpm", "p-cpe:/a:amazon:linux:php56-imap", "p-cpe:/a:amazon:linux:php70-tidy", "p-cpe:/a:amazon:linux:php56-pspell", "p-cpe:/a:amazon:linux:php70-pdo-dblib", "p-cpe:/a:amazon:linux:php70-common", "p-cpe:/a:amazon:linux:php71-xmlrpc", "p-cpe:/a:amazon:linux:php56-intl", "p-cpe:/a:amazon:linux:php70-devel", "p-cpe:/a:amazon:linux:php71-pdo-dblib", "p-cpe:/a:amazon:linux:php56-soap", "p-cpe:/a:amazon:linux:php56-mbstring", "p-cpe:/a:amazon:linux:php71-bcmath", "p-cpe:/a:amazon:linux:php70-imap", "p-cpe:/a:amazon:linux:php56-enchant", "p-cpe:/a:amazon:linux:php70-zip", "p-cpe:/a:amazon:linux:php70-json", "p-cpe:/a:amazon:linux:php71-imap", "p-cpe:/a:amazon:linux:php56-common", "p-cpe:/a:amazon:linux:php70-fpm", "p-cpe:/a:amazon:linux:php70-soap", "p-cpe:/a:amazon:linux:php56-pgsql", "p-cpe:/a:amazon:linux:php71-opcache", "p-cpe:/a:amazon:linux:php71-soap", "p-cpe:/a:amazon:linux:php70-ldap", "p-cpe:/a:amazon:linux:php56-pdo", "p-cpe:/a:amazon:linux:php71-recode", "p-cpe:/a:amazon:linux:php71-cli", "p-cpe:/a:amazon:linux:php71-dbg", "p-cpe:/a:amazon:linux:php71-mysqlnd", "p-cpe:/a:amazon:linux:php70-recode", "p-cpe:/a:amazon:linux:php71-tidy", "p-cpe:/a:amazon:linux:php70-gmp", "p-cpe:/a:amazon:linux:php71-process", "p-cpe:/a:amazon:linux:php56-mysqlnd", "p-cpe:/a:amazon:linux:php70-opcache", "p-cpe:/a:amazon:linux:php71-dba", "p-cpe:/a:amazon:linux:php71-mbstring", "p-cpe:/a:amazon:linux:php71-enchant", "p-cpe:/a:amazon:linux:php71", "p-cpe:/a:amazon:linux:php56-gd", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:php56-recode", "p-cpe:/a:amazon:linux:php71-devel", "p-cpe:/a:amazon:linux:php56-odbc", "p-cpe:/a:amazon:linux:php56-dba", "p-cpe:/a:amazon:linux:php70-bcmath"], "id": "ALA_ALAS-2017-924.NASL", "href": "https://www.tenable.com/plugins/nessus/104706", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2017-924.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104706);\n script_version(\"3.2\");\n script_cvs_date(\"Date: 2018/04/18 15:09:36\");\n\n script_cve_id(\"CVE-2016-1283\");\n script_xref(name:\"ALAS\", value:\"2017-924\");\n\n script_name(english:\"Amazon Linux AMI : php56 / php70,php71 (ALAS-2017-924)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"pcre: heap buffer overflow in handling of duplicate named groups\n(8.39/14)\n\nThe pcre_compile2 function in pcre_compile.c mishandles a specific\ntype of pattern with named subgroups, which allows remote attackers to\ncause a denial of service (heap-based buffer overflow) or possibly\nhave unspecified other impact via a crafted regular expression, as\ndemonstrated by a JavaScript RegExp object encountered by Konqueror.\n(CVE-2016-1283)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2017-924.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update php56' to update your system.\n\nRun 'yum update php70' to update your system.\n\nRun 'yum update php71' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-pdo-dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-pdo-dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php56-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-bcmath-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-cli-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-common-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-dba-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-dbg-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-debuginfo-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-devel-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-embedded-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-enchant-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-fpm-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-gd-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-gmp-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-imap-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-intl-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-ldap-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mbstring-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mcrypt-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mssql-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mysqlnd-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-odbc-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-opcache-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pdo-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pgsql-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-process-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pspell-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-recode-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-snmp-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-soap-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-tidy-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-xml-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-xmlrpc-5.6.32-1.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-bcmath-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-cli-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-common-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-dba-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-dbg-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-debuginfo-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-devel-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-embedded-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-enchant-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-fpm-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-gd-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-gmp-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-imap-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-intl-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-json-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-ldap-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-mbstring-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-mcrypt-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-mysqlnd-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-odbc-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-opcache-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-pdo-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-pdo-dblib-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-pgsql-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-process-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-pspell-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-recode-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-snmp-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-soap-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-tidy-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-xml-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-xmlrpc-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-zip-7.0.25-1.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-bcmath-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-cli-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-common-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-dba-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-dbg-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-debuginfo-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-devel-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-embedded-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-enchant-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-fpm-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-gd-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-gmp-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-imap-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-intl-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-json-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-ldap-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-mbstring-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-mcrypt-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-mysqlnd-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-odbc-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-opcache-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-pdo-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-pdo-dblib-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-pgsql-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-process-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-pspell-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-recode-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-snmp-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-soap-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-tidy-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-xml-7.1.11-1.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-xmlrpc-7.1.11-1.28.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php56 / php56-bcmath / php56-cli / php56-common / php56-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-10T17:25:45", "description": "The Tenable SecurityCenter application installed on the remote host\nis missing a security patch. It is, therefore, affected by a PCRE\ndenial of service vulnerability in the bundled version of PHP.", "edition": 23, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-11-16T00:00:00", "title": "Tenable SecurityCenter PHP < 5.6.32 PCRE DoS", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1283"], "modified": "2017-11-16T00:00:00", "cpe": ["cpe:/a:tenable:securitycenter"], "id": "SECURITYCENTER_PHP_5_6_32.NASL", "href": "https://www.tenable.com/plugins/nessus/104640", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104640);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/09\");\n\n script_cve_id(\"CVE-2016-1283\");\n script_bugtraq_id(79825);\n\n script_name(english:\"Tenable SecurityCenter PHP < 5.6.32 PCRE DoS\");\n script_summary(english:\"Checks the version of PHP in SecurityCenter.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Tenable SecurityCenter application on the remote host contains a\nPHP library that is affected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Tenable SecurityCenter application installed on the remote host\nis missing a security patch. It is, therefore, affected by a PCRE\ndenial of service vulnerability in the bundled version of PHP.\");\n # https://docs.tenable.com/releasenotes/securitycenter/securitycenter76.htm\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fbaac4f6\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.6.32\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.exim.org/show_bug.cgi?id=1767\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Tenable SecurityCenter version 5.6.0.1 or later.\nAlternatively, apply SecurityCenter Patch SC-201711.1-5.x.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-1283\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:securitycenter\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"securitycenter_installed.nbin\", \"securitycenter_detect.nbin\");\n script_require_keys(\"Host/SecurityCenter/Version\", \"installed_sw/SecurityCenter\", \"Host/SecurityCenter/support/php/version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\napp = 'PHP (within SecurityCenter)';\nfix = \"5.6.32\";\n\nsc_ver = get_kb_item(\"Host/SecurityCenter/Version\");\nport = 0;\nif(empty_or_null(sc_ver))\n{\n port = 443;\n install = get_single_install(app_name:\"SecurityCenter\", combined:TRUE, exit_if_unknown_ver:TRUE);\n sc_ver = install[\"version\"];\n}\nif (empty_or_null(sc_ver)) audit(AUDIT_NOT_INST, \"SecurityCenter\");\n\nversion = get_kb_item(\"Host/SecurityCenter/support/php/version\");\nif (empty_or_null(version)) audit(AUDIT_UNKNOWN_APP_VER, app);\n\nif (ver_compare(ver:version, minver:\"5.6.0\", fix:fix, strict:FALSE) < 0)\n{\n report =\n '\\n SecurityCenter version : ' + sc_ver +\n '\\n SecurityCenter PHP version : ' + version +\n '\\n Fixed PHP version : ' + fix +\n '\\n';\n security_report_v4(port:port, severity:SECURITY_HOLE, extra:report);\n exit(0);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, app, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:14:20", "description": "This release fixes a heap buffer overflow in handling of nested\nduplicate named groups with a nested back reference and a heap buffer\noverflow in pcretest causing infinite loop when matching globally with\nan ovector less than 2.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-03-04T00:00:00", "title": "Fedora 23 : pcre-8.38-6.fc23 (2016-65833b5dbc)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1283"], "modified": "2016-03-04T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pcre", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-65833B5DBC.NASL", "href": "https://www.tenable.com/plugins/nessus/89557", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-65833b5dbc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89557);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-1283\");\n script_xref(name:\"FEDORA\", value:\"2016-65833b5dbc\");\n\n script_name(english:\"Fedora 23 : pcre-8.38-6.fc23 (2016-65833b5dbc)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This release fixes a heap buffer overflow in handling of nested\nduplicate named groups with a nested back reference and a heap buffer\noverflow in pcretest causing infinite loop when matching globally with\nan ovector less than 2.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1295385\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1312782\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-March/178193.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ae4d4e96\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected pcre package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pcre\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"pcre-8.38-6.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pcre\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T10:50:29", "description": "Mitre reports :\n\nThe pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles a\nspecific pattern and related patterns with named subgroups, which\nallows remote attackers to cause a denial of service (heap-based buffer\noverflow) or possible have unspecified other impact via a\ncrafted regular expression, as demonstrated by a JavaScript RegExp\nobject encountered by Konqueror.", "edition": 25, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-04-05T00:00:00", "title": "FreeBSD : pcre -- heap overflow vulnerability (497b82e0-f9a0-11e5-92ce-002590263bf5)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1283"], "modified": "2016-04-05T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:pcre"], "id": "FREEBSD_PKG_497B82E0F9A011E592CE002590263BF5.NASL", "href": "https://www.tenable.com/plugins/nessus/90336", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90336);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-1283\");\n\n script_name(english:\"FreeBSD : pcre -- heap overflow vulnerability (497b82e0-f9a0-11e5-92ce-002590263bf5)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mitre reports :\n\nThe pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles a\nspecific pattern and related patterns with named subgroups, which\nallows remote attackers to cause a denial of service (heap-based buffer\noverflow) or possible have unspecified other impact via a\ncrafted regular expression, as demonstrated by a JavaScript RegExp\nobject encountered by Konqueror.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=208260\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.exim.org/show_bug.cgi?id=1767\"\n );\n # https://vuxml.freebsd.org/freebsd/497b82e0-f9a0-11e5-92ce-002590263bf5.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2b4ca74b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:pcre\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"pcre<8.38_1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "slackware": [{"lastseen": "2020-10-25T16:36:03", "bulletinFamily": "unix", "cvelist": ["CVE-2016-1283"], "description": "New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to\nfix security issues.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/php-5.6.32-i586-1_slack14.2.txz: Upgraded.\n Several security bugs were fixed in this release:\n Out of bounds read in timelib_meridian().\n The arcfour encryption stream filter crashes PHP.\n Applied upstream patch for PCRE (CVE-2016-1283).\n For more information, see:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1283\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.6.32-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.6.32-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.6.32-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.6.32-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/php-5.6.32-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/php-5.6.32-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.6.32-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.6.32-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\nb8eee9d2c8884925478a7ab9f31578b7 php-5.6.32-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n0cd09259a114f8ead6d35e5f124bb6ad php-5.6.32-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\nb3a8335a0e9b39599ffe76d1d5c5f3be php-5.6.32-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n16fae0e6cf8d8a2a752011633d9caad4 php-5.6.32-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nff89f7d183e74d7ff82e658f8f8cc7c2 php-5.6.32-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n936df664bf168d01439041ae675dc6b9 php-5.6.32-x86_64-1_slack14.2.txz\n\nSlackware -current package:\ne2b6c20fc87dba073ee9c9ec8b84744a n/php-5.6.32-i586-1.txz\n\nSlackware x86_64 -current package:\na1df088d303c3eb801da5aa9a27b9523 n/php-5.6.32-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg php-5.6.32-i586-1_slack14.2.txz\n\nThen, restart Apache httpd:\n > /etc/rc.d/rc.httpd stop\n > /etc/rc.d/rc.httpd start", "modified": "2017-10-27T20:55:24", "published": "2017-10-27T20:55:24", "id": "SSA-2017-300-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.428808", "type": "slackware", "title": "[slackware-security] php", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-25T16:36:23", "bulletinFamily": "unix", "cvelist": ["CVE-2016-1283"], "description": "New pcre packages are available for Slackware 14.1 and -current to\nfix security issues.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/pcre-8.39-i486-1_slack14.1.txz: Upgraded.\n This release fixes bugs (including a couple of DoS security issues), and\n retrofits to PCRE1 some appropriate JIT improvements from PCRE2.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1283\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/pcre-8.39-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/pcre-8.39-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/pcre-8.39-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/pcre-8.39-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.1 package:\na13ec0d807ffc229b95e9e64ef92f2a1 pcre-8.39-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n4ad28496e439dc78d1885a80244e651e pcre-8.39-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n272aa6c70bafd4c0f583117144df13b6 l/pcre-8.39-i586-1.txz\n\nSlackware x86_64 -current package:\ne7bb79adac6e62ab2637e4cbde684a8f l/pcre-8.39-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg pcre-8.39-i486-1_slack14.1.txz", "modified": "2016-06-20T21:53:15", "published": "2016-06-20T21:53:15", "id": "SSA-2016-172-02", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.343110", "type": "slackware", "title": "[slackware-security] pcre", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:34:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1283"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2017-11-08T00:00:00", "id": "OPENVAS:1361412562310873579", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310873579", "type": "openvas", "title": "Fedora Update for php FEDORA-2017-cdaaf6ea12", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2017_cdaaf6ea12_php_fc25.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for php FEDORA-2017-cdaaf6ea12\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.873579\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-11-08 10:32:11 +0100 (Wed, 08 Nov 2017)\");\n script_cve_id(\"CVE-2016-1283\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php FEDORA-2017-cdaaf6ea12\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"php on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-cdaaf6ea12\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEQHGRAK2GAODIOALX7IFPXBFNGU7YI6\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~7.0.25~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1283"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2017-11-08T00:00:00", "id": "OPENVAS:1361412562310873580", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310873580", "type": "openvas", "title": "Fedora Update for php FEDORA-2017-0af85ae851", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2017_0af85ae851_php_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for php FEDORA-2017-0af85ae851\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.873580\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-11-08 10:32:16 +0100 (Wed, 08 Nov 2017)\");\n script_cve_id(\"CVE-2016-1283\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php FEDORA-2017-0af85ae851\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"php on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-0af85ae851\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LXADA7KK3WOZA5EMWDHOQ4XOHCYTDXD2\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~7.1.11~1.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1283"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-03-08T00:00:00", "id": "OPENVAS:1361412562310807455", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310807455", "type": "openvas", "title": "Fedora Update for pcre FEDORA-2016-65833", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pcre FEDORA-2016-65833\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.807455\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-08 12:37:46 +0530 (Tue, 08 Mar 2016)\");\n script_cve_id(\"CVE-2016-1283\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for pcre FEDORA-2016-65833\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pcre'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"pcre on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-65833\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2016-March/178193.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"pcre\", rpm:\"pcre~8.38~6.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-1283"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2017-11-23T00:00:00", "id": "OPENVAS:1361412562310873755", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310873755", "type": "openvas", "title": "Fedora Update for php FEDORA-2017-46e8bdccef", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2017_46e8bdccef_php_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for php FEDORA-2017-46e8bdccef\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.873755\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-11-23 08:14:09 +0100 (Thu, 23 Nov 2017)\");\n script_cve_id(\"CVE-2016-1283\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php FEDORA-2017-46e8bdccef\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"php on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-46e8bdccef\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C5VYVA6N5EQO362UOOK5KWGSKV3LFUVA\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~7.1.11~1.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5712", "CVE-2017-16642", "CVE-2016-1283", "CVE-2018-5711"], "description": "This host is running QNAP QTS and is prone\n to multiple vulnerabilities.", "modified": "2019-05-03T00:00:00", "published": "2018-06-11T00:00:00", "id": "OPENVAS:1361412562310813519", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813519", "type": "openvas", "title": "QNAP QTS Multiple PHP Vulnerabilities-June18", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# QNAP QTS Multiple PHP Vulnerabilities-June18\n#\n# Authors:\n# Rajat Mishra <rajatm@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813519\");\n script_version(\"2019-05-03T08:55:39+0000\");\n script_cve_id(\"CVE-2016-1283\", \"CVE-2017-16642\", \"CVE-2018-5711\", \"CVE-2018-5712\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-03 08:55:39 +0000 (Fri, 03 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-06-11 17:13:13 +0530 (Mon, 11 Jun 2018)\");\n script_name(\"QNAP QTS Multiple PHP Vulnerabilities-June18\");\n\n script_tag(name:\"summary\", value:\"This host is running QNAP QTS and is prone\n to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to -\n\n - The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the\n multiple patterns with named subgroups.\n\n - An error in the date extension's 'timelib_meridian' handling of 'front of'\n and 'back of' directives.\n\n - An input validation error on the PHAR 404 error page via the URI of a request\n for a .phar file.\n\n - An integer signedness error in gd_gif_in.c in the GD Graphics Library\n (aka libgd).\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to access sensitive information on the NAS, launch denial-of-service\n (DoS), or Cross-Site-Scripting (XSS) attacks.\");\n\n script_tag(name:\"affected\", value:\"QNAP QTS versions 4.3.3 build 20180126 and\n earlier, 4.3.4 build 20180215 and earlier.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to QNAP QTS 4.3.3 build 20180402\n or 4.3.4 build 20180315 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_xref(name:\"URL\", value:\"https://www.qnap.com/en-in/security-advisory/nas-201805-10\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_dependencies(\"gb_qnap_nas_detect.nasl\");\n script_mandatory_keys(\"qnap/qts\", \"qnap/version\", \"qnap/build\", \"qnap/port\");\n script_require_ports(\"Services/www\", 80, 8080);\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nif(!version = get_kb_item(\"qnap/version\")) exit(0);\nif(!build = get_kb_item(\"qnap/build\")) exit(0);\nif(!port = get_kb_item(\"qnap/port\")) exit(0);\n\ncv = version + '.' + build;\nif( cv =~ \"^4\\.3\\.3\" && version_is_less(version:cv, test_version: \"4.3.3.20180402\"))\n{\n fix = \"4.3.3\";\n fix_build = \"20180402\";\n}\n\nelse if( cv =~ \"^4\\.3\\.4\" && version_is_less(version:cv, test_version: \"4.3.4.20180315\"))\n{\n fix = \"4.3.4\";\n fix_build = \"20180315\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:version, installed_build:build, fixed_version:fix, fixed_build:fix_build);\n security_message( port: port, data: report );\n exit( 0 );\n}\n\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8388", "CVE-2015-3210", "CVE-2015-2325", "CVE-2015-8391", "CVE-2015-8395", "CVE-2015-8382", "CVE-2015-8386", "CVE-2015-2327", "CVE-2015-8392", "CVE-2015-8389", "CVE-2015-8380", "CVE-2016-1283", "CVE-2015-8393", "CVE-2015-8394", "CVE-2016-3191", "CVE-2015-8384", "CVE-2015-8383", "CVE-2015-8381", "CVE-2015-5073", "CVE-2015-8385", "CVE-2015-2328", "CVE-2014-9769", "CVE-2015-8387", "CVE-2015-8390", "CVE-2015-2326"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2016-04-11T00:00:00", "id": "OPENVAS:1361412562310842704", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842704", "type": "openvas", "title": "Ubuntu Update for pcre3 USN-2943-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for pcre3 USN-2943-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842704\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-04-11 12:47:23 +0530 (Mon, 11 Apr 2016)\");\n script_cve_id(\"CVE-2014-9769\", \"CVE-2015-2325\", \"CVE-2015-2326\", \"CVE-2015-2327\", \"CVE-2015-2328\", \"CVE-2015-3210\", \"CVE-2015-5073\", \"CVE-2015-8380\", \"CVE-2015-8381\", \"CVE-2015-8382\", \"CVE-2015-8383\", \"CVE-2015-8384\", \"CVE-2015-8385\", \"CVE-2015-8386\", \"CVE-2015-8387\", \"CVE-2015-8388\", \"CVE-2015-8389\", \"CVE-2015-8390\", \"CVE-2015-8391\", \"CVE-2015-8392\", \"CVE-2015-8393\", \"CVE-2015-8394\", \"CVE-2015-8395\", \"CVE-2016-1283\", \"CVE-2016-3191\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for pcre3 USN-2943-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pcre3'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that PCRE incorrectly handled certain regular\nexpressions. A remote attacker could use this issue to cause applications\nusing PCRE to crash, resulting in a denial of service, or possibly execute\narbitrary code.\");\n script_tag(name:\"affected\", value:\"pcre3 on Ubuntu 15.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"2943-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2943-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|15\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libpcre3\", ver:\"1:8.31-2ubuntu2.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libpcre3\", ver:\"8.12-4ubuntu0.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libpcre3\", ver:\"2:8.35-7.1ubuntu1.3\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2019-05-29T18:32:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-8388", "CVE-2017-16931", "CVE-2017-9233", "CVE-2016-9840", "CVE-2017-7375", "CVE-2017-7244", "CVE-2017-11742", "CVE-2015-8391", "CVE-2018-11214", "CVE-2016-9063", "CVE-2016-5300", "CVE-2015-8395", "CVE-2015-8382", "CVE-2017-5969", "CVE-2016-9318", "CVE-2015-8386", "CVE-2015-2327", "CVE-2017-9049", "CVE-2016-9842", "CVE-2017-8872", "CVE-2012-0876", "CVE-2012-6702", "CVE-2016-0718", "CVE-2015-8392", "CVE-2015-8389", "CVE-2018-9251", "CVE-2015-8380", "CVE-2017-9048", "CVE-2014-8964", "CVE-2016-1283", "CVE-2017-5029", "CVE-2015-8394", "CVE-2012-6139", "CVE-2016-5131", "CVE-2015-3217", "CVE-2016-3191", "CVE-2015-8384", "CVE-2016-9843", "CVE-2017-7246", "CVE-2017-7245", "CVE-2017-1000061", "CVE-2017-9047", "CVE-2016-1683", "CVE-2015-8383", "CVE-2016-1684", "CVE-2015-8381", "CVE-2017-7186", "CVE-2015-5073", "CVE-2017-18258", "CVE-2015-8385", "CVE-2016-9841", "CVE-2017-16932", "CVE-2015-9019", "CVE-2015-7995", "CVE-2015-2328", "CVE-2016-4472", "CVE-2014-9769", "CVE-2015-8387", "CVE-2015-8390", "CVE-2017-6004", "CVE-2017-9050"], "description": "This host is running Nessus and is prone to\n multiple vulnerabilities.", "modified": "2019-05-17T00:00:00", "published": "2018-06-15T00:00:00", "id": "OPENVAS:1361412562310813437", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813437", "type": "openvas", "title": "Tenable Nessus Multiple Vulnerabilities(tns-2018-08)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Tenable Nessus Multiple Vulnerabilities(tns-2018-08)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:tenable:nessus\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813437\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2017-11742\", \"CVE-2017-9233\", \"CVE-2016-9063\", \"CVE-2016-0718\",\n \"CVE-2016-5300\", \"CVE-2012-0876\", \"CVE-2016-4472\", \"CVE-2012-6702\",\n \"CVE-2018-11214\", \"CVE-2017-18258\", \"CVE-2017-16932\", \"CVE-2017-16931\",\n \"CVE-2017-9050\", \"CVE-2017-9049\", \"CVE-2017-9048\", \"CVE-2017-9047\",\n \"CVE-2017-8872\", \"CVE-2017-7375\", \"CVE-2017-5969\", \"CVE-2016-9318\",\n \"CVE-2016-5131\", \"CVE-2018-9251\", \"CVE-2017-1000061\", \"CVE-2012-6139\",\n \"CVE-2015-7995\", \"CVE-2015-9019\", \"CVE-2016-1683\", \"CVE-2016-1684\",\n \"CVE-2017-5029\", \"CVE-2016-9840\", \"CVE-2016-9841\", \"CVE-2016-9842\",\n \"CVE-2016-9843\", \"CVE-2014-8964\", \"CVE-2014-9769\", \"CVE-2015-2327\",\n \"CVE-2015-2328\", \"CVE-2015-3217\", \"CVE-2015-5073\", \"CVE-2015-8380\",\n \"CVE-2015-8381\", \"CVE-2015-8382\", \"CVE-2015-8383\", \"CVE-2015-8384\",\n \"CVE-2015-8385\", \"CVE-2015-8386\", \"CVE-2015-8387\", \"CVE-2015-8388\",\n \"CVE-2015-8389\", \"CVE-2015-8390\", \"CVE-2015-8391\", \"CVE-2015-8392\",\n \"CVE-2015-8394\", \"CVE-2015-8395\", \"CVE-2016-1283\", \"CVE-2016-3191\",\n \"CVE-2017-6004\", \"CVE-2017-7186\", \"CVE-2017-7244\", \"CVE-2017-7245\",\n \"CVE-2017-7246\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-06-15 11:03:08 +0530 (Fri, 15 Jun 2018)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"Tenable Nessus Multiple Vulnerabilities(tns-2018-08)\");\n\n script_tag(name:\"summary\", value:\"This host is running Nessus and is prone to\n multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists as some of the third-party\n components used within Nessus to provide underlying functionality were found to\n contain various vulnerabilities. The components with vulnerabilities include\n expat, libjpeg, libXML2, libXMLSEC, libXSLT, Zlib and libPCRE\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers potentially to gain privileges, execute arbitrary code, bypass\n security restrictions, conduct denial-of-service, gain access to potentially\n sensitive information, conduct XML External Entity (XXE) attacks and unspecified\n other impacts.\");\n\n script_tag(name:\"affected\", value:\"Nessus versions prior to version 7.1.1\");\n\n script_tag(name:\"solution\", value:\"Upgrade to nessus version 7.1.1 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://www.tenable.com\");\n script_xref(name:\"URL\", value:\"https://www.tenable.com/security/tns-2018-08\");\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_nessus_web_server_detect.nasl\");\n script_mandatory_keys(\"nessus/installed\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!nesPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:nesPort, exit_no_version:TRUE)) exit(0);\nnesVer = infos['version'];\npath = infos['location'];\n\nif(version_is_less(version:nesVer, test_version:\"7.1.1\"))\n{\n report = report_fixed_ver(installed_version:nesVer, fixed_version:\"7.1.1\", install_path:path);\n security_message(data:report, port:nesPort);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2016-1283"], "description": "PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module (often referred to as mod_php) which adds support for the PHP language to Apache HTTP Server. ", "modified": "2017-11-07T23:41:58", "published": "2017-11-07T23:41:58", "id": "FEDORA:25EA9607A1AC", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: php-7.0.25-1.fc25", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2016-1283"], "description": "PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module (often referred to as mod_php) which adds support for the PHP language to Apache HTTP Server. ", "modified": "2017-11-07T22:21:20", "published": "2017-11-07T22:21:20", "id": "FEDORA:97E7060EFF4F", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 26 Update: php-7.1.11-1.fc26", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2016-1283"], "description": "PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module (often referred to as mod_php) which adds support for the PHP language to Apache HTTP Server. ", "modified": "2017-11-15T17:57:08", "published": "2017-11-15T17:57:08", "id": "FEDORA:A46656000153", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: php-7.1.11-1.fc27", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-1283"], "description": "Perl-compatible regular expression library. PCRE has its own native API, but a set of \"wrapper\" functions that are base d on the POSIX API are also supplied in the library libpcreposix. Note that this just provides a POSIX calling interface to PCRE: the regular expressions themselves still follow Perl syntax and semantics. The header file for the POSIX-style functions is called pcreposix.h. ", "modified": "2016-03-02T01:52:19", "published": "2016-03-02T01:52:19", "id": "FEDORA:676BD6021732", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: pcre-8.38-6.fc23", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2016-1283"], "description": "Perl-compatible regular expression library. PCRE has its own native API, but a set of \"wrapper\" functions that are base d on the POSIX API are also supplied in the library libpcreposix. Note that this just provides a POSIX calling interface to PCRE: the regular expressions themselves still follow Perl syntax and semantics. The header file for the POSIX-style functions is called pcreposix.h. ", "modified": "2016-03-16T01:52:51", "published": "2016-03-16T01:52:51", "id": "FEDORA:6C2A160608E4", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: pcre-8.38-3.fc22", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:47", "bulletinFamily": "unix", "cvelist": ["CVE-2016-1283"], "description": "PCRE library is prone to a vulnerability which leads to Heap Overflow.\nDuring the compilation of a malformed regular expression, more data is\nwritten on the malloced block than the expected size output by\ncompile_regex. Exploits with advanced Heap Fengshui techniques may allow\nan attacker to execute arbitrary code in the context of the user running\nthe affected application.", "modified": "2016-03-13T00:00:00", "published": "2016-03-13T00:00:00", "id": "ASA-201603-18", "href": "https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html", "type": "archlinux", "title": "pcre: arbitrary code execution", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2019-05-29T18:32:45", "bulletinFamily": "unix", "cvelist": ["CVE-2016-1283"], "description": "\nMitre reports:\n\nThe pcre_compile2 function in pcre_compile.c in PCRE 8.38\n\t mishandles the /((?:F?+(?:^(?(R)a+\\\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\\){97)?J)?J)(?'R'(?'R'\\){99|(:(?|(?'R')(\\k'R')|((?'R')))H'R'R)(H'R))))))/\n\t pattern and related patterns with named subgroups, which allows\n\t remote attackers to cause a denial of service (heap-based buffer\n\t overflow) or possibly have unspecified other impact via a crafted\n\t regular expression, as demonstrated by a JavaScript RegExp object\n\t encountered by Konqueror.\n\n", "edition": 4, "modified": "2016-02-27T00:00:00", "published": "2016-02-27T00:00:00", "id": "497B82E0-F9A0-11E5-92CE-002590263BF5", "href": "https://vuxml.freebsd.org/freebsd/497b82e0-f9a0-11e5-92ce-002590263bf5.html", "title": "pcre -- heap overflow vulnerability", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:07", "bulletinFamily": "unix", "cvelist": ["CVE-2016-1283"], "description": "\nThe PHP project reports:\n\nThe PHP development team announces the immediate availability of PHP\n\t 5.6.32. This is a security release. Several security bugs were fixed in this\n\t release. All PHP 5.6 users are encouraged to upgrade to this version.\n\n\nThe PHP development team announces the immediate availability of PHP\n\t 7.0.25. This is a security release. Several security bugs were fixed in this\n\t release. All PHP 7.0 users are encouraged to upgrade to this version.\n\n\nThe PHP development team announces the immediate availability of PHP\n\t 7.1.11. This is a bugfix release, with several bug fixes included. All PHP\n\t 7.1 users are encouraged to upgrade to this version. \n\n", "edition": 5, "modified": "2017-11-14T00:00:00", "published": "2017-10-26T00:00:00", "id": "DE7A2B32-BD7D-11E7-B627-D43D7E971A1B", "href": "https://vuxml.freebsd.org/freebsd/de7a2b32-bd7d-11e7-b627-d43d7e971a1b.html", "title": "PHP -- denial of service attack", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8388", "CVE-2015-8391", "CVE-2015-8395", "CVE-2015-8386", "CVE-2015-8392", "CVE-2015-8389", "CVE-2015-8380", "CVE-2014-8964", "CVE-2016-1283", "CVE-2015-8393", "CVE-2015-8394", "CVE-2015-8384", "CVE-2015-8383", "CVE-2015-8381", "CVE-2015-5073", "CVE-2015-8385", "CVE-2015-8387", "CVE-2015-8390"], "description": "### Background\n\nlibpcre is a library providing functions for Perl-compatible regular expressions. \n\n### Description\n\nMultiple vulnerabilities have been discovered in libpcre. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nAn attacker can possibly execute arbitrary code or create a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll libpcre users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/libpcre-8.38-r1\"", "edition": 1, "modified": "2016-07-09T00:00:00", "published": "2016-07-09T00:00:00", "id": "GLSA-201607-02", "href": "https://security.gentoo.org/glsa/201607-02", "type": "gentoo", "title": "libpcre: Multiple Vulnerabilities", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}], "symantec": [{"lastseen": "2021-02-18T04:40:44", "bulletinFamily": "software", "cvelist": ["CVE-2015-8380", "CVE-2015-8381", "CVE-2015-8382", "CVE-2015-8383", "CVE-2015-8384", "CVE-2015-8385", "CVE-2015-8386", "CVE-2015-8387", "CVE-2015-8388", "CVE-2015-8389", "CVE-2015-8390", "CVE-2015-8391", "CVE-2015-8392", "CVE-2015-8393", "CVE-2015-8394", "CVE-2015-8395", "CVE-2016-1283", "CVE-2016-3191"], "description": "### SUMMARY\n\nBlue Coat products that include vulnerable versions of the PCRE and GLib2 libraries are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information. The attacker can also cause denial of service through application crashes, buffer overflows, integer overflows, and excessive CPU consumption. \n \n\n\n### AFFECTED PRODUCTS \n\nThe following products are vulnerable:\n\n**Advanced Secure Gateway (ASG)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2015-8381, CVE-2015-8383, \nCVE-2015-8384, CVE-2015-8389, \nCVE-2015-8392, CVE-2015-8395, \nCVE-2016-1283 | 6.7 and later | Not vulnerable, fixed in 6.7.2.1 \n6.6 (vulnerable) | Upgrade to 6.6.5.1. \nCVE-2015-8382, CVE-2015-8385, \nCVE-2015-8386, CVE-2015-8387, \nCVE-2015-8388, CVE-2015-8390, \nCVE-2015-8394, CVE-2016-3191 | 7.2 and later (not vulnerable to known vectors of attack) | Not available at this time \n7.1 | Upgrade to later release with fixes. \n6.6 (vulnerable) | Upgrade to 6.6.5.1. \nCVE-2015-8380, CVE-2015-8391, \nCVE-2015-8393 | 7.1 | Upgrade to later release with fixes. \n6.7 starting with 6.7.4.2, 7.2 and later (not vulnerable to known vectors of attack) | Not available at this time \n6.7 prior to 6.7.4.2 | Not vulnerable, fixed. \n6.6 (vulnerable) | Upgrade to 6.6.5.1. \n \n \n\n**CacheFlow** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2015-8382, CVE-2015-8387, \nCVE-2015-8394 | 3.4 | Fixed in 3.4.2.9 \n \n \n\n**Director** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2015-8382, CVE-2015-8386 | 6.1 | Upgrade to a version of MC with the fixes. \n \n \n\n**Norman Shark Network Protection (NNP)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2015-8382, CVE-2015-8385, \nCVE-2015-8387, CVE-2015-8388, \nCVE-2015-8390, CVE-2015-8393, \nCVE-2015-8394 | 5.3 | Upgrade to 5.3.6. \n \n \n\n**ProxySG** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nAll CVEs | 6.7 | Not vulnerable, fixed in 6.7.1.1. \n6.6 | Upgrade to 6.6.5.1. \nCVE-2015-8382, CVE-2015-8385, \nCVE-2015-8386, CVE-2015-8387, \nCVE-2015-8388, CVE-2015-8390, \nCVE-2015-8394, CVE-2016-3191 | 6.5 | Upgrade to 6.5.9.11. \n \n \n\n**Security Analytics** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2015-8380, CVE-2015-8385, \nCVE-2015-8388, CVE-2015-8391, \nCVE-2015-8392, CVE-2015-8393, \nCVE-2016-3191 | 8.1, 8.2 | Not available at this time \n7.3 starting with 7.3.2, 8.0 | Upgrade to later release with fixes. \n7.3.1 | Not vulnerable, fixed. \n7.2 | Upgrade to 7.2.2. \n6.6, 7.1 | Not vulnerable \nCVE-2015-8382, CVE-2015-8386, \nCVE-2015-8387, CVE-2015-8390, \nCVE-2015-8394 | 8.1, 8.2 | Not available at this time \n7.3 starting with 7.3.2, 8.0 | Upgrade to later release with fixes. \n7.3.1 | Not vulnerable, fixed \n7.2 | Upgrade to 7.2.2. \n6.6, 7.1 | Upgrade to later release with fixes. \n \n \n\n**X-Series XOS** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2015-8382, CVE-2015-8385, \nCVE-2015-8386, CVE-2015-8388, \nCVE-2016-3191 | 9.7, 10.0, 11.0 | A fix will not be provided. \n \n \n\nThe following products contain vulnerable versions of the PCRE or GLib2 libraries, but are not vulnerable to known vectors of attack:\n\n**Content Analysis System (CAS)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2015-8382, CVE-2015-8385, \nCVE-2015-8386, CVE-2015-8387, \nCVE-2015-8388, CVE-2015-8390, \nCVE-2015-8394, CVE-2016-3191 | 2.4 and later | Not available at this time \n1.3, 2.1, 2.2, 2.3 | Upgrade to later release with fixes. \nCVE-2015-8380, CVE-2015-8391, \nCVE-2015-8393 | 3.0 and later | Not available at this time \n1.3, 2.2, 2.2, 2.3, 2.4 | Not vulnerable \n \n \n\n**Mail Threat Defense (MTD)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2015-8382, CVE-2015-8385, \nCVE-2015-8386, CVE-2015-8387, \nCVE-2015-8388, CVE-2015-8390, \nCVE-2015-8394, CVE-2016-3191 | 1.1 | Upgrade to a version of CAS and SMG with the fixes. \n \n \n\n**Malware Analysis Appliance (MAA)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2015-8382, CVE-2015-8385, \nCVE-2015-8387, CVE-2015-8388, \nCVE-2015-8390, CVE-2015-8393, \nCVE-2015-8394 | 4.2 | Upgrade to 4.2.10. \n \n \n\n**Management Center (MC)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2015-8382, CVE-2015-8385, \nCVE-2015-8386, CVE-2015-8387, \nCVE-2015-8388, CVE-2015-8390, \nCVE-2015-8394, CVE-2016-3191 | 3.0 and later | Not available at this time \n1.5 - 2.4 | Upgrade to later release with fixes. \n \n \n\n**Norman Shark Industrial Control System Protection (ICSP)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2015-8382, CVE-2015-8385, \nCVE-2015-8387, CVE-2015-8388, \nCVE-2015-8390, CVE-2015-8393, \nCVE-2015-8394 | 5.3 | Upgrade to 5.3.6. \n \n \n\n**Norman Shark SCADA Protection (NSP)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2015-8382, CVE-2015-8385, \nCVE-2015-8387, CVE-2015-8388, \nCVE-2015-8390, CVE-2015-8393, \nCVE-2015-8394 | 5.3 | Upgrade to 5.3.6. \n \n \n\n**PacketShaper (PS)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2015-8382, CVE-2015-8386, \nCVE-2015-8387, CVE-2015-8390, \nCVE-2015-8394 | 9.2 | Allot Secure Service Gateway (SSG) is a replacement product for PacketShaper. Switch to a version of SSG with the vulnerability fixes. \n \n \n\n**PacketShaper (PS) S-Series** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2015-8382, CVE-2015-8385, \nCVE-2015-8386, CVE-2015-8387, \nCVE-2015-8388, CVE-2015-8390, \nCVE-2015-8394, CVE-2016-3191 | 11.2 and later | Allot Secure Service Gateway (SSG) is a replacement product for PacketShaper S-Series. Switch to a version of SSG with the vulnerability fixes. \n \n \n\n**PolicyCenter (PC)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2015-8382, CVE-2015-8386, \nCVE-2015-8387, CVE-2015-8390, \nCVE-2015-8394 | 9.2 | Allot NetXplorer is a replacement product for PolicyCenter. Switch to a version of NetXplorer with the vulnerability fixes. \n \n \n\n**PolicyCenter (PC) S-Series** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2015-8382, CVE-2015-8385, \nCVE-2015-8386, CVE-2015-8387, \nCVE-2015-8388, CVE-2015-8390, \nCVE-2015-8394, CVE-2016-3191 | 1.1 | Allot NetXplorer is a replacement product for PolicyCenter S-Series. Switch to a version of NetXplorer with the vulnerability fixes. \n \n \n\n**Reporter** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2015-8380, CVE-2015-8391, \nCVE-2015-8393 | 10.5 | Not available at this time \n10.3, 10.4 | Upgrade to later release with fixes. \n10.1, 10.2 | Not vulnerable \nCVE-2015-8382, CVE-2015-8385, \nCVE-2015-8386, CVE-2015-8387, \nCVE-2015-8388, CVE-2015-8390, \nCVE-2015-8394, CVE-2016-3191 | 10.5 | Not available at this time \n10.1, 10.2, 10.3, 10.4 | Upgrade to later release with fixes. \n9.4, 9.5 | Not vulnerable \n \n \n\n**SSL Visibility (SSLV)** \n--- \n**CVE** | **Affected Version(s)** | **Remediation** \nCVE-2015-8382, CVE-2015-8385, \nCVE-2015-8386, CVE-2015-8387, \nCVE-2015-8388, CVE-2015-8390, \nCVE-2015-8394, CVE-2016-3191 | 4.5, 5.0 | Not available at this time \n4.0 - 4.4 | Upgrade to later release with fixes. \nCVE-2015-8380, CVE-2015-8391, \nCVE-2015-8393 | 4.5, 5.0 | Not available at this time \n4.0 - 4.4 | Not vulnerable \n**CVE-2015-8382, CVE-2015-8385, \nCVE-2015-8387, CVE-2015-8390, \nCVE-2015-8393, CVE-2015-8394** | 3.10 and later | Not vulnerable, fixed in 3.10.1.1 \n3.9 | Upgrade to 3.9.4.1. \n3.8.4FC | Upgrade to later releases with fixes. \n \n \n\n### ADDITIONAL PRODUCT INFORMATION\n\nASG has multiple instances of the PCRE library. ASG is vulnerable prior to 6.6.5.1. The vulnerabilities are only exploitable in ASG when a malicious authenticated administrator with write access adds crafted regular expressions to policy. ASG versions starting with 6.6.5.1 only have vulnerable versions of the PCRE and GLib2 libraries, but they are not vulnerable to known vectors of attack.\n\nThe vulnerabilities are only exploitable in Director when a malicious authenticated administrator passes crafted regular expressions as arguments to CLI commands.\n\nThe vulnerabilities are only exploitable in ProxySG when a malicious authenticated administrator with write access adds crafted regular expressions to policy.\n\nSome Blue Coat products do not accept regular expression patterns from untrusted sources and do not use the pcregrep utility. The products listed below include vulnerable versions of the PCRE or GLib2 libraries, but are not known to be vulnerable to the CVEs below. However, fixes for these CVEs will be included in the patches that are provided.\n\n * **ASG:** CVE-2015-8380, CVE-2015-8382, CVE-2015-8385, CVE-2015-8386, CVE-2015-8387, CVE-2015-8388, CVE-2015-8390, CVE-2015-8391, CVE-2015-8393, CVE-2015-8394, CVE-2016-3191\n * **CAS:** CVE-2015-8382, CVE-2015-8385, CVE-2015-8386, CVE-2015-8388, and CVE-2016-3191\n * **MTD:** CVE-2015-8382, CVE-2015-8385, CVE-2015-8386, CVE-2015-8388, and CVE-2016-3191\n * **MAA:** CVE-2015-8382, CVE-2015-8385, CVE-2015-8387, CVE-2015-8388, CVE-2015-8390, CVE-2015-8393, and CVE-2015-8394\n * **MC:** CVE-2015-8382, CVE-2015-8385, CVE-2015-8386, CVE-2015-8388, and CVE-2016-3191\n * **ICSP:** CVE-2015-8382, CVE-2015-8385, CVE-2015-8387, CVE-2015-8388, CVE-2015-8390, CVE-2015-8393, and CVE-2015-8394\n * **NSP:** CVE-2015-8382, CVE-2015-8385, CVE-2015-8387, CVE-2015-8388, CVE-2015-8390, CVE-2015-8393, and CVE-2015-8394\n * **PS:** CVE-2015-8382, CVE-2015-8386, CVE-2015-8387, CVE-2015-8390, and CVE-2015-8394\n * **PC:** CVE-2015-8382, CVE-2015-8386, CVE-2015-8387, CVE-2015-8390, and CVE-2015-8394\n * **Reporter 10.x:** CVE-2015-8382, CVE-2015-8385, CVE-2015-8386, CVE-2015-8388, and CVE-2016-3191\n * **SSLV 3.x:** CVE-2015-8382, CVE-2015-8385, CVE-2015-8387, CVE-2015-8390, CVE-2015-8393 and CVE-2015-8394\n * **SSLV 4.0:** CVE-2015-8382, CVE-2015-8385, CVE-2015-8386, CVE-2015-8388, CVE-2016-3191\n * **XOS 9.7:** CVE-2015-8380, CVE-2015-8381, CVE-2015-8383, CVE-2015-8384, CVE-2015-8387, CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8392, CVE-2015-8393, CVE-2015-8394, CVE-2015-8395, and CVE-2016-1283\n\nThe following products are not vulnerable: \n**Android Mobile Agent \nAuthConnector \nBCAAA \nBlue Coat HSM Agent for the Luna SP \nClient Connector \nCloud Data Protection for Salesforce \nCloud Data Protection for Salesforce Analytics \nCloud Data Protection for ServiceNow \nCloud Data Protection for Oracle CRM On Demand \nCloud Data Protection for Oracle Field Service Cloud \nCloud Data Protection for Oracle Sales Cloud \nCloud Data Protection Integration Server \nCloud Data Protection Communication Server \nCloud Data Protection Policy Builder \nGeneral Auth Connector Login Application \nK9 \nProxyClient \nProxyAV \nProxyAV ConLog and ConLogXP \nUnified Agent \nWeb Isolation**\n\nInformation about the following products is not available. NetDialog NetX is a replacement product for IntelligenceCenter. \n**IntelligenceCenter \nIntelligenceCenter Data Collector**\n\nBlue Coat no longer provides vulnerability information for the following products:\n\n**DLP**\n\nPlease, contact Digital Guardian technical support regarding vulnerability information for DLP. \n \n\n\n### ISSUES\n\n \n\n**CVE-2015-8380** \n--- \n**Severity / CVSSv2** | High / 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n**References** | SecurityFocus: [BID 77695](<https://www.securityfocus.com/bid/77695>) / NVD: [CVE-2015-8380](<https://nvd.nist.gov/vuln/detail/CVE-2015-8380>) \n**Impact** | Denial of service, unspecified other impact \n**Description** | A flaw in regular expression execution allows a remote attacker to cause a heap-based buffer overflow via a crafted regular expression, resulting in denial of service or unspecified other impact. \n \n \n\n**CVE-2015-8381** \n--- \n**Severity / CVSSv2** | High / 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n**References** | SecurityFocus: [BID 76187](<https://www.securityfocus.com/bid/76187>) / NVD: [CVE-2015-8381](<https://nvd.nist.gov/vuln/detail/CVE-2015-8381>) \n**Impact** | Denial of service, unspecified other impact \n**Description** | A flaw in group reference handling allows a remote attacker to cause a heap-based buffer overflow via a crafted regular expression, resulting in denial of service or unspecified other impact. \n \n \n\n**CVE-2015-8382** \n--- \n**Severity / CVSSv2** | Medium / 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P) \n**References** | SecurityFocus: [BID 76157](<https://www.securityfocus.com/bid/76157>) / NVD: [CVE-2015-8382](<https://nvd.nist.gov/vuln/detail/CVE-2015-8382>) \n**Impact** | Information disclosure, denial of service \n**Description** | A flaw in regular expression execution allows a remote attacker to obtain sensitive information from the target's memory or cause denial of service through application crashes. \n \n \n\n**CVE-2015-8383** \n--- \n**Severity / CVSSv2** | High / 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n**References** | SecurityFocus: [BID 79810](<https://www.securityfocus.com/bid/79810>) / NVD: [CVE-2015-8383](<https://nvd.nist.gov/vuln/detail/CVE-2015-8383>) \n**Impact** | Denial of service, unspecified other impact \n**Description** | A flaw in repeated conditional group handling allows a remote attacker to cause a buffer overflow via a crafted regular expression, resulting in denial of service or unspecified other impact. \n \n \n\n**CVE-2015-8384** \n--- \n**Severity / CVSSv2** | High / 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n**References** | SecurityFocus: [BID 85555](<https://www.securityfocus.com/bid/85555>) / NVD: [CVE-2015-8384](<https://nvd.nist.gov/vuln/detail/CVE-2015-8384>) \n**Impact** | Denial of service, unspecified other impact \n**Description** | A flaw in recursive back reference handling allows a remote attacker to cause a buffer overflow via a crafted regular expression, resulting in denial of service or unspecified other impact. \n \n \n\n**CVE-2015-8385** \n--- \n**Severity / CVSSv2** | High / 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n**References** | SecurityFocus: [BID 85572](<https://www.securityfocus.com/bid/85572>) / NVD: [CVE-2015-8385](<https://nvd.nist.gov/vuln/detail/CVE-2015-8385>) \n**Impact** | Denial of service, unspecified other impact \n**Description** | A flaw in forward reference handling allows a remote attacker to cause a buffer overflow via a crafted regular expression, resulting in denial of service or unspecified other impact. \n \n \n\n**CVE-2015-8386** \n--- \n**Severity / CVSSv2** | High / 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n**References** | SecurityFocus: [BID 82990](<https://www.securityfocus.com/bid/82990>) / NVD: [CVE-2015-8386](<https://nvd.nist.gov/vuln/detail/CVE-2015-8386>) \n**Impact** | Denial of service, unspecified other impact \n**Description** | A flaw in lookbehind assertion and mutually recursive subpattern handling allows a remote attacker to cause a buffer overflow via a crafted regular expression, resulting in denial of service or unspecified other impact. \n \n \n\n**CVE-2015-8387** \n--- \n**Severity / CVSSv2** | High / 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n**References** | SecurityFocus: [BID 82990](<https://www.securityfocus.com/bid/82990>) / NVD: [CVE-2015-8387](<https://nvd.nist.gov/vuln/detail/CVE-2015-8387>) \n**Impact** | Denial of service, unspecified other impact. \n**Description** | A flaw in subroutine call handling allows a remote attacker to cause an integer overflow via a crafted regular expression, resulting in denial of service or unspecified other impact. \n \n \n\n**CVE-2015-8388** \n--- \n**Severity / CVSSv2** | High / 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n**References** | SecurityFocus: [BID 85576](<https://www.securityfocus.com/bid/85576>) / NVD: [CVE-2015-8388](<https://nvd.nist.gov/vuln/detail/CVE-2015-8388>) \n**Impact** | Denial of service, unspecified other impact \n**Description** | A flaw in unmatched closing parenthesis handling allows a remote attacker to cause a buffer overflow via a crafted regular expression, resulting in denial of service or unspecified other impact. \n \n \n\n**CVE-2015-8389** \n--- \n**Severity / CVSSv2** | High / 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n**References** | SecurityFocus: [BID 82990](<https://www.securityfocus.com/bid/82990>) / NVD: [CVE-2015-8389](<https://nvd.nist.gov/vuln/detail/CVE-2015-8389>) \n**Impact** | Denial of service, unspecified other impact \n**Description** | A flaw in pattern handling allows a remote attacker to cause infinite recursion via a crafted regular expression, resulting in denial of service or unspecified other impact. \n \n \n\n**CVE-2015-8390** \n--- \n**Severity / CVSSv2** | High / 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n**References** | SecurityFocus: [BID 82990](<https://www.securityfocus.com/bid/82990>) / NVD: [CVE-2015-8390](<https://nvd.nist.gov/vuln/detail/CVE-2015-8390>) \n**Impact** | Denial of service, unspecified other impact \n**Description** | A flaw in character class handling allows a remote attacker to cause uninitialized memory reads via a crafted regular expression, resulting in denial of service or unspecified other impact. \n \n \n\n**CVE-2015-8391** \n--- \n**Severity / CVSSv2** | High / 9.0 (AV:N/AC:L/Au:N/C:P/I:P/A:C) \n**References** | SecurityFocus: [BID 82990](<https://www.securityfocus.com/bid/82990>) / NVD: [CVE-2015-8391](<https://nvd.nist.gov/vuln/detail/CVE-2015-8391>) \n**Impact** | Denial of service, unspecified other impact \n**Description** | A flaw in nesting handling allows a remote attacker to cause excessive CPU consumption via a crafted regular expression, resulting in denial of service or unspecified other impact. \n \n \n\n**CVE-2015-8392** \n--- \n**Severity / CVSSv2** | High / 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n**References** | SecurityFocus: [BID 85573](<https://www.securityfocus.com/bid/85573>) / NVD: [CVE-2015-8392](<https://nvd.nist.gov/vuln/detail/CVE-2015-8392>) \n**Impact** | Denial of service, unspecified other impact \n**Description** | A flaw in substring handling allows a remote attacker to cause a buffer overflow and unintended recursion via a crafted regular expression, resulting in denial of service or unspecified other impact. \n \n \n\n**CVE-2015-8393** \n--- \n**Severity / CVSSv2** | Medium / 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n**References** | SecurityFocus: [BID 82990](<https://www.securityfocus.com/bid/82990>) / NVD: [CVE-2015-8393](<https://nvd.nist.gov/vuln/detail/CVE-2015-8393>) \n**Impact** | Information disclosure \n**Description** | A flaw in the pcregrep utility allows a remote attacker to obtain sensitive information via a crafted binary file. \n \n \n\n**CVE-2015-8394** \n--- \n**Severity / CVSSv2** | High / 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n**References** | SecurityFocus: [BID 82990](<https://www.securityfocus.com/bid/82990>) / NVD: [CVE-2015-8394](<https://nvd.nist.gov/vuln/detail/CVE-2015-8394>) \n**Impact** | Denial of service, unspecified other impact \n**Description** | A flaw in condition handling allows a remote attacker to cause an integer overflow via a crafted regular expression, resulting in denial of service or unspecified other impact. \n \n \n\n**CVE-2015-8395** \n--- \n**Severity / CVSSv2** | High / 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n**References** | SecurityFocus: [BID 85545](<https://www.securityfocus.com/bid/85545>) / NVD: [CVE-2015-8395](<https://nvd.nist.gov/vuln/detail/CVE-2015-8395>) \n**Impact** | Denial of service, unspecified other impact \n**Description** | A flaw in reference handling allows a remote attacker to cause denial of service or unspecified other impact via a crafted regular expression. \n \n \n\n**CVE-2016-1283** \n--- \n**Severity / CVSSv2** | High / 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n**References** | SecurityFocus: [BID 79825](<https://www.securityfocus.com/bid/79825>) / NVD: [CVE-2016-1283](<https://nvd.nist.gov/vuln/detail/CVE-2016-1283>) \n**Impact** | Denial of service, unspecified other impact \n**Description** | A flaw in named subgroup handling allows a remote attacker to cause heap-based buffer overflow via a crafted regular expression, resulting in denial of service or unspecified other impact. \n \n \n\n**CVE-2016-3191** \n--- \n**Severity / CVSSv2** | High / 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n**References** | SecurityFocus: [BID 84810](<https://www.securityfocus.com/bid/84810>) / NVD: [CVE-2016-3191](<https://nvd.nist.gov/vuln/detail/CVE-2016-3191>) \n**Impact** | Code execution, denial of service \n**Description** | A flaw in substring and nested parenthesis handling allows a remote attacker to cause stack-based buffer overflow via a crafted regular expression, resulting in arbitrary code execution or denial of service. \n \n \n\n### MITIGATION\n\nThese CVEs can be exploited in ASG and ProxySG 6.6 only by authenticated administrator users with write access. Restricting the administrator users that have write access reduces the threat of exploiting the vulnerabilities.\n\nThese CVEs can be exploited in ASG, Director, and ProxySG only through their management interfaces. Allowing only machines, IP addresses and subnets from a trusted network to access the management interface reduces the threat of exploiting the vulnerabilities. \n \n\n\n### REVISION\n\n2021-02-17 A fix for MC 2.4 and CA 2.3 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2020-12-09 A fix for ASG 7.1 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2020-11-17 A fix for MTD 1.1 will not be provided. Please upgrade to a version of CAS and SMG with the vulnerability fixes. A fix for SA 7.3 and 8.0 will not be provided. Please upgrade to a later version with the vulnerability fixes. A fix for XOS 9.7, 10.0, and 11.0 will not be provided. A fix for Director 6.1 will not be provided. Please upgrade to a version of MC with the vulnerability fixes. A fix for Reporter 10.4 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2020-11-12 Content Analysis 3.1 contains vulnerable versions of the PCRE or GLib2 libraries, but is not vulnerable to known vectors of attack. \n2020-08-19 A fix for MC 2.3 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2020-04-27 Provided corrected vulnerability information for Content Analysis, Mail Threat Defense, Management Center, PacketShaper S-Series, PolicyCenter S-Series, Reporter, Security Analytics, and SSL Visibility. \n2020-04-26 Provided corrected vulnerability information for Advanced Secure Gateway. Information about IntelligenceCenter and IntelligenceCenter Data Collector is not available. NetDialog NetX is a replacement product for IntelligenceCenter. \n2020-04-04 A fix for PacketShaper S-Series and PolicyCenter S-Series will not be provided. Allot Secure Service Gateway (SGG) is a replacement product for PacketShaper S-Series. Please switch to a version of SSG with the vulnerability fixes. A fix for PolicyCenter S-Series will not be provided. Allot NetXplorer is a replacement product PolicyCenter S-Series. Please switch to a version of NetXplorer with the vulnerability fixes. \n2019-10-10 A fix will not be provided for PacketShaper 9.2. Please upgrade to a version of PacketShaper S-Series with the vulnerability fixes. A fix will not be provided for PolicyCenter 9.2. Please upgrade to a version of PolicyCenter S-Series with the vulnerability fixes. \n2019-10-03 Web Isolation is not vulnerable. \n2019-09-05 A fix for MC 2.1 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2019-08-29 Reporter 10.4 has vulnerable versions of PCRE and GLib2, but is not vulnerable to known vectors of attack. \n2019-08-12 MC 2.2 and MC 2.3 have vulnerable versions of PCRE and GLib2, but are not vulnerable to known vectors of attack. A fix for MC 2.0 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2019-08-07 A fix for ASG 6.6 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2019-08-06 A fix for Reporter 10.1 and 10.2 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2019-08-06 A fix for SSLV 4.3 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2019-02-04 A fix for CA 1.3 and 2.2 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2019-01-21 SA 7.3 starting with 7.3.2 and 8.0 are vulnerable. \n2019-01-14 SSLV 4.4 and 5.0 have vulnerable versions of PCRE and GLib2, but are not vulnerable to known vectors of attack. \n2019-01-14 Reporter 10.3 has vulnerable versions of PCRE and GLib2, but is not vulnerable to known vectors of attack. \n2019-01-11 A fix for CA 2.1 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2018-09-24 A fix for SSLV 3.8.4FC will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2018-07-26 MC 2.0 has vulnerable versions of PCRE and GLib2, but is not vulnerable to known vectors of attack. \n2018-07-24 A fix for CacheFlow 3.4 is available in 3.4.2.9. \n2018-06-26 A fix for CVE-2015-8382, CVE-2015-8385, CVE-2015-8386, CVE-2015-8388, CVE-2016-3191 in SSLV 4.1 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2018-04-26 A fix for SSLV 4.0 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2018-04-25 A fix for XOS 9.7 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2018-04-22 CA 2.3, PacketShaper S-Series 11.10, and Reporter 10.2 have vulnerable versions of PCRE and GLib2, but are not vulnerable to known vectors of attack. \n2017-11-16 A fix for PS S-Series 11.5, 11.7, and 11.8 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2017-11-15 SSLV 4.2 has vulnerable versions of PCRE, but is not vulnerable to known vectors of attack. A fix is not available at this time. \n2017-11-08 CAS 2.2 has vulnerable versions of PCRE and GLib2, but is not vulnerable to known vectors of attack. \n2017-11-07 MC 1.11 has vulnerable versions of PCRE and GLib2, but is not vulnerable to known vectors of attack. A fix for MC 1.10 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2017-11-06 ASG 6.6 prior to 6.6.5.1 is vulnerable to all CVEs. ASG 6.6 starting with 6.6.5.1 and 6.7 have vulnerable versions of PCRE and GLib2, but are not vulnerable to known vectors of attacks. \n2017-10-26 It was previously reported that CacheFlow 3.4 is vulnerable to CVE-2015-8386 and CVE-2015-8390. Further investigation has shown that CacheFlow 3.4 is not vulnerable to these CVEs. \n2017-08-03 SSLV 4.1 has vulnerable version of PCRE, but is not vulnerable to known vectors of attack. A fix is not available at this time. \n2017-07-25 PS S-Series 11.9 has vulnerable versions of PCRE and GLib2, but is not vulnerable to known vectors of attack. A fix is not available at this time. \n2017-07-21 MC 1.10 has vulnerable versions of PCRE and GLib2, but is not vulnerable to known vectors of attack. A fix for MC 1.9 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2017-06-22 Security Analytics 7.3 is not vulnerable. \n2017-06-05 PS S-Series 11.8 has vulnerable versions of PCRE and GLib2, but is not vulnerable to known vectors of attack. A fix is not available at this time. \n2017-05-29 A fix for Security Analytics 6.6 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2017-05-18 CAS 2.1 has vulnerable versions of PCRE and GLib2, but is not vulnerable to known vectors of attack. \n2017-03-30 MC 1.9 has vulnerable versions of PCRE and GLib2, but is not vulnerable to known vectors of attack. \n2017-03-08 MC 1.6, MC 1.7, MC 1.8, and SSLV 4.0 have vulnerable versions of PCRE and GLib2, but are not vulnerable to known vectors of attack. ProxySG 6.7 is not vulnerable. Vulnerability inquiries for DLP should be addressed to Digital Guardian technical support. \n2017-01-25 A fix for Security Analytics 7.2 is available in 7.2.2. \n2016-12-03 PS S-Series 11.7 has vulnerable versions of PCRE and GLib2, but is not vulnerable to known vectors of attack. A fix is not available at this time. \n2016-12-03 SSLV 3.11 is not vulnerable. \n2016-11-17 Cloud Data Protection for Oracle Field Service Cloud is not vulnerable. \n2016-11-11 SSLV 3.10 is not vulnerable. \n2016-11-03 A fix for MAA is available in 4.2.10. A fix for ProxySG 6.6 is avaialble in 6.6.5.1. \n2016-09-09 A fix for ProxySG 6.5 is available in 6.5.9.11. \n2016-08-12 Security Analytics 7.2 is vulnerable to CVE-2015-8382, CVE-2015-8386, CVE-2015-8387, CVE-2015-8390, and CVE-2015-8394. \n2016-08-10 A fix for SSLV 3.9 is available in 3.9.4.1. \n2016-07-12 Reporter 9.4 and 9.5 are not vulnerable. \n2016-07-11 MAA 4.2 has a vulnerable version of PCRE, but is not vulnerable to known vectors of attack. \n2016-07-07 initial public release\n", "modified": "2021-02-18T03:56:13", "published": "2016-07-07T08:00:00", "id": "SMNTC-1374", "href": "", "type": "symantec", "title": "SA128 : Multiple PCRE Vulnerabilities", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}], "ubuntu": [{"lastseen": "2020-07-02T11:33:42", "bulletinFamily": "unix", "cvelist": ["CVE-2015-8388", "CVE-2015-3210", "CVE-2015-2325", "CVE-2015-8391", "CVE-2015-8395", "CVE-2015-8382", "CVE-2015-8386", "CVE-2015-2327", "CVE-2015-8392", "CVE-2015-8389", "CVE-2015-8380", "CVE-2016-1283", "CVE-2015-8393", "CVE-2015-8394", "CVE-2016-3191", "CVE-2015-8384", "CVE-2015-8383", "CVE-2015-8381", "CVE-2015-5073", "CVE-2015-8385", "CVE-2015-2328", "CVE-2014-9769", "CVE-2015-8387", "CVE-2015-8390", "CVE-2015-2326"], "description": "It was discovered that PCRE incorrectly handled certain regular \nexpressions. A remote attacker could use this issue to cause applications \nusing PCRE to crash, resulting in a denial of service, or possibly execute \narbitrary code.", "edition": 5, "modified": "2016-03-29T00:00:00", "published": "2016-03-29T00:00:00", "id": "USN-2943-1", "href": "https://ubuntu.com/security/notices/USN-2943-1", "title": "PCRE vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}], "redhat": [{"lastseen": "2019-12-11T13:31:06", "bulletinFamily": "unix", "cvelist": ["CVE-2015-3210", "CVE-2015-3217", "CVE-2015-4792", "CVE-2015-4802", "CVE-2015-4815", "CVE-2015-4816", "CVE-2015-4819", "CVE-2015-4826", "CVE-2015-4830", "CVE-2015-4836", "CVE-2015-4858", "CVE-2015-4861", "CVE-2015-4870", "CVE-2015-4879", "CVE-2015-4895", "CVE-2015-4913", "CVE-2015-5073", "CVE-2015-8381", "CVE-2015-8383", "CVE-2015-8384", "CVE-2015-8385", "CVE-2015-8386", "CVE-2015-8388", "CVE-2015-8391", "CVE-2015-8392", "CVE-2015-8395", "CVE-2016-0505", "CVE-2016-0546", "CVE-2016-0596", "CVE-2016-0597", "CVE-2016-0598", "CVE-2016-0600", "CVE-2016-0606", "CVE-2016-0608", "CVE-2016-0609", "CVE-2016-0610", "CVE-2016-0616", "CVE-2016-0640", "CVE-2016-0641", "CVE-2016-0642", "CVE-2016-0643", "CVE-2016-0644", "CVE-2016-0646", "CVE-2016-0647", "CVE-2016-0648", "CVE-2016-0649", "CVE-2016-0650", "CVE-2016-0651", "CVE-2016-0655", "CVE-2016-0666", "CVE-2016-0668", "CVE-2016-1283", "CVE-2016-2047", "CVE-2016-3191", "CVE-2016-3452", "CVE-2016-3459", "CVE-2016-3471", "CVE-2016-5444"], "description": "MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. MariaDB uses PCRE, a Perl-compatible regular expression library, to implement regular expression support in SQL queries.\n\nSecurity Fix(es):\n\n* It was found that the MariaDB client library did not properly check host names against server identities noted in the X.509 certificates when establishing secure connections using TLS/SSL. A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a client. (CVE-2016-2047)\n\n* This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2015-4792, CVE-2015-4802, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4870, CVE-2015-4879, CVE-2015-4895, CVE-2015-4913, CVE-2016-0505, CVE-2016-0546, CVE-2016-0596, CVE-2016-0597, CVE-2016-0598, CVE-2016-0600, CVE-2016-0606, CVE-2016-0608, CVE-2016-0609, CVE-2016-0610, CVE-2016-0616, CVE-2016-0640, CVE-2016-0641, CVE-2016-0642, CVE-2016-0643, CVE-2016-0644, CVE-2016-0646, CVE-2016-0647, CVE-2016-0648, CVE-2016-0649, CVE-2016-0650, CVE-2016-0651, CVE-2016-0655, CVE-2016-0666, CVE-2016-0668)\n\n* Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make MariaDB execute an SQL query with a specially crafted regular expression could use these flaws to cause it to crash or, possibly, execute arbitrary code. (CVE-2015-3210, CVE-2015-3217, CVE-2015-5073, CVE-2015-8381, CVE-2015-8383, CVE-2015-8384, CVE-2015-8385, CVE-2015-8386, CVE-2015-8388, CVE-2015-8391, CVE-2015-8392, CVE-2015-8395, CVE-2016-1283, CVE-2016-3191)", "modified": "2018-06-13T01:28:20", "published": "2016-05-26T12:10:09", "id": "RHSA-2016:1132", "href": "https://access.redhat.com/errata/RHSA-2016:1132", "type": "redhat", "title": "(RHSA-2016:1132) Important: rh-mariadb100-mariadb security update", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}], "suse": [{"lastseen": "2017-10-11T05:54:20", "bulletinFamily": "unix", "cvelist": ["CVE-2016-6262", "CVE-2016-7056", "CVE-2017-7407", "CVE-2015-8388", "CVE-2016-8620", "CVE-2016-8623", "CVE-2017-9233", "CVE-2016-5420", "CVE-2016-9840", "CVE-2016-3705", "CVE-2016-1840", "CVE-2014-0191", "CVE-2016-8615", "CVE-2016-8616", "CVE-2015-5276", "CVE-2015-3210", "CVE-2015-2325", "CVE-2016-6261", "CVE-2016-8619", "CVE-2017-10685", "CVE-2016-6306", "CVE-2016-2183", "CVE-2015-0860", "CVE-2016-2178", "CVE-2015-8391", "CVE-2016-6263", "CVE-2016-2108", "CVE-2016-9063", "CVE-2016-8618", "CVE-2016-1762", "CVE-2016-6302", "CVE-2016-5300", "CVE-2015-8395", "CVE-2016-7141", "CVE-2016-1834", "CVE-2017-11112", "CVE-2016-2177", "CVE-2014-7169", "CVE-2015-8382", "CVE-2016-3627", "CVE-2015-1283", "CVE-2014-6277", "CVE-2016-2105", "CVE-2016-9318", "CVE-2016-4483", "CVE-2016-2107", "CVE-2017-3731", "CVE-2015-8386", "CVE-2014-6278", "CVE-2015-2327", "CVE-2017-9049", "CVE-2016-3075", "CVE-2016-8617", "CVE-2016-9842", "CVE-2016-7796", "CVE-2017-2616", "CVE-2016-0634", "CVE-2012-6702", "CVE-2015-3238", "CVE-2016-2180", "CVE-2016-1835", "CVE-2016-0787", "CVE-2016-8610", "CVE-2016-1234", "CVE-2016-0718", "CVE-2016-6185", "CVE-2015-8392", "CVE-2016-4574", "CVE-2015-8389", "CVE-2016-2109", "CVE-2015-8380", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-4449", "CVE-2017-9048", "CVE-2014-8964", "CVE-2015-2059", "CVE-2017-11113", "CVE-2016-1283", "CVE-2016-6313", "CVE-2016-1837", "CVE-2016-6318", "CVE-2015-3622", "CVE-2016-4448", "CVE-2016-1238", "CVE-2015-8393", "CVE-2016-1838", "CVE-2016-3706", "CVE-2016-4429", "CVE-2016-2381", "CVE-2016-7543", "CVE-2017-1000101", "CVE-2016-8622", "CVE-2015-8853", "CVE-2014-7187", "CVE-2015-8394", "CVE-2016-4008", "CVE-2014-9770", "CVE-2015-3217", "CVE-2014-6271", "CVE-2017-7526", "CVE-2016-3191", "CVE-2017-1000366", "CVE-2016-1839", "CVE-2016-8624", "CVE-2015-8384", "CVE-2016-9843", "CVE-2017-9047", "CVE-2015-8948", "CVE-2014-7824", "CVE-2015-8842", "CVE-2016-9597", "CVE-2016-6303", "CVE-2015-8383", "CVE-2017-1000100", "CVE-2015-8381", "CVE-2016-2182", "CVE-2016-5421", "CVE-2016-9586", "CVE-2015-5073", "CVE-2016-4447", "CVE-2016-5011", "CVE-2015-7511", "CVE-2015-8385", "CVE-2015-8806", "CVE-2016-9841", "CVE-2016-4579", "CVE-2015-0245", "CVE-2016-2037", "CVE-2016-2073", "CVE-2016-5419", "CVE-2015-2328", "CVE-2017-6507", "CVE-2016-4658", "CVE-2016-7167", "CVE-2017-10684", "CVE-2016-2179", "CVE-2016-2106", "CVE-2016-1833", "CVE-2015-8387", "CVE-2016-8621", "CVE-2015-8390", "CVE-2017-9050"], "description": "The SUSE Linux Enterprise Server 12 SP1 container image has been updated\n to include security and stability fixes.\n\n The following issues related to building of the container images have been\n fixed:\n\n - Included krb5 package to avoid the inclusion of krb5-mini which gets\n selected as a dependency by the Build Service solver. (bsc#1056193)\n - Do not install recommended packages when building container images.\n (bsc#975726)\n\n A number of security issues that have been already fixed by updates\n released for SUSE Linux Enterprise Server 12 SP1 are now included in the\n base image. A package/CVE cross-reference is available below.\n\n pam:\n\n - CVE-2015-3238\n\n libtasn1:\n\n - CVE-2015-3622\n - CVE-2016-4008\n\n expat:\n\n expat:\n\n - CVE-2012-6702\n - CVE-2015-1283\n - CVE-2016-0718\n - CVE-2016-5300\n - CVE-2016-9063\n - CVE-2017-9233\n\n libidn:\n\n - CVE-2015-2059\n - CVE-2015-8948\n - CVE-2016-6261\n - CVE-2016-6262\n - CVE-2016-6263\n\n\n zlib:\n\n - CVE-2016-9840\n - CVE-2016-9841\n - CVE-2016-9842\n - CVE-2016-9843\n\n curl:\n\n - CVE-2016-5419\n - CVE-2016-5420\n - CVE-2016-5421\n - CVE-2016-7141\n - CVE-2016-7167\n - CVE-2016-8615\n - CVE-2016-8616\n - CVE-2016-8617\n - CVE-2016-8618\n - CVE-2016-8619\n - CVE-2016-8620\n - CVE-2016-8621\n - CVE-2016-8622\n - CVE-2016-8623\n - CVE-2016-8624\n - CVE-2016-9586\n - CVE-2017-1000100\n - CVE-2017-1000101\n - CVE-2017-7407\n\n openssl:\n\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2177\n - CVE-2016-2178\n - CVE-2016-2179\n - CVE-2016-2180\n - CVE-2016-2181\n - CVE-2016-2182\n - CVE-2016-2183\n - CVE-2016-6302\n - CVE-2016-6303\n - CVE-2016-6304\n - CVE-2016-6306\n - CVE-2016-7056\n - CVE-2016-8610\n - CVE-2017-3731\n\n cracklib:\n\n - CVE-2016-6318\n\n pcre:\n\n - CVE-2014-8964\n - CVE-2015-2325\n - CVE-2015-2327\n - CVE-2015-2328\n - CVE-2015-3210\n - CVE-2015-3217\n - CVE-2015-5073\n - CVE-2015-8380\n - CVE-2015-8381\n - CVE-2015-8382\n - CVE-2015-8383\n - CVE-2015-8384\n - CVE-2015-8385\n - CVE-2015-8386\n - CVE-2015-8387\n - CVE-2015-8388\n - CVE-2015-8389\n - CVE-2015-8390\n - CVE-2015-8391\n - CVE-2015-8392\n - CVE-2015-8393\n - CVE-2015-8394\n - CVE-2015-8395\n - CVE-2016-1283\n - CVE-2016-3191\n\n appamor:\n\n - CVE-2017-6507\n\n bash:\n\n - CVE-2014-6277\n - CVE-2014-6278\n - CVE-2016-0634\n - CVE-2016-7543\n\n cpio:\n\n - CVE-2016-2037\n\n glibc:\n\n - CVE-2016-1234\n - CVE-2016-3075\n - CVE-2016-3706\n - CVE-2016-4429\n - CVE-2017-1000366\n\n perl:\n\n - CVE-2015-8853\n - CVE-2016-1238\n - CVE-2016-2381\n - CVE-2016-6185\n\n libssh2_org:\n\n - CVE-2016-0787\n\n util-linux:\n\n - CVE-2016-5011\n - CVE-2017-2616\n\n ncurses:\n\n - CVE-2017-10684\n - CVE-2017-10685\n - CVE-2017-11112\n - CVE-2017-11113\n\n libksba:\n\n - CVE-2016-4574\n - CVE-2016-4579\n\n libxml2:\n\n - CVE-2014-0191\n - CVE-2015-8806\n - CVE-2016-1762\n - CVE-2016-1833\n - CVE-2016-1834\n - CVE-2016-1835\n - CVE-2016-1837\n - CVE-2016-1838\n - CVE-2016-1839\n - CVE-2016-1840\n - CVE-2016-2073\n - CVE-2016-3627\n - CVE-2016-3705\n - CVE-2016-4447\n - CVE-2016-4448\n - CVE-2016-4449\n - CVE-2016-4483\n - CVE-2016-4658\n - CVE-2016-9318\n - CVE-2016-9597\n - CVE-2017-9047\n - CVE-2017-9048\n - CVE-2017-9049\n - CVE-2017-9050\n\n libgcrypt:\n\n - CVE-2015-7511\n - CVE-2016-6313\n - CVE-2017-7526\n\n update-alternatives:\n\n - CVE-2015-0860\n\n systemd:\n\n - CVE-2014-9770\n - CVE-2015-8842\n - CVE-2016-7796\n\n dbus-1:\n\n - CVE-2014-7824\n - CVE-2015-0245\n\n Finally, the following packages received non-security fixes:\n\n - augeas\n - bzip2\n - ca-certificates-mozilla\n - coreutils\n - cryptsetup\n - cyrus-sasl\n - dirmngr\n - e2fsprogs\n - findutils\n - gpg2\n - insserv-compat\n - kmod\n - libcap\n - libsolv\n - libzypp\n - lua51\n - lvm2\n - netcfg\n - p11-kit\n - permissions\n - procps\n - rpm\n - sed\n - sg3_utils\n - shadow\n - zypper\n\n", "edition": 1, "modified": "2017-10-11T03:07:32", "published": "2017-10-11T03:07:32", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html", "id": "SUSE-SU-2017:2700-1", "title": "Security update for SLES 12-SP1 Docker image (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-11T05:54:19", "bulletinFamily": "unix", "cvelist": ["CVE-2016-6262", "CVE-2017-7407", "CVE-2015-8388", "CVE-2016-8620", "CVE-2016-8623", "CVE-2017-9233", "CVE-2016-5420", "CVE-2016-9840", "CVE-2016-3705", "CVE-2016-1840", "CVE-2014-0191", "CVE-2016-8615", "CVE-2016-8616", "CVE-2015-5276", "CVE-2015-3210", "CVE-2015-2325", "CVE-2016-6261", "CVE-2016-8619", "CVE-2017-10685", "CVE-2016-6306", "CVE-2016-2183", "CVE-2016-2178", "CVE-2015-8391", "CVE-2016-6263", "CVE-2016-2108", "CVE-2016-9063", "CVE-2016-8618", "CVE-2016-1762", "CVE-2016-6302", "CVE-2016-5300", "CVE-2015-8395", "CVE-2016-7141", "CVE-2016-1834", "CVE-2017-11112", "CVE-2016-2177", "CVE-2014-7169", "CVE-2015-8382", "CVE-2016-3627", "CVE-2015-1283", "CVE-2014-6277", "CVE-2016-2105", "CVE-2016-9318", "CVE-2016-4483", "CVE-2016-2107", "CVE-2015-8386", "CVE-2014-6278", "CVE-2015-2327", "CVE-2017-9049", "CVE-2016-3075", "CVE-2016-8617", "CVE-2016-9842", "CVE-2016-7796", "CVE-2017-2616", "CVE-2016-0634", "CVE-2012-6702", "CVE-2015-3238", "CVE-2016-2180", "CVE-2016-1835", "CVE-2016-0787", "CVE-2016-1234", "CVE-2016-0718", "CVE-2016-6185", "CVE-2015-8392", "CVE-2016-4574", "CVE-2015-8389", "CVE-2016-2109", "CVE-2015-8380", "CVE-2016-2181", "CVE-2016-6304", "CVE-2016-4449", "CVE-2017-9048", "CVE-2014-8964", "CVE-2015-2059", "CVE-2017-11113", "CVE-2016-1283", "CVE-2016-6313", "CVE-2016-1837", "CVE-2016-6318", "CVE-2015-3622", "CVE-2016-4448", "CVE-2016-1238", "CVE-2015-8393", "CVE-2016-1838", "CVE-2016-3706", "CVE-2016-4429", "CVE-2016-2381", "CVE-2016-7543", "CVE-2017-1000101", "CVE-2016-8622", "CVE-2015-8853", "CVE-2014-7187", "CVE-2015-8394", "CVE-2016-4008", "CVE-2014-9770", "CVE-2015-3217", "CVE-2014-6271", "CVE-2017-7526", "CVE-2016-3191", "CVE-2017-1000366", "CVE-2016-1839", "CVE-2016-8624", "CVE-2015-8384", "CVE-2016-9843", "CVE-2017-9047", "CVE-2015-8948", "CVE-2014-7824", "CVE-2015-8842", "CVE-2016-9597", "CVE-2015-5218", "CVE-2016-6303", "CVE-2015-8383", "CVE-2017-1000100", "CVE-2015-8381", "CVE-2016-2182", "CVE-2016-5421", "CVE-2016-9586", "CVE-2015-5073", "CVE-2016-4447", "CVE-2016-5011", "CVE-2015-7511", "CVE-2015-8385", "CVE-2015-8806", "CVE-2016-9841", "CVE-2016-4579", "CVE-2015-0245", "CVE-2016-2037", "CVE-2016-2073", "CVE-2016-5419", "CVE-2015-2328", "CVE-2017-6507", "CVE-2016-4658", "CVE-2016-7167", "CVE-2017-10684", "CVE-2016-2179", "CVE-2016-2106", "CVE-2016-1833", "CVE-2015-8387", "CVE-2016-8621", "CVE-2015-8390", "CVE-2017-9050"], "description": "The SUSE Linux Enterprise Server 12 container image has been updated to\n include security and stability fixes.\n\n The following issues related to building of the container images have been\n fixed:\n\n - Included krb5 package to avoid the inclusion of krb5-mini which gets\n selected as a dependency by the Build Service solver. (bsc#1056193)\n - Do not install recommended packages when building container images.\n (bsc#975726)\n\n A number of security issues that have been already fixed by updates\n released for SUSE Linux Enterprise Server 12 are now included in the base\n image. A package/CVE cross-reference is available below.\n\n pam:\n\n - CVE-2015-3238\n\n libtasn1:\n\n - CVE-2015-3622\n - CVE-2016-4008\n\n libidn:\n\n - CVE-2015-2059\n - CVE-2015-8948\n - CVE-2016-6261\n - CVE-2016-6262\n - CVE-2016-6263\n\n zlib:\n\n - CVE-2016-9840\n - CVE-2016-9841\n - CVE-2016-9842\n - CVE-2016-9843\n\n curl:\n\n - CVE-2016-5419\n - CVE-2016-5420\n - CVE-2016-5421\n - CVE-2016-7141\n - CVE-2016-7167\n - CVE-2016-8615\n - CVE-2016-8616\n - CVE-2016-8617\n - CVE-2016-8618\n - CVE-2016-8619\n - CVE-2016-8620\n - CVE-2016-8621\n - CVE-2016-8622\n - CVE-2016-8623\n - CVE-2016-8624\n - CVE-2016-9586\n - CVE-2017-1000100\n - CVE-2017-1000101\n - CVE-2017-7407\n\n openssl:\n\n - CVE-2016-2105\n - CVE-2016-2106\n - CVE-2016-2107\n - CVE-2016-2108\n - CVE-2016-2109\n - CVE-2016-2177\n - CVE-2016-2178\n - CVE-2016-2179\n - CVE-2016-2180\n - CVE-2016-2181\n - CVE-2016-2182\n - CVE-2016-2183\n - CVE-2016-6302\n - CVE-2016-6303\n - CVE-2016-6304\n - CVE-2016-6306\n\n libxml2:\n\n - CVE-2014-0191\n - CVE-2015-8806\n - CVE-2016-1762\n - CVE-2016-1833\n - CVE-2016-1834\n - CVE-2016-1835\n - CVE-2016-1837\n - CVE-2016-1838\n - CVE-2016-1839\n - CVE-2016-1840\n - CVE-2016-2073\n - CVE-2016-3627\n - CVE-2016-3705\n - CVE-2016-4447\n - CVE-2016-4448\n - CVE-2016-4449\n - CVE-2016-4483\n - CVE-2016-4658\n - CVE-2016-9318\n - CVE-2016-9597\n - CVE-2017-9047\n - CVE-2017-9048\n - CVE-2017-9049\n - CVE-2017-9050\n\n util-linux:\n\n - CVE-2015-5218\n - CVE-2016-5011\n - CVE-2017-2616\n\n cracklib:\n\n - CVE-2016-6318\n\n systemd:\n\n - CVE-2014-9770\n - CVE-2015-8842\n - CVE-2016-7796\n\n pcre:\n\n - CVE-2014-8964\n - CVE-2015-2325\n - CVE-2015-2327\n - CVE-2015-2328\n - CVE-2015-3210\n - CVE-2015-3217\n - CVE-2015-5073\n - CVE-2015-8380\n - CVE-2015-8381\n - CVE-2015-8382\n - CVE-2015-8383\n - CVE-2015-8384\n - CVE-2015-8385\n - CVE-2015-8386\n - CVE-2015-8387\n - CVE-2015-8388\n - CVE-2015-8389\n - CVE-2015-8390\n - CVE-2015-8391\n - CVE-2015-8392\n - CVE-2015-8393\n - CVE-2015-8394\n - CVE-2015-8395\n - CVE-2016-1283\n - CVE-2016-3191\n\n appamor:\n\n - CVE-2017-6507\n\n bash:\n\n - CVE-2014-6277\n - CVE-2014-6278\n - CVE-2016-0634\n - CVE-2016-7543\n\n cpio:\n\n - CVE-2016-2037\n\n glibc:\n\n - CVE-2016-1234\n - CVE-2016-3075\n - CVE-2016-3706\n - CVE-2016-4429\n - CVE-2017-1000366\n\n perl:\n\n - CVE-2015-8853\n - CVE-2016-1238\n - CVE-2016-2381\n - CVE-2016-6185\n\n libssh2_org:\n\n - CVE-2016-0787\n\n expat:\n\n - CVE-2012-6702\n - CVE-2015-1283\n - CVE-2016-0718\n - CVE-2016-5300\n - CVE-2016-9063\n - CVE-2017-9233\n\n ncurses:\n\n - CVE-2017-10684\n - CVE-2017-10685\n - CVE-2017-11112\n - CVE-2017-11113\n\n libksba:\n\n - CVE-2016-4574\n - CVE-2016-4579\n\n libgcrypt:\n\n - CVE-2015-7511\n - CVE-2016-6313\n - CVE-2017-7526\n\n dbus-1:\n\n - CVE-2014-7824\n - CVE-2015-0245\n\n Finally, the following packages received non-security fixes:\n\n - augeas\n - bzip2\n - ca-certificates-mozilla\n - coreutils\n - cryptsetup\n - cyrus-sasl\n - dirmngr\n - e2fsprogs\n - findutils\n - gpg2\n - insserv-compat\n - kmod\n - libcap\n - libsolv\n - libzypp\n - openldap2\n - p11-kit\n - permissions\n - procps\n - rpm\n - sed\n - shadow\n - zypper\n\n", "edition": 1, "modified": "2017-10-11T03:06:53", "published": "2017-10-11T03:06:53", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html", "id": "SUSE-SU-2017:2699-1", "title": "Security update for SLES 12 Docker image (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
