DATABASE RESOURCES PRICING ABOUT US

{"id": "CLSA-2020:1605798462", "type": "cloudlinux", "bulletinFamily": "unix", "title": "Fix of 227 CVE", "description": "- Fix bug #69720: Null pointer dereference in phar_get_fp_offset()\n- Fix bug #70728: Type Confusion Vulnerability in PHP_to_XMLRPC_worker()\n- Fix bug #70661: Use After Free Vulnerability in WDDX Packet Deserialization\n- Fix bug #70741: Session WDDX Packet Deserialization Type Confusion Vulnerability\n- Fix bug #71459: Integer overflow in iptcembed()\n- Fix bug #71039: exec functions ignore length but look for NULL termination\n- Fix bug #71354: Heap corruption in tar/zip/phar parser.\n- Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata()\n- Fix bug #71323: Output of stream_get_meta_data can be falsified by its input\n- Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile()\n- Fix bug #71587: Use-After-Free / Double-Free in WDDX Deserialize\n- Fix bug #71860: Invalid memory write in phar on filename with \\0 in name\n- Fix bug #71798: Integer Overflow in php_raw_url_encode\n- Fix bug #72837: integer overflow in bzdecompress caused heap corruption\n- Fix bug #72681: PHP Session Data Injection Vulnerability\n- Fix bug #72807: integer overflow in curl_escape caused heap corruption\n- Fix bug #72838: Integer overflow lead to heap corruption in sql_regcase\n- Fix bug #72697: select_colors write out-of-bounds\n- Fix bug #72730: imagegammacorrect allows arbitrary write access\n- Fix bug #72836: integer overflow in base64_decode caused heap corruption\n- Fix bug #72848: integer overflow in quoted_printable_encode caused heap corruption\n- Fix bug #72849: integer overflow in urlencode caused heap corruption\n- Fix bug #72850: integer overflow in php_uuencode caused heap corruption\n- Fix bug #72771: ftps:// wrapper is vulnerable to protocol downgrade attack\n- Fix bug #72749: wddx_deserialize allows illegal memory access\n- Fix bug #72750: wddx_deserialize null dereference\n- Fix bug #72790: wddx_deserialize null dereference with invalid xml\n- Fix bug #72799: wddx_deserialize null dereference in php_wddx_pop_element\n- Fix bug #73189: Memcpy negative size parameter php_resolve_path\n- Fix bug #73150: missing NULL check in dom_document_save_html\n- Fix bug #73284: heap overflow in php_ereg_replace function\n- Fix bug #73218: stack-buffer-overflow through "ResourceBundle" methods\n- Fix bug #73208: integer overflow in imap_8bit caused heap corruption\n- Fix bug #73082: string length overflow in mb_encode_* function\n- Fix bug #73174: heap overflow in php_pcre_replace_impl\n- Fix bug #73276: crash in openssl_random_pseudo_bytes function\n- Fix bug #73275: crash in openssl_encrypt function\n- Fix bug #73017: memory corruption in wordwrap function\n- Fix bug #73240: Write out of bounds at number_format\n- Fix bug #73073: CachingIterator null dereference when convert to string\n- Fix bug #73293: NULL pointer dereference in SimpleXMLElement::asXML()\n- Fix bug #73356: crash in bzcompress function\n- Fix bug #72696: imagefilltoborder stackoverflow on truecolor images\n- Fix bug #73418: Integer Overflow in "_php_imap_mail" leads Heap Overflow\n- Fix bug #73144: Use-after-free in ArrayObject Deserialization\n- Fix bug #73192: parse_url return wrong hostname\n- Fix bug #73331: NULL Pointer Dereference in WDDX Packet Deserialization with PDORow\n- Fix bug #73452: Segfault (Regression for #69152)\n- Fix bug #73631: Invalid read when wddx decodes empty boolean element\n- Fix bug #67587: Redirection loop on nginx with FPM\n- Fix bug #71465: PHAR doesn't know about litespeed\n- Fix bug #73737: FPE when parsing a tag format\n- Fix bug #73868: Fix DOS vulnerability in gdImageCreateFromGd2Ctx()\n- Fix bug #73869: Signed Integer Overflow gd_io.c\n- Fix bug #73773: Seg fault when loading hostile phar\n- Fix bug #70436: Use After Free Vulnerability in unserialize()\n- Fix bug #74603: PHP INI Parsing Stack Buffer Overflow Vulnerability\n- Fix bug #72535: arcfour encryption stream filter crashes php\n- Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's\n GC algorithm and unseria\n- Fix bug #72455: Heap Overflow due to integer overflows\n- Fix bug #74782: Reflected XSS in .phar 404 page\n- Fix bug #71335: Type Confusion in WDDX Packet Deserialization\n- Fix bug #76130: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value\n- Fix bug #76249: stream filter convert.iconv leads to infinite loop on\n invalid sequence\n- Fix bug #76248: Malicious LDAP-Server Response causes Crash\n- Fix bug #76129: fix for CVE-2018-5712 may not be complete\n- Fix bug #75981: stack-buffer-overflow while parsing HTTP response\n- Fix bug #74385: Locale::parseLocale() broken with some arguments\n- Fix bug #76335: "link(): Bad file descriptor" with non-ASCII path\n- Fix bug #76383: array_map on $GLOBALS returns IS_INDIRECT\n- Fix bug #73342: Vulnerability in php-fpm by changing stdin to non-blocking\n- Fix bug #76505: array_merge_recursive() is duplicating sub-array keys\n- Fix bug #76532: Integer overflow and excessive memory usage in mb_strimwidth\n- Fix bug #76548: pg_fetch_result did not fetch the next row\n- Fix bug #76488: Memory leak when fetching a BLOB field\n- Fix bug #76665: SQLite3Stmt::bindValue() with SQLITE3_FLOAT doesn't juggle\n- Fix bug #75402: Possible Memory Leak using PDO::CURSOR_SCROLL option\n- Fix bug #76517: --with-gettext= causes configure to misjudges there is no getcwd\n- Fix bug #72443: Installing shared extensions: cp: cannot stat 'modules/*':\n No such file or dire\n- Fix bug #68175: RegexIterator pregFlags are NULL instead of 0\n- Fix bug #55146: iconv_mime_decode_headers() skips some headers\n- Fix bug #63839: iconv_mime_decode_headers function is skipping headers\n- Fix bug #60494: iconv_mime_decode does ignore special characters\n- Fix bug #68180: iconv_mime_decode can return extra characters in a header\n- Fix bug #73457: Wrong error message when fopen FTP wrapped fails to open\n data connection\n- Fix bug #74454: Wrong exception being thrown when using ReflectionMethod\n- Fix bug #74764: Bindto IPv6 works with file_get_contents but fails with\n stream_socket_client\n- Fix bug #75273: php_zlib_inflate_filter() may not update bytes_consumed\n- Fix bug #75696: posix_getgrnam fails to print details of group\n- Fix bug #76480: Use curl_multi_wait() so that timeouts are respected\n- Fix bug #76800: foreach inconsistent if array modified during loop\n- Fix bug #76886: Can't build xmlrpc with expat\n- Fix bug #76901: method_exists on SPL iterator passthrough method corrupts memory\n- Fix bug #77242: heap out of bounds read in xmlrpc_decode()\n- Fix bug #77247: heap buffer overflow in phar_detect_phar_fname_ext\n- Fix bug #77270: imagecolormatch Out Of Bounds Write on Heap\n- Fix bug #77370: Buffer overflow on mb regex functions - fetch_token\n- Fix bug #77380: Global out of bounds read in xmlrpc base64 code\n- Fix bug #77630: rename() across the device may allow unwanted access\n during processing\n- Fix bug #77494: Disabling class causes segfault on member access\n- Fix bug #77431: openFile() silently truncates after a null byte\n- Fix bug #51068: DirectoryIterator glob:// don't support current path\n relative queries\n- Fix bug #77396: Null Pointer Dereference in phar_create_or_parse_filename\n- Fix bug #77540: Invalid Read on exif_process_SOFn\n- Fix bug #77390: feof might hang on TLS streams in case of fragmented TLS records\n- Fix bug #77586: phar_tar_writeheaders_int() buffer overflow\n- Fix bug #77546: iptcembed broken function\n- Fix bug #77563: Uninitialized read in exif_process_IFD_in_MAKERNOTE\n- Fix bug #76557: heap-buffer-overflow (READ of size 48) while reading exif data\n- Fix bug #77024: SplFileObject::__toString() may return array\n- Fix bug #77945: Segmentation fault when constructing SoapClient with WSDL_CACHE_BOTH\n- Fix bug #77697: Crash on Big_Endian platform\n- Fix bug #77943: imageantialias($image, false); does not work\n- Fix bug #77944: Wrong meta pdo_type for bigint on LLP64\n- Fix bug #76717: var_export() does not create a parsable value for PHP_INT_MIN\n- Fix bug #77921: static.php.net doesn't work anymore\n- Fix bug #77934: php-fpm kill -USR2 not working\n- Fix bug #77700: Writing truecolor images as GIF ignores interlace flag\n- Fix bug #77765: FTP stream wrapper should set the directory as executable\n- Fix bug #50020: DateInterval:createDateFromString() silently fails\n- Fix bug #77742: bcpow() implementation related to gcc compiler optimization\n- Fix bug #77967: Bypassing open_basedir restrictions via file uris\n- Fix bug #77973: Uninitialized read in gdImageCreateFromXbm\n- Fix bug #77988: heap-buffer-overflow on php_jpg_get16\n- Fix bug #78192: SegFault when reuse statement after schema has changed\n- Fix bug #77124: FTP with SSL memory leak\n- Fix bug #78256: heap-buffer-overflow on exif_process_user_comment\n- Fix bug #78222: heap-buffer-overflow on exif_scan_thumbnail\n- Fix bug #77946: Bad cURL resources returned by curl_multi_info_read()\n- Fix bug #78333: Exif crash (bus error) due to wrong alignment and invalid cast\n- Fix bug #69100: Bus error from stream_copy_to_stream (file -> SSL stream)\n with invalid length\n- Fix bug #76342: file_get_contents waits twice specified timeout\n- Fix bug #76859: stream_get_line skips data if used with data-generating filter\n- Fix bug #78579: mb_decode_numericentity: args number inconsistency\n- Fix bug #78910: Heap-buffer-overflow READ in exif\n- Fix bug #78878: Buffer underflow in bc_shift_addsub\n- Fix bug #78793: Use-after-free in exif parsing under memory sanitizer\n- Fix bug #78863: DirectoryIterator class silently truncates after a null byte\n- Fix bug #79099: OOB read in php_strip_tags_ex\n- Fix bug #79082: Files added to tar with Phar::buildFromIterator have\n all-access permissions\n- Fix bug #79329: get_headers() silently truncates after a null byte\n- Fix bug #79282: Use-of-uninitialized-value in exif\n- Fix bug #61597: SimpleXMLElement doesn't include both @attributes and\n textContent in properties\n- Fix bug #74940: DateTimeZone loose comparison always true until properties\n are initialized.\n- Fix bug #79296: ZipArchive::open fails on empty file (libzip 1.6.0)\n- Fix bug #79330: shell_exec() silently truncates after a null byte\n- Fix bug #79364: When copy empty array, next key is unspecified.\n- Fix bug #79396: DateTime hour incorrect during DST jump forward using setTime\n- Fix bug #79410: system() swallows last chunk if it is exactly 4095 bytes\n without newline\n- Fix bug #79424: php_zip_glob uses gl_pathc after call to globfree\n- Fix bug #79465: OOB Read in urldecode() (CVE-2020-7067)\n- Fix bug #78221: DOMNode::normalize() doesn't remove empty text nodes\n- Fix bug #78875: Long filenames cause OOM and temp files are not cleaned\n (CVE-2019-11048)\n- Fix bug #78876: Long variables in multipart/form-data cause OOM and temp\n files are not cleaned (CVE-2019-11048)\n- Fix bug #79514: Memory leaks while including unexistent file\n- Fix bug #79528: Different object of the same xml between 7.4.5 and 7.4.4\n- Fix bug #62890: default_socket_timeout=-1 causes connection to timeout\n- Fix bug #70362: Can't copy() large 'data://' with open_basedir\n- Fix bug #73527: Invalid memory access in php_filter_strip\n- Fix bug #74267: segfault with streams and invalid data\n- Fix bug #79787: mb_strimwidth does not trim string\n- Fix bug #79877: getimagesize function silently truncates after a null byte\n- Fix bug #68447: grapheme_extract take an extra trailing character\n- Fix bug #68825: Inconsistent exception in DirectoryIterator::getLinkTarget()\n- Fix bug #74145: wddx parsing empty boolean tag leads to SIGSEGV (CVE-2017-11143)\n- Fix bug #74651: negative-size-param (-1) in memcpy in zif_openssl_seal()\n (CVE-2017-11144)\n- Fix bug #74435: Buffer over-read into uninitialized memory (CVE-2017-7890)\n- Fix bug #73093: Unserialize Exception object can lead to infinite loop\n (CVE-2016-7478)\n- Fix bug #72520: Stack-based buffer overflow vulnerability in php_stream_zip_opener\n (CVE-2016-6297)\n- Fix bug #73825: Heap out of bounds read on unserialize in finish_nested_data()\n (CVE-2016-10161)\n- Fix bug #60491: Session module is adoptive (CVE-2011-4718)\n- Fix bug #69253: ZIP Integer Overflow leads to writing past heap boundary\n (CVE-2015-2331)\n- Fix bug #69418: CVE-2006-7243 fix regressions in 5.4+ (CVE-2015-4025)\n- Fix bug #68598: pcntl_exec() should not allow null char (CVE-2015-4026)\n- Fix bug #69207: move_uploaded_file allows nulls in path (CVE-2015-2348)\n- Fix bug #69218: potential remote code execution with apache 2.4 apache2handler\n (CVE-2015-3330)\n- Fix bug #69719: Incorrect handling of paths with NULs, related to bug 69353\n (CVE-2015-4598)\n- Fix bug #69353: Missing null byte checks for paths in various PHP extensions\n (CVE-2015-3411)\n- Fix bugs #70168, #70169, #70166, #70155: Use After Free Vulnerability in\n unserialize() with\n SplObjectStorage, SplDoublyLinkedList, SPLArrayObject, SPLArrayObject (CVE-2015-6831)\n- Fix bug #70019: Files extracted from archive may be placed outside of\n destination directory (CVE-2015-6833)\n- Fix bug #70388: SOAP serialize_function_call() type confusion / RCE (CVE-2015-6836)\n- Fix bug #69782: NULL pointer dereference (CVE-2015-6837, CVE-2015-6838)\n- Fix bug #70433: Uninitialized pointer in phar_make_dirstream when zip entry\n filename is \"/\" (CVE-2015-7804)\n- Fix bug #69923: Buffer overflow and stack smashing error in phar_fix_filepath\n (CVE-2015-5590)\n- Fix bug #71488: Stack overflow when decompressing tar archives (CVE-2016-2554)\n- Fix bug #72061: Out-of-bounds reads in zif_grapheme_stripos with negative offset\n (CVE-2016-4541, CVE-2016-4540)\n- Fix bug #72094: Out of bounds heap read access in exif header processing\n (CVE-2016-4542)\n- Fix bug #72093: bcpowmod accepts negative scale and corrupts _one_ definition\n (CVE-2016-4537)\n- Fix bug #71331: Uninitialized pointer in phar_make_dirstream() (CVE-2016-4343)\n- Fix bug #72241: get_icu_value_internal out-of-bounds read (CVE-2016-5093)\n- Fix bug #72135: Integer Overflow in php_html_entities() (CVE-2016-5094)\n- Fix bug #72114: Integer underflow / arbitrary null write in fread/gzread\n (CVE-2016-5096)\n- Fix bug #72339: Integer Overflow in _gd2GetHeader() resulting in heap overflow\n (CVE-2016-5766)\n- Fix bug #72340: Double Free Courruption in wddx_deserialize (CVE-2016-5772)\n- Fix bug #72613: Inadequate error handling in bzread() (CVE-2016-5399)\n- Fix bug #70480: php_url_parse_ex() buffer overflow read (CVE-2016-6288)\n- Fix bug #72513: Stack-based buffer overflow vulnerability in virtual_file_ex\n (CVE-2016-6289)\n- Fix bug #72562: Use After Free in unserialize() with Unexpected Session\n Deserialization (CVE-2016-6290)\n- Fix bug #72603: Out of bound read in exif_process_IFD_in_MAKERNOTE (CVE-2016-6291)\n- Fix bug #72533: locale_accept_from_http out-of-bounds access (CVE-2016-6294)\n- Fix bug #69975: PHP segfaults when accessing nvarchar(max) defined columns\n (CVE-2015-8879)\n- Fix bug #72606: heap-buffer-overflow (write) simplestring_addn simplestring.c\n (CVE-2016-6296)\n- Fix bug #72293: Heap overflow in mysqlnd related to BIT fields (CVE-2016-7412)\n- Fix bug #72860: wddx_deserialize use-after-free (CVE-2016-7413)\n- Fix bug #72928: Out of bound when verify signature of zip phar in phar_parse_zipfile\n (CVE-2016-7414)\n- Fix bug #73007: SEH buffer overflow msgfmt_format_message (CVE-2016-7416)\n- Fix bug #73029: Missing type check when unserializing SplArray (CVE-2016-7417)\n- Fix bug #73065: Out-Of-Bounds Read in php_wddx_push_element of wddx.c (CVE-2016-7418)\n- Fix bug #73280: Stack Buffer Overflow in GD dynamicGetbuf (CVE-2016-8670)\n- Fix bug #73764: Crash while loading hostile phar archive (CVE-2016-10159)\n- Fix bug #73768: Memory corruption when loading hostile phar (CVE-2016-10160)\n- Fix bug #72627: Memory Leakage In exif_process_IFD_in_TIFF (CVE-2016-7128)\n- Fix bug #70350: ZipArchive::extractTo allows for directory traversal when\n creating directories (CVE-2014-9767)\n- Fix bug #70081: SoapClient info leak / null pointer dereference via multiple\n type confusions (CVE-2015-8835)\n- Fix bug #70121: unserialize() could lead to unexpected methods execution / NULL\n pointer deref (CVE-2015-8876)\n- Fix bug #71906: AddressSanitizer: negative-size-param (-1) in mbfl_strcut\n (CVE-2016-4073)\n- Fix bug #70014: openssl_random_pseudo_bytes() is not cryptographically secure\n (CVE-2015-8867)\n- Fix bug #77371: heap buffer overflow in mb regex functions - compile_string_node\n (CVE-2019-9023)\n- Fix bug #77381: heap buffer overflow in multibyte match_at (CVE-2019-9023)\n- Fix bug #77382: heap buffer overflow due to incorrect length in expand_case_fold_string\n (CVE-2019-9023)\n- Fix bug #77385: buffer overflow in fetch_token (CVE-2019-9023)\n- Fix bug #77394: Buffer overflow in multibyte case folding - unicode (CVE-2019-9023)\n- Fix vulnerabilities with oniguruma: CVE-2017-9226, CVE-2017-9224, CVE-2017-9227,\n CVE-2017-9228, CVE-2019-13224\n- Fix general vulneravilities: CVE-2014-9653, CVE-2015-0235, CVE-2015-3152,\n CVE-2016-3074\n- Fix bug #79699: PHP parses encoded cookie names so malicious `__Host-` cookies\n can be sent (CVE-2020-7070)\n- Fix bug #80007: Potential type confusion in unixtojd() parameter parsing", "published": "2020-10-15T12:00:00", "modified": "2020-10-15T12:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://repo.cloudlinux.com/centos6-els/updateinfo.xml", "reporter": "CloudLinux", "references": ["https://errata.cloudlinux.com/els6/CLSA-2020-1605798462.html"], "cvelist": ["CVE-2006-7243", "CVE-2011-4718", "CVE-2014-9653", "CVE-2014-9767", "CVE-2015-0235", "CVE-2015-2331", "CVE-2015-2348", "CVE-2015-3152", "CVE-2015-3330", "CVE-2015-3411", "CVE-2015-4025", "CVE-2015-4026", "CVE-2015-4598", "CVE-2015-5590", "CVE-2015-6831", "CVE-2015-6833", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6838", "CVE-2015-7804", "CVE-2015-8835", "CVE-2015-8867", "CVE-2015-8876", "CVE-2015-8879", "CVE-2016-10159", "CVE-2016-10160", "CVE-2016-10161", "CVE-2016-2554", "CVE-2016-3074", "CVE-2016-4073", "CVE-2016-4343", "CVE-2016-4537", "CVE-2016-4540", "CVE-2016-4541", "CVE-2016-4542", "CVE-2016-5093", "CVE-2016-5094", "CVE-2016-5096", "CVE-2016-5399", "CVE-2016-5766", "CVE-2016-5772", "CVE-2016-6288", "CVE-2016-6289", "CVE-2016-6290", "CVE-2016-6291", "CVE-2016-6294", "CVE-2016-6296", "CVE-2016-6297", "CVE-2016-7128", "CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418", "CVE-2016-7478", "CVE-2016-8670", "CVE-2017-11143", "CVE-2017-11144", "CVE-2017-7890", "CVE-2017-9224", "CVE-2017-9226", "CVE-2017-9227", "CVE-2017-9228", "CVE-2018-5712", "CVE-2019-11048", "CVE-2019-13224", "CVE-2019-9023", "CVE-2020-7067", "CVE-2020-7070"], "immutableFields": [], "lastseen": "2021-07-28T16:33:52", "viewCount": 26, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2020:1624", "ALSA-2020:3662", "ALSA-2021:4213"]}, {"type": "altlinux", "idList": ["089BFC2B30545BFC728FB86B168E6028", "387D9E014BC875144F89B7845000CF5B", "AB2E3D9E622E9DC0FE09917808DD30E5", "BEAA25257D3555602B426A6109989220"]}, {"type": "amazon", "idList": ["ALAS-2013-224", "ALAS-2015-473", "ALAS-2015-493", "ALAS-2015-494", "ALAS-2015-497", "ALAS-2015-506", "ALAS-2015-507", "ALAS-2015-508", "ALAS-2015-534", "ALAS-2015-535", "ALAS-2015-536", "ALAS-2015-583", "ALAS-2015-584", "ALAS-2015-585", "ALAS-2015-601", "ALAS-2015-602", "ALAS-2016-670", "ALAS-2016-685", "ALAS-2016-698", "ALAS-2016-706", "ALAS-2016-707", "ALAS-2016-728", "ALAS-2016-753", "ALAS-2016-754", "ALAS-2017-787", "ALAS-2017-808", "ALAS-2017-812", "ALAS-2017-867", "ALAS-2017-871", "ALAS-2018-1019", "ALAS-2018-946", "ALAS-2019-1283", "ALAS-2019-1295", "ALAS-2020-1367", "ALAS-2020-1368", "ALAS-2020-1397", "ALAS-2020-1440", "ALAS2-2019-1288", "ALAS2-2021-1577"]}, {"type": "apple", "idList": ["APPLE:004B37C869B56A0F993458CA68A5A5C1", "APPLE:08DDC9EE4E7DEBCD387FA33304B8E244", "APPLE:44E5F760A33D90CB7ED411F0EBBD00F7", "APPLE:57CA287E3904ED3B654944A45A76249B", "APPLE:E8FF9F04ED54DD8E8D5B899FB4A8000E", "APPLE:F15BAD0991243C5F3BD7A363EA796E0C", "APPLE:HT206567", "APPLE:HT206903", "APPLE:HT207170", "APPLE:HT207423", "APPLE:HT207483", "APPLE:HT207615"]}, {"type": "archlinux", "idList": ["ASA-201501-22", "ASA-201501-23", "ASA-201503-25", "ASA-201605-8", "ASA-201609-16", "ASA-201611-19"]}, {"type": "attackerkb", "idList": ["AKB:70FA909E-B9D0-4B61-B54F-9639E5A20E3E", "AKB:C57FBAD5-C362-4842-9100-1A2AFAEA4466"]}, {"type": "centos", "idList": ["CESA-2013:1307", "CESA-2013:1615", "CESA-2014:0311", "CESA-2015:0090", "CESA-2015:0092", "CESA-2015:1135", "CESA-2015:1218", "CESA-2015:1665", "CESA-2015:2155", "CESA-2016:0760", "CESA-2016:2598", "CESA-2018:0406", "CESA-2020:1112", "CESA-2020:5443"]}, {"type": "cert", "idList": ["VU:967332"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2015-0075", "CPAI-2015-0471", "CPAI-2015-0877", "CPAI-2016-0396", "CPAI-2016-0721", "CPAI-2016-0812", "CPAI-2016-0830", "CPAI-2016-0972", "CPAI-2017-0680", "CPAI-2017-1101"]}, {"type": "checkpoint_security", "idList": ["CPS:SK104443"]}, {"type": "cisa", "idList": ["CISA:E8C8F007DF2A448F84459142FD8D46F7"]}, {"type": "cisco", "idList": ["CISCO-SA-20150128-GHOST"]}, {"type": "citrix", "idList": ["CTX200391"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:0207AE2406224805196D7BD19402D596", "CFOUNDRY:29A67C6EFF8B00905B423AF785FD3E4C", "CFOUNDRY:63DB340A742A21A8EFB20A9452A0EDD2", "CFOUNDRY:A337239F424A4FF8B4435FA8FCEBDE22", "CFOUNDRY:A58A28BA2BEDC49368B2C44649B60BD8", "CFOUNDRY:AC122BBB1C923E6A927A15638529B33B", "CFOUNDRY:F9348354890FFF0CE9F831FDF9DEAA45", "CFOUNDRY:FC4FB717C57CFF4AE1D36C279949AE09", "CFOUNDRY:FCF85BFA2C233642C61F93CC876C044C"]}, {"type": "cve", "idList": ["CVE-2006-7243", "CVE-2011-4718", "CVE-2014-9653", "CVE-2014-9767", "CVE-2015-0235", "CVE-2015-2331", "CVE-2015-2348", "CVE-2015-3152", "CVE-2015-3330", "CVE-2015-3411", "CVE-2015-4025", "CVE-2015-4026", "CVE-2015-4598", "CVE-2015-5590", "CVE-2015-6831", "CVE-2015-6833", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6838", "CVE-2015-7804", "CVE-2015-8835", "CVE-2015-8838", "CVE-2015-8867", "CVE-2015-8876", "CVE-2015-8879", "CVE-2016-10159", "CVE-2016-10160", "CVE-2016-10161", "CVE-2016-2554", "CVE-2016-3074", "CVE-2016-4073", "CVE-2016-4343", "CVE-2016-4473", "CVE-2016-4537", "CVE-2016-4540", "CVE-2016-4541", "CVE-2016-4542", "CVE-2016-5093", "CVE-2016-5094", "CVE-2016-5095", "CVE-2016-5096", "CVE-2016-5399", "CVE-2016-5766", "CVE-2016-5770", "CVE-2016-5772", "CVE-2016-6288", "CVE-2016-6289", "CVE-2016-6290", "CVE-2016-6291", "CVE-2016-6294", "CVE-2016-6296", "CVE-2016-6297", "CVE-2016-7128", "CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418", "CVE-2016-7478", "CVE-2016-8670", "CVE-2017-10789", "CVE-2017-11143", "CVE-2017-11144", "CVE-2017-7890", "CVE-2017-9224", "CVE-2017-9226", "CVE-2017-9227", "CVE-2017-9228", "CVE-2018-10547", "CVE-2018-5712", "CVE-2019-11048", "CVE-2019-13224", "CVE-2019-9023", "CVE-2020-7067", "CVE-2020-7070"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1034-1:86C1B", "DEBIAN:DLA-1034-1:C61BE", "DEBIAN:DLA-1055-1:1D63E", "DEBIAN:DLA-1079-1:B7A8C", "DEBIAN:DLA-1251-1:6C9C1", "DEBIAN:DLA-1251-1:9BA70", "DEBIAN:DLA-1373-1:1D9C1", "DEBIAN:DLA-1373-1:5B111", "DEBIAN:DLA-139-1:543FA", "DEBIAN:DLA-139-1:5734D", "DEBIAN:DLA-1397-1:BB93D", "DEBIAN:DLA-1854-1:DE45B", "DEBIAN:DLA-1854-1:F6B60", "DEBIAN:DLA-2011-1:598EE", "DEBIAN:DLA-204-1:A06D6", "DEBIAN:DLA-204-1:BFB60", "DEBIAN:DLA-212-1:91793", "DEBIAN:DLA-2188-1:036D3", "DEBIAN:DLA-2261-1:D5D5B", "DEBIAN:DLA-2397-1:E0671", "DEBIAN:DLA-2431-1:6BC5D", "DEBIAN:DLA-2431-1:BFD58", "DEBIAN:DLA-307-1:2C3AB", "DEBIAN:DLA-341-1:DA682", "DEBIAN:DLA-444-1:A9010", "DEBIAN:DLA-499-1:7BEC5", "DEBIAN:DLA-533-1:70F1F", "DEBIAN:DLA-534-1:EDA05", "DEBIAN:DLA-569-1:3ACEA", "DEBIAN:DLA-628-1:9ADD4", "DEBIAN:DLA-665-1:B8E30", "DEBIAN:DLA-749-1:7CC58", "DEBIAN:DLA-818-1:82294", "DEBIAN:DLA-875-1:24A5F", "DEBIAN:DLA-875-1:2D95B", "DEBIAN:DLA-958-1:E79D6", "DEBIAN:DSA-3142-1:A3964", "DEBIAN:DSA-3196-1:19AFE", "DEBIAN:DSA-3198-1:BFCF6", "DEBIAN:DSA-3198-2:3C21A", "DEBIAN:DSA-3198-2:D34B4", "DEBIAN:DSA-3280-1:3B96E", "DEBIAN:DSA-3311-1:6679E", "DEBIAN:DSA-3311-1:826ED", "DEBIAN:DSA-3344-1:41F70", "DEBIAN:DSA-3344-1:6EFDB", "DEBIAN:DSA-3358-1:3BA72", "DEBIAN:DSA-3358-1:5263D", "DEBIAN:DSA-3380-1:F94D6", "DEBIAN:DSA-3556-1:39D4E", "DEBIAN:DSA-3556-1:CAE3D", "DEBIAN:DSA-3560-1:14A14", "DEBIAN:DSA-3560-1:DDED0", "DEBIAN:DSA-3602-1:4BD74", "DEBIAN:DSA-3602-1:52B21", "DEBIAN:DSA-3618-1:04252", "DEBIAN:DSA-3619-1:222D2", "DEBIAN:DSA-3619-1:AC3EB", "DEBIAN:DSA-3631-1:30BAB", "DEBIAN:DSA-3689-1:75CF1", "DEBIAN:DSA-3689-1:80BAA", "DEBIAN:DSA-3783-1:9BFD9", "DEBIAN:DSA-3783-1:B6336", "DEBIAN:DSA-3938-1:63905", "DEBIAN:DSA-3938-1:A45FF", "DEBIAN:DSA-4080-1:ADEE1", "DEBIAN:DSA-4081-1:FFD0A", "DEBIAN:DSA-4240-1:6F850", "DEBIAN:DSA-4398-1:DF8F2", "DEBIAN:DSA-4717-1:A105D", "DEBIAN:DSA-4717-1:EFEBF", "DEBIAN:DSA-4719-1:7A227", "DEBIAN:DSA-4719-1:EAAF7", "DEBIAN:DSA-4856-1:BF4D3"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-9653", "DEBIANCVE:CVE-2015-0235", "DEBIANCVE:CVE-2015-2331", "DEBIANCVE:CVE-2015-8867", "DEBIANCVE:CVE-2015-8876", "DEBIANCVE:CVE-2015-8879", "DEBIANCVE:CVE-2016-10159", "DEBIANCVE:CVE-2016-10160", "DEBIANCVE:CVE-2016-10161", "DEBIANCVE:CVE-2016-2554", "DEBIANCVE:CVE-2016-3074", "DEBIANCVE:CVE-2016-4073", "DEBIANCVE:CVE-2016-4343", "DEBIANCVE:CVE-2016-4537", "DEBIANCVE:CVE-2016-4540", "DEBIANCVE:CVE-2016-4541", "DEBIANCVE:CVE-2016-4542", "DEBIANCVE:CVE-2016-5093", "DEBIANCVE:CVE-2016-5399", "DEBIANCVE:CVE-2016-5766", "DEBIANCVE:CVE-2016-5770", "DEBIANCVE:CVE-2016-5772", "DEBIANCVE:CVE-2016-6289", "DEBIANCVE:CVE-2016-6290", "DEBIANCVE:CVE-2016-6291", "DEBIANCVE:CVE-2016-6294", "DEBIANCVE:CVE-2016-6296", "DEBIANCVE:CVE-2016-6297", "DEBIANCVE:CVE-2016-7128", "DEBIANCVE:CVE-2016-7412", "DEBIANCVE:CVE-2016-7413", "DEBIANCVE:CVE-2016-7414", "DEBIANCVE:CVE-2016-7416", "DEBIANCVE:CVE-2016-7417", "DEBIANCVE:CVE-2016-7418", "DEBIANCVE:CVE-2016-7478", "DEBIANCVE:CVE-2016-8670", "DEBIANCVE:CVE-2017-10789", "DEBIANCVE:CVE-2017-11143", "DEBIANCVE:CVE-2017-11144", "DEBIANCVE:CVE-2017-7890", "DEBIANCVE:CVE-2017-9224", "DEBIANCVE:CVE-2017-9226", "DEBIANCVE:CVE-2017-9227", "DEBIANCVE:CVE-2017-9228", "DEBIANCVE:CVE-2018-10547", "DEBIANCVE:CVE-2018-5712", "DEBIANCVE:CVE-2019-11048", "DEBIANCVE:CVE-2019-13224", "DEBIANCVE:CVE-2019-9023", "DEBIANCVE:CVE-2020-7067", "DEBIANCVE:CVE-2020-7070"]}, {"type": "exploitdb", "idList": ["EDB-ID:35951", "EDB-ID:36421", "EDB-ID:39736", "EDB-ID:40155"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:1108993BC3B3774C486440F61128433E", "EXPLOITPACK:3677CEA2F5D55BD8516ACA2EC17EB7DE", "EXPLOITPACK:99988BAE0A27143CB886C29FF1A9E24F", "EXPLOITPACK:C053A5D94671C4F1ACDCC4DBDE0663D2"]}, {"type": "f5", "idList": ["F5:K00103182", "F5:K01709026", "F5:K06372014", "F5:K09361513", "F5:K10204425", "F5:K11435435", "F5:K13519", "F5:K15850913", "F5:K16057", "F5:K16845", "F5:K16993", "F5:K17028", "F5:K17049", "F5:K17377", "F5:K17503", "F5:K20289222", "F5:K21336065", "F5:K24734336", "F5:K30216728", "F5:K34551175", "F5:K34958244", "F5:K34985231", "F5:K35799130", "F5:K39712275", "F5:K43267483", "F5:K43292324", "F5:K43449212", "F5:K48414132", "F5:K51390683", "F5:K61164061", "F5:K61561040", "F5:K63914421", "F5:K64412100", "F5:K67644055", "F5:K74954302", "F5:K81081046", "F5:K95375529", "SOL13519", "SOL14930", "SOL16057", "SOL16714", "SOL16845", "SOL16993", "SOL17028", "SOL17049", "SOL17377", "SOL17503", "SOL24734336", "SOL30216728", "SOL34958244", "SOL35799130", "SOL39712275", "SOL43267483", "SOL43449212", "SOL48414132", "SOL51390683", "SOL52430518", "SOL67644055", "SOL74954302", "SOL81081046", "SOL95375529"]}, {"type": "fedora", "idList": ["FEDORA:02C1260F4011", "FEDORA:048C660748C7", "FEDORA:0A47230D7963", "FEDORA:0DCE622647", "FEDORA:120A46141B97", "FEDORA:12ECA6048D46", "FEDORA:13DDA6046AF9", "FEDORA:1851F608780A", "FEDORA:220C522107", "FEDORA:223E96076F71", "FEDORA:235CB60918EC", "FEDORA:2E68F60906AD", "FEDORA:2F0F460F096A", "FEDORA:3079E60D68D9", "FEDORA:3BAB62184E", "FEDORA:3BC436087E40", "FEDORA:4720460BA914", "FEDORA:49506619160F", "FEDORA:4BD9160779B7", "FEDORA:4C10A6062BF1", "FEDORA:4DE9160C2673", "FEDORA:52FE460DF3A9", "FEDORA:574FF21305", "FEDORA:577F0605A34A", "FEDORA:589D6611864A", "FEDORA:609CD6153F40", "FEDORA:625E06061801", "FEDORA:6380460600FA", "FEDORA:6A03F6045A1D", "FEDORA:6B1186204982", "FEDORA:6DCF422CB0", "FEDORA:70291601FBF4", "FEDORA:727A660499CE", "FEDORA:735A760C4528", "FEDORA:73AFA606D3C7", "FEDORA:76D58601CED5", "FEDORA:7A4F1607E212", "FEDORA:7B34D3127D43", "FEDORA:7C49861C3841", "FEDORA:81A1A606D3EC", "FEDORA:82CB26079704", "FEDORA:82E2722436", "FEDORA:89C0D20C62", "FEDORA:8AEC1604CC02", "FEDORA:8C75723A09", "FEDORA:8FC086090BCB", "FEDORA:9048F601D35F", "FEDORA:90BE461976AB", "FEDORA:940106111899", "FEDORA:9542760A94B9", "FEDORA:996726182D50", "FEDORA:9F6BC6079735", "FEDORA:A5EA7608B7C1", "FEDORA:A67E660ABD9C", "FEDORA:A6FB9612EA5D", "FEDORA:AD83860A96CD", "FEDORA:B0F3260776C0", "FEDORA:B936B608A494", "FEDORA:B9F6160C5981", "FEDORA:BB1106070D49", "FEDORA:BF8D031075B1", "FEDORA:C645960BC960", "FEDORA:D3F6E60877BD", "FEDORA:D4D5A605E1F0", "FEDORA:D8735611BEE5", "FEDORA:DFC2660C9809", "FEDORA:E0B4F6075B3D", "FEDORA:E5F076197BE3", "FEDORA:E6D8C600FD68", "FEDORA:E804C60D0D7B", "FEDORA:E9B186051DF8", "FEDORA:F0C5861361B0", "FEDORA:F246160CFDB3"]}, {"type": "fortinet", "idList": ["FG-IR-15-001", "FG-IR-17-051"]}, {"type": "freebsd", "idList": ["0765DE84-A6C1-11E4-A0C1-C485083CA99C", "1B61ECEF-CDB9-11E6-A9A5-B499BAEBFEAF", "264749AE-D565-11E4-B545-00269EE29E57", "31DE2E13-00D2-11E5-A072-D050996490D0", "36BD352D-299B-11E5-86FF-14DAE9D210B8", "3761DF02-0F9C-11E0-BECC-0022156E8794", "3D675519-5654-11E5-9AD8-14DAE9D210B8", "5033E2FC-98EC-4EF5-8E0B-87CFBBC73081", "556D2286-5A51-11E6-A6C3-14DAE9D210B8", "5764C634-10D2-11E6-94FA-002590263BF5", "66D77C58-3B1D-11E6-8E82-002590263BF5", "6B110175-246D-11E6-8DD3-002590263BF5", "742563D4-D776-11E4-B595-4061861086C1", "787EF75E-44DA-11E5-93AD-002590263BF5", "85EB4E46-CF16-11E5-840F-485D605F4717", "8B1F53F3-2DA5-11E5-86FF-14DAE9D210B8", "8D5180A6-86FE-11E6-8D93-00248C0C745D", "A8D87C7A-D1B1-11E9-A616-0992A4564E7C", "B396CF6C-62E6-11E7-9DEF-B499BAEBFEAF", "B6402385-533B-11E6-A7BD-14DAE9D210B8", "C1DA8B75-6AEF-11E5-9909-002590263BF5", "F471032A-8700-11E6-8D93-00248C0C745D", "F7A9E415-BDCA-11E4-970C-000C292EE6B8"]}, {"type": "gentoo", "idList": ["GLSA-201110-06", "GLSA-201408-11", "GLSA-201503-04", "GLSA-201606-10", "GLSA-201607-04", "GLSA-201611-22", "GLSA-201612-09", "GLSA-201701-42", "GLSA-201702-29", "GLSA-201911-03", "GLSA-202012-16"]}, {"type": "hackerone", "idList": ["H1:104008", "H1:104010", "H1:104018", "H1:104019", "H1:170618", "H1:176279", "H1:200909", "H1:237915", "H1:248609", "H1:476168", "H1:73239", "H1:852103", "H1:905015"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20150226-01-GLIBC"]}, {"type": "ibm", "idList": ["0327D6322E348CE4D393B14A7F3A3B993755DF0E1581BE7EA7B2EB1703C132DF", "045B04E2252E3B851D69AA785CAC9B0BD8A6AF9E04C95FB3C9A6AE0C081B07DB", "0E3202F59A84E8C4C8A4554F29ADAF73DCE3E2C9294C34C05595AC9113B67930", "0F73246124CA58D05064BB5D07082DCA6F2A1D48630CAAC82BCFFB4A71F45CA7", "12CC2B1AEAB57337E1D36E3D35D006E93F9D019551301EEB68A17B62851521CB", "1552258BC602B501CB144C17FE55DEC12CEDE82B9F4351E9E4F47BE8C7003BA9", "186826DEC64CEF861CABB6400E9E91E4A3DA403061721894238F233211663F6F", "19014976708B59CA6D0D38BD53FC83A65A328CD06A0D3047C00AD7FB2745CD32", "1AB6C87822449F337525790F64ED73FED1F21D5955D5FB57AD3579D521F600BC", "1AB8B61EDA96D3821303E933111CCBA6123FD66B9721A095FE903F63F222DC8E", "233226C0332001C81596C237819F64BB35F4B49297346F216B4DC90C72D26485", "257FE3C03DF1EAAF4C91B06A98D64FF55D1CBD8F44963992BA87CE378431E9ED", "30F31D61B76815116E40D478A4FF3D7F4375DE5C3DE9AF0D9789BB84723A1B12", "32C0B45F2AFA71912527A18C78F5B93269447196AB3C832BD613A1B324A34736", "36B9CD754BF5737859258DE7F015141B02EB524BD42CC63C8DE1B32E6F257F1F", "381122FF63B38AF46326C203C1E6778C4D5F97FBDCF52D08BB9A26F2CFE95A13", "494FCFB7068CB9C9CEB3FE685DE60B86133F530BABAFDA1274F0A594D23B03AC", "4ADB4E5C9333BE81F0AE13CD11FC54A35D37B3E631931FE894238620EDC74EB0", "4EF9332DC41BD9A19557ED28E080D548C37B2564308E9B4AFC6661AE1FF86428", "5F468E7095FD7CDC6ACB31C903D40522F03AE2C875C15B90AB7E04C796279517", "7925A4A82073B74561DC5D50CF078A50AF6B99A79615D52B72210290EF21A39B", "7BC87E86D9F0AB0EB6DEF6E32047CF454BC0B58A28C74FA170DC08ED155C9888", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "8C189A4A1E730005F1F6728800F9EEB4D76D43743AEC3B91CE47044F6F13EBE4", "95197CBE86632E54219C0C8A24673D63826A01DE30AD9A4149DAC0247F5B9DBC", "9E6E674EAE28A4A9F5665135860C351D3A9A62A68CB5FA20D33C19E5EB8F053B", "A0EA016F41D5759AF2A1F81E351FC3DA0740A826D3D11695A17D1C4719F64489", "A9C254F86614D2334E5A1624EEBD7497A5FA74BEC3159FA2530927B6C4A89585", "B74D1A0567B23005AF8B3711E4BBE0896821ACEB934FE76D446E77B7692E8D82", "BEA663E577CD827F2C7D9FD6A2E59A21D9CFC5D0A3B8F2D59E92BD24A5D6CCD7", "CA3DB267748FEDA044673A3E7FFA6B9A5493629747388C6C0E74CA01703CD7CD", "CB24DC19BF83B822003CABDD77CA54AAE9629C8F8261C7B16048FFD862AA120B", "E1E23385784EE6A273817DDEF72E5E6A1F520AEA9AC6AD22B2628C3BF9B94E85", "E8CC192D6E15BEBE986983A316004294627ED7683B92C8AA39E3B1075CDDF8ED", "EB6743C0F0EED51CD05AFB7F7930AA74C8199711B80DCA1727BE820C2B90040E", "ECF06138F829B325BA5C57FAF5FB916F90E229CE209E8C4E69FC4ABB87903647", "F517D4971D3B7090FE87DD49D6C7AD2F2DC35A7C2F0FB205EA7ADD9BC7BF68A7"]}, {"type": "ics", "idList": ["ICSA-15-064-01A"]}, {"type": "kaspersky", "idList": ["KLA10514", "KLA10515", "KLA10746", "KLA10747", "KLA10927", "KLA10943"]}, {"type": "lenovo", "idList": ["LENOVO:PS500043-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2015-0134", "MGASA-2015-0169", "MGASA-2015-0231", "MGASA-2015-0258", "MGASA-2015-0276", "MGASA-2015-0279", "MGASA-2015-0365", "MGASA-2016-0152", "MGASA-2016-0213", "MGASA-2016-0238", "MGASA-2016-0242", "MGASA-2016-0267", "MGASA-2016-0319", "MGASA-2016-0421", "MGASA-2017-0040", "MGASA-2017-0246", "MGASA-2019-0253", "MGASA-2020-0029", "MGASA-2020-0178", "MGASA-2020-0236", "MGASA-2020-0387"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY-SCANNER-HTTP-WORDPRESS_GHOST_SCANNER-", "MSF:EXPLOIT-LINUX-SMTP-EXIM_GETHOSTBYNAME_BOF-"]}, {"type": "nessus", "idList": ["5732.PRM", "5826.PRM", "6997.PRM", "800796.PRM", "801074.PRM", "802010.PRM", "802016.PRM", "802031.PRM", "8677.PRM", "8681.PRM", "8784.PRM", "8785.PRM", "8786.PRM", "8787.PRM", "8801.PRM", "8861.PRM", "8953.PRM", "8954.PRM", "8955.PRM", "8956.PRM", "8959.PRM", "8960.PRM", "8981.PRM", "8982.PRM", "9282.PRM", "9302.PRM", "9303.PRM", "9324.PRM", "9325.PRM", "9392.PRM", "9393.PRM", "9460.PRM", "9551.PRM", "9580.PRM", "9620.PRM", "9809.PRM", "9843.PRM", "9937.PRM", "9938.PRM", "AL2_ALAS-2019-1288.NASL", "AL2_ALAS-2021-1577.NASL", "ALA_ALAS-2013-224.NASL", "ALA_ALAS-2015-473.NASL", "ALA_ALAS-2015-493.NASL", "ALA_ALAS-2015-494.NASL", "ALA_ALAS-2015-497.NASL", "ALA_ALAS-2015-506.NASL", "ALA_ALAS-2015-507.NASL", "ALA_ALAS-2015-508.NASL", "ALA_ALAS-2015-534.NASL", "ALA_ALAS-2015-535.NASL", "ALA_ALAS-2015-536.NASL", "ALA_ALAS-2015-583.NASL", "ALA_ALAS-2015-584.NASL", "ALA_ALAS-2015-585.NASL", "ALA_ALAS-2015-601.NASL", "ALA_ALAS-2015-602.NASL", "ALA_ALAS-2016-670.NASL", "ALA_ALAS-2016-685.NASL", "ALA_ALAS-2016-698.NASL", "ALA_ALAS-2016-706.NASL", "ALA_ALAS-2016-707.NASL", "ALA_ALAS-2016-728.NASL", "ALA_ALAS-2016-753.NASL", "ALA_ALAS-2016-754.NASL", "ALA_ALAS-2017-787.NASL", "ALA_ALAS-2017-808.NASL", "ALA_ALAS-2017-812.NASL", "ALA_ALAS-2017-867.NASL", "ALA_ALAS-2017-871.NASL", "ALA_ALAS-2018-1019.NASL", "ALA_ALAS-2018-946.NASL", "ALA_ALAS-2019-1283.NASL", "ALA_ALAS-2019-1295.NASL", "ALA_ALAS-2020-1367.NASL", "ALA_ALAS-2020-1368.NASL", "ALA_ALAS-2020-1397.NASL", "ALA_ALAS-2020-1440.NASL", "CENTOS8_RHSA-2020-1624.NASL", "CENTOS8_RHSA-2020-3662.NASL", "CENTOS8_RHSA-2021-4213.NASL", "CENTOS_RHSA-2013-1307.NASL", "CENTOS_RHSA-2013-1615.NASL", "CENTOS_RHSA-2014-0311.NASL", "CENTOS_RHSA-2015-0090.NASL", "CENTOS_RHSA-2015-0092.NASL", "CENTOS_RHSA-2015-1135.NASL", "CENTOS_RHSA-2015-1218.NASL", "CENTOS_RHSA-2015-1665.NASL", "CENTOS_RHSA-2015-2155.NASL", "CENTOS_RHSA-2016-0760.NASL", "CENTOS_RHSA-2016-2598.NASL", "CENTOS_RHSA-2018-0406.NASL", "CENTOS_RHSA-2020-1112.NASL", "CENTOS_RHSA-2020-5443.NASL", "CHECK_POINT_GAIA_SK104443.NASL", "CISCO-SA-20150128-ACE.NASL", "CISCO-SA-20150128-GHOST-IOSXE_MULTI.NASL", "CISCO-SA-20150128-GHOST-IOSXE_NOVA.NASL", "CISCO-SA-20150128-GHOST-IOSXR_NCS6K.NASL", "CISCO-SA-20150128-GHOST-NXOS.NASL", "CISCO_CUCM_CSCUS66650-GHOST.NASL", "CISCO_CUPS_CSCUS69785.NASL", "CISCO_TELEPRESENCE_CONDUCTOR_CSCUS69523.NASL", "CISCO_TELEPRESENCE_VCS_CSCUS69558.NASL", "DEBIAN_DLA-1034.NASL", "DEBIAN_DLA-1055.NASL", "DEBIAN_DLA-1079.NASL", "DEBIAN_DLA-1251.NASL", "DEBIAN_DLA-1373.NASL", "DEBIAN_DLA-139.NASL", "DEBIAN_DLA-1397.NASL", "DEBIAN_DLA-1854.NASL", "DEBIAN_DLA-2011.NASL", "DEBIAN_DLA-204.NASL", "DEBIAN_DLA-212.NASL", "DEBIAN_DLA-2188.NASL", "DEBIAN_DLA-2261.NASL", "DEBIAN_DLA-2397.NASL", "DEBIAN_DLA-307.NASL", "DEBIAN_DLA-341.NASL", "DEBIAN_DLA-444.NASL", "DEBIAN_DLA-499.NASL", "DEBIAN_DLA-533.NASL", "DEBIAN_DLA-534.NASL", "DEBIAN_DLA-569.NASL", "DEBIAN_DLA-628.NASL", "DEBIAN_DLA-665.NASL", "DEBIAN_DLA-749.NASL", "DEBIAN_DLA-818.NASL", "DEBIAN_DLA-875.NASL", "DEBIAN_DLA-958.NASL", "DEBIAN_DSA-3142.NASL", "DEBIAN_DSA-3196.NASL", "DEBIAN_DSA-3198.NASL", "DEBIAN_DSA-3280.NASL", "DEBIAN_DSA-3311.NASL", "DEBIAN_DSA-3344.NASL", "DEBIAN_DSA-3358.NASL", "DEBIAN_DSA-3380.NASL", "DEBIAN_DSA-3556.NASL", "DEBIAN_DSA-3560.NASL", "DEBIAN_DSA-3602.NASL", "DEBIAN_DSA-3618.NASL", "DEBIAN_DSA-3619.NASL", "DEBIAN_DSA-3631.NASL", "DEBIAN_DSA-3689.NASL", "DEBIAN_DSA-3693.NASL", "DEBIAN_DSA-3783.NASL", "DEBIAN_DSA-3938.NASL", "DEBIAN_DSA-4080.NASL", "DEBIAN_DSA-4081.NASL", "DEBIAN_DSA-4240.NASL", "DEBIAN_DSA-4398.NASL", "DEBIAN_DSA-4717.NASL", "DEBIAN_DSA-4719.NASL", "DEBIAN_DSA-4856.NASL", "EULEROS_SA-2016-1063.NASL", "EULEROS_SA-2017-1045.NASL", "EULEROS_SA-2017-1067.NASL", "EULEROS_SA-2017-1068.NASL", "EULEROS_SA-2017-1128.NASL", "EULEROS_SA-2018-1096.NASL", "EULEROS_SA-2018-1097.NASL", "EULEROS_SA-2018-1249.NASL", "EULEROS_SA-2019-1100.NASL", "EULEROS_SA-2019-1120.NASL", "EULEROS_SA-2019-1146.NASL", "EULEROS_SA-2019-1264.NASL", "EULEROS_SA-2019-1386.NASL", "EULEROS_SA-2019-1402.NASL", "EULEROS_SA-2019-1424.NASL", "EULEROS_SA-2019-1543.NASL", "EULEROS_SA-2019-1544.NASL", "EULEROS_SA-2019-1545.NASL", "EULEROS_SA-2019-1551.NASL", "EULEROS_SA-2019-1554.NASL", "EULEROS_SA-2019-1795.NASL", "EULEROS_SA-2019-1865.NASL", "EULEROS_SA-2019-1928.NASL", "EULEROS_SA-2019-1984.NASL", "EULEROS_SA-2019-1990.NASL", "EULEROS_SA-2019-2043.NASL", "EULEROS_SA-2019-2086.NASL", "EULEROS_SA-2019-2221.NASL", "EULEROS_SA-2019-2340.NASL", "EULEROS_SA-2019-2403.NASL", "EULEROS_SA-2019-2438.NASL", "EULEROS_SA-2019-2521.NASL", "EULEROS_SA-2019-2546.NASL", "EULEROS_SA-2019-2583.NASL", "EULEROS_SA-2019-2649.NASL", "EULEROS_SA-2020-1124.NASL", "EULEROS_SA-2020-1195.NASL", "EULEROS_SA-2020-1443.NASL", "EULEROS_SA-2020-1542.NASL", "EULEROS_SA-2020-1632.NASL", "EULEROS_SA-2020-1747.NASL", "EULEROS_SA-2020-1791.NASL", "EULEROS_SA-2020-1821.NASL", "EULEROS_SA-2020-1895.NASL", "EULEROS_SA-2020-1969.NASL", "EULEROS_SA-2020-2044.NASL", "EULEROS_SA-2020-2067.NASL", "EULEROS_SA-2020-2316.NASL", "EULEROS_SA-2020-2384.NASL", "EULEROS_SA-2021-1189.NASL", "EULEROS_SA-2021-1223.NASL", "EULEROS_SA-2021-1343.NASL", "EULEROS_SA-2021-1431.NASL", "EULEROS_SA-2021-1447.NASL", "EULEROS_SA-2021-1473.NASL", "EULEROS_SA-2021-1566.NASL", "EULEROS_SA-2021-1633.NASL", "EULEROS_SA-2021-1668.NASL", "EULEROS_SA-2021-1828.NASL", "EULEROS_SA-2021-1830.NASL", "EULEROS_SA-2021-2071.NASL", "EULEROS_SA-2021-2072.NASL", "F5_BIGIP_SOL13519.NASL", "F5_BIGIP_SOL16057.NASL", "F5_BIGIP_SOL16845.NASL", "F5_BIGIP_SOL16993.NASL", "F5_BIGIP_SOL17028.NASL", "F5_BIGIP_SOL17049.NASL", "F5_BIGIP_SOL17377.NASL", "F5_BIGIP_SOL43267483.NASL", "F5_BIGIP_SOL43449212.NASL", "F5_BIGIP_SOL51390683.NASL", "F5_BIGIP_SOL64412100.NASL", "FEDORA_2010-18976.NASL", "FEDORA_2010-19011.NASL", "FEDORA_2013-14998.NASL", "FEDORA_2015-10831.NASL", "FEDORA_2015-10849.NASL", "FEDORA_2015-11581.NASL", "FEDORA_2015-14976.NASL", "FEDORA_2015-14977.NASL", "FEDORA_2015-14978.NASL", "FEDORA_2015-2020.NASL", "FEDORA_2015-2315.NASL", "FEDORA_2015-2328.NASL", "FEDORA_2015-4216.NASL", "FEDORA_2015-4236.NASL", "FEDORA_2015-4255.NASL", "FEDORA_2015-4553.NASL", "FEDORA_2015-4556.NASL", "FEDORA_2015-4559.NASL", "FEDORA_2015-4565.NASL", "FEDORA_2015-4669.NASL", "FEDORA_2015-4699.NASL", "FEDORA_2015-8281.NASL", "FEDORA_2015-8370.NASL", "FEDORA_2015-8383.NASL", "FEDORA_2016-0C57B12C7B.NASL", "FEDORA_2016-34A6B65583.NASL", "FEDORA_2016-5F91F43826.NASL", "FEDORA_2016-615F3BF06E.NASL", "FEDORA_2016-62FC05FD68.NASL", "FEDORA_2016-65F1FFDC0C.NASL", "FEDORA_2016-6B1938566F.NASL", "FEDORA_2016-722C0AFC64.NASL", "FEDORA_2016-7D6CBCADCA.NASL", "FEDORA_2016-99FBDC5C34.NASL", "FEDORA_2016-A4D48D6FD6.NASL", "FEDORA_2016-B967AC1A74.NASL", "FEDORA_2016-D126BB1B74.NASL", "FEDORA_2016-DB71B72137.NASL", "FEDORA_2016-E205218629.NASL", "FEDORA_2016-E45A7E7B13.NASL", "FEDORA_2016-EC372BDDB9.NASL", "FEDORA_2016-F4E73663F4.NASL", "FEDORA_2017-5ADE380AB2.NASL", "FEDORA_2017-60997F0D14.NASL", "FEDORA_2017-7CC0E6A5F5.NASL", "FEDORA_2017-A69B0BB52D.NASL", "FEDORA_2017-AC3DD4ECF8.NASL", "FEDORA_2017-B674DC22AD.NASL", "FEDORA_2017-B8BB4B86E2.NASL", "FEDORA_2017-E2D6D0067F.NASL", "FEDORA_2017-E314044789.NASL", "FEDORA_2017-EE01A2CED6.NASL", "FEDORA_2018-04F6056C42.NASL", "FEDORA_2018-6071A600E8.NASL", "FEDORA_2018-EE6707D519.NASL", "FEDORA_2019-3F3D0953DB.NASL", "FEDORA_2019-5409BB5E68.NASL", "FEDORA_2020-4573F0E03A.NASL", "FEDORA_2020-4FE6B116E5.NASL", "FEDORA_2020-8838D072D5.NASL", "FEDORA_2020-94763CB98B.NASL", "FEDORA_2020-9FA7F4E25C.NASL", "FREEBSD_PKG_0765DE84A6C111E4A0C1C485083CA99C.NASL", "FREEBSD_PKG_1B61ECEFCDB911E6A9A5B499BAEBFEAF.NASL", "FREEBSD_PKG_264749AED56511E4B54500269EE29E57.NASL", "FREEBSD_PKG_31DE2E1300D211E5A072D050996490D0.NASL", "FREEBSD_PKG_36BD352D299B11E586FF14DAE9D210B8.NASL", "FREEBSD_PKG_3761DF020F9C11E0BECC0022156E8794.NASL", "FREEBSD_PKG_3D675519565411E59AD814DAE9D210B8.NASL", "FREEBSD_PKG_5033E2FC98EC4EF58E0B87CFBBC73081.NASL", "FREEBSD_PKG_556D22865A5111E6A6C314DAE9D210B8.NASL", "FREEBSD_PKG_5764C63410D211E694FA002590263BF5.NASL", "FREEBSD_PKG_66D77C583B1D11E68E82002590263BF5.NASL", "FREEBSD_PKG_6B110175246D11E68DD3002590263BF5.NASL", "FREEBSD_PKG_742563D4D77611E4B5954061861086C1.NASL", "FREEBSD_PKG_787EF75E44DA11E593AD002590263BF5.NASL", "FREEBSD_PKG_85EB4E46CF1611E5840F485D605F4717.NASL", "FREEBSD_PKG_8B1F53F32DA511E586FF14DAE9D210B8.NASL", "FREEBSD_PKG_8D5180A686FE11E68D9300248C0C745D.NASL", "FREEBSD_PKG_A8D87C7AD1B111E9A6160992A4564E7C.NASL", "FREEBSD_PKG_B2A6FC0E070F11E0A6E900215C6A37BB.NASL", "FREEBSD_PKG_B396CF6C62E611E79DEFB499BAEBFEAF.NASL", "FREEBSD_PKG_B6402385533B11E6A7BD14DAE9D210B8.NASL", "FREEBSD_PKG_C1DA8B756AEF11E59909002590263BF5.NASL", "FREEBSD_PKG_F471032A870011E68D9300248C0C745D.NASL", "FREEBSD_PKG_F7A9E415BDCA11E4970C000C292EE6B8.NASL", "GENTOO_GLSA-201110-06.NASL", "GENTOO_GLSA-201408-11.NASL", "GENTOO_GLSA-201503-04.NASL", "GENTOO_GLSA-201606-10.NASL", "GENTOO_GLSA-201607-04.NASL", "GENTOO_GLSA-201611-22.NASL", "GENTOO_GLSA-201612-09.NASL", "GENTOO_GLSA-201701-42.NASL", "GENTOO_GLSA-201702-29.NASL", "GENTOO_GLSA-201911-03.NASL", "GENTOO_GLSA-202012-16.NASL", "HPSMH_7_5.NASL", "HPSMH_7_6.NASL", "JUNIPER_JSA10798.NASL", "MACOSX_10_10_4.NASL", "MACOSX_10_10_5.NASL", "MACOSX_10_11.NASL", "MACOSX_10_11_1.NASL", "MACOSX_10_11_2.NASL", "MACOSX_10_11_5.NASL", "MACOSX_10_11_6.NASL", "MACOSX_10_6_7.NASL", "MACOSX_SECUPD2015-005.NASL", "MACOSX_SECUPD2015-006.NASL", "MACOSX_SECUPD2015-007.NASL", "MACOSX_SECUPD2015-008.NASL", "MACOSX_SECUPD2016-004.NASL", "MACOS_10_12.NASL", "MACOS_10_12_2.NASL", "MACOS_10_12_3.NASL", "MACOS_10_12_4.NASL", "MANDRIVA_MDVSA-2010-254.NASL", "MANDRIVA_MDVSA-2015-039.NASL", "MANDRIVA_MDVSA-2015-079.NASL", "MANDRIVA_MDVSA-2015-080.NASL", "MANDRIVA_MDVSA-2015-209.NASL", "MARIADB_10_0_20.NASL", "MYSQL_5_7_3.NASL", "NEWSTART_CGSL_NS-SA-2019-0019_PHP.NASL", "NEWSTART_CGSL_NS-SA-2020-0059_PHP.NASL", "NEWSTART_CGSL_NS-SA-2020-0090_PHP.NASL", "NEWSTART_CGSL_NS-SA-2021-0034_GD.NASL", "NEWSTART_CGSL_NS-SA-2021-0182_GD.NASL", "OPENSUSE-2015-265.NASL", "OPENSUSE-2015-282.NASL", "OPENSUSE-2015-295.NASL", "OPENSUSE-2015-352.NASL", "OPENSUSE-2015-396.NASL", "OPENSUSE-2015-471.NASL", "OPENSUSE-2015-479.NASL", "OPENSUSE-2015-536.NASL", "OPENSUSE-2015-609.NASL", "OPENSUSE-2015-84.NASL", "OPENSUSE-2015-889.NASL", "OPENSUSE-2016-100.NASL", "OPENSUSE-2016-1095.NASL", "OPENSUSE-2016-1150.NASL", "OPENSUSE-2016-1156.NASL", "OPENSUSE-2016-1193.NASL", "OPENSUSE-2016-1221.NASL", "OPENSUSE-2016-1281.NASL", "OPENSUSE-2016-1308.NASL", "OPENSUSE-2016-1321.NASL", "OPENSUSE-2016-323.NASL", "OPENSUSE-2016-516.NASL", "OPENSUSE-2016-517.NASL", "OPENSUSE-2016-576.NASL", "OPENSUSE-2016-613.NASL", "OPENSUSE-2016-626.NASL", "OPENSUSE-2016-696.NASL", "OPENSUSE-2016-703.NASL", "OPENSUSE-2016-776.NASL", "OPENSUSE-2016-844.NASL", "OPENSUSE-2016-921.NASL", "OPENSUSE-2016-985.NASL", "OPENSUSE-2017-1010.NASL", "OPENSUSE-2017-1298.NASL", "OPENSUSE-2017-1353.NASL", "OPENSUSE-2017-1371.NASL", "OPENSUSE-2017-304.NASL", "OPENSUSE-2017-764.NASL", "OPENSUSE-2017-790.NASL", "OPENSUSE-2017-994.NASL", "OPENSUSE-2018-119.NASL", "OPENSUSE-2018-539.NASL", "OPENSUSE-2018-99.NASL", "OPENSUSE-2019-1256.NASL", "OPENSUSE-2019-1293.NASL", "OPENSUSE-2019-1572.NASL", "OPENSUSE-2019-1573.NASL", "OPENSUSE-2020-1703.NASL", "OPENSUSE-2020-1767.NASL", "OPENSUSE-2020-847.NASL", "OPENSUSE-2021-1130.NASL", "OPENSUSE-2021-2575.NASL", "OPENSUSE-2021-2637.NASL", "OPENSUSE-2021-2795.NASL", "ORACLELINUX_ELSA-2013-1307.NASL", "ORACLELINUX_ELSA-2013-1615.NASL", "ORACLELINUX_ELSA-2014-0311.NASL", "ORACLELINUX_ELSA-2015-0090.NASL", "ORACLELINUX_ELSA-2015-0092.NASL", "ORACLELINUX_ELSA-2015-0101.NASL", "ORACLELINUX_ELSA-2015-1135.NASL", "ORACLELINUX_ELSA-2015-1218.NASL", "ORACLELINUX_ELSA-2015-1665.NASL", "ORACLELINUX_ELSA-2015-2155.NASL", "ORACLELINUX_ELSA-2016-0760.NASL", "ORACLELINUX_ELSA-2016-2598.NASL", "ORACLELINUX_ELSA-2018-0406.NASL", "ORACLELINUX_ELSA-2020-3662.NASL", "ORACLELINUX_ELSA-2020-5443.NASL", "ORACLELINUX_ELSA-2020-5861.NASL", "ORACLELINUX_ELSA-2021-4213.NASL", "ORACLEVM_OVMSA-2015-0022.NASL", "ORACLEVM_OVMSA-2015-0023.NASL", "ORACLEVM_OVMSA-2015-0024.NASL", "ORACLEVM_OVMSA-2016-0013.NASL", "ORACLEVM_OVMSA-2016-0050.NASL", "PALO_ALTO_PAN-SA-2015-0002.NASL", "PFSENSE_SA-15_06.NASL", "PFSENSE_SA-15_07.NASL", "PFSENSE_SA-15_08.NASL", "PFSENSE_SA-16_08.NASL", "PHOTONOS_PHSA-2017-0021.NASL", "PHOTONOS_PHSA-2017-0021_RUBY.NASL", "PHOTONOS_PHSA-2017-0029.NASL", "PHOTONOS_PHSA-2017-0029_RUBY.NASL", "PHOTONOS_PHSA-2019-3_0-0024_ONIGURUMA.NASL", "PHP_5_3_4.NASL", "PHP_5_4_38.NASL", "PHP_5_4_39.NASL", "PHP_5_4_40.NASL", "PHP_5_4_41.NASL", "PHP_5_4_42.NASL", "PHP_5_4_43.NASL", "PHP_5_4_44.NASL", "PHP_5_4_45.NASL", "PHP_5_5_2.NASL", "PHP_5_5_22.NASL", "PHP_5_5_23.NASL", "PHP_5_5_24.NASL", "PHP_5_5_25.NASL", "PHP_5_5_26.NASL", "PHP_5_5_27.NASL", "PHP_5_5_28.NASL", "PHP_5_5_29.NASL", "PHP_5_5_30.NASL", "PHP_5_5_32.NASL", "PHP_5_5_34.NASL", "PHP_5_5_35.NASL", "PHP_5_5_36.NASL", "PHP_5_5_37.NASL", "PHP_5_5_38.NASL", "PHP_5_6_10.NASL", "PHP_5_6_11.NASL", "PHP_5_6_12.NASL", "PHP_5_6_13.NASL", "PHP_5_6_14.NASL", "PHP_5_6_18.NASL", "PHP_5_6_20.NASL", "PHP_5_6_21.NASL", "PHP_5_6_22.NASL", "PHP_5_6_23.NASL", "PHP_5_6_24.NASL", "PHP_5_6_25.NASL", "PHP_5_6_26.NASL", "PHP_5_6_28.NASL", "PHP_5_6_30.NASL", "PHP_5_6_31.NASL", "PHP_5_6_33.NASL", "PHP_5_6_40.NASL", "PHP_5_6_6.NASL", "PHP_5_6_7.NASL", "PHP_5_6_8.NASL", "PHP_5_6_9.NASL", "PHP_7_0_0.NASL", "PHP_7_0_10.NASL", "PHP_7_0_11.NASL", "PHP_7_0_13.NASL", "PHP_7_0_15.NASL", "PHP_7_0_21.NASL", "PHP_7_0_22.NASL", "PHP_7_0_27.NASL", "PHP_7_0_3.NASL", "PHP_7_0_5.NASL", "PHP_7_0_6.NASL", "PHP_7_0_7.NASL", "PHP_7_0_8.NASL", "PHP_7_0_9.NASL", "PHP_7_1_1.NASL", "PHP_7_1_13.NASL", "PHP_7_1_26.NASL", "PHP_7_1_7.NASL", "PHP_7_1_8.NASL", "PHP_7_2_1.NASL", "PHP_7_2_14.NASL", "PHP_7_2_30.NASL", "PHP_7_3_1.NASL", "PHP_7_3_17.NASL", "PHP_7_3_9.NASL", "PHP_7_4_11.NASL", "PHP_7_4_5.NASL", "PHP_7_4_6.NASL", "REDHAT-RHSA-2013-1307.NASL", "REDHAT-RHSA-2013-1615.NASL", "REDHAT-RHSA-2014-0311.NASL", "REDHAT-RHSA-2015-0090.NASL", "REDHAT-RHSA-2015-0092.NASL", "REDHAT-RHSA-2015-0099.NASL", "REDHAT-RHSA-2015-0101.NASL", "REDHAT-RHSA-2015-0126.NASL", "REDHAT-RHSA-2015-1135.NASL", "REDHAT-RHSA-2015-1218.NASL", "REDHAT-RHSA-2015-1665.NASL", "REDHAT-RHSA-2015-2155.NASL", "REDHAT-RHSA-2016-0760.NASL", "REDHAT-RHSA-2016-2598.NASL", "REDHAT-RHSA-2018-0406.NASL", "REDHAT-RHSA-2020-1112.NASL", "REDHAT-RHSA-2020-1624.NASL", "REDHAT-RHSA-2020-3662.NASL", "REDHAT-RHSA-2020-5443.NASL", "REDHAT-RHSA-2021-2992.NASL", "REDHAT-RHSA-2021-4213.NASL", "SECURITYCENTER_5_19_0_TNS_2021_08.NASL", "SECURITYCENTER_5_19_0_TNS_2021_14.NASL", "SECURITYCENTER_5_4_1.NASL", "SECURITYCENTER_5_4_3_TNS_2017_04.NASL", "SECURITYCENTER_PHP_5_4_41.NASL", "SECURITYCENTER_PHP_5_6_21.NASL", "SECURITYCENTER_PHP_5_6_25.NASL", "SECURITYCENTER_PHP_5_6_26.NASL", "SECURITYCENTER_PHP_5_6_30.NASL", "SECURITYCENTER_PHP_5_6_31.NASL", "SLACKWARE_SSA_2015-028-01.NASL", "SLACKWARE_SSA_2015-111-10.NASL", "SLACKWARE_SSA_2015-162-02.NASL", "SLACKWARE_SSA_2015-198-02.NASL", "SLACKWARE_SSA_2015-274-02.NASL", "SLACKWARE_SSA_2016-034-04.NASL", "SLACKWARE_SSA_2016-120-02.NASL", "SLACKWARE_SSA_2016-148-03.NASL", "SLACKWARE_SSA_2016-176-01.NASL", "SLACKWARE_SSA_2016-252-01.NASL", "SLACKWARE_SSA_2016-267-01.NASL", "SLACKWARE_SSA_2017-041-03.NASL", "SLACKWARE_SSA_2017-188-01.NASL", "SLACKWARE_SSA_2018-034-01.NASL", "SLACKWARE_SSA_2018-108-01.NASL", "SL_20130930_PHP53_ON_SL5_X.NASL", "SL_20131121_PHP_ON_SL6_X.NASL", "SL_20140318_PHP_ON_SL5_X.NASL", "SL_20150127_GLIBC_ON_SL5_X.NASL", "SL_20150127_GLIBC_ON_SL6_X.NASL", "SL_20150623_PHP_ON_SL7_X.NASL", "SL_20150709_PHP_ON_SL6_X.NASL", "SL_20150824_MARIADB_ON_SL7_X.NASL", "SL_20151119_FILE_ON_SL7_X.NASL", "SL_20160510_FILE_ON_SL6_X.NASL", "SL_20161103_PHP_ON_SL7_X.NASL", "SL_20180306_PHP_ON_SL7_X.NASL", "SL_20200407_PHP_ON_SL7_X.NASL", "SL_20201215_GD_ON_SL7_X.NASL", "SOLARIS11_PHP_20140401.NASL", "SUSE_11_GLIBC-150122.NASL", "SUSE_GLIBC-9035.NASL", "SUSE_SU-2015-0668-1.NASL", "SUSE_SU-2015-0868-1.NASL", "SUSE_SU-2015-1018-1.NASL", "SUSE_SU-2015-1253-1.NASL", "SUSE_SU-2015-1265-1.NASL", "SUSE_SU-2015-1273-1.NASL", "SUSE_SU-2015-1425-1.NASL", "SUSE_SU-2015-1466-1.NASL", "SUSE_SU-2015-1633-1.NASL", "SUSE_SU-2015-1701-1.NASL", "SUSE_SU-2015-1788-1.NASL", "SUSE_SU-2015-1818-1.NASL", "SUSE_SU-2016-1145-1.NASL", "SUSE_SU-2016-1166-1.NASL", "SUSE_SU-2016-1277-1.NASL", "SUSE_SU-2016-1310-1.NASL", "SUSE_SU-2016-1504-1.NASL", "SUSE_SU-2016-1581-1.NASL", "SUSE_SU-2016-1633-1.NASL", "SUSE_SU-2016-1638-1.NASL", "SUSE_SU-2016-2013-1.NASL", "SUSE_SU-2016-2080-1.NASL", "SUSE_SU-2016-2210-1.NASL", "SUSE_SU-2016-2328-1.NASL", "SUSE_SU-2016-2408-1.NASL", "SUSE_SU-2016-2459-1.NASL", "SUSE_SU-2016-2460-1.NASL", "SUSE_SU-2016-2461-1.NASL", "SUSE_SU-2016-2477-1.NASL", "SUSE_SU-2016-2668-1.NASL", "SUSE_SU-2016-2670-1.NASL", "SUSE_SU-2016-2681-1.NASL", "SUSE_SU-2016-2683-1.NASL", "SUSE_SU-2016-2766-1.NASL", "SUSE_SU-2017-0534-1.NASL", "SUSE_SU-2017-0556-1.NASL", "SUSE_SU-2017-0568-1.NASL", "SUSE_SU-2017-1585-1.NASL", "SUSE_SU-2017-1662-1.NASL", "SUSE_SU-2017-1717-1.NASL", "SUSE_SU-2017-2303-1.NASL", "SUSE_SU-2017-2317-1.NASL", "SUSE_SU-2017-2522-1.NASL", "SUSE_SU-2017-3048-1.NASL", "SUSE_SU-2017-3237-1.NASL", "SUSE_SU-2017-3277-1.NASL", "SUSE_SU-2018-0003-1.NASL", "SUSE_SU-2018-0053-1.NASL", "SUSE_SU-2018-0216-1.NASL", "SUSE_SU-2018-0308-1.NASL", "SUSE_SU-2018-0806-1.NASL", "SUSE_SU-2018-1449-1.NASL", "SUSE_SU-2018-1450-1.NASL", "SUSE_SU-2019-0985-1.NASL", "SUSE_SU-2019-14013-1.NASL", "SUSE_SU-2019-1461-1.NASL", "SUSE_SU-2020-0623-1.NASL", "SUSE_SU-2020-14516-1.NASL", "SUSE_SU-2020-1545-1.NASL", "SUSE_SU-2020-1546-1.NASL", "SUSE_SU-2020-1570-1.NASL", "SUSE_SU-2020-1661-1.NASL", "SUSE_SU-2020-1661-2.NASL", "SUSE_SU-2020-1714-1.NASL", "SUSE_SU-2020-2894-1.NASL", "SUSE_SU-2020-2896-1.NASL", "SUSE_SU-2020-2920-1.NASL", "SUSE_SU-2020-2941-1.NASL", "SUSE_SU-2020-2943-1.NASL", "SUSE_SU-2020-2997-1.NASL", "SUSE_SU-2021-2564-1.NASL", "SUSE_SU-2021-2636-1.NASL", "SUSE_SU-2021-2637-1.NASL", "SUSE_SU-2021-2638-1.NASL", "SUSE_SU-2021-2795-1.NASL", "UBUNTU_USN-1126-1.NASL", "UBUNTU_USN-1126-2.NASL", "UBUNTU_USN-2485-1.NASL", "UBUNTU_USN-2572-1.NASL", "UBUNTU_USN-2658-1.NASL", "UBUNTU_USN-2758-1.NASL", "UBUNTU_USN-2786-1.NASL", "UBUNTU_USN-2952-1.NASL", "UBUNTU_USN-2952-2.NASL", "UBUNTU_USN-2984-1.NASL", "UBUNTU_USN-2987-1.NASL", "UBUNTU_USN-3030-1.NASL", "UBUNTU_USN-3045-1.NASL", "UBUNTU_USN-3059-1.NASL", "UBUNTU_USN-3095-1.NASL", "UBUNTU_USN-3117-1.NASL", "UBUNTU_USN-3196-1.NASL", "UBUNTU_USN-3211-1.NASL", "UBUNTU_USN-3211-2.NASL", "UBUNTU_USN-3382-1.NASL", "UBUNTU_USN-3389-1.NASL", "UBUNTU_USN-3566-1.NASL", "UBUNTU_USN-3600-1.NASL", "UBUNTU_USN-3686-1.NASL", "UBUNTU_USN-3902-1.NASL", "UBUNTU_USN-4375-1.NASL", "UBUNTU_USN-4583-2.NASL", "WEB_APPLICATION_SCANNING_112488", "WEB_APPLICATION_SCANNING_112489", "WEB_APPLICATION_SCANNING_112492", "WEB_APPLICATION_SCANNING_112497", "WEB_APPLICATION_SCANNING_112498", "WEB_APPLICATION_SCANNING_112499", "WEB_APPLICATION_SCANNING_112602", "WEB_APPLICATION_SCANNING_112603", "WEB_APPLICATION_SCANNING_112604", "WEB_APPLICATION_SCANNING_98242", "WEB_APPLICATION_SCANNING_98243", "WEB_APPLICATION_SCANNING_98244", "WEB_APPLICATION_SCANNING_98245", "WEB_APPLICATION_SCANNING_98682", "WEB_APPLICATION_SCANNING_98683", "WEB_APPLICATION_SCANNING_98684", "WEB_APPLICATION_SCANNING_98802", "WEB_APPLICATION_SCANNING_98803", "WEB_APPLICATION_SCANNING_98804", "WEB_APPLICATION_SCANNING_98805", "WEB_APPLICATION_SCANNING_98806", "WEB_APPLICATION_SCANNING_98807", "WEB_APPLICATION_SCANNING_98810", "WEB_APPLICATION_SCANNING_98811", "WEB_APPLICATION_SCANNING_98812", "WEB_APPLICATION_SCANNING_98813", "WEB_APPLICATION_SCANNING_98814", "WEB_APPLICATION_SCANNING_98815", "WEB_APPLICATION_SCANNING_98816", "WEB_APPLICATION_SCANNING_98818", "WEB_APPLICATION_SCANNING_98821", "WEB_APPLICATION_SCANNING_98822", "WEB_APPLICATION_SCANNING_98824", "WEB_APPLICATION_SCANNING_98829", "WEB_APPLICATION_SCANNING_98830", "WEB_APPLICATION_SCANNING_98831", "WEB_APPLICATION_SCANNING_98832", "WEB_APPLICATION_SCANNING_98834", "WEB_APPLICATION_SCANNING_98835", "WEB_APPLICATION_SCANNING_98837", "WEB_APPLICATION_SCANNING_98839", "WEB_APPLICATION_SCANNING_98844", "WEB_APPLICATION_SCANNING_98846", "WEB_APPLICATION_SCANNING_98848", "WEB_APPLICATION_SCANNING_98851", "WEB_APPLICATION_SCANNING_98852", "WEB_APPLICATION_SCANNING_98853", "WEB_APPLICATION_SCANNING_98854", "WEB_APPLICATION_SCANNING_98855", "WEB_APPLICATION_SCANNING_98856", "WEB_APPLICATION_SCANNING_98858", "WEB_APPLICATION_SCANNING_98864", "WEB_APPLICATION_SCANNING_98865", "XEROX_XRX15AD_COLORQUBE.NASL", "XEROX_XRX15R.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105188", "OPENVAS:1361412562310105192", "OPENVAS:1361412562310105264", "OPENVAS:1361412562310105844", "OPENVAS:1361412562310106390", "OPENVAS:1361412562310108052", "OPENVAS:1361412562310108053", "OPENVAS:1361412562310108054", "OPENVAS:1361412562310108055", "OPENVAS:1361412562310108633", "OPENVAS:1361412562310108634", "OPENVAS:1361412562310110181", "OPENVAS:1361412562310120167", "OPENVAS:1361412562310120170", "OPENVAS:1361412562310120171", "OPENVAS:1361412562310120222", "OPENVAS:1361412562310120224", "OPENVAS:1361412562310120225", "OPENVAS:1361412562310120286", "OPENVAS:1361412562310120365", "OPENVAS:1361412562310120370", "OPENVAS:1361412562310120371", "OPENVAS:1361412562310120376", "OPENVAS:1361412562310120396", "OPENVAS:1361412562310120502", "OPENVAS:1361412562310120508", "OPENVAS:1361412562310120509", "OPENVAS:1361412562310120520", "OPENVAS:1361412562310120660", "OPENVAS:1361412562310120675", "OPENVAS:1361412562310120687", "OPENVAS:1361412562310120695", "OPENVAS:1361412562310120696", "OPENVAS:1361412562310120717", "OPENVAS:1361412562310120742", "OPENVAS:1361412562310120743", "OPENVAS:1361412562310121255", "OPENVAS:1361412562310121358", "OPENVAS:1361412562310122739", "OPENVAS:1361412562310122867", "OPENVAS:1361412562310122869", "OPENVAS:1361412562310122871", "OPENVAS:1361412562310122874", "OPENVAS:1361412562310123020", "OPENVAS:1361412562310123083", "OPENVAS:1361412562310123097", "OPENVAS:1361412562310123196", "OPENVAS:1361412562310123197", "OPENVAS:1361412562310123444", "OPENVAS:1361412562310123529", "OPENVAS:1361412562310123562", "OPENVAS:1361412562310130099", "OPENVAS:1361412562310131297", "OPENVAS:1361412562310140289", "OPENVAS:1361412562310142048", "OPENVAS:1361412562310142049", "OPENVAS:1361412562310143722", "OPENVAS:1361412562310143723", "OPENVAS:1361412562310143913", "OPENVAS:1361412562310143914", "OPENVAS:136141256231068689", "OPENVAS:136141256231068832", "OPENVAS:1361412562310703142", "OPENVAS:1361412562310703196", "OPENVAS:1361412562310703198", "OPENVAS:1361412562310703280", "OPENVAS:1361412562310703311", "OPENVAS:1361412562310703344", "OPENVAS:1361412562310703358", "OPENVAS:1361412562310703380", "OPENVAS:1361412562310703556", "OPENVAS:1361412562310703560", "OPENVAS:1361412562310703602", "OPENVAS:1361412562310703618", "OPENVAS:1361412562310703619", "OPENVAS:1361412562310703631", "OPENVAS:1361412562310703689", "OPENVAS:1361412562310703693", "OPENVAS:1361412562310703783", "OPENVAS:1361412562310703938", "OPENVAS:1361412562310704080", "OPENVAS:1361412562310704081", "OPENVAS:1361412562310704240", "OPENVAS:1361412562310704398", "OPENVAS:1361412562310704717", "OPENVAS:1361412562310704719", "OPENVAS:136141256231070769", "OPENVAS:1361412562310801585", "OPENVAS:1361412562310803737", "OPENVAS:1361412562310805446", "OPENVAS:1361412562310805650", "OPENVAS:1361412562310805651", "OPENVAS:1361412562310805655", "OPENVAS:1361412562310805656", "OPENVAS:1361412562310805657", "OPENVAS:1361412562310805658", "OPENVAS:1361412562310805659", "OPENVAS:1361412562310805660", "OPENVAS:1361412562310805676", "OPENVAS:1361412562310806648", "OPENVAS:1361412562310806649", "OPENVAS:1361412562310807000", "OPENVAS:1361412562310807088", "OPENVAS:1361412562310807091", "OPENVAS:1361412562310807092", "OPENVAS:1361412562310807503", "OPENVAS:1361412562310807505", "OPENVAS:1361412562310807507", "OPENVAS:1361412562310807888", "OPENVAS:1361412562310807957", "OPENVAS:1361412562310807994", "OPENVAS:1361412562310808063", "OPENVAS:1361412562310808064", "OPENVAS:1361412562310808065", "OPENVAS:1361412562310808066", "OPENVAS:1361412562310808198", "OPENVAS:1361412562310808199", "OPENVAS:1361412562310808311", "OPENVAS:1361412562310808313", "OPENVAS:1361412562310808328", "OPENVAS:1361412562310808348", "OPENVAS:1361412562310808403", "OPENVAS:1361412562310808491", "OPENVAS:1361412562310808545", "OPENVAS:1361412562310808546", "OPENVAS:1361412562310808572", "OPENVAS:1361412562310808602", "OPENVAS:1361412562310808603", "OPENVAS:1361412562310808604", "OPENVAS:1361412562310808605", "OPENVAS:1361412562310808606", "OPENVAS:1361412562310808607", "OPENVAS:1361412562310808608", "OPENVAS:1361412562310808609", "OPENVAS:1361412562310808610", "OPENVAS:1361412562310808611", "OPENVAS:1361412562310808616", "OPENVAS:1361412562310808617", "OPENVAS:1361412562310808633", "OPENVAS:1361412562310808634", "OPENVAS:1361412562310808674", "OPENVAS:1361412562310808675", "OPENVAS:1361412562310808787", "OPENVAS:1361412562310808788", "OPENVAS:1361412562310808791", "OPENVAS:1361412562310808792", "OPENVAS:1361412562310808793", "OPENVAS:1361412562310808794", "OPENVAS:1361412562310808847", "OPENVAS:1361412562310808963", "OPENVAS:1361412562310809316", "OPENVAS:1361412562310809317", "OPENVAS:1361412562310809318", "OPENVAS:1361412562310809319", "OPENVAS:1361412562310809422", "OPENVAS:1361412562310809423", "OPENVAS:1361412562310810209", "OPENVAS:1361412562310810210", "OPENVAS:1361412562310810227", "OPENVAS:1361412562310810567", "OPENVAS:1361412562310810568", "OPENVAS:1361412562310810728", "OPENVAS:1361412562310811481", "OPENVAS:1361412562310811482", "OPENVAS:1361412562310811485", "OPENVAS:1361412562310811490", "OPENVAS:1361412562310812732", "OPENVAS:1361412562310812735", "OPENVAS:1361412562310813159", "OPENVAS:1361412562310813160", "OPENVAS:1361412562310813191", "OPENVAS:1361412562310813519", "OPENVAS:1361412562310831283", "OPENVAS:1361412562310840636", "OPENVAS:1361412562310840646", "OPENVAS:1361412562310842077", "OPENVAS:1361412562310842171", "OPENVAS:1361412562310842265", "OPENVAS:1361412562310842472", "OPENVAS:1361412562310842508", "OPENVAS:1361412562310842720", "OPENVAS:1361412562310842722", "OPENVAS:1361412562310842772", "OPENVAS:1361412562310842778", "OPENVAS:1361412562310842827", "OPENVAS:1361412562310842844", "OPENVAS:1361412562310842851", "OPENVAS:1361412562310842904", "OPENVAS:1361412562310842934", "OPENVAS:1361412562310843051", "OPENVAS:1361412562310843067", "OPENVAS:1361412562310843071", "OPENVAS:1361412562310843281", "OPENVAS:1361412562310843445", "OPENVAS:1361412562310843479", "OPENVAS:1361412562310843561", "OPENVAS:1361412562310843768", "OPENVAS:1361412562310843925", "OPENVAS:1361412562310844447", "OPENVAS:1361412562310850633", "OPENVAS:1361412562310850658", "OPENVAS:1361412562310850662", "OPENVAS:1361412562310850663", "OPENVAS:1361412562310850689", "OPENVAS:1361412562310850783", "OPENVAS:1361412562310850839", "OPENVAS:1361412562310850932", "OPENVAS:1361412562310851141", "OPENVAS:1361412562310851285", "OPENVAS:1361412562310851286", "OPENVAS:1361412562310851313", "OPENVAS:1361412562310851319", "OPENVAS:1361412562310851332", "OPENVAS:1361412562310851364", "OPENVAS:1361412562310851394", "OPENVAS:1361412562310851401", "OPENVAS:1361412562310851402", "OPENVAS:1361412562310851410", "OPENVAS:1361412562310851418", "OPENVAS:1361412562310851431", "OPENVAS:1361412562310851434", "OPENVAS:1361412562310851500", "OPENVAS:1361412562310851519", "OPENVAS:1361412562310851607", "OPENVAS:1361412562310851770", "OPENVAS:1361412562310852447", "OPENVAS:1361412562310852462", "OPENVAS:1361412562310852562", "OPENVAS:1361412562310852967", "OPENVAS:1361412562310853221", "OPENVAS:1361412562310862764", "OPENVAS:1361412562310862766", "OPENVAS:1361412562310862767", "OPENVAS:1361412562310862769", "OPENVAS:1361412562310862777", "OPENVAS:1361412562310862778", "OPENVAS:1361412562310866845", "OPENVAS:1361412562310867126", "OPENVAS:1361412562310867612", "OPENVAS:1361412562310867712", "OPENVAS:1361412562310867803", "OPENVAS:1361412562310867904", "OPENVAS:1361412562310867974", "OPENVAS:1361412562310868163", "OPENVAS:1361412562310868436", "OPENVAS:1361412562310868640", "OPENVAS:1361412562310869021", "OPENVAS:1361412562310869039", "OPENVAS:1361412562310869053", "OPENVAS:1361412562310869145", "OPENVAS:1361412562310869152", "OPENVAS:1361412562310869180", "OPENVAS:1361412562310869184", "OPENVAS:1361412562310869272", "OPENVAS:1361412562310869274", "OPENVAS:1361412562310869423", "OPENVAS:1361412562310869430", "OPENVAS:1361412562310869509", "OPENVAS:1361412562310869544", "OPENVAS:1361412562310869549", "OPENVAS:1361412562310869562", "OPENVAS:1361412562310869623", "OPENVAS:1361412562310869733", "OPENVAS:1361412562310869807", "OPENVAS:1361412562310869939", "OPENVAS:1361412562310869941", "OPENVAS:1361412562310871047", "OPENVAS:1361412562310871084", "OPENVAS:1361412562310871140", "OPENVAS:1361412562310871307", "OPENVAS:1361412562310871308", "OPENVAS:1361412562310871379", "OPENVAS:1361412562310871388", "OPENVAS:1361412562310871435", "OPENVAS:1361412562310871502", "OPENVAS:1361412562310871616", "OPENVAS:1361412562310871700", "OPENVAS:1361412562310872107", "OPENVAS:1361412562310872160", "OPENVAS:1361412562310872744", "OPENVAS:1361412562310872753", "OPENVAS:1361412562310872877", "OPENVAS:1361412562310872898", "OPENVAS:1361412562310872929", "OPENVAS:1361412562310873340", "OPENVAS:1361412562310873344", "OPENVAS:1361412562310873447", "OPENVAS:1361412562310874411", "OPENVAS:1361412562310874526", "OPENVAS:1361412562310876622", "OPENVAS:1361412562310876625", "OPENVAS:1361412562310877026", "OPENVAS:1361412562310877028", "OPENVAS:1361412562310877069", "OPENVAS:1361412562310877886", "OPENVAS:1361412562310877889", "OPENVAS:1361412562310877893", "OPENVAS:1361412562310881904", "OPENVAS:1361412562310882107", "OPENVAS:1361412562310882108", "OPENVAS:1361412562310882109", "OPENVAS:1361412562310882203", "OPENVAS:1361412562310882219", "OPENVAS:1361412562310882257", "OPENVAS:1361412562310882850", "OPENVAS:1361412562310890818", "OPENVAS:1361412562310890875", "OPENVAS:1361412562310890958", "OPENVAS:1361412562310891034", "OPENVAS:1361412562310891055", "OPENVAS:1361412562310891079", "OPENVAS:1361412562310891251", "OPENVAS:1361412562310891373", "OPENVAS:1361412562310891397", "OPENVAS:1361412562310891679", "OPENVAS:1361412562310891854", "OPENVAS:1361412562310892011", "OPENVAS:1361412562310892188", "OPENVAS:1361412562310892261", "OPENVAS:1361412562310902470", "OPENVAS:1361412562311220161063", "OPENVAS:1361412562311220171045", "OPENVAS:1361412562311220171067", "OPENVAS:1361412562311220171068", "OPENVAS:1361412562311220171128", "OPENVAS:1361412562311220181096", "OPENVAS:1361412562311220181097", "OPENVAS:1361412562311220181249", "OPENVAS:1361412562311220191100", "OPENVAS:1361412562311220191120", "OPENVAS:1361412562311220191146", "OPENVAS:1361412562311220191264", "OPENVAS:1361412562311220191386", "OPENVAS:1361412562311220191402", "OPENVAS:1361412562311220191424", "OPENVAS:1361412562311220191543", "OPENVAS:1361412562311220191544", "OPENVAS:1361412562311220191545", "OPENVAS:1361412562311220191551", "OPENVAS:1361412562311220191554", "OPENVAS:1361412562311220191795", "OPENVAS:1361412562311220191865", "OPENVAS:1361412562311220191928", "OPENVAS:1361412562311220191984", "OPENVAS:1361412562311220191990", "OPENVAS:1361412562311220192043", "OPENVAS:1361412562311220192086", "OPENVAS:1361412562311220192221", "OPENVAS:1361412562311220192340", "OPENVAS:1361412562311220192403", "OPENVAS:1361412562311220192438", "OPENVAS:1361412562311220192521", "OPENVAS:1361412562311220192546", "OPENVAS:1361412562311220192583", "OPENVAS:1361412562311220192649", "OPENVAS:1361412562311220201124", "OPENVAS:1361412562311220201195", "OPENVAS:1361412562311220201443", "OPENVAS:1361412562311220201542", "OPENVAS:1361412562311220201632", "OPENVAS:1361412562311220201747", "OPENVAS:1361412562311220201791", "OPENVAS:68689", "OPENVAS:68832", "OPENVAS:703142", "OPENVAS:703196", "OPENVAS:703198", "OPENVAS:703280", "OPENVAS:703311", "OPENVAS:703344", "OPENVAS:703358", "OPENVAS:703380", "OPENVAS:703556", "OPENVAS:703560", "OPENVAS:703602", "OPENVAS:703618", "OPENVAS:703619", "OPENVAS:703631", "OPENVAS:703689", "OPENVAS:703693", "OPENVAS:703783", "OPENVAS:70769", "OPENVAS:831283", "OPENVAS:840636", "OPENVAS:840646", "OPENVAS:862764", "OPENVAS:862766", "OPENVAS:862767", "OPENVAS:862769", "OPENVAS:862777", "OPENVAS:862778", "OPENVAS:866845", "OPENVAS:867126", "OPENVAS:867612", "OPENVAS:867712", "OPENVAS:871047", "OPENVAS:871084", "OPENVAS:871140", "OPENVAS:881904", "OPENVAS:902470"]}, {"type": "openwrt", "idList": ["OPENWRT-SA-000002"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2015", "ORACLE:CPUAPR2015-2365600", "ORACLE:CPUAPR2017", "ORACLE:CPUAPR2017-3236618", "ORACLE:CPUAPR2020", "ORACLE:CPUJAN2016", "ORACLE:CPUJAN2016-2367955", "ORACLE:CPUJUL2015", "ORACLE:CPUJUL2015-2367936", "ORACLE:CPUJUL2016", "ORACLE:CPUJUL2016-2881720", "ORACLE:CPUJUL2017", "ORACLE:CPUJUL2017-3236622", "ORACLE:CPUOCT2015", "ORACLE:CPUOCT2015-2367953", "ORACLE:CPUOCT2016", "ORACLE:CPUOCT2016-2881722", "ORACLE:CPUOCT2017", "ORACLE:CPUOCT2017-3236626", "ORACLE:CPUOCT2018", "ORACLE:CPUOCT2018-4428296", "ORACLE:CPUOCT2020"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-1307", "ELSA-2013-1615", "ELSA-2014-0311", "ELSA-2015-0090", "ELSA-2015-0092", "ELSA-2015-0101", "ELSA-2015-0327", "ELSA-2015-1053", "ELSA-2015-1066", "ELSA-2015-1135", "ELSA-2015-1186", "ELSA-2015-1218", "ELSA-2015-1219", "ELSA-2015-1627", "ELSA-2015-1665", "ELSA-2015-2155", "ELSA-2016-0760", "ELSA-2016-2598", "ELSA-2018-0406", "ELSA-2020-1112", "ELSA-2020-1624", "ELSA-2020-3662", "ELSA-2020-5443", "ELSA-2020-5861", "ELSA-2021-4213"]}, {"type": "osv", "idList": ["OSV:DLA-1034-1", "OSV:DLA-1055-1", "OSV:DLA-1079-1", "OSV:DLA-1251-1", "OSV:DLA-1373-1", "OSV:DLA-139-1", "OSV:DLA-1397-1", "OSV:DLA-1679-1", "OSV:DLA-1854-1", "OSV:DLA-2011-1", "OSV:DLA-204-1", "OSV:DLA-212-1", "OSV:DLA-2188-1", "OSV:DLA-2261-1", "OSV:DLA-2397-1", "OSV:DLA-2431-1", "OSV:DLA-2431-2", "OSV:DLA-307-1", "OSV:DLA-341-1", "OSV:DLA-444-1", "OSV:DLA-499-1", "OSV:DLA-533-1", "OSV:DLA-534-1", "OSV:DLA-569-1", "OSV:DLA-628-1", "OSV:DLA-665-1", "OSV:DLA-749-1", "OSV:DLA-818-1", "OSV:DLA-875-1", "OSV:DLA-958-1", "OSV:DSA-3142-1", "OSV:DSA-3196-1", "OSV:DSA-3198-1", "OSV:DSA-3198-2", "OSV:DSA-3280-1", "OSV:DSA-3311-1", "OSV:DSA-3344-1", "OSV:DSA-3358-1", "OSV:DSA-3380-1", "OSV:DSA-3556-1", "OSV:DSA-3560-1", "OSV:DSA-3602-1", "OSV:DSA-3618-1", "OSV:DSA-3619-1", "OSV:DSA-3631-1", "OSV:DSA-3689-1", "OSV:DSA-3693-1", "OSV:DSA-3732-1", "OSV:DSA-3783-1", "OSV:DSA-3938-1", "OSV:DSA-4080-1", "OSV:DSA-4081-1", "OSV:DSA-4240-1", "OSV:DSA-4398-1", "OSV:DSA-4527-1", "OSV:DSA-4529-1", "OSV:DSA-4717-1", "OSV:DSA-4719-1", "OSV:DSA-4856-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:130115", "PACKETSTORM:130171", "PACKETSTORM:130974", "PACKETSTORM:136757", "PACKETSTORM:137998", "PACKETSTORM:140537", "PACKETSTORM:153278", "PACKETSTORM:164014", "PACKETSTORM:167552"]}, {"type": "paloalto", "idList": ["PAN-SA-2015-0002"]}, {"type": "photon", "idList": ["PHSA-2017-0021", "PHSA-2017-0029", "PHSA-2019-0024", "PHSA-2019-0171", "PHSA-2019-3.0-0024"]}, {"type": "redhat", "idList": ["RHSA-2013:1307", "RHSA-2013:1615", "RHSA-2014:0311", "RHSA-2015:0090", "RHSA-2015:0092", "RHSA-2015:0099", "RHSA-2015:0101", "RHSA-2015:0126", "RHSA-2015:1053", "RHSA-2015:1066", "RHSA-2015:1135", "RHSA-2015:1186", "RHSA-2015:1187", "RHSA-2015:1218", "RHSA-2015:1219", "RHSA-2015:1646", "RHSA-2015:1647", "RHSA-2015:1665", "RHSA-2015:2155", "RHSA-2016:0457", "RHSA-2016:0760", "RHSA-2016:2598", "RHSA-2016:2750", "RHSA-2018:0406", "RHSA-2018:1296", "RHSA-2019:2519", "RHSA-2019:3299", "RHSA-2020:1112", "RHSA-2020:1624", "RHSA-2020:3662", "RHSA-2020:5275", "RHSA-2020:5443", "RHSA-2021:0607", "RHSA-2021:0778", "RHSA-2021:2992", "RHSA-2021:4213"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-10159", "RH:CVE-2016-10160", "RH:CVE-2016-10161", "RH:CVE-2016-4473", "RH:CVE-2016-5093", "RH:CVE-2016-5095", "RH:CVE-2016-5399", "RH:CVE-2016-5766", "RH:CVE-2016-5772", "RH:CVE-2016-6289", "RH:CVE-2016-6290", "RH:CVE-2016-6291", "RH:CVE-2016-6294", "RH:CVE-2016-6296", "RH:CVE-2016-6297", "RH:CVE-2016-7128", "RH:CVE-2016-7412", "RH:CVE-2016-7413", "RH:CVE-2016-7414", "RH:CVE-2016-7416", "RH:CVE-2016-7417", "RH:CVE-2016-7418", "RH:CVE-2016-7478", "RH:CVE-2016-8670", "RH:CVE-2017-10789", "RH:CVE-2017-11143", "RH:CVE-2017-11144", "RH:CVE-2017-7890", "RH:CVE-2017-9224", "RH:CVE-2017-9226", "RH:CVE-2017-9227", "RH:CVE-2017-9228", "RH:CVE-2018-10547", "RH:CVE-2018-5712", "RH:CVE-2019-11044", "RH:CVE-2019-11048", "RH:CVE-2019-13224", "RH:CVE-2019-9023", "RH:CVE-2020-7067", "RH:CVE-2020-7070"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:25963", "SECURITYVULNS:DOC:26262", "SECURITYVULNS:DOC:27147", "SECURITYVULNS:DOC:31672", "SECURITYVULNS:DOC:31790", "SECURITYVULNS:DOC:31799", "SECURITYVULNS:DOC:31811", "SECURITYVULNS:DOC:31997", "SECURITYVULNS:DOC:32196", "SECURITYVULNS:DOC:32267", "SECURITYVULNS:DOC:32315", "SECURITYVULNS:DOC:32349", "SECURITYVULNS:DOC:32390", "SECURITYVULNS:DOC:32480", "SECURITYVULNS:DOC:32494", "SECURITYVULNS:DOC:32511", "SECURITYVULNS:DOC:32522", "SECURITYVULNS:DOC:32566", "SECURITYVULNS:DOC:32651", "SECURITYVULNS:VULN:11518", "SECURITYVULNS:VULN:11634", "SECURITYVULNS:VULN:14140", "SECURITYVULNS:VULN:14240", "SECURITYVULNS:VULN:14314", "SECURITYVULNS:VULN:14325", "SECURITYVULNS:VULN:14393", "SECURITYVULNS:VULN:14443", "SECURITYVULNS:VULN:14528", "SECURITYVULNS:VULN:14562", "SECURITYVULNS:VULN:14580", "SECURITYVULNS:VULN:14601", "SECURITYVULNS:VULN:14630", "SECURITYVULNS:VULN:14667", "SECURITYVULNS:VULN:14694", "SECURITYVULNS:VULN:14702", "SECURITYVULNS:VULN:14753", "SECURITYVULNS:VULN:14755"]}, {"type": "seebug", "idList": ["SSV:60051", "SSV:89237", "SSV:89630", "SSV:92626"]}, {"type": "slackware", "idList": ["SSA-2015-028-01", "SSA-2015-111-10", "SSA-2015-162-02", "SSA-2015-198-02", "SSA-2015-274-02", "SSA-2016-034-04", "SSA-2016-120-02", "SSA-2016-148-03", "SSA-2016-176-01", "SSA-2016-252-01", "SSA-2016-267-01", "SSA-2017-041-03", "SSA-2017-188-01", "SSA-2018-034-01", "SSA-2018-108-01", "SSA-2018-136-02"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2015:0162-1", "OPENSUSE-SU-2015:0184-1", "OPENSUSE-SU-2015:0855-1", "OPENSUSE-SU-2015:1197-1", "OPENSUSE-SU-2015:1216-1", "OPENSUSE-SU-2015:1628-1", "OPENSUSE-SU-2015:2243-1", "OPENSUSE-SU-2016:1167-1", "OPENSUSE-SU-2016:1173-1", "OPENSUSE-SU-2016:1274-1", "OPENSUSE-SU-2016:1373-1", "OPENSUSE-SU-2016:1553-1", "OPENSUSE-SU-2016:1761-1", "OPENSUSE-SU-2016:2337-1", "OPENSUSE-SU-2016:2444-1", "OPENSUSE-SU-2016:2451-1", "OPENSUSE-SU-2016:2540-1", "OPENSUSE-SU-2016:2606-1", "OPENSUSE-SU-2016:2772-1", "OPENSUSE-SU-2016:2831-1", "OPENSUSE-SU-2016:2837-1", "OPENSUSE-SU-2017:0588-1", "OPENSUSE-SU-2017:2337-1", "OPENSUSE-SU-2018:1463-1", "OPENSUSE-SU-2019:1256-1", "OPENSUSE-SU-2019:1293-1", "OPENSUSE-SU-2019:1572-1", "OPENSUSE-SU-2019:1573-1", "OPENSUSE-SU-2020:0847-1", "OPENSUSE-SU-2020:1703-1", "OPENSUSE-SU-2020:1767-1", "SUSE-SU-2015:0158-1", "SUSE-SU-2015:0868-1", "SUSE-SU-2015:1253-1", "SUSE-SU-2015:1253-2", "SUSE-SU-2015:1265-1", "SUSE-SU-2015:1273-1", "SUSE-SU-2015:1633-1", "SUSE-SU-2015:1701-1", "SUSE-SU-2015:1818-1", "SUSE-SU-2016:1145-1", "SUSE-SU-2016:1166-1", "SUSE-SU-2016:1277-1", "SUSE-SU-2016:1581-1", "SUSE-SU-2016:1638-1", "SUSE-SU-2016:2013-1", "SUSE-SU-2016:2080-1", "SUSE-SU-2016:2328-1", "SUSE-SU-2016:2408-1", "SUSE-SU-2016:2459-1", "SUSE-SU-2016:2460-1", "SUSE-SU-2016:2460-2", "SUSE-SU-2016:2461-1", "SUSE-SU-2016:2477-1", "SUSE-SU-2016:2477-2", "SUSE-SU-2016:2668-1", "SUSE-SU-2016:2683-1", "SUSE-SU-2016:2683-2", "SUSE-SU-2016:2766-1", "SUSE-SU-2017:0534-1", "SUSE-SU-2017:0556-1", "SUSE-SU-2017:0568-1", "SUSE-SU-2017:2303-1", "SUSE-SU-2018:0806-1"]}, {"type": "thn", "idList": ["THN:3DD8F9ADFFEB290F33825414D41B0F41", "THN:5483F752911D643A7A952FBFA7B4B7E4", "THN:88621B70C7F5EC61ED5F438C1F1EF3E0", "THN:A649F4ABCE9B99052139693A13D95B14", "THN:ACBFC80659E47A5B7C81B99570749679", "THN:ADC5E0B7C8DF1100E34C28AC74897A50"]}, {"type": "threatpost", "idList": ["THREATPOST:2EDAD602D032B0A6F91130A32BBBBE6C", "THREATPOST:3A858BD40E6943BD3F4553301036091D", "THREATPOST:8B5C2D5280CC957CA9A4CB0C697F96D8"]}, {"type": "ubuntu", "idList": ["USN-1126-1", "USN-1126-2", "USN-2485-1", "USN-2572-1", "USN-2658-1", "USN-2758-1", "USN-2786-1", "USN-2952-1", "USN-2952-2", "USN-2984-1", "USN-2987-1", "USN-3030-1", "USN-3045-1", "USN-3059-1", "USN-3095-1", "USN-3117-1", "USN-3196-1", "USN-3211-1", "USN-3211-2", "USN-3382-1", "USN-3382-2", "USN-3389-1", "USN-3389-2", "USN-3566-1", "USN-3600-1", "USN-3600-2", "USN-3686-1", "USN-3902-1", "USN-3902-2", "USN-4088-1", "USN-4375-1", "USN-4583-1", "USN-4583-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2006-7243", "UB:CVE-2011-4718", "UB:CVE-2014-9653", "UB:CVE-2014-9767", "UB:CVE-2015-0235", "UB:CVE-2015-2331", "UB:CVE-2015-2348", "UB:CVE-2015-3152", "UB:CVE-2015-3330", "UB:CVE-2015-3411", "UB:CVE-2015-3412", "UB:CVE-2015-4025", "UB:CVE-2015-4026", "UB:CVE-2015-4598", "UB:CVE-2015-5590", "UB:CVE-2015-6831", "UB:CVE-2015-6833", "UB:CVE-2015-6836", "UB:CVE-2015-6837", "UB:CVE-2015-6838", "UB:CVE-2015-7804", "UB:CVE-2015-8835", "UB:CVE-2015-8838", "UB:CVE-2015-8867", "UB:CVE-2015-8876", "UB:CVE-2015-8879", "UB:CVE-2016-10159", "UB:CVE-2016-10160", "UB:CVE-2016-10161", "UB:CVE-2016-2554", "UB:CVE-2016-3074", "UB:CVE-2016-3185", "UB:CVE-2016-4073", "UB:CVE-2016-4343", "UB:CVE-2016-4473", "UB:CVE-2016-4537", "UB:CVE-2016-4538", "UB:CVE-2016-4540", "UB:CVE-2016-4541", "UB:CVE-2016-4542", "UB:CVE-2016-4543", "UB:CVE-2016-4544", "UB:CVE-2016-5093", "UB:CVE-2016-5094", "UB:CVE-2016-5095", "UB:CVE-2016-5096", "UB:CVE-2016-5399", "UB:CVE-2016-5766", "UB:CVE-2016-5770", "UB:CVE-2016-5772", "UB:CVE-2016-6288", "UB:CVE-2016-6289", "UB:CVE-2016-6290", "UB:CVE-2016-6291", "UB:CVE-2016-6293", "UB:CVE-2016-6294", "UB:CVE-2016-6296", "UB:CVE-2016-6297", "UB:CVE-2016-7128", "UB:CVE-2016-7412", "UB:CVE-2016-7413", "UB:CVE-2016-7414", "UB:CVE-2016-7416", "UB:CVE-2016-7417", "UB:CVE-2016-7418", "UB:CVE-2016-7478", "UB:CVE-2016-8670", "UB:CVE-2017-10789", "UB:CVE-2017-11143", "UB:CVE-2017-11144", "UB:CVE-2017-7890", "UB:CVE-2017-9224", "UB:CVE-2017-9226", "UB:CVE-2017-9227", "UB:CVE-2017-9228", "UB:CVE-2018-10547", "UB:CVE-2018-5712", "UB:CVE-2019-11048", "UB:CVE-2019-13224", "UB:CVE-2019-9023", "UB:CVE-2020-7067", "UB:CVE-2020-7070"]}, {"type": "veracode", "idList": ["VERACODE:21326", "VERACODE:21344", "VERACODE:26204", "VERACODE:26277", "VERACODE:27512"]}, {"type": "vulnerlab", "idList": ["VULNERABLE:1430", "VULNERLAB:1430"]}, {"type": "zdt", "idList": ["1337DAY-ID-23215", "1337DAY-ID-23392", "1337DAY-ID-25407", "1337DAY-ID-26098", "1337DAY-ID-26713", "1337DAY-ID-36699", "1337DAY-ID-37806"]}]}, "score": {"value": -0.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "almalinux", "idList": ["ALSA-2020:1624", "ALSA-2020:3662"]}, {"type": "amazon", "idList": ["ALAS-2015-473", "ALAS-2015-534", "ALAS-2017-808", "ALAS-2017-812", "ALAS-2017-867", "ALAS-2017-871", "ALAS-2018-1019", "ALAS-2018-946"]}, {"type": "apple", "idList": ["APPLE:F15BAD0991243C5F3BD7A363EA796E0C"]}, {"type": "archlinux", "idList": ["ASA-201605-8"]}, {"type": "canvas", "idList": ["NGINX"]}, {"type": "centos", "idList": ["CESA-2018:0406"]}, {"type": "cert", "idList": ["VU:967332"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2017-1101"]}, {"type": "checkpoint_security", "idList": ["CPS:SK104443"]}, {"type": "cisa", "idList": ["CISA:E8C8F007DF2A448F84459142FD8D46F7"]}, {"type": "cisco", "idList": ["CISCO-SA-20150128-GHOST"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:FCF85BFA2C233642C61F93CC876C044C"]}, {"type": "cve", "idList": ["CVE-2006-7243", "CVE-2015-3411", "CVE-2015-6831", "CVE-2015-6833", "CVE-2015-6836", "CVE-2015-6838", "CVE-2015-7804", "CVE-2016-3074", "CVE-2017-11143", "CVE-2017-11144", "CVE-2017-9224", "CVE-2017-9226", "CVE-2017-9227", "CVE-2017-9228"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1034-1:86C1B", "DEBIAN:DLA-1055-1:1D63E", "DEBIAN:DLA-1251-1:6C9C1", "DEBIAN:DLA-1373-1:5B111", "DEBIAN:DLA-1397-1:BB93D", "DEBIAN:DLA-204-1:BFB60", "DEBIAN:DLA-958-1:E79D6", "DEBIAN:DSA-3198-2:D34B4", "DEBIAN:DSA-3602-1:52B21", "DEBIAN:DSA-3618-1:04252", "DEBIAN:DSA-3619-1:222D2", "DEBIAN:DSA-3631-1:30BAB", "DEBIAN:DSA-3783-1:B6336", "DEBIAN:DSA-3938-1:63905", "DEBIAN:DSA-4080-1:ADEE1", "DEBIAN:DSA-4081-1:FFD0A", "DEBIAN:DSA-4240-1:6F850"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2015-0235", "DEBIANCVE:CVE-2016-4542", "DEBIANCVE:CVE-2017-7890", "DEBIANCVE:CVE-2017-9224", "DEBIANCVE:CVE-2017-9226", "DEBIANCVE:CVE-2017-9227", "DEBIANCVE:CVE-2017-9228", "DEBIANCVE:CVE-2019-13224"]}, {"type": "exploitdb", "idList": ["EDB-ID:39736"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:99988BAE0A27143CB886C29FF1A9E24F", "EXPLOITPACK:C053A5D94671C4F1ACDCC4DBDE0663D2"]}, {"type": "f5", "idList": ["F5:K00103182", "F5:K16845", "SOL13519", "SOL14930", "SOL16845", "SOL17028", "SOL17049", "SOL17377", "SOL17503", "SOL34958244", "SOL48414132"]}, {"type": "fedora", "idList": ["FEDORA:120A46141B97", "FEDORA:2E68F60906AD", "FEDORA:3BC436087E40", "FEDORA:4720460BA914", "FEDORA:4DE9160C2673", "FEDORA:52FE460DF3A9", "FEDORA:577F0605A34A", "FEDORA:6380460600FA", "FEDORA:6A03F6045A1D", "FEDORA:727A660499CE", "FEDORA:76D58601CED5", "FEDORA:82CB26079704", "FEDORA:8AEC1604CC02", "FEDORA:9542760A94B9", "FEDORA:A6FB9612EA5D", "FEDORA:B9F6160C5981", "FEDORA:D3F6E60877BD"]}, {"type": "freebsd", "idList": ["36BD352D-299B-11E5-86FF-14DAE9D210B8", "3761DF02-0F9C-11E0-BECC-0022156E8794", "3D675519-5654-11E5-9AD8-14DAE9D210B8", "5764C634-10D2-11E6-94FA-002590263BF5", "6B110175-246D-11E6-8DD3-002590263BF5", "787EF75E-44DA-11E5-93AD-002590263BF5", "A8D87C7A-D1B1-11E9-A616-0992A4564E7C", "B396CF6C-62E6-11E7-9DEF-B499BAEBFEAF", "C1DA8B75-6AEF-11E5-9909-002590263BF5"]}, {"type": "gentoo", "idList": ["GLSA-201701-42", "GLSA-201702-29"]}, {"type": "hackerone", "idList": ["H1:200909"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20150226-01-GLIBC"]}, {"type": "ibm", "idList": ["045B04E2252E3B851D69AA785CAC9B0BD8A6AF9E04C95FB3C9A6AE0C081B07DB", "0E3202F59A84E8C4C8A4554F29ADAF73DCE3E2C9294C34C05595AC9113B67930", "7925A4A82073B74561DC5D50CF078A50AF6B99A79615D52B72210290EF21A39B"]}, {"type": "kaspersky", "idList": ["KLA10514"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY/SCANNER/HTTP/WORDPRESS_GHOST_SCANNER", "MSF:ILITIES/AMAZON_LINUX-CVE-2019-11048/", "MSF:ILITIES/CENTOS_LINUX-CVE-2019-11048/", "MSF:ILITIES/DEBIAN-CVE-2019-11048/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP2-CVE-2019-11048/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP3-CVE-2019-11048/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP8-CVE-2019-11048/", "MSF:ILITIES/LINUXRPM-RHSA-2015-1647/", "MSF:ILITIES/ORACLE-SOLARIS-CVE-2019-11048/", "MSF:ILITIES/ORACLE_LINUX-CVE-2019-11048/", "MSF:ILITIES/PHP-CVE-2019-11048/", "MSF:ILITIES/REDHAT_LINUX-CVE-2019-11048/", "MSF:ILITIES/SUSE-CVE-2019-11048/", "MSF:ILITIES/UBUNTU-CVE-2019-11048/"]}, {"type": "nessus", "idList": ["8954.PRM", "9302.PRM", "9620.PRM", "ALA_ALAS-2016-706.NASL", "CENTOS_RHSA-2013-1307.NASL", "CENTOS_RHSA-2016-2598.NASL", "DEBIAN_DLA-533.NASL", "DEBIAN_DLA-749.NASL", "DEBIAN_DLA-958.NASL", "DEBIAN_DSA-3556.NASL", "DEBIAN_DSA-3783.NASL", "FEDORA_2016-0C57B12C7B.NASL", "FEDORA_2016-5F91F43826.NASL", "FEDORA_2016-65F1FFDC0C.NASL", "FEDORA_2016-6B1938566F.NASL", "FEDORA_2016-7D6CBCADCA.NASL", "FEDORA_2016-B967AC1A74.NASL", "FEDORA_2017-60997F0D14.NASL", "FEDORA_2017-B674DC22AD.NASL", "FEDORA_2017-E2D6D0067F.NASL", "FEDORA_2017-EE01A2CED6.NASL", "FREEBSD_PKG_5764C63410D211E694FA002590263BF5.NASL", "FREEBSD_PKG_B396CF6C62E611E79DEFB499BAEBFEAF.NASL", "GENTOO_GLSA-201702-29.NASL", "MANDRIVA_MDVSA-2015-079.NASL", "MANDRIVA_MDVSA-2015-209.NASL", "OPENSUSE-2015-295.NASL", "OPENSUSE-2015-84.NASL", "OPENSUSE-2016-323.NASL", "OPENSUSE-2016-613.NASL", "OPENSUSE-2016-703.NASL", "OPENSUSE-2016-776.NASL", "OPENSUSE-2018-119.NASL", "OPENSUSE-2018-99.NASL", "ORACLELINUX_ELSA-2015-2155.NASL", "ORACLELINUX_ELSA-2018-0406.NASL", "PHP_5_4_38.NASL", "PHP_5_4_42.NASL", "PHP_5_5_22.NASL", "PHP_5_5_23.NASL", "PHP_5_5_37.NASL", "PHP_5_6_22.NASL", "PHP_5_6_23.NASL", "PHP_5_6_30.NASL", "PHP_5_6_31.NASL", "PHP_5_6_6.NASL", "PHP_7_0_21.NASL", "PHP_7_0_7.NASL", "PHP_7_1_1.NASL", "PHP_7_1_7.NASL", "REDHAT-RHSA-2016-0760.NASL", "REDHAT-RHSA-2018-0406.NASL", "SLACKWARE_SSA_2016-034-04.NASL", "SLACKWARE_SSA_2016-120-02.NASL", "SLACKWARE_SSA_2016-148-03.NASL", "SLACKWARE_SSA_2017-041-03.NASL", "SLACKWARE_SSA_2017-188-01.NASL", "SLACKWARE_SSA_2018-034-01.NASL", "SL_20140318_PHP_ON_SL5_X.NASL", "SL_20180306_PHP_ON_SL7_X.NASL", "SOLARIS11_PHP_20140401.NASL", "SUSE_11_GLIBC-150122.NASL", "SUSE_SU-2017-1662-1.NASL", "SUSE_SU-2017-2317-1.NASL", "SUSE_SU-2018-0053-1.NASL", "SUSE_SU-2018-1449-1.NASL", "SUSE_SU-2020-14516-1.NASL", "WEB_APPLICATION_SCANNING_98802", "WEB_APPLICATION_SCANNING_98806", "WEB_APPLICATION_SCANNING_98830", "WEB_APPLICATION_SCANNING_98853"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108052", "OPENVAS:1361412562310108053", "OPENVAS:1361412562310108054", "OPENVAS:1361412562310108055", "OPENVAS:1361412562310120717", "OPENVAS:1361412562310123020", "OPENVAS:136141256231068832", "OPENVAS:1361412562310703311", "OPENVAS:1361412562310805655", "OPENVAS:1361412562310808065", "OPENVAS:1361412562310808066", "OPENVAS:1361412562310808198", "OPENVAS:1361412562310808602", "OPENVAS:1361412562310808788", "OPENVAS:1361412562310831283", "OPENVAS:1361412562310842171", "OPENVAS:1361412562310842508", "OPENVAS:1361412562310850839", "OPENVAS:1361412562310851434", "OPENVAS:1361412562310868640", "OPENVAS:1361412562310869053", "OPENVAS:1361412562310872744", "OPENVAS:1361412562310872753", "OPENVAS:1361412562310876622", "OPENVAS:1361412562310876625", "OPENVAS:1361412562310890958", "OPENVAS:1361412562311220191544", "OPENVAS:703783", "OPENVAS:862767"]}, {"type": "openwrt", "idList": ["OPENWRT-SA-000002"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2015", "ORACLE:CPUJUL2015-2367936"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-0406"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:153278"]}, {"type": "photon", "idList": ["PHSA-2017-0021", "PHSA-2017-0029", "PHSA-2019-3.0-0024"]}, {"type": "redhat", "idList": ["RHSA-2015:1187", "RHSA-2018:0406", "RHSA-2020:1112"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-10789", "RH:CVE-2018-10547", "RH:CVE-2019-11048", "RH:CVE-2019-9023", "RH:CVE-2020-7067", "RH:CVE-2020-7070"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31790", "SECURITYVULNS:DOC:31997", "SECURITYVULNS:VULN:14140", "SECURITYVULNS:VULN:14325"]}, {"type": "seebug", "idList": ["SSV:89630"]}, {"type": "slackware", "idList": ["SSA-2015-198-02", "SSA-2017-041-03", "SSA-2017-188-01", "SSA-2018-034-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2015:0162-1", "OPENSUSE-SU-2016:1553-1", "SUSE-SU-2015:1253-1"]}, {"type": "thn", "idList": ["THN:5483F752911D643A7A952FBFA7B4B7E4", "THN:ACBFC80659E47A5B7C81B99570749679"]}, {"type": "threatpost", "idList": ["THREATPOST:2EDAD602D032B0A6F91130A32BBBBE6C"]}, {"type": "ubuntu", "idList": ["USN-2658-1", "USN-3389-2", "USN-4088-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-4025", "UB:CVE-2016-3074", "UB:CVE-2019-11048", "UB:CVE-2020-7067", "UB:CVE-2020-7070"]}, {"type": "vulnerlab", "idList": ["VULNERABLE:1430"]}, {"type": "zdt", "idList": ["1337DAY-ID-25407"]}]}, "exploitation": null, "vulnersScore": -0.3}, "affectedPackage": [{"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-zts"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-dba"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-mbstring"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-imap"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-enchant"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-pspell"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-devel"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-pdo"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-cli"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-pgsql"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-snmp"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-odbc"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-embedded"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-common"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-tidy"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-xmlrpc"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-intl"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-xml"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-soap"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-ldap"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-mysql"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-process"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-recode"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-gd"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-fpm"}, {"OS": "Centos", "OSVersion": "6", "arch": "x86_64", "packageVersion": "5.3.3", "packageFilename": "php-5.3.3-51.el6.cloudlinux.src.rpm", "operator": "lt", "packageName": "php-bcmath"}], "_state": {"dependencies": 1660004461, "score": 1659995475}, "_internal": {"score_hash": "449bae5e6e1d8670e9e5402b80769f07"}}

{"nessus": [{"lastseen": "2022-07-02T16:53:35", "description": "According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.11. It is, therefore, affected by multiple vulnerabilities :\n\n - An heap buffer overflow condition exists in the php_mysqlnd_rowp_read_text_protocol_aux() function within file ext/mysqlnd/mysqlnd_wireprotocol.c due to a failure to verify that a BIT field has the UNSIGNED_FLAG flag. An unauthenticated, remote attacker can exploit this, via specially crafted field metadata, to cause a denial of service condition. (CVE-2016-7412)\n\n - A use-after-free error exists in the wddx_stack_destroy() function within file ext/wddx/wddx.c when deserializing recordset elements.\n An unauthenticated, remote attacker can exploit this, via a specially crafted wddxPacket XML document, to cause a denial of service condition. (CVE-2016-7413)\n\n - An out-of-bounds access error exists in the phar_parse_zipfile() function within file ext/phar/zip.c due to a failure to ensure that the uncompressed_filesize field is large enough. An unauthenticated, remote attacker can exploit this, via a specially crafted archive, to cause a denial of service condition. (CVE-2016-7414)\n\n - A stack-based buffer overflow condition exists in the ICU4C library, specifically within file common/locid.cpp in the msgfmt_format_message() function, due to a failure to properly restrict the locale length provided to the Locale class. An unauthenticated, remote attacker can exploit this, via a long first argument to a MessageFormatter::formatMessage() function call, to cause a denial of service condition. (CVE-2016-7416)\n\n - A flaw exists in the spl_array_get_dimension_ptr_ptr() function within file ext/spl/spl_array.c due to a failure to properly validate the return value and data type when deserializing SplArray. An unauthenticated, remote attacker can exploit this, via specially crafted serialized data, to cause a denial of service condition.\n (CVE-2016-7417)\n\n - An out-of-bounds read error exists in the php_wddx_push_element() function within file ext/wddx/wddx.c when handling an incorrect boolean element, which leads to mishandling the wddx_deserialize() call. An unauthenticated, remote attacker can exploit this, via a specially crafted wddxPacket XML document, to cause a denial of service condition. (CVE-2016-7418)\n\n - An out-of-bounds access error exists in the phar_parse_tarfile() function within file ext/phar/tar.c when handling the verification of signatures. An unauthenticated, remote attacker can exploit this to cause an unspecified impact.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-09-22T00:00:00", "type": "nessus", "title": "PHP 7.0.x < 7.0.11 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_7_0_11.NASL", "href": "https://www.tenable.com/plugins/nessus/93657", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93657);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2016-7412\",\n \"CVE-2016-7413\",\n \"CVE-2016-7414\",\n \"CVE-2016-7416\",\n \"CVE-2016-7417\",\n \"CVE-2016-7418\"\n );\n script_bugtraq_id(\n 93004,\n 93005,\n 93006,\n 93007,\n 93008,\n 93011\n );\n\n script_name(english:\"PHP 7.0.x < 7.0.11 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of PHP running on the remote web server is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP running on the remote web\nserver is 7.0.x prior to 7.0.11. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - An heap buffer overflow condition exists in the\n php_mysqlnd_rowp_read_text_protocol_aux() function\n within file ext/mysqlnd/mysqlnd_wireprotocol.c due to\n a failure to verify that a BIT field has the\n UNSIGNED_FLAG flag. An unauthenticated, remote attacker\n can exploit this, via specially crafted field metadata,\n to cause a denial of service condition. (CVE-2016-7412)\n\n - A use-after-free error exists in the\n wddx_stack_destroy() function within file\n ext/wddx/wddx.c when deserializing recordset elements.\n An unauthenticated, remote attacker can exploit this,\n via a specially crafted wddxPacket XML document, to\n cause a denial of service condition. (CVE-2016-7413)\n\n - An out-of-bounds access error exists in the\n phar_parse_zipfile() function within file ext/phar/zip.c\n due to a failure to ensure that the\n uncompressed_filesize field is large enough. An\n unauthenticated, remote attacker can exploit this, via a\n specially crafted archive, to cause a denial of service\n condition. (CVE-2016-7414)\n\n - A stack-based buffer overflow condition exists in the\n ICU4C library, specifically within file common/locid.cpp\n in the msgfmt_format_message() function, due to a\n failure to properly restrict the locale length provided\n to the Locale class. An unauthenticated, remote attacker\n can exploit this, via a long first argument to a\n MessageFormatter::formatMessage() function call, to\n cause a denial of service condition. (CVE-2016-7416)\n\n - A flaw exists in the spl_array_get_dimension_ptr_ptr()\n function within file ext/spl/spl_array.c due to a\n failure to properly validate the return value and data\n type when deserializing SplArray. An unauthenticated,\n remote attacker can exploit this, via specially crafted\n serialized data, to cause a denial of service condition.\n (CVE-2016-7417)\n\n - An out-of-bounds read error exists in the\n php_wddx_push_element() function within file\n ext/wddx/wddx.c when handling an incorrect boolean\n element, which leads to mishandling the\n wddx_deserialize() call. An unauthenticated, remote\n attacker can exploit this, via a specially crafted\n wddxPacket XML document, to cause a denial of service\n condition. (CVE-2016-7418)\n\n - An out-of-bounds access error exists in the\n phar_parse_tarfile() function within file ext/phar/tar.c\n when handling the verification of signatures. An\n unauthenticated, remote attacker can exploit this to\n cause an unspecified impact.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://secure.php.net/ChangeLog-7.php#7.0.11\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 7.0.11 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-7417\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported)\n audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^7(\\.0)?$\")\n audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^7\\.0\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 7.0.x\", port);\n\nif (version =~ \"^7\\.0\\.\" && ver_compare(ver:version, fix:\"7.0.11\", strict:FALSE) < 0){\n security_report_v4(\n port : port,\n extra :\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 7.0.11' +\n '\\n',\n severity:SECURITY_HOLE\n );\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:56:27", "description": "ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag, which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata (CVE-2016-7412).\n\nUse-after-free vulnerability in the wddx_stack_destroy function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a wddxPacket XML document that lacks an end-tag for a recordset field element, leading to mishandling in a wddx_deserialize call (CVE-2016-7413).\n\nThe ZIP signature-verification feature in PHP before 5.6.26 and 7.x before 7.0.11 does not ensure that the uncompressed_filesize field is large enough, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via a crafted PHAR archive, related to ext/phar/util.c and ext/phar/zip.c (CVE-2016-7414).\n\next/intl/msgformat/msgformat_format.c in PHP before 5.6.26 and 7.x before 7.0.11 does not properly restrict the locale length provided to the Locale class in the ICU library, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a MessageFormatter::formatMessage call with a long first argument (CVE-2016-7416).\n\next/spl/spl_array.c in PHP before 5.6.26 and 7.x before 7.0.11 proceeds with SplArray unserialization without validating a return value and data type, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data (CVE-2016-7417).\n\nThe php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service (invalid pointer access and out-of-bounds read) or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call (CVE-2016-7418).", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-13T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : php70 (ALAS-2016-754)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php70", "p-cpe:/a:amazon:linux:php70-bcmath", "p-cpe:/a:amazon:linux:php70-cli", "p-cpe:/a:amazon:linux:php70-common", "p-cpe:/a:amazon:linux:php70-dba", "p-cpe:/a:amazon:linux:php70-dbg", "p-cpe:/a:amazon:linux:php70-debuginfo", "p-cpe:/a:amazon:linux:php70-devel", "p-cpe:/a:amazon:linux:php70-embedded", "p-cpe:/a:amazon:linux:php70-enchant", "p-cpe:/a:amazon:linux:php70-fpm", "p-cpe:/a:amazon:linux:php70-gd", "p-cpe:/a:amazon:linux:php70-gmp", "p-cpe:/a:amazon:linux:php70-imap", "p-cpe:/a:amazon:linux:php70-intl", "p-cpe:/a:amazon:linux:php70-json", "p-cpe:/a:amazon:linux:php70-ldap", "p-cpe:/a:amazon:linux:php70-mbstring", "p-cpe:/a:amazon:linux:php70-mcrypt", "p-cpe:/a:amazon:linux:php70-mysqlnd", "p-cpe:/a:amazon:linux:php70-odbc", "p-cpe:/a:amazon:linux:php70-opcache", "p-cpe:/a:amazon:linux:php70-pdo", "p-cpe:/a:amazon:linux:php70-pdo-dblib", "p-cpe:/a:amazon:linux:php70-pgsql", "p-cpe:/a:amazon:linux:php70-process", "p-cpe:/a:amazon:linux:php70-pspell", "p-cpe:/a:amazon:linux:php70-recode", "p-cpe:/a:amazon:linux:php70-snmp", "p-cpe:/a:amazon:linux:php70-soap", "p-cpe:/a:amazon:linux:php70-tidy", "p-cpe:/a:amazon:linux:php70-xml", "p-cpe:/a:amazon:linux:php70-xmlrpc", "p-cpe:/a:amazon:linux:php70-zip", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2016-754.NASL", "href": "https://www.tenable.com/plugins/nessus/94020", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2016-754.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94020);\n script_version(\"2.4\");\n script_cvs_date(\"Date: 2018/04/18 15:09:36\");\n\n script_cve_id(\"CVE-2016-7412\", \"CVE-2016-7413\", \"CVE-2016-7414\", \"CVE-2016-7416\", \"CVE-2016-7417\", \"CVE-2016-7418\");\n script_xref(name:\"ALAS\", value:\"2016-754\");\n\n script_name(english:\"Amazon Linux AMI : php70 (ALAS-2016-754)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before\n7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag,\nwhich allows remote MySQL servers to cause a denial of service\n(heap-based buffer overflow) or possibly have unspecified other impact\nvia crafted field metadata (CVE-2016-7412).\n\nUse-after-free vulnerability in the wddx_stack_destroy function in\next/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows\nremote attackers to cause a denial of service or possibly have\nunspecified other impact via a wddxPacket XML document that lacks an\nend-tag for a recordset field element, leading to mishandling in a\nwddx_deserialize call (CVE-2016-7413).\n\nThe ZIP signature-verification feature in PHP before 5.6.26 and 7.x\nbefore 7.0.11 does not ensure that the uncompressed_filesize field is\nlarge enough, which allows remote attackers to cause a denial of\nservice (out-of-bounds memory access) or possibly have unspecified\nother impact via a crafted PHAR archive, related to ext/phar/util.c\nand ext/phar/zip.c (CVE-2016-7414).\n\next/intl/msgformat/msgformat_format.c in PHP before 5.6.26 and 7.x\nbefore 7.0.11 does not properly restrict the locale length provided to\nthe Locale class in the ICU library, which allows remote attackers to\ncause a denial of service (application crash) or possibly have\nunspecified other impact via a MessageFormatter::formatMessage call\nwith a long first argument (CVE-2016-7416).\n\next/spl/spl_array.c in PHP before 5.6.26 and 7.x before 7.0.11\nproceeds with SplArray unserialization without validating a return\nvalue and data type, which allows remote attackers to cause a denial\nof service or possibly have unspecified other impact via crafted\nserialized data (CVE-2016-7417).\n\nThe php_wddx_push_element function in ext/wddx/wddx.c in PHP before\n5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial\nof service (invalid pointer access and out-of-bounds read) or possibly\nhave unspecified other impact via an incorrect boolean element in a\nwddxPacket XML document, leading to mishandling in a wddx_deserialize\ncall (CVE-2016-7418).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2016-754.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php70' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-pdo-dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php70-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-bcmath-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-cli-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-common-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-dba-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-dbg-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-debuginfo-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-devel-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-embedded-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-enchant-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-fpm-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-gd-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-gmp-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-imap-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-intl-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-json-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-ldap-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-mbstring-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-mcrypt-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-mysqlnd-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-odbc-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-opcache-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-pdo-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-pdo-dblib-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-pgsql-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-process-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-pspell-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-recode-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-snmp-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-soap-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-tidy-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-xml-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-xmlrpc-7.0.11-1.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-zip-7.0.11-1.16.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php70 / php70-bcmath / php70-cli / php70-common / php70-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:58:03", "description": "PHP reports :\n\n- Fixed bug #73007 (add locale length check)\n\n- Fixed bug #72293 (Heap overflow in mysqlnd related to BIT fields)\n\n- Fixed bug #72928 (Out of bound when verify signature of zip phar in phar_parse_zipfile)\n\n- Fixed bug #73029 (Missing type check when unserializing SplArray)\n\n- Fixed bug #73052 (Memory Corruption in During Deserialized-object Destruction)\n\n- Fixed bug #72860 (wddx_deserialize use-after-free)\n\n- Fixed bug #73065 (Out-Of-Bounds Read in php_wddx_push_element)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-17T00:00:00", "type": "nessus", "title": "FreeBSD : PHP -- multiple vulnerabilities (f471032a-8700-11e6-8d93-00248c0c745d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:php70", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_F471032A870011E68D9300248C0C745D.NASL", "href": "https://www.tenable.com/plugins/nessus/94084", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94084);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-7412\", \"CVE-2016-7413\", \"CVE-2016-7414\", \"CVE-2016-7416\", \"CVE-2016-7417\", \"CVE-2016-7418\");\n\n script_name(english:\"FreeBSD : PHP -- multiple vulnerabilities (f471032a-8700-11e6-8d93-00248c0c745d)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PHP reports :\n\n- Fixed bug #73007 (add locale length check)\n\n- Fixed bug #72293 (Heap overflow in mysqlnd related to BIT fields)\n\n- Fixed bug #72928 (Out of bound when verify signature of zip phar in\nphar_parse_zipfile)\n\n- Fixed bug #73029 (Missing type check when unserializing SplArray)\n\n- Fixed bug #73052 (Memory Corruption in During Deserialized-object\nDestruction)\n\n- Fixed bug #72860 (wddx_deserialize use-after-free)\n\n- Fixed bug #73065 (Out-Of-Bounds Read in php_wddx_push_element)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-7.php#7.0.11\"\n );\n # https://vuxml.freebsd.org/freebsd/f471032a-8700-11e6-8d93-00248c0c745d.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?556e252c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"php70<7.0.11\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-13T15:58:14", "description": "According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.11. It is, therefore, affected by multiple vulnerabilities :\n\n - An heap buffer overflow condition exists in the php_mysqlnd_rowp_read_text_protocol_aux() function within file ext/mysqlnd/mysqlnd_wireprotocol.c due to a failure to verify that a BIT field has the UNSIGNED_FLAG flag. An unauthenticated, remote attacker can exploit this, via specially crafted field metadata, to cause a denial of service condition. (CVE-2016-7412)\n\n - A use-after-free error exists in the wddx_stack_destroy() function within file ext/wddx/wddx.c when deserializing recordset elements. An unauthenticated, remote attacker can exploit this, via a specially crafted wddxPacket XML document, to cause a denial of service condition. (CVE-2016-7413)\n\n - An out-of-bounds access error exists in the phar_parse_zipfile() function within file ext/phar/zip.c due to a failure to ensure that the uncompressed_filesize field is large enough. An unauthenticated, remote attacker can exploit this, via a specially crafted archive, to cause a denial of service condition. (CVE-2016-7414)\n\n - A stack-based buffer overflow condition exists in the ICU4C library, specifically within file common/locid.cpp in the msgfmt_format_message() function, due to a failure to properly restrict the locale length provided to the Locale class. An unauthenticated, remote attacker can exploit this, via a long first argument to a MessageFormatter::formatMessage() function call, to cause a denial of service condition. (CVE-2016-7416)\n\n - A flaw exists in the spl_array_get_dimension_ptr_ptr() function within file ext/spl/spl_array.c due to a failure to properly validate the return value and data type when deserializing SplArray. An unauthenticated, remote attacker can exploit this, via specially crafted serialized data, to cause a denial of service condition. (CVE-2016-7417)\n\n - An out-of-bounds read error exists in the php_wddx_push_element() function within file ext/wddx/wddx.c when handling an incorrect boolean element, which leads to mishandling the wddx_deserialize() call. An unauthenticated, remote attacker can exploit this, via a specially crafted wddxPacket XML document, to cause a denial of service condition. (CVE-2016-7418)\n\n - An out-of-bounds access error exists in the phar_parse_tarfile() function within file ext/phar/tar.c when handling the verification of signatures. An unauthenticated, remote attacker can exploit this to cause an unspecified impact.\n\nNote that this software is reportedly affected by other vulnerabilities as well that have not been fixed yet in version 7.0.13.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-01-09T00:00:00", "type": "nessus", "title": "PHP 7.0.x < 7.0.11 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98835", "href": "https://www.tenable.com/plugins/was/98835", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-12T14:39:39", "description": "PHP reports :\n\n- Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns)\n\n- Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and unserialize()).\n\n- Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read access).\n\n- Fixed bug #72519 (imagegif/output out-of-bounds access).\n\n- Fixed bug #72520 (Stack-based buffer overflow vulnerability in php_stream_zip_opener).\n\n- Fixed bug #72533 (locale_accept_from_http out-of-bounds access).\n\n- Fixed bug #72541 (size_t overflow lead to heap corruption).\n\n- Fixed bug #72551, bug #72552 (Incorrect casting from size_t to int lead to heap overflow in mdecrypt_generic).\n\n- Fixed bug #72558 (Integer overflow error within\n_gdContributionsAlloc()).\n\n- Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries and applications).\n\n- Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE).\n\n- Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn simplestring.c).\n\n- Fixed bug #72613 (Inadequate error handling in bzread()).\n\n- Fixed bug #72618 (NULL pointer Dereference in exif_process_user_comment).", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-07-27T00:00:00", "type": "nessus", "title": "FreeBSD : php -- multiple vulnerabilities (b6402385-533b-11e6-a7bd-14dae9d210b8) (httpoxy)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8879", "CVE-2016-5385", "CVE-2016-5399", "CVE-2016-6288", "CVE-2016-6289", "CVE-2016-6290", "CVE-2016-6291", "CVE-2016-6292", "CVE-2016-6294", "CVE-2016-6295", "CVE-2016-6296", "CVE-2016-6297"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:php55", "p-cpe:/a:freebsd:freebsd:php55-bz2", "p-cpe:/a:freebsd:freebsd:php55-exif", "p-cpe:/a:freebsd:freebsd:php55-gd", "p-cpe:/a:freebsd:freebsd:php55-odbc", "p-cpe:/a:freebsd:freebsd:php55-snmp", "p-cpe:/a:freebsd:freebsd:php55-xmlrpc", "p-cpe:/a:freebsd:freebsd:php55-zip", "p-cpe:/a:freebsd:freebsd:php56", "p-cpe:/a:freebsd:freebsd:php56-bz2", "p-cpe:/a:freebsd:freebsd:php56-exif", "p-cpe:/a:freebsd:freebsd:php56-gd", "p-cpe:/a:freebsd:freebsd:php56-odbc", "p-cpe:/a:freebsd:freebsd:php56-snmp", "p-cpe:/a:freebsd:freebsd:php56-xmlrpc", "p-cpe:/a:freebsd:freebsd:php56-zip", "p-cpe:/a:freebsd:freebsd:php70", "p-cpe:/a:freebsd:freebsd:php70-bz2", "p-cpe:/a:freebsd:freebsd:php70-curl", "p-cpe:/a:freebsd:freebsd:php70-exif", "p-cpe:/a:freebsd:freebsd:php70-gd", "p-cpe:/a:freebsd:freebsd:php70-mcrypt", "p-cpe:/a:freebsd:freebsd:php70-odbc", "p-cpe:/a:freebsd:freebsd:php70-snmp", "p-cpe:/a:freebsd:freebsd:php70-xmlrpc", "p-cpe:/a:freebsd:freebsd:php70-zip", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_B6402385533B11E6A7BD14DAE9D210B8.NASL", "href": "https://www.tenable.com/plugins/nessus/92574", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92574);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-8879\", \"CVE-2016-5385\", \"CVE-2016-5399\", \"CVE-2016-6288\", \"CVE-2016-6289\", \"CVE-2016-6290\", \"CVE-2016-6291\", \"CVE-2016-6292\", \"CVE-2016-6294\", \"CVE-2016-6295\", \"CVE-2016-6296\", \"CVE-2016-6297\");\n\n script_name(english:\"FreeBSD : php -- multiple vulnerabilities (b6402385-533b-11e6-a7bd-14dae9d210b8) (httpoxy)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PHP reports :\n\n- Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined\ncolumns)\n\n- Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and\nunserialize()).\n\n- Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary\nwrite/read access).\n\n- Fixed bug #72519 (imagegif/output out-of-bounds access).\n\n- Fixed bug #72520 (Stack-based buffer overflow vulnerability in\nphp_stream_zip_opener).\n\n- Fixed bug #72533 (locale_accept_from_http out-of-bounds access).\n\n- Fixed bug #72541 (size_t overflow lead to heap corruption).\n\n- Fixed bug #72551, bug #72552 (Incorrect casting from size_t to int\nlead to heap overflow in mdecrypt_generic).\n\n- Fixed bug #72558 (Integer overflow error within\n_gdContributionsAlloc()).\n\n- Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP\nlibraries and applications).\n\n- Fixed bug #72603 (Out of bound read in\nexif_process_IFD_in_MAKERNOTE).\n\n- Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn\nsimplestring.c).\n\n- Fixed bug #72613 (Inadequate error handling in bzread()).\n\n- Fixed bug #72618 (NULL pointer Dereference in\nexif_process_user_comment).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/ChangeLog-5.php#5.5.38\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/ChangeLog-5.php#5.6.24\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/ChangeLog-7.php#7.0.8\"\n );\n # http://seclists.org/oss-sec/2016/q3/121\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://seclists.org/oss-sec/2016/q3/121\"\n );\n # https://vuxml.freebsd.org/freebsd/b6402385-533b-11e6-a7bd-14dae9d210b8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?63176dba\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php55\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php55-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php55-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php55-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php55-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php55-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php55-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php55-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/26\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"php55<5.5.38\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php56<5.6.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70<7.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-curl<7.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php55-bz2<5.5.38\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php56-bz2<5.6.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-bz2<7.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php55-exif<5.5.38\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php56-exif<5.6.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-exif<7.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php55-gd<5.5.38\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php56-gd<5.6.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-gd<7.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-mcrypt<7.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php55-odbc<5.5.38\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php56-odbc<5.6.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-odbc<7.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php55-snmp<5.5.38\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php56-snmp<5.6.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-snmp<7.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php55-xmlrpc<5.5.38\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php56-xmlrpc<5.6.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-xmlrpc<7.0.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php55-zip<5.5.38\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php56-zip<5.6.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-zip<7.0.9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:41:57", "description": "This update of PHP5 brings several security fixes.\n\nSecurity fixes :\n\n - CVE-2015-6831: A use after free vulnerability in unserialize() has been fixed which could be used to crash php or potentially execute code. [bnc#942291] [bnc#942294] [bnc#942295]\n\n - CVE-2015-6836: A SOAP serialize_function_call() type confusion leading to remote code execution problem was fixed. [bnc#945428]\n\n - CVE-2015-6837 CVE-2015-6838: Two NULL pointer dereferences in the XSLTProcessor class were fixed.\n [bnc#945412]\n\nIt also includes a bugfix for the odbc module :\n\n - compare with SQL_NULL_DATA correctly [bnc#935074]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2015-10-27T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : php53 (SUSE-SU-2015:1818-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-6831", "CVE-2015-6833", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6838"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_php53", "p-cpe:/a:novell:suse_linux:php53", "p-cpe:/a:novell:suse_linux:php53-bcmath", "p-cpe:/a:novell:suse_linux:php53-bz2", "p-cpe:/a:novell:suse_linux:php53-calendar", "p-cpe:/a:novell:suse_linux:php53-ctype", "p-cpe:/a:novell:suse_linux:php53-curl", "p-cpe:/a:novell:suse_linux:php53-dba", "p-cpe:/a:novell:suse_linux:php53-dom", "p-cpe:/a:novell:suse_linux:php53-exif", "p-cpe:/a:novell:suse_linux:php53-fastcgi", "p-cpe:/a:novell:suse_linux:php53-fileinfo", "p-cpe:/a:novell:suse_linux:php53-ftp", "p-cpe:/a:novell:suse_linux:php53-gd", "p-cpe:/a:novell:suse_linux:php53-gettext", "p-cpe:/a:novell:suse_linux:php53-gmp", "p-cpe:/a:novell:suse_linux:php53-iconv", "p-cpe:/a:novell:suse_linux:php53-intl", "p-cpe:/a:novell:suse_linux:php53-json", "p-cpe:/a:novell:suse_linux:php53-ldap", "p-cpe:/a:novell:suse_linux:php53-mbstring", "p-cpe:/a:novell:suse_linux:php53-mcrypt", "p-cpe:/a:novell:suse_linux:php53-mysql", "p-cpe:/a:novell:suse_linux:php53-odbc", "p-cpe:/a:novell:suse_linux:php53-openssl", "p-cpe:/a:novell:suse_linux:php53-pcntl", "p-cpe:/a:novell:suse_linux:php53-pdo", "p-cpe:/a:novell:suse_linux:php53-pear", "p-cpe:/a:novell:suse_linux:php53-pgsql", "p-cpe:/a:novell:suse_linux:php53-pspell", "p-cpe:/a:novell:suse_linux:php53-shmop", "p-cpe:/a:novell:suse_linux:php53-snmp", "p-cpe:/a:novell:suse_linux:php53-soap", "p-cpe:/a:novell:suse_linux:php53-suhosin", "p-cpe:/a:novell:suse_linux:php53-sysvmsg", "p-cpe:/a:novell:suse_linux:php53-sysvsem", "p-cpe:/a:novell:suse_linux:php53-sysvshm", "p-cpe:/a:novell:suse_linux:php53-tokenizer", "p-cpe:/a:novell:suse_linux:php53-wddx", "p-cpe:/a:novell:suse_linux:php53-xmlreader", "p-cpe:/a:novell:suse_linux:php53-xmlrpc", "p-cpe:/a:novell:suse_linux:php53-xmlwriter", "p-cpe:/a:novell:suse_linux:php53-xsl", "p-cpe:/a:novell:suse_linux:php53-zip", "p-cpe:/a:novell:suse_linux:php53-zlib", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2015-1818-1.NASL", "href": "https://www.tenable.com/plugins/nessus/86616", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1818-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86616);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-6831\", \"CVE-2015-6833\", \"CVE-2015-6836\", \"CVE-2015-6837\", \"CVE-2015-6838\");\n\n script_name(english:\"SUSE SLES11 Security Update : php53 (SUSE-SU-2015:1818-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of PHP5 brings several security fixes.\n\nSecurity fixes :\n\n - CVE-2015-6831: A use after free vulnerability in\n unserialize() has been fixed which could be used to\n crash php or potentially execute code. [bnc#942291]\n [bnc#942294] [bnc#942295]\n\n - CVE-2015-6836: A SOAP serialize_function_call() type\n confusion leading to remote code execution problem was\n fixed. [bnc#945428]\n\n - CVE-2015-6837 CVE-2015-6838: Two NULL pointer\n dereferences in the XSLTProcessor class were fixed.\n [bnc#945412]\n\nIt also includes a bugfix for the odbc module :\n\n - compare with SQL_NULL_DATA correctly [bnc#935074]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935074\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942291\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942294\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942295\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942296\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945412\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-6831/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-6833/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-6836/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-6837/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-6838/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151818-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?db1bd10e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4 :\n\nzypper in -t patch sdksp4-php53-12163=1\n\nSUSE Linux Enterprise Software Development Kit 11-SP3 :\n\nzypper in -t patch sdksp3-php53-12163=1\n\nSUSE Linux Enterprise Server for VMWare 11-SP3 :\n\nzypper in -t patch slessp3-php53-12163=1\n\nSUSE Linux Enterprise Server 11-SP4 :\n\nzypper in -t patch slessp4-php53-12163=1\n\nSUSE Linux Enterprise Server 11-SP3 :\n\nzypper in -t patch slessp3-php53-12163=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4 :\n\nzypper in -t patch dbgsp4-php53-12163=1\n\nSUSE Linux Enterprise Debuginfo 11-SP3 :\n\nzypper in -t patch dbgsp3-php53-12163=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/01/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"apache2-mod_php53-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-bcmath-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-bz2-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-calendar-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-ctype-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-curl-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-dba-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-dom-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-exif-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-fastcgi-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-fileinfo-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-ftp-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-gd-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-gettext-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-gmp-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-iconv-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-intl-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-json-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-ldap-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-mbstring-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-mcrypt-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-mysql-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-odbc-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-openssl-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pcntl-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pdo-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pear-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pgsql-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pspell-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-shmop-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-snmp-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-soap-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-suhosin-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-sysvmsg-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-sysvsem-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-sysvshm-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-tokenizer-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-wddx-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xmlreader-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xmlrpc-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xmlwriter-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xsl-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-zip-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-zlib-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"apache2-mod_php53-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-bcmath-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-bz2-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-calendar-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-ctype-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-curl-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-dba-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-dom-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-exif-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-fastcgi-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-fileinfo-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-ftp-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-gd-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-gettext-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-gmp-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-iconv-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-intl-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-json-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-ldap-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-mbstring-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-mcrypt-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-mysql-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-odbc-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-openssl-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-pcntl-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-pdo-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-pear-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-pgsql-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-pspell-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-shmop-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-snmp-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-soap-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-suhosin-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-sysvmsg-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-sysvsem-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-sysvshm-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-tokenizer-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-wddx-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-xmlreader-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-xmlrpc-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-xmlwriter-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-xsl-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-zip-5.3.17-48.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"php53-zlib-5.3.17-48.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:56:28", "description": "This update for php5 fixes the following security issues :\n\n - CVE-2016-7411: Memory corruption when destructing deserialized object\n\n - CVE-2016-7412: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field\n\n - CVE-2016-7413: Use after free in wddx_deserialize\n\n - CVE-2016-7414: Out of bounds heap read when verifying signature of zip phar in phar_parse_zipfile\n\n - CVE-2016-7416: Stack based buffer overflow in msgfmt_format_message\n\n - CVE-2016-7417: Missing type check when unserializing SplArray\n\n - CVE-2016-7418: NULL pointer dereference in php_wddx_push_element", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : php5 (openSUSE-2016-1150)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7411", "CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:php5-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:php5-curl-debuginfo", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-dba-debuginfo", "p-cpe:/a:novell:opensuse:php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-debugsource", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-dom-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-exif-debuginfo", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php5-firebird", "p-cpe:/a:novell:opensuse:php5-firebird-debuginfo", "p-cpe:/a:novell:opensuse:php5-fpm", "p-cpe:/a:novell:opensuse:php5-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-gd-debuginfo", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-imap-debuginfo", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-intl-debuginfo", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-json-debuginfo", "p-cpe:/a:novell:opensuse:php5-ldap", "p-cpe:/a:novell:opensuse:php5-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo", "p-cpe:/a:novell:opensuse:php5-mssql", "p-cpe:/a:novell:opensuse:php5-mssql-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php5-opcache", "p-cpe:/a:novell:opensuse:php5-opcache-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-pdo-debuginfo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-phar-debuginfo", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-posix-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-pspell-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-readline-debuginfo", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-soap-debuginfo", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-zip-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib", "p-cpe:/a:novell:opensuse:php5-zlib-debuginfo", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2016-1150.NASL", "href": "https://www.tenable.com/plugins/nessus/93853", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1150.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93853);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-7411\", \"CVE-2016-7412\", \"CVE-2016-7413\", \"CVE-2016-7414\", \"CVE-2016-7416\", \"CVE-2016-7417\", \"CVE-2016-7418\");\n\n script_name(english:\"openSUSE Security Update : php5 (openSUSE-2016-1150)\");\n script_summary(english:\"Check for the openSUSE-2016-1150 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for php5 fixes the following security issues :\n\n - CVE-2016-7411: Memory corruption when destructing\n deserialized object\n\n - CVE-2016-7412: Heap overflow in mysqlnd when not\n receiving UNSIGNED_FLAG in BIT field\n\n - CVE-2016-7413: Use after free in wddx_deserialize\n\n - CVE-2016-7414: Out of bounds heap read when verifying\n signature of zip phar in phar_parse_zipfile\n\n - CVE-2016-7416: Stack based buffer overflow in\n msgfmt_format_message\n\n - CVE-2016-7417: Missing type check when unserializing\n SplArray\n\n - CVE-2016-7418: NULL pointer dereference in\n php_wddx_push_element\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=999679\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=999680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=999682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=999684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=999685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=999819\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=999820\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-opcache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"apache2-mod_php5-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"apache2-mod_php5-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bcmath-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bcmath-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bz2-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bz2-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-calendar-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-calendar-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ctype-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ctype-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-curl-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-curl-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dba-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dba-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-debugsource-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-devel-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dom-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dom-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-enchant-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-enchant-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-exif-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-exif-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fastcgi-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fastcgi-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fileinfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fileinfo-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-firebird-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-firebird-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fpm-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fpm-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ftp-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ftp-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gd-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gd-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gettext-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gettext-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gmp-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gmp-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-iconv-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-iconv-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-imap-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-imap-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-intl-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-intl-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-json-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-json-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ldap-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ldap-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mbstring-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mbstring-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mcrypt-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mcrypt-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mssql-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mssql-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mysql-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mysql-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-odbc-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-odbc-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-opcache-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-opcache-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-openssl-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-openssl-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pcntl-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pcntl-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pdo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pdo-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pear-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pgsql-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pgsql-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-phar-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-phar-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-posix-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-posix-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pspell-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pspell-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-readline-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-readline-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-shmop-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-shmop-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-snmp-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-snmp-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-soap-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-soap-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sockets-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sockets-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sqlite-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sqlite-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-suhosin-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-suhosin-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvmsg-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvmsg-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvsem-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvsem-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvshm-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvshm-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tidy-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tidy-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tokenizer-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tokenizer-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-wddx-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-wddx-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlreader-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlreader-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlrpc-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlrpc-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlwriter-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlwriter-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xsl-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xsl-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zip-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zip-debuginfo-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zlib-5.6.1-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zlib-debuginfo-5.6.1-78.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:53:04", "description": "According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.26. It is, therefore, affected by multiple vulnerabilities :\n\n - A flaw exists in ext/standard/var_unserializer.re when destroying deserialized objects due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a deserialize call that references a partially constructed object, to corrupt memory, resulting in a denial of service condition. (CVE-2016-7411)\n\n - An heap buffer overflow condition exists in the php_mysqlnd_rowp_read_text_protocol_aux() function within file ext/mysqlnd/mysqlnd_wireprotocol.c due to a failure to verify that a BIT field has the UNSIGNED_FLAG flag. An unauthenticated, remote attacker can exploit this, via specially crafted field metadata, to cause a denial of service condition. (CVE-2016-7412)\n\n - A use-after-free error exists in the wddx_stack_destroy() function within file ext/wddx/wddx.c when deserializing recordset elements.\n An unauthenticated, remote attacker can exploit this, via a specially crafted wddxPacket XML document, to cause a denial of service condition. (CVE-2016-7413)\n\n - An out-of-bounds access error exists in the phar_parse_zipfile() function within file ext/phar/zip.c due to a failure to ensure that the uncompressed_filesize field is large enough. An unauthenticated, remote attacker can exploit this, via a specially crafted archive, to cause a denial of service condition. (CVE-2016-7414)\n\n - A stack-based buffer overflow condition exists in the ICU4C library, specifically within file common/locid.cpp in the msgfmt_format_message() function, due to a failure to properly restrict the locale length provided to the Locale class. An unauthenticated, remote attacker can exploit this, via a long first argument to a MessageFormatter::formatMessage() function call, to cause a denial of service condition. (CVE-2016-7416)\n\n - A flaw exists in the spl_array_get_dimension_ptr_ptr() function within file ext/spl/spl_array.c due to a failure to properly validate the return value and data type when deserializing SplArray. An unauthenticated, remote attacker can exploit this, via specially crafted serialized data, to cause a denial of service condition.\n (CVE-2016-7417)\n\n - An out-of-bounds read error exists in the php_wddx_push_element() function within file ext/wddx/wddx.c when handling an incorrect boolean element, which leads to mishandling the wddx_deserialize() call. An unauthenticated, remote attacker can exploit this, via a specially crafted wddxPacket XML document, to cause a denial of service condition. (CVE-2016-7418)\n\n - An out-of-bounds access error exists in the phar_parse_tarfile() function within file ext/phar/tar.c when handling the verification of signatures. An unauthenticated, remote attacker can exploit this to cause an unspecified impact.\n\n - An integer overflow condition exists in the fgetcsv() function when handling CSV field lengths due to improper validation of certain input. An unauthenticated, remote attacker can exploit this to corrupt memory, resulting in a denial of service condition or the execution of arbitrary code.\n\n - An integer overflow condition exists in the wordwrap() function within file ext/standard/string.c due to improper validation of certain input. An unauthenticated, remote attacker can exploit this to corrupt memory, resulting in a denial of service condition or the execution of arbitrary code.\n\n - An integer overflow condition exists in the fgets() function within file ext/standard/file.c due to improper validation of certain input. An unauthenticated, remote attacker can exploit this to corrupt memory, resulting in a denial of service condition or the execution of arbitrary code.\n\n - An integer overflow condition exists in the xml_utf8_encode() function within file ext/xml/xml.c due to improper validation of certain input. An unauthenticated, remote attacker can exploit this to cause an unspecified impact.\n\n - A flaw exists in the exif_process_IFD_in_TIFF() function within file ext/exif/exif.c when handling uninitialized thumbnail data. An unauthenticated, remote attacker can exploit this to disclose memory contents.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-09-22T00:00:00", "type": "nessus", "title": "PHP 5.6.x < 5.6.26 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7411", "CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_6_26.NASL", "href": "https://www.tenable.com/plugins/nessus/93656", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93656);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2016-7411\",\n \"CVE-2016-7412\",\n \"CVE-2016-7413\",\n \"CVE-2016-7414\",\n \"CVE-2016-7416\",\n \"CVE-2016-7417\",\n \"CVE-2016-7418\"\n );\n script_bugtraq_id(\n 93004,\n 93005,\n 93006,\n 93007,\n 93008,\n 93009,\n 93011\n );\n\n script_name(english:\"PHP 5.6.x < 5.6.26 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of PHP running on the remote web server is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP running on the remote web\nserver is 5.6.x prior to 5.6.26. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A flaw exists in ext/standard/var_unserializer.re when\n destroying deserialized objects due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit this, via a deserialize\n call that references a partially constructed object, to\n corrupt memory, resulting in a denial of service\n condition. (CVE-2016-7411)\n\n - An heap buffer overflow condition exists in the\n php_mysqlnd_rowp_read_text_protocol_aux() function\n within file ext/mysqlnd/mysqlnd_wireprotocol.c due to\n a failure to verify that a BIT field has the\n UNSIGNED_FLAG flag. An unauthenticated, remote attacker\n can exploit this, via specially crafted field metadata,\n to cause a denial of service condition. (CVE-2016-7412)\n\n - A use-after-free error exists in the\n wddx_stack_destroy() function within file\n ext/wddx/wddx.c when deserializing recordset elements.\n An unauthenticated, remote attacker can exploit this,\n via a specially crafted wddxPacket XML document, to\n cause a denial of service condition. (CVE-2016-7413)\n\n - An out-of-bounds access error exists in the\n phar_parse_zipfile() function within file ext/phar/zip.c\n due to a failure to ensure that the\n uncompressed_filesize field is large enough. An\n unauthenticated, remote attacker can exploit this, via a\n specially crafted archive, to cause a denial of service\n condition. (CVE-2016-7414)\n\n - A stack-based buffer overflow condition exists in the\n ICU4C library, specifically within file common/locid.cpp\n in the msgfmt_format_message() function, due to a\n failure to properly restrict the locale length provided\n to the Locale class. An unauthenticated, remote attacker\n can exploit this, via a long first argument to a\n MessageFormatter::formatMessage() function call, to\n cause a denial of service condition. (CVE-2016-7416)\n\n - A flaw exists in the spl_array_get_dimension_ptr_ptr()\n function within file ext/spl/spl_array.c due to a\n failure to properly validate the return value and data\n type when deserializing SplArray. An unauthenticated,\n remote attacker can exploit this, via specially crafted\n serialized data, to cause a denial of service condition.\n (CVE-2016-7417)\n\n - An out-of-bounds read error exists in the\n php_wddx_push_element() function within file\n ext/wddx/wddx.c when handling an incorrect boolean\n element, which leads to mishandling the\n wddx_deserialize() call. An unauthenticated, remote\n attacker can exploit this, via a specially crafted\n wddxPacket XML document, to cause a denial of service\n condition. (CVE-2016-7418)\n\n - An out-of-bounds access error exists in the\n phar_parse_tarfile() function within file ext/phar/tar.c\n when handling the verification of signatures. An\n unauthenticated, remote attacker can exploit this to\n cause an unspecified impact.\n\n - An integer overflow condition exists in the fgetcsv()\n function when handling CSV field lengths due to improper\n validation of certain input. An unauthenticated, remote\n attacker can exploit this to corrupt memory, resulting\n in a denial of service condition or the execution of\n arbitrary code.\n\n - An integer overflow condition exists in the wordwrap()\n function within file ext/standard/string.c due to\n improper validation of certain input. An\n unauthenticated, remote attacker can exploit this to\n corrupt memory, resulting in a denial of service\n condition or the execution of arbitrary code.\n\n - An integer overflow condition exists in the fgets()\n function within file ext/standard/file.c due to improper\n validation of certain input. An unauthenticated, remote\n attacker can exploit this to corrupt memory, resulting\n in a denial of service condition or the execution of\n arbitrary code.\n\n - An integer overflow condition exists in the\n xml_utf8_encode() function within file ext/xml/xml.c due\n to improper validation of certain input. An\n unauthenticated, remote attacker can exploit this to\n cause an unspecified impact.\n\n - A flaw exists in the exif_process_IFD_in_TIFF() function\n within file ext/exif/exif.c when handling uninitialized\n thumbnail data. An unauthenticated, remote attacker can\n exploit this to disclose memory contents.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://secure.php.net/ChangeLog-5.php#5.6.26\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.6.26 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-7411\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported)\n audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.6)?$\")\n audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.6\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.6.x\", port);\n\nif (version =~ \"^5\\.6\\.\" && ver_compare(ver:version, fix:\"5.6.26\", strict:FALSE) < 0){\n security_report_v4(\n port : port,\n extra :\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 5.6.26' +\n '\\n',\n severity:SECURITY_HOLE\n );\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:58:48", "description": "ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object (CVE-2016-7411).\n\next/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag, which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata (CVE-2016-7412).\n\nUse-after-free vulnerability in the wddx_stack_destroy function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a wddxPacket XML document that lacks an end-tag for a recordset field element, leading to mishandling in a wddx_deserialize call (CVE-2016-7413).\n\nThe ZIP signature-verification feature in PHP before 5.6.26 and 7.x before 7.0.11 does not ensure that the uncompressed_filesize field is large enough, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via a crafted PHAR archive, related to ext/phar/util.c and ext/phar/zip.c (CVE-2016-7414).\n\next/intl/msgformat/msgformat_format.c in PHP before 5.6.26 and 7.x before 7.0.11 does not properly restrict the locale length provided to the Locale class in the ICU library, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a MessageFormatter::formatMessage call with a long first argument (CVE-2016-7416).\n\next/spl/spl_array.c in PHP before 5.6.26 and 7.x before 7.0.11 proceeds with SplArray unserialization without validating a return value and data type, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data (CVE-2016-7417).\n\nThe php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service (invalid pointer access and out-of-bounds read) or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call (CVE-2016-7418).", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-13T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : php56 (ALAS-2016-753)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7411", "CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php56", "p-cpe:/a:amazon:linux:php56-bcmath", "p-cpe:/a:amazon:linux:php56-cli", "p-cpe:/a:amazon:linux:php56-common", "p-cpe:/a:amazon:linux:php56-dba", "p-cpe:/a:amazon:linux:php56-dbg", "p-cpe:/a:amazon:linux:php56-debuginfo", "p-cpe:/a:amazon:linux:php56-devel", "p-cpe:/a:amazon:linux:php56-embedded", "p-cpe:/a:amazon:linux:php56-enchant", "p-cpe:/a:amazon:linux:php56-fpm", "p-cpe:/a:amazon:linux:php56-gd", "p-cpe:/a:amazon:linux:php56-gmp", "p-cpe:/a:amazon:linux:php56-imap", "p-cpe:/a:amazon:linux:php56-intl", "p-cpe:/a:amazon:linux:php56-ldap", "p-cpe:/a:amazon:linux:php56-mbstring", "p-cpe:/a:amazon:linux:php56-mcrypt", "p-cpe:/a:amazon:linux:php56-mssql", "p-cpe:/a:amazon:linux:php56-mysqlnd", "p-cpe:/a:amazon:linux:php56-odbc", "p-cpe:/a:amazon:linux:php56-opcache", "p-cpe:/a:amazon:linux:php56-pdo", "p-cpe:/a:amazon:linux:php56-pgsql", "p-cpe:/a:amazon:linux:php56-process", "p-cpe:/a:amazon:linux:php56-pspell", "p-cpe:/a:amazon:linux:php56-recode", "p-cpe:/a:amazon:linux:php56-snmp", "p-cpe:/a:amazon:linux:php56-soap", "p-cpe:/a:amazon:linux:php56-tidy", "p-cpe:/a:amazon:linux:php56-xml", "p-cpe:/a:amazon:linux:php56-xmlrpc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2016-753.NASL", "href": "https://www.tenable.com/plugins/nessus/94019", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2016-753.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94019);\n script_version(\"2.4\");\n script_cvs_date(\"Date: 2018/04/18 15:09:36\");\n\n script_cve_id(\"CVE-2016-7411\", \"CVE-2016-7412\", \"CVE-2016-7413\", \"CVE-2016-7414\", \"CVE-2016-7416\", \"CVE-2016-7417\", \"CVE-2016-7418\");\n script_xref(name:\"ALAS\", value:\"2016-753\");\n\n script_name(english:\"Amazon Linux AMI : php56 (ALAS-2016-753)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles\nobject-deserialization failures, which allows remote attackers to\ncause a denial of service (memory corruption) or possibly have\nunspecified other impact via an unserialize call that references a\npartially constructed object (CVE-2016-7411).\n\next/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before\n7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag,\nwhich allows remote MySQL servers to cause a denial of service\n(heap-based buffer overflow) or possibly have unspecified other impact\nvia crafted field metadata (CVE-2016-7412).\n\nUse-after-free vulnerability in the wddx_stack_destroy function in\next/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows\nremote attackers to cause a denial of service or possibly have\nunspecified other impact via a wddxPacket XML document that lacks an\nend-tag for a recordset field element, leading to mishandling in a\nwddx_deserialize call (CVE-2016-7413).\n\nThe ZIP signature-verification feature in PHP before 5.6.26 and 7.x\nbefore 7.0.11 does not ensure that the uncompressed_filesize field is\nlarge enough, which allows remote attackers to cause a denial of\nservice (out-of-bounds memory access) or possibly have unspecified\nother impact via a crafted PHAR archive, related to ext/phar/util.c\nand ext/phar/zip.c (CVE-2016-7414).\n\next/intl/msgformat/msgformat_format.c in PHP before 5.6.26 and 7.x\nbefore 7.0.11 does not properly restrict the locale length provided to\nthe Locale class in the ICU library, which allows remote attackers to\ncause a denial of service (application crash) or possibly have\nunspecified other impact via a MessageFormatter::formatMessage call\nwith a long first argument (CVE-2016-7416).\n\next/spl/spl_array.c in PHP before 5.6.26 and 7.x before 7.0.11\nproceeds with SplArray unserialization without validating a return\nvalue and data type, which allows remote attackers to cause a denial\nof service or possibly have unspecified other impact via crafted\nserialized data (CVE-2016-7417).\n\nThe php_wddx_push_element function in ext/wddx/wddx.c in PHP before\n5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial\nof service (invalid pointer access and out-of-bounds read) or possibly\nhave unspecified other impact via an incorrect boolean element in a\nwddxPacket XML document, leading to mishandling in a wddx_deserialize\ncall (CVE-2016-7418).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2016-753.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php56' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php56-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-bcmath-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-cli-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-common-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-dba-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-dbg-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-debuginfo-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-devel-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-embedded-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-enchant-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-fpm-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-gd-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-gmp-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-imap-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-intl-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-ldap-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mbstring-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mcrypt-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mssql-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mysqlnd-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-odbc-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-opcache-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pdo-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pgsql-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-process-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pspell-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-recode-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-snmp-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-soap-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-tidy-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-xml-5.6.26-1.128.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-xmlrpc-5.6.26-1.128.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php56 / php56-bcmath / php56-cli / php56-common / php56-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:58:05", "description": "This update for php5 fixes the following security issues :\n\n - CVE-2016-7411: php5: Memory corruption when destructing deserialized object\n\n - CVE-2016-7412: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field\n\n - CVE-2016-7413: Use after free in wddx_deserialize\n\n - CVE-2016-7414: Out of bounds heap read when verifying signature of zip phar in phar_parse_zipfile\n\n - CVE-2016-7416: Stack based buffer overflow in msgfmt_format_message\n\n - CVE-2016-7417: Missing type check when unserializing SplArray\n\n - CVE-2016-7418: NULL pointer dereference in php_wddx_push_element\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-17T00:00:00", "type": "nessus", "title": "openSUSE Security Update : php5 (openSUSE-2016-1193)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7411", "CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:php5-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:php5-curl-debuginfo", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-dba-debuginfo", "p-cpe:/a:novell:opensuse:php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-debugsource", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-dom-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-exif-debuginfo", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php5-firebird", "p-cpe:/a:novell:opensuse:php5-firebird-debuginfo", "p-cpe:/a:novell:opensuse:php5-fpm", "p-cpe:/a:novell:opensuse:php5-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-gd-debuginfo", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-imap-debuginfo", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-intl-debuginfo", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-json-debuginfo", "p-cpe:/a:novell:opensuse:php5-ldap", "p-cpe:/a:novell:opensuse:php5-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo", "p-cpe:/a:novell:opensuse:php5-mssql", "p-cpe:/a:novell:opensuse:php5-mssql-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php5-opcache", "p-cpe:/a:novell:opensuse:php5-opcache-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-pdo-debuginfo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-phar-debuginfo", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-posix-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-pspell-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-readline-debuginfo", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-soap-debuginfo", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-zip-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib", "p-cpe:/a:novell:opensuse:php5-zlib-debuginfo", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-1193.NASL", "href": "https://www.tenable.com/plugins/nessus/94089", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1193.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94089);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-7411\", \"CVE-2016-7412\", \"CVE-2016-7413\", \"CVE-2016-7414\", \"CVE-2016-7416\", \"CVE-2016-7417\", \"CVE-2016-7418\");\n\n script_name(english:\"openSUSE Security Update : php5 (openSUSE-2016-1193)\");\n script_summary(english:\"Check for the openSUSE-2016-1193 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for php5 fixes the following security issues :\n\n - CVE-2016-7411: php5: Memory corruption when destructing\n deserialized object\n\n - CVE-2016-7412: Heap overflow in mysqlnd when not\n receiving UNSIGNED_FLAG in BIT field\n\n - CVE-2016-7413: Use after free in wddx_deserialize\n\n - CVE-2016-7414: Out of bounds heap read when verifying\n signature of zip phar in phar_parse_zipfile\n\n - CVE-2016-7416: Stack based buffer overflow in\n msgfmt_format_message\n\n - CVE-2016-7417: Missing type check when unserializing\n SplArray\n\n - CVE-2016-7418: NULL pointer dereference in\n php_wddx_push_element\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=999679\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=999680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=999682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=999684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=999685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=999819\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=999820\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-opcache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"apache2-mod_php5-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"apache2-mod_php5-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-bcmath-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-bcmath-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-bz2-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-bz2-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-calendar-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-calendar-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-ctype-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-ctype-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-curl-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-curl-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-dba-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-dba-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-debugsource-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-devel-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-dom-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-dom-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-enchant-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-enchant-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-exif-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-exif-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-fastcgi-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-fastcgi-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-fileinfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-fileinfo-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-firebird-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-firebird-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-fpm-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-fpm-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-ftp-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-ftp-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-gd-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-gd-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-gettext-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-gettext-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-gmp-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-gmp-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-iconv-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-iconv-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-imap-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-imap-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-intl-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-intl-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-json-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-json-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-ldap-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-ldap-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-mbstring-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-mbstring-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-mcrypt-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-mcrypt-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-mssql-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-mssql-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-mysql-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-mysql-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-odbc-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-odbc-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-opcache-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-opcache-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-openssl-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-openssl-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-pcntl-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-pcntl-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-pdo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-pdo-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-pear-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-pgsql-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-pgsql-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-phar-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-phar-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-posix-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-posix-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-pspell-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-pspell-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-readline-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-readline-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-shmop-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-shmop-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-snmp-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-snmp-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-soap-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-soap-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-sockets-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-sockets-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-sqlite-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-sqlite-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-suhosin-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-suhosin-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-sysvmsg-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-sysvmsg-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-sysvsem-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-sysvsem-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-sysvshm-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-sysvshm-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-tidy-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-tidy-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-tokenizer-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-tokenizer-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-wddx-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-wddx-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-xmlreader-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-xmlreader-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-xmlrpc-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-xmlrpc-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-xmlwriter-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-xmlwriter-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-xsl-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-xsl-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-zip-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-zip-debuginfo-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-zlib-5.5.14-62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"php5-zlib-debuginfo-5.5.14-62.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:52:25", "description": "New php packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix security issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-09-26T00:00:00", "type": "nessus", "title": "Slackware 14.0 / 14.1 / 14.2 / current : php (SSA:2016-267-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7411", "CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:php", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2016-267-01.NASL", "href": "https://www.tenable.com/plugins/nessus/93687", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2016-267-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93687);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-7411\", \"CVE-2016-7412\", \"CVE-2016-7413\", \"CVE-2016-7414\", \"CVE-2016-7416\", \"CVE-2016-7417\", \"CVE-2016-7418\");\n script_xref(name:\"SSA\", value:\"2016-267-01\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / 14.2 / current : php (SSA:2016-267-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New php packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.449886\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?39115ff5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"php\", pkgver:\"5.6.26\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.6.26\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"php\", pkgver:\"5.6.26\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.6.26\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"php\", pkgver:\"5.6.26\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.6.26\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"php\", pkgver:\"5.6.26\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.6.26\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:52:36", "description": "15 Sep 2016 **PHP version 5.6.26**\n\n**Core:**\n\n - Fixed bug php#72907 (NULL pointer deref, segfault in gc_remove_zval_from_buffer (zend_gc.c:260)). (Laruence)\n\n**Dba:**\n\n - Fixed bug php#71514 (Bad dba_replace condition because of wrong API usage). (cmb)\n\n - Fixed bug php#70825 (Cannot fetch multiple values with group in ini file). (cmb)\n\n**EXIF:**\n\n - Fixed bug php#72926 (Uninitialized Thumbail Data Leads To Memory Leakage in exif_process_IFD_in_TIFF). (Stas)\n\n**FTP:**\n\n - Fixed bug php#70195 (Cannot upload file using ftp_put to FTPES with require_ssl_reuse). (Benedict Singer)\n\n**GD:**\n\n - Fixed bug php#66005 (imagecopy does not support 1bit transparency on truecolor images). (cmb)\n\n - Fixed bug php#72913 (imagecopy() loses single-color transparency on palette images). (cmb)\n\n - Fixed bug php#68716 (possible resource leaks in\n _php_image_convert()). (cmb)\n\n**Intl:**\n\n - Fixed bug php#73007 (add locale length check). (Stas)\n\n**JSON:**\n\n - Fixed bug php#72787 (json_decode reads out of bounds).\n (Jakub Zelenka)\n\n**mbstring:**\n\n - Fixed bug php#66797 (mb_substr only takes 32-bit signed integer). (cmb)\n\n - Fixed bug php#72910 (Out of bounds heap read in mbc_to_code() / triggered by mb_ereg_match()). (Stas)\n\n**MSSQL:**\n\n - Fixed bug php#72039 (Use of uninitialised value on mssql_guid_string). (Kalle)\n\n**Mysqlnd:**\n\n - Fixed bug php#72293 (Heap overflow in mysqlnd related to BIT fields). (Stas)\n\n**Phar:**\n\n - Fixed bug php#72928 (Out of bound when verify signature of zip phar in phar_parse_zipfile). (Stas)\n\n - Fixed bug php#73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile). (Stas)\n\n**PDO:**\n\n - Fixed bug php#60665 (call to empty() on NULL result using PDO::FETCH_LAZY returns false). (cmb)\n\n**PDO_pgsql:**\n\n - Implemented FR php#72633 (Postgres PDO lastInsertId() should work without specifying a sequence). (Pablo Santiago S&aacute;nchez, Matteo)\n\n - Fixed bug php#72759 (Regression in pgo_pgsql). (Anatol)\n\n**SPL:**\n\n - Fixed bug php#73029 (Missing type check when unserializing SplArray). (Stas)\n\n**Standard:**\n\n - Fixed bug php#72823 (strtr out-of-bound access). (cmb)\n\n - Fixed bug php#72278 (getimagesize returning FALSE on valid jpg). (cmb)\n\n - Fixed bug php#65550 (get_browser() incorrectly parses entries with '+' sign). (cmb)\n\n - Fixed bug php#71882 (Negative ftruncate() on php://memory exhausts memory). (cmb)\n\n - Fixed bug php#73011 (integer overflow in fgets cause heap corruption). (Stas)\n\n - Fixed bug php#73017 (memory corruption in wordwrap function). (Stas)\n\n - Fixed bug php#73045 (integer overflow in fgetcsv caused heap corruption). (Stas)\n\n - Fixed bug php#73052 (Memory Corruption in During Deserialized-object Destruction) (Stas)\n\n**Streams:**\n\n - Fixed bug php#72853 (stream_set_blocking doesn't work).\n (Laruence)\n\n**Wddx:**\n\n - Fixed bug php#72860 (wddx_deserialize use-after-free).\n (Stas)\n\n - Fixed bug php#73065 (Out-Of-Bounds Read in php_wddx_push_element). (Stas)\n\n**XML:**\n\n - Fixed bug php#72085 (SEGV on unknown address zif_xml_parse). (cmb)\n\n - Fixed bug php#72927 (integer overflow in xml_utf8_encode). (Stas)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-09-27T00:00:00", "type": "nessus", "title": "Fedora 24 : php (2016-62fc05fd68)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7411", "CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-62FC05FD68.NASL", "href": "https://www.tenable.com/plugins/nessus/93726", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-62fc05fd68.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93726);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-7411\", \"CVE-2016-7412\", \"CVE-2016-7413\", \"CVE-2016-7414\", \"CVE-2016-7416\", \"CVE-2016-7417\", \"CVE-2016-7418\");\n script_xref(name:\"FEDORA\", value:\"2016-62fc05fd68\");\n\n script_name(english:\"Fedora 24 : php (2016-62fc05fd68)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"15 Sep 2016 **PHP version 5.6.26**\n\n**Core:**\n\n - Fixed bug php#72907 (NULL pointer deref, segfault in\n gc_remove_zval_from_buffer (zend_gc.c:260)). (Laruence)\n\n**Dba:**\n\n - Fixed bug php#71514 (Bad dba_replace condition because\n of wrong API usage). (cmb)\n\n - Fixed bug php#70825 (Cannot fetch multiple values with\n group in ini file). (cmb)\n\n**EXIF:**\n\n - Fixed bug php#72926 (Uninitialized Thumbail Data Leads\n To Memory Leakage in exif_process_IFD_in_TIFF). (Stas)\n\n**FTP:**\n\n - Fixed bug php#70195 (Cannot upload file using ftp_put to\n FTPES with require_ssl_reuse). (Benedict Singer)\n\n**GD:**\n\n - Fixed bug php#66005 (imagecopy does not support 1bit\n transparency on truecolor images). (cmb)\n\n - Fixed bug php#72913 (imagecopy() loses single-color\n transparency on palette images). (cmb)\n\n - Fixed bug php#68716 (possible resource leaks in\n _php_image_convert()). (cmb)\n\n**Intl:**\n\n - Fixed bug php#73007 (add locale length check). (Stas)\n\n**JSON:**\n\n - Fixed bug php#72787 (json_decode reads out of bounds).\n (Jakub Zelenka)\n\n**mbstring:**\n\n - Fixed bug php#66797 (mb_substr only takes 32-bit signed\n integer). (cmb)\n\n - Fixed bug php#72910 (Out of bounds heap read in\n mbc_to_code() / triggered by mb_ereg_match()). (Stas)\n\n**MSSQL:**\n\n - Fixed bug php#72039 (Use of uninitialised value on\n mssql_guid_string). (Kalle)\n\n**Mysqlnd:**\n\n - Fixed bug php#72293 (Heap overflow in mysqlnd related to\n BIT fields). (Stas)\n\n**Phar:**\n\n - Fixed bug php#72928 (Out of bound when verify signature\n of zip phar in phar_parse_zipfile). (Stas)\n\n - Fixed bug php#73035 (Out of bound when verify signature\n of tar phar in phar_parse_tarfile). (Stas)\n\n**PDO:**\n\n - Fixed bug php#60665 (call to empty() on NULL result\n using PDO::FETCH_LAZY returns false). (cmb)\n\n**PDO_pgsql:**\n\n - Implemented FR php#72633 (Postgres PDO lastInsertId()\n should work without specifying a sequence). (Pablo\n Santiago S&aacute;nchez, Matteo)\n\n - Fixed bug php#72759 (Regression in pgo_pgsql). (Anatol)\n\n**SPL:**\n\n - Fixed bug php#73029 (Missing type check when\n unserializing SplArray). (Stas)\n\n**Standard:**\n\n - Fixed bug php#72823 (strtr out-of-bound access). (cmb)\n\n - Fixed bug php#72278 (getimagesize returning FALSE on\n valid jpg). (cmb)\n\n - Fixed bug php#65550 (get_browser() incorrectly parses\n entries with '+' sign). (cmb)\n\n - Fixed bug php#71882 (Negative ftruncate() on\n php://memory exhausts memory). (cmb)\n\n - Fixed bug php#73011 (integer overflow in fgets cause\n heap corruption). (Stas)\n\n - Fixed bug php#73017 (memory corruption in wordwrap\n function). (Stas)\n\n - Fixed bug php#73045 (integer overflow in fgetcsv caused\n heap corruption). (Stas)\n\n - Fixed bug php#73052 (Memory Corruption in During\n Deserialized-object Destruction) (Stas)\n\n**Streams:**\n\n - Fixed bug php#72853 (stream_set_blocking doesn't work).\n (Laruence)\n\n**Wddx:**\n\n - Fixed bug php#72860 (wddx_deserialize use-after-free).\n (Stas)\n\n - Fixed bug php#73065 (Out-Of-Bounds Read in\n php_wddx_push_element). (Stas)\n\n**XML:**\n\n - Fixed bug php#72085 (SEGV on unknown address\n zif_xml_parse). (cmb)\n\n - Fixed bug php#72927 (integer overflow in\n xml_utf8_encode). (Stas)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-62fc05fd68\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"php-5.6.26-1.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:52:38", "description": "15 Sep 2016 **PHP version 5.6.26**\n\n**Core:**\n\n - Fixed bug php#72907 (NULL pointer deref, segfault in gc_remove_zval_from_buffer (zend_gc.c:260)). (Laruence)\n\n**Dba:**\n\n - Fixed bug php#71514 (Bad dba_replace condition because of wrong API usage). (cmb)\n\n - Fixed bug php#70825 (Cannot fetch multiple values with group in ini file). (cmb)\n\n**EXIF:**\n\n - Fixed bug php#72926 (Uninitialized Thumbail Data Leads To Memory Leakage in exif_process_IFD_in_TIFF). (Stas)\n\n**FTP:**\n\n - Fixed bug php#70195 (Cannot upload file using ftp_put to FTPES with require_ssl_reuse). (Benedict Singer)\n\n**GD:**\n\n - Fixed bug php#66005 (imagecopy does not support 1bit transparency on truecolor images). (cmb)\n\n - Fixed bug php#72913 (imagecopy() loses single-color transparency on palette images). (cmb)\n\n - Fixed bug php#68716 (possible resource leaks in\n _php_image_convert()). (cmb)\n\n**Intl:**\n\n - Fixed bug php#73007 (add locale length check). (Stas)\n\n**JSON:**\n\n - Fixed bug php#72787 (json_decode reads out of bounds).\n (Jakub Zelenka)\n\n**mbstring:**\n\n - Fixed bug php#66797 (mb_substr only takes 32-bit signed integer). (cmb)\n\n - Fixed bug php#72910 (Out of bounds heap read in mbc_to_code() / triggered by mb_ereg_match()). (Stas)\n\n**MSSQL:**\n\n - Fixed bug php#72039 (Use of uninitialised value on mssql_guid_string). (Kalle)\n\n**Mysqlnd:**\n\n - Fixed bug php#72293 (Heap overflow in mysqlnd related to BIT fields). (Stas)\n\n**Phar:**\n\n - Fixed bug php#72928 (Out of bound when verify signature of zip phar in phar_parse_zipfile). (Stas)\n\n - Fixed bug php#73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile). (Stas)\n\n**PDO:**\n\n - Fixed bug php#60665 (call to empty() on NULL result using PDO::FETCH_LAZY returns false). (cmb)\n\n**PDO_pgsql:**\n\n - Implemented FR php#72633 (Postgres PDO lastInsertId() should work without specifying a sequence). (Pablo Santiago S&aacute;nchez, Matteo)\n\n - Fixed bug php#72759 (Regression in pgo_pgsql). (Anatol)\n\n**SPL:**\n\n - Fixed bug php#73029 (Missing type check when unserializing SplArray). (Stas)\n\n**Standard:**\n\n - Fixed bug php#72823 (strtr out-of-bound access). (cmb)\n\n - Fixed bug php#72278 (getimagesize returning FALSE on valid jpg). (cmb)\n\n - Fixed bug php#65550 (get_browser() incorrectly parses entries with '+' sign). (cmb)\n\n - Fixed bug php#71882 (Negative ftruncate() on php://memory exhausts memory). (cmb)\n\n - Fixed bug php#73011 (integer overflow in fgets cause heap corruption). (Stas)\n\n - Fixed bug php#73017 (memory corruption in wordwrap function). (Stas)\n\n - Fixed bug php#73045 (integer overflow in fgetcsv caused heap corruption). (Stas)\n\n - Fixed bug php#73052 (Memory Corruption in During Deserialized-object Destruction) (Stas)\n\n**Streams:**\n\n - Fixed bug php#72853 (stream_set_blocking doesn't work).\n (Laruence)\n\n**Wddx:**\n\n - Fixed bug php#72860 (wddx_deserialize use-after-free).\n (Stas)\n\n - Fixed bug php#73065 (Out-Of-Bounds Read in php_wddx_push_element). (Stas)\n\n**XML:**\n\n - Fixed bug php#72085 (SEGV on unknown address zif_xml_parse). (cmb)\n\n - Fixed bug php#72927 (integer overflow in xml_utf8_encode). (Stas)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-09-28T00:00:00", "type": "nessus", "title": "Fedora 23 : php (2016-db71b72137)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7411", "CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-DB71B72137.NASL", "href": "https://www.tenable.com/plugins/nessus/93754", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-db71b72137.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93754);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-7411\", \"CVE-2016-7412\", \"CVE-2016-7413\", \"CVE-2016-7414\", \"CVE-2016-7416\", \"CVE-2016-7417\", \"CVE-2016-7418\");\n script_xref(name:\"FEDORA\", value:\"2016-db71b72137\");\n\n script_name(english:\"Fedora 23 : php (2016-db71b72137)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"15 Sep 2016 **PHP version 5.6.26**\n\n**Core:**\n\n - Fixed bug php#72907 (NULL pointer deref, segfault in\n gc_remove_zval_from_buffer (zend_gc.c:260)). (Laruence)\n\n**Dba:**\n\n - Fixed bug php#71514 (Bad dba_replace condition because\n of wrong API usage). (cmb)\n\n - Fixed bug php#70825 (Cannot fetch multiple values with\n group in ini file). (cmb)\n\n**EXIF:**\n\n - Fixed bug php#72926 (Uninitialized Thumbail Data Leads\n To Memory Leakage in exif_process_IFD_in_TIFF). (Stas)\n\n**FTP:**\n\n - Fixed bug php#70195 (Cannot upload file using ftp_put to\n FTPES with require_ssl_reuse). (Benedict Singer)\n\n**GD:**\n\n - Fixed bug php#66005 (imagecopy does not support 1bit\n transparency on truecolor images). (cmb)\n\n - Fixed bug php#72913 (imagecopy() loses single-color\n transparency on palette images). (cmb)\n\n - Fixed bug php#68716 (possible resource leaks in\n _php_image_convert()). (cmb)\n\n**Intl:**\n\n - Fixed bug php#73007 (add locale length check). (Stas)\n\n**JSON:**\n\n - Fixed bug php#72787 (json_decode reads out of bounds).\n (Jakub Zelenka)\n\n**mbstring:**\n\n - Fixed bug php#66797 (mb_substr only takes 32-bit signed\n integer). (cmb)\n\n - Fixed bug php#72910 (Out of bounds heap read in\n mbc_to_code() / triggered by mb_ereg_match()). (Stas)\n\n**MSSQL:**\n\n - Fixed bug php#72039 (Use of uninitialised value on\n mssql_guid_string). (Kalle)\n\n**Mysqlnd:**\n\n - Fixed bug php#72293 (Heap overflow in mysqlnd related to\n BIT fields). (Stas)\n\n**Phar:**\n\n - Fixed bug php#72928 (Out of bound when verify signature\n of zip phar in phar_parse_zipfile). (Stas)\n\n - Fixed bug php#73035 (Out of bound when verify signature\n of tar phar in phar_parse_tarfile). (Stas)\n\n**PDO:**\n\n - Fixed bug php#60665 (call to empty() on NULL result\n using PDO::FETCH_LAZY returns false). (cmb)\n\n**PDO_pgsql:**\n\n - Implemented FR php#72633 (Postgres PDO lastInsertId()\n should work without specifying a sequence). (Pablo\n Santiago S&aacute;nchez, Matteo)\n\n - Fixed bug php#72759 (Regression in pgo_pgsql). (Anatol)\n\n**SPL:**\n\n - Fixed bug php#73029 (Missing type check when\n unserializing SplArray). (Stas)\n\n**Standard:**\n\n - Fixed bug php#72823 (strtr out-of-bound access). (cmb)\n\n - Fixed bug php#72278 (getimagesize returning FALSE on\n valid jpg). (cmb)\n\n - Fixed bug php#65550 (get_browser() incorrectly parses\n entries with '+' sign). (cmb)\n\n - Fixed bug php#71882 (Negative ftruncate() on\n php://memory exhausts memory). (cmb)\n\n - Fixed bug php#73011 (integer overflow in fgets cause\n heap corruption). (Stas)\n\n - Fixed bug php#73017 (memory corruption in wordwrap\n function). (Stas)\n\n - Fixed bug php#73045 (integer overflow in fgetcsv caused\n heap corruption). (Stas)\n\n - Fixed bug php#73052 (Memory Corruption in During\n Deserialized-object Destruction) (Stas)\n\n**Streams:**\n\n - Fixed bug php#72853 (stream_set_blocking doesn't work).\n (Laruence)\n\n**Wddx:**\n\n - Fixed bug php#72860 (wddx_deserialize use-after-free).\n (Stas)\n\n - Fixed bug php#73065 (Out-Of-Bounds Read in\n php_wddx_push_element). (Stas)\n\n**XML:**\n\n - Fixed bug php#72085 (SEGV on unknown address\n zif_xml_parse). (cmb)\n\n - Fixed bug php#72927 (integer overflow in\n xml_utf8_encode). (Stas)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-db71b72137\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"php-5.6.26-1.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:58:06", "description": "PHP reports :\n\n- Fixed bug #73007 (add locale length check)\n\n- Fixed bug #72293 (Heap overflow in mysqlnd related to BIT fields)\n\n- Fixed bug #72928 (Out of bound when verify signature of zip phar in phar_parse_zipfile)\n\n- Fixed bug #73029 (Missing type check when unserializing SplArray)\n\n- Fixed bug #73052 (Memory Corruption in During Deserialized-object Destruction)\n\n- Fixed bug #72860 (wddx_deserialize use-after-free)\n\n- Fixed bug #73065 (Out-Of-Bounds Read in php_wddx_push_element)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-17T00:00:00", "type": "nessus", "title": "FreeBSD : PHP -- multiple vulnerabilities (8d5180a6-86fe-11e6-8d93-00248c0c745d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7411", "CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:php56", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_8D5180A686FE11E68D9300248C0C745D.NASL", "href": "https://www.tenable.com/plugins/nessus/94083", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94083);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-7411\", \"CVE-2016-7412\", \"CVE-2016-7413\", \"CVE-2016-7414\", \"CVE-2016-7416\", \"CVE-2016-7417\", \"CVE-2016-7418\");\n\n script_name(english:\"FreeBSD : PHP -- multiple vulnerabilities (8d5180a6-86fe-11e6-8d93-00248c0c745d)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PHP reports :\n\n- Fixed bug #73007 (add locale length check)\n\n- Fixed bug #72293 (Heap overflow in mysqlnd related to BIT fields)\n\n- Fixed bug #72928 (Out of bound when verify signature of zip phar in\nphar_parse_zipfile)\n\n- Fixed bug #73029 (Missing type check when unserializing SplArray)\n\n- Fixed bug #73052 (Memory Corruption in During Deserialized-object\nDestruction)\n\n- Fixed bug #72860 (wddx_deserialize use-after-free)\n\n- Fixed bug #73065 (Out-Of-Bounds Read in php_wddx_push_element)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.6.26\"\n );\n # https://vuxml.freebsd.org/freebsd/8d5180a6-86fe-11e6-8d93-00248c0c745d.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1b5b60f9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"php56<5.6.26\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-14T16:12:01", "description": "According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.26. It is, therefore, affected by multiple vulnerabilities :\n\n - A flaw exists in ext/standard/var_unserializer.re when destroying deserialized objects due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a deserialize call that references a partially constructed object, to corrupt memory, resulting in a denial of service condition. (CVE-2016-7411)\n\n - An heap buffer overflow condition exists in the php_mysqlnd_rowp_read_text_protocol_aux() function within file ext/mysqlnd/mysqlnd_wireprotocol.c due to a failure to verify that a BIT field has the UNSIGNED_FLAG flag. An unauthenticated, remote attacker can exploit this, via specially crafted field metadata, to cause a denial of service condition. (CVE-2016-7412)\n\n - A use-after-free error exists in the wddx_stack_destroy() function within file ext/wddx/wddx.c when deserializing recordset elements. An unauthenticated, remote attacker can exploit this, via a specially crafted wddxPacket XML document, to cause a denial of service condition. (CVE-2016-7413)\n\n - An out-of-bounds access error exists in the phar_parse_zipfile() function within file ext/phar/zip.c due to a failure to ensure that the uncompressed_filesize field is large enough. An unauthenticated, remote attacker can exploit this, via a specially crafted archive, to cause a denial of service condition. (CVE-2016-7414)\n\n - A stack-based buffer overflow condition exists in the ICU4C library, specifically within file common/locid.cpp in the msgfmt_format_message() function, due to a failure to properly restrict the locale length provided to the Locale class. An unauthenticated, remote attacker can exploit this, via a long first argument to a MessageFormatter::formatMessage() function call, to cause a denial of service condition. (CVE-2016-7416)\n\n - A flaw exists in the spl_array_get_dimension_ptr_ptr() function within file ext/spl/spl_array.c due to a failure to properly validate the return value and data type when deserializing SplArray. An unauthenticated, remote attacker can exploit this, via specially crafted serialized data, to cause a denial of service condition. (CVE-2016-7417)\n\n - An out-of-bounds read error exists in the php_wddx_push_element() function within file ext/wddx/wddx.c when handling an incorrect boolean element, which leads to mishandling the wddx_deserialize() call. An unauthenticated, remote attacker can exploit this, via a specially crafted wddxPacket XML document, to cause a denial of service condition. (CVE-2016-7418)\n\n - An out-of-bounds access error exists in the phar_parse_tarfile() function within file ext/phar/tar.c when handling the verification of signatures. An unauthenticated, remote attacker can exploit this to cause an unspecified impact.\n\n - An integer overflow condition exists in the fgetcsv() function when handling CSV field lengths due to improper validation of certain input. An unauthenticated, remote attacker can exploit this to corrupt memory, resulting in a denial of service condition or the execution of arbitrary code.\n\n - An integer overflow condition exists in the wordwrap() function within file ext/standard/string.c due to improper validation of certain input. An unauthenticated, remote attacker can exploit this to corrupt memory, resulting in a denial of service condition or the execution of arbitrary code.\n\n - An integer overflow condition exists in the fgets() function within file ext/standard/file.c due to improper validation of certain input. An unauthenticated, remote attacker can exploit this to corrupt memory, resulting in a denial of service condition or the execution of arbitrary code.\n\n - An integer overflow condition exists in the xml_utf8_encode() function within file ext/xml/xml.c due to improper validation of certain input. An unauthenticated, remote attacker can exploit this to cause an unspecified impact.\n\n - A flaw exists in the exif_process_IFD_in_TIFF() function within file ext/exif/exif.c when handling uninitialized thumbnail data. An unauthenticated, remote attacker can exploit this to disclose memory contents.\n\nNote that the scanner has not attempted to exploit this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-01-09T00:00:00", "type": "nessus", "title": "PHP 5.6.x < 5.6.26 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7411", "CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98816", "href": "https://www.tenable.com/plugins/was/98816", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-11T15:16:16", "description": "This update for php5 fixes the following security issues :\n\n - CVE-2016-7411: php5: Memory corruption when destructing deserialized object\n\n - CVE-2016-7412: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field\n\n - CVE-2016-7413: Use after free in wddx_deserialize\n\n - CVE-2016-7414: Out of bounds heap read when verifying signature of zip phar in phar_parse_zipfile\n\n - CVE-2016-7416: Stack based buffer overflow in msgfmt_format_message\n\n - CVE-2016-7417: Missing type check when unserializing SplArray\n\n - CVE-2016-7418: NULL pointer dereference in php_wddx_push_element\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : php5 (SUSE-SU-2016:2477-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7411", "CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_php5", "p-cpe:/a:novell:suse_linux:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:suse_linux:php5", "p-cpe:/a:novell:suse_linux:php5-bcmath", "p-cpe:/a:novell:suse_linux:php5-bcmath-debuginfo", "p-cpe:/a:novell:suse_linux:php5-bz2", "p-cpe:/a:novell:suse_linux:php5-bz2-debuginfo", "p-cpe:/a:novell:suse_linux:php5-calendar", "p-cpe:/a:novell:suse_linux:php5-calendar-debuginfo", "p-cpe:/a:novell:suse_linux:php5-ctype", "p-cpe:/a:novell:suse_linux:php5-ctype-debuginfo", "p-cpe:/a:novell:suse_linux:php5-curl", "p-cpe:/a:novell:suse_linux:php5-curl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-dba", "p-cpe:/a:novell:suse_linux:php5-dba-debuginfo", "p-cpe:/a:novell:suse_linux:php5-debuginfo", "p-cpe:/a:novell:suse_linux:php5-debugsource", "p-cpe:/a:novell:suse_linux:php5-dom", "p-cpe:/a:novell:suse_linux:php5-dom-debuginfo", "p-cpe:/a:novell:suse_linux:php5-enchant", "p-cpe:/a:novell:suse_linux:php5-enchant-debuginfo", "p-cpe:/a:novell:suse_linux:php5-exif", "p-cpe:/a:novell:suse_linux:php5-exif-debuginfo", "p-cpe:/a:novell:suse_linux:php5-fastcgi", "p-cpe:/a:novell:suse_linux:php5-fastcgi-debuginfo", "p-cpe:/a:novell:suse_linux:php5-fileinfo", "p-cpe:/a:novell:suse_linux:php5-fileinfo-debuginfo", "p-cpe:/a:novell:suse_linux:php5-fpm", "p-cpe:/a:novell:suse_linux:php5-fpm-debuginfo", "p-cpe:/a:novell:suse_linux:php5-ftp", "p-cpe:/a:novell:suse_linux:php5-ftp-debuginfo", "p-cpe:/a:novell:suse_linux:php5-gd", "p-cpe:/a:novell:suse_linux:php5-gd-debuginfo", "p-cpe:/a:novell:suse_linux:php5-gettext", "p-cpe:/a:novell:suse_linux:php5-gettext-debuginfo", "p-cpe:/a:novell:suse_linux:php5-gmp", "p-cpe:/a:novell:suse_linux:php5-gmp-debuginfo", "p-cpe:/a:novell:suse_linux:php5-iconv", "p-cpe:/a:novell:suse_linux:php5-iconv-debuginfo", "p-cpe:/a:novell:suse_linux:php5-imap", "p-cpe:/a:novell:suse_linux:php5-imap-debuginfo", "p-cpe:/a:novell:suse_linux:php5-intl", "p-cpe:/a:novell:suse_linux:php5-intl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-json", "p-cpe:/a:novell:suse_linux:php5-json-debuginfo", "p-cpe:/a:novell:suse_linux:php5-ldap", "p-cpe:/a:novell:suse_linux:php5-ldap-debuginfo", "p-cpe:/a:novell:suse_linux:php5-mbstring", "p-cpe:/a:novell:suse_linux:php5-mbstring-debuginfo", "p-cpe:/a:novell:suse_linux:php5-mcrypt", "p-cpe:/a:novell:suse_linux:php5-mcrypt-debuginfo", "p-cpe:/a:novell:suse_linux:php5-mysql", "p-cpe:/a:novell:suse_linux:php5-mysql-debuginfo", "p-cpe:/a:novell:suse_linux:php5-odbc", "p-cpe:/a:novell:suse_linux:php5-odbc-debuginfo", "p-cpe:/a:novell:suse_linux:php5-opcache", "p-cpe:/a:novell:suse_linux:php5-opcache-debuginfo", "p-cpe:/a:novell:suse_linux:php5-openssl", "p-cpe:/a:novell:suse_linux:php5-openssl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pcntl", "p-cpe:/a:novell:suse_linux:php5-pcntl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pdo", "p-cpe:/a:novell:suse_linux:php5-pdo-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pgsql", "p-cpe:/a:novell:suse_linux:php5-pgsql-debuginfo", "p-cpe:/a:novell:suse_linux:php5-phar", "p-cpe:/a:novell:suse_linux:php5-phar-debuginfo", "p-cpe:/a:novell:suse_linux:php5-posix", "p-cpe:/a:novell:suse_linux:php5-posix-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pspell", "p-cpe:/a:novell:suse_linux:php5-pspell-debuginfo", "p-cpe:/a:novell:suse_linux:php5-shmop", "p-cpe:/a:novell:suse_linux:php5-shmop-debuginfo", "p-cpe:/a:novell:suse_linux:php5-snmp", "p-cpe:/a:novell:suse_linux:php5-snmp-debuginfo", "p-cpe:/a:novell:suse_linux:php5-soap", "p-cpe:/a:novell:suse_linux:php5-soap-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sockets", "p-cpe:/a:novell:suse_linux:php5-sockets-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sqlite", "p-cpe:/a:novell:suse_linux:php5-sqlite-debuginfo", "p-cpe:/a:novell:suse_linux:php5-suhosin", "p-cpe:/a:novell:suse_linux:php5-suhosin-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sysvmsg", "p-cpe:/a:novell:suse_linux:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sysvsem", "p-cpe:/a:novell:suse_linux:php5-sysvsem-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sysvshm", "p-cpe:/a:novell:suse_linux:php5-sysvshm-debuginfo", "p-cpe:/a:novell:suse_linux:php5-tokenizer", "p-cpe:/a:novell:suse_linux:php5-tokenizer-debuginfo", "p-cpe:/a:novell:suse_linux:php5-wddx", "p-cpe:/a:novell:suse_linux:php5-wddx-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xmlreader", "p-cpe:/a:novell:suse_linux:php5-xmlreader-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xmlrpc", "p-cpe:/a:novell:suse_linux:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xmlwriter", "p-cpe:/a:novell:suse_linux:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xsl", "p-cpe:/a:novell:suse_linux:php5-xsl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-zip", "p-cpe:/a:novell:suse_linux:php5-zip-debuginfo", "p-cpe:/a:novell:suse_linux:php5-zlib", "p-cpe:/a:novell:suse_linux:php5-zlib-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-2477-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119983", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2477-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119983);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-7411\", \"CVE-2016-7412\", \"CVE-2016-7413\", \"CVE-2016-7414\", \"CVE-2016-7416\", \"CVE-2016-7417\", \"CVE-2016-7418\");\n\n script_name(english:\"SUSE SLES12 Security Update : php5 (SUSE-SU-2016:2477-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for php5 fixes the following security issues :\n\n - CVE-2016-7411: php5: Memory corruption when destructing\n deserialized object\n\n - CVE-2016-7412: Heap overflow in mysqlnd when not\n receiving UNSIGNED_FLAG in BIT field\n\n - CVE-2016-7413: Use after free in wddx_deserialize\n\n - CVE-2016-7414: Out of bounds heap read when verifying\n signature of zip phar in phar_parse_zipfile\n\n - CVE-2016-7416: Stack based buffer overflow in\n msgfmt_format_message\n\n - CVE-2016-7417: Missing type check when unserializing\n SplArray\n\n - CVE-2016-7418: NULL pointer dereference in\n php_wddx_push_element\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=999679\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=999680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=999682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=999684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=999685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=999819\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=999820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7411/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7412/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7413/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7414/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7416/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7417/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7418/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162477-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e883a5d8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t\npatch SUSE-SLE-SDK-12-SP1-2016-1446=1\n\nSUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-12-2016-1446=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-opcache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"apache2-mod_php5-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"apache2-mod_php5-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-bcmath-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-bcmath-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-bz2-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-bz2-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-calendar-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-calendar-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ctype-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ctype-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-curl-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-curl-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-dba-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-dba-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-debugsource-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-dom-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-dom-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-enchant-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-enchant-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-exif-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-exif-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fastcgi-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fastcgi-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fileinfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fileinfo-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fpm-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fpm-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ftp-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ftp-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gd-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gd-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gettext-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gettext-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gmp-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gmp-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-iconv-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-iconv-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-imap-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-imap-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-intl-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-intl-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-json-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-json-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ldap-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ldap-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mbstring-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mbstring-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mcrypt-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mcrypt-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mysql-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mysql-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-odbc-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-odbc-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-opcache-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-opcache-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-openssl-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-openssl-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pcntl-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pcntl-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pdo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pdo-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pgsql-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pgsql-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-phar-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-phar-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-posix-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-posix-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pspell-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pspell-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-shmop-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-shmop-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-snmp-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-snmp-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-soap-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-soap-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sockets-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sockets-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sqlite-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sqlite-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-suhosin-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-suhosin-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvmsg-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvmsg-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvsem-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvsem-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvshm-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvshm-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-tokenizer-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-tokenizer-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-wddx-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-wddx-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlreader-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlreader-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlrpc-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlrpc-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlwriter-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlwriter-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xsl-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xsl-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-zip-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-zip-debuginfo-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-zlib-5.5.14-78.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-zlib-debuginfo-5.5.14-78.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php5\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-11T15:16:10", "description": "The Tenable SecurityCenter application installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities in the bundled version of PHP :\n\n - A flaw exists in ext/standard/var_unserializer.re when destroying deserialized objects due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a deserialize call that references a partially constructed object, to corrupt memory, resulting in a denial of service condition. (CVE-2016-7411)\n\n - An heap buffer overflow condition exists in the php_mysqlnd_rowp_read_text_protocol_aux() function within file ext/mysqlnd/mysqlnd_wireprotocol.c due to a failure to verify that a BIT field has the UNSIGNED_FLAG flag. An unauthenticated, remote attacker can exploit this, via specially crafted field metadata, to cause a denial of service condition. (CVE-2016-7412)\n\n - A use-after-free error exists in the wddx_stack_destroy() function within file ext/wddx/wddx.c when deserializing recordset elements.\n An unauthenticated, remote attacker can exploit this, via a specially crafted wddxPacket XML document, to cause a denial of service condition. (CVE-2016-7413)\n\n - An out-of-bounds access error exists in the phar_parse_zipfile() function within file ext/phar/zip.c due to a failure to ensure that the uncompressed_filesize field is large enough. An unauthenticated, remote attacker can exploit this, via a specially crafted archive, to cause a denial of service condition. (CVE-2016-7414)\n\n - A stack-based buffer overflow condition exists in the ICU4C library, specifically within file common/locid.cpp in the msgfmt_format_message() function, due to a failure to properly restrict the locale length provided to the Locale class. An unauthenticated, remote attacker can exploit this, via a long first argument to a MessageFormatter::formatMessage() function call, to cause a denial of service condition. (CVE-2016-7416)\n\n - A flaw exists in the spl_array_get_dimension_ptr_ptr() function within file ext/spl/spl_array.c due to a failure to properly validate the return value and data type when deserializing SplArray. An unauthenticated, remote attacker can exploit this, via specially crafted serialized data, to cause a denial of service condition.\n (CVE-2016-7417)\n\n - An out-of-bounds read error exists in the php_wddx_push_element() function within file ext/wddx/wddx.c when handling an incorrect boolean element, which leads to mishandling the wddx_deserialize() call. An unauthenticated, remote attacker can exploit this, via a specially crafted wddxPacket XML document, to cause a denial of service condition. (CVE-2016-7418)\n\n - An out-of-bounds access error exists in the phar_parse_tarfile() function within file ext/phar/tar.c when handling the verification of signatures. An unauthenticated, remote attacker can exploit this to cause an unspecified impact.\n\n - An integer overflow condition exists in the fgetcsv() function when handling CSV field lengths due to improper validation of certain input. An unauthenticated, remote attacker can exploit this to corrupt memory, resulting in a denial of service condition or the execution of arbitrary code.\n\n - An integer overflow condition exists in the wordwrap() function within file ext/standard/string.c due to improper validation of certain input. An unauthenticated, remote attacker can exploit this to corrupt memory, resulting in a denial of service condition or the execution of arbitrary code.\n\n - An integer overflow condition exists in the fgets() function within file ext/standard/file.c due to improper validation of certain input. An unauthenticated, remote attacker can exploit this to corrupt memory, resulting in a denial of service condition or the execution of arbitrary code.\n\n - An integer overflow condition exists in the xml_utf8_encode() function within file ext/xml/xml.c due to improper validation of certain input. An unauthenticated, remote attacker can exploit this to cause an unspecified impact.\n\n - A flaw exists in the exif_process_IFD_in_TIFF() function within file ext/exif/exif.c when handling uninitialized thumbnail data. An unauthenticated, remote attacker can exploit this to disclose memory contents.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-06-26T00:00:00", "type": "nessus", "title": "Tenable SecurityCenter PHP < 5.6.26 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7411", "CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418"], "modified": "2020-10-09T00:00:00", "cpe": ["cpe:/a:tenable:securitycenter"], "id": "SECURITYCENTER_PHP_5_6_26.NASL", "href": "https://www.tenable.com/plugins/nessus/101048", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101048);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/09\");\n\n script_cve_id(\n \"CVE-2016-7411\",\n \"CVE-2016-7412\",\n \"CVE-2016-7413\",\n \"CVE-2016-7414\",\n \"CVE-2016-7416\",\n \"CVE-2016-7417\",\n \"CVE-2016-7418\"\n );\n script_bugtraq_id(\n 93004,\n 93005,\n 93006,\n 93007,\n 93008,\n 93009,\n 93011\n );\n\n script_name(english:\"Tenable SecurityCenter PHP < 5.6.26 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of PHP in SecurityCenter.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Tenable SecurityCenter application on the remote host contains a\nPHP library that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Tenable SecurityCenter application installed on the remote host\nis missing a security patch. It is, therefore, affected by multiple\nvulnerabilities in the bundled version of PHP :\n\n - A flaw exists in ext/standard/var_unserializer.re when\n destroying deserialized objects due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit this, via a deserialize\n call that references a partially constructed object, to\n corrupt memory, resulting in a denial of service\n condition. (CVE-2016-7411)\n\n - An heap buffer overflow condition exists in the\n php_mysqlnd_rowp_read_text_protocol_aux() function\n within file ext/mysqlnd/mysqlnd_wireprotocol.c due to\n a failure to verify that a BIT field has the\n UNSIGNED_FLAG flag. An unauthenticated, remote attacker\n can exploit this, via specially crafted field metadata,\n to cause a denial of service condition. (CVE-2016-7412)\n\n - A use-after-free error exists in the\n wddx_stack_destroy() function within file\n ext/wddx/wddx.c when deserializing recordset elements.\n An unauthenticated, remote attacker can exploit this,\n via a specially crafted wddxPacket XML document, to\n cause a denial of service condition. (CVE-2016-7413)\n\n - An out-of-bounds access error exists in the\n phar_parse_zipfile() function within file ext/phar/zip.c\n due to a failure to ensure that the\n uncompressed_filesize field is large enough. An\n unauthenticated, remote attacker can exploit this, via a\n specially crafted archive, to cause a denial of service\n condition. (CVE-2016-7414)\n\n - A stack-based buffer overflow condition exists in the\n ICU4C library, specifically within file common/locid.cpp\n in the msgfmt_format_message() function, due to a\n failure to properly restrict the locale length provided\n to the Locale class. An unauthenticated, remote attacker\n can exploit this, via a long first argument to a\n MessageFormatter::formatMessage() function call, to\n cause a denial of service condition. (CVE-2016-7416)\n\n - A flaw exists in the spl_array_get_dimension_ptr_ptr()\n function within file ext/spl/spl_array.c due to a\n failure to properly validate the return value and data\n type when deserializing SplArray. An unauthenticated,\n remote attacker can exploit this, via specially crafted\n serialized data, to cause a denial of service condition.\n (CVE-2016-7417)\n\n - An out-of-bounds read error exists in the\n php_wddx_push_element() function within file\n ext/wddx/wddx.c when handling an incorrect boolean\n element, which leads to mishandling the\n wddx_deserialize() call. An unauthenticated, remote\n attacker can exploit this, via a specially crafted\n wddxPacket XML document, to cause a denial of service\n condition. (CVE-2016-7418)\n\n - An out-of-bounds access error exists in the\n phar_parse_tarfile() function within file ext/phar/tar.c\n when handling the verification of signatures. An\n unauthenticated, remote attacker can exploit this to\n cause an unspecified impact.\n\n - An integer overflow condition exists in the fgetcsv()\n function when handling CSV field lengths due to improper\n validation of certain input. An unauthenticated, remote\n attacker can exploit this to corrupt memory, resulting\n in a denial of service condition or the execution of\n arbitrary code.\n\n - An integer overflow condition exists in the wordwrap()\n function within file ext/standard/string.c due to\n improper validation of certain input. An\n unauthenticated, remote attacker can exploit this to\n corrupt memory, resulting in a denial of service\n condition or the execution of arbitrary code.\n\n - An integer overflow condition exists in the fgets()\n function within file ext/standard/file.c due to improper\n validation of certain input. An unauthenticated, remote\n attacker can exploit this to corrupt memory, resulting\n in a denial of service condition or the execution of\n arbitrary code.\n\n - An integer overflow condition exists in the\n xml_utf8_encode() function within file ext/xml/xml.c due\n to improper validation of certain input. An\n unauthenticated, remote attacker can exploit this to\n cause an unspecified impact.\n\n - A flaw exists in the exif_process_IFD_in_TIFF() function\n within file ext/exif/exif.c when handling uninitialized\n thumbnail data. An unauthenticated, remote attacker can\n exploit this to disclose memory contents.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.6.26\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to SecurityCenter version 5.4.1 or later. Alternatively,\ncontact the vendor for a patch.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"manual\");\n script_set_attribute(attribute:\"cvss_score_rationale\", value:\"Score based on analysis of the vendor advisory.\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n \n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:securitycenter\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"securitycenter_installed.nbin\", \"securitycenter_detect.nbin\");\n script_require_keys(\"Host/SecurityCenter/Version\", \"installed_sw/SecurityCenter\", \"Host/SecurityCenter/support/php/version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\napp = 'PHP (within SecurityCenter)';\nfix = \"5.6.26\";\n\nsc_ver = get_kb_item(\"Host/SecurityCenter/Version\");\nport = 0;\nif(empty_or_null(sc_ver))\n{\n port = 443;\n install = get_single_install(app_name:\"SecurityCenter\", combined:TRUE, exit_if_unknown_ver:TRUE);\n sc_ver = install[\"version\"];\n}\nif (empty_or_null(sc_ver)) audit(AUDIT_NOT_INST, \"SecurityCenter\");\n\nversion = get_kb_item(\"Host/SecurityCenter/support/php/version\");\nif (empty_or_null(version)) audit(AUDIT_UNKNOWN_APP_VER, app);\n\nif (ver_compare(ver:version, minver:\"5.6.0\", fix:fix, strict:FALSE) < 0)\n{\n report =\n '\\n SecurityCenter version : ' + sc_ver +\n '\\n SecurityCenter PHP version : ' + version +\n '\\n Fixed PHP version : ' + fix +\n '\\n';\n security_report_v4(port:port, severity:SECURITY_HOLE, extra:report);\n exit(0);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, app, version);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-02T16:56:27", "description": "This update for php53 fixes the following issues :\n\n - CVE-2016-7411: php5: Memory corruption when destructing deserialized object\n\n - CVE-2016-7412: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field\n\n - CVE-2016-7413: Use after free in wddx_deserialize\n\n - CVE-2016-7414: Out of bounds heap read when verifying signature of zip phar in phar_parse_zipfile\n\n - CVE-2016-7416: Stack based buffer overflow in msgfmt_format_message\n\n - CVE-2016-7417: Missing type check when unserializing SplArray\n\n - CVE-2016-7418: NULL pointer dereference in php_wddx_push_element\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-10-06T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : php53 (SUSE-SU-2016:2461-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7411", "CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_php53", "p-cpe:/a:novell:suse_linux:php53", "p-cpe:/a:novell:suse_linux:php53-bcmath", "p-cpe:/a:novell:suse_linux:php53-bz2", "p-cpe:/a:novell:suse_linux:php53-calendar", "p-cpe:/a:novell:suse_linux:php53-ctype", "p-cpe:/a:novell:suse_linux:php53-curl", "p-cpe:/a:novell:suse_linux:php53-dba", "p-cpe:/a:novell:suse_linux:php53-dom", "p-cpe:/a:novell:suse_linux:php53-exif", "p-cpe:/a:novell:suse_linux:php53-fastcgi", "p-cpe:/a:novell:suse_linux:php53-fileinfo", "p-cpe:/a:novell:suse_linux:php53-ftp", "p-cpe:/a:novell:suse_linux:php53-gd", "p-cpe:/a:novell:suse_linux:php53-gettext", "p-cpe:/a:novell:suse_linux:php53-gmp", "p-cpe:/a:novell:suse_linux:php53-iconv", "p-cpe:/a:novell:suse_linux:php53-intl", "p-cpe:/a:novell:suse_linux:php53-json", "p-cpe:/a:novell:suse_linux:php53-ldap", "p-cpe:/a:novell:suse_linux:php53-mbstring", "p-cpe:/a:novell:suse_linux:php53-mcrypt", "p-cpe:/a:novell:suse_linux:php53-mysql", "p-cpe:/a:novell:suse_linux:php53-odbc", "p-cpe:/a:novell:suse_linux:php53-openssl", "p-cpe:/a:novell:suse_linux:php53-pcntl", "p-cpe:/a:novell:suse_linux:php53-pdo", "p-cpe:/a:novell:suse_linux:php53-pear", "p-cpe:/a:novell:suse_linux:php53-pgsql", "p-cpe:/a:novell:suse_linux:php53-pspell", "p-cpe:/a:novell:suse_linux:php53-shmop", "p-cpe:/a:novell:suse_linux:php53-snmp", "p-cpe:/a:novell:suse_linux:php53-soap", "p-cpe:/a:novell:suse_linux:php53-suhosin", "p-cpe:/a:novell:suse_linux:php53-sysvmsg", "p-cpe:/a:novell:suse_linux:php53-sysvsem", "p-cpe:/a:novell:suse_linux:php53-sysvshm", "p-cpe:/a:novell:suse_linux:php53-tokenizer", "p-cpe:/a:novell:suse_linux:php53-wddx", "p-cpe:/a:novell:suse_linux:php53-xmlreader", "p-cpe:/a:novell:suse_linux:php53-xmlrpc", "p-cpe:/a:novell:suse_linux:php53-xmlwriter", "p-cpe:/a:novell:suse_linux:php53-xsl", "p-cpe:/a:novell:suse_linux:php53-zip", "p-cpe:/a:novell:suse_linux:php53-zlib", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2016-2461-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93895", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2461-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93895);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-7411\", \"CVE-2016-7412\", \"CVE-2016-7413\", \"CVE-2016-7414\", \"CVE-2016-7416\", \"CVE-2016-7417\", \"CVE-2016-7418\");\n\n script_name(english:\"SUSE SLES11 Security Update : php53 (SUSE-SU-2016:2461-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for php53 fixes the following issues :\n\n - CVE-2016-7411: php5: Memory corruption when destructing\n deserialized object\n\n - CVE-2016-7412: Heap overflow in mysqlnd when not\n receiving UNSIGNED_FLAG in BIT field\n\n - CVE-2016-7413: Use after free in wddx_deserialize\n\n - CVE-2016-7414: Out of bounds heap read when verifying\n signature of zip phar in phar_parse_zipfile\n\n - CVE-2016-7416: Stack based buffer overflow in\n msgfmt_format_message\n\n - CVE-2016-7417: Missing type check when unserializing\n SplArray\n\n - CVE-2016-7418: NULL pointer dereference in\n php_wddx_push_element\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=999679\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=999680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=999682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=999684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=999685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=999819\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=999820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7411/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7412/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7413/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7414/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7416/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7417/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7418/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162461-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?82e09090\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP2-LTSS:zypper in -t patch\nslessp2-php53-12776=1\n\nSUSE Linux Enterprise Debuginfo 11-SP2:zypper in -t patch\ndbgsp2-php53-12776=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"apache2-mod_php53-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-bcmath-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-bz2-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-calendar-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-ctype-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-curl-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-dba-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-dom-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-exif-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-fastcgi-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-fileinfo-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-ftp-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-gd-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-gettext-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-gmp-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-iconv-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-intl-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-json-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-ldap-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-mbstring-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-mcrypt-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-mysql-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-odbc-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-openssl-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-pcntl-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-pdo-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-pear-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-pgsql-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-pspell-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-shmop-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-snmp-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-soap-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-suhosin-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-sysvmsg-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-sysvsem-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-sysvshm-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-tokenizer-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-wddx-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-xmlreader-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-xmlrpc-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-xmlwriter-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-xsl-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-zip-5.3.17-58.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-zlib-5.3.17-58.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:33", "description": "php5 was updated to fix the following security issues :\n\n - CVE-2016-6297: Stack-based buffer overflow vulnerability in php_stream_zip_opener (bsc#991426).\n\n - CVE-2016-6291: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE (bsc#991427).\n\n - CVE-2016-6289: Integer overflow leads to buffer overflow in virtual_file_ex (bsc#991428).\n\n - CVE-2016-6290: Use after free in unserialize() with Unexpected Session Deserialization (bsc#991429).\n\n - CVE-2016-5399: Improper error handling in bzread() (bsc#991430).\n\n - CVE-2016-6288: Buffer over-read in php_url_parse_ex (bsc#991433).\n\n - CVE-2016-6296: Heap buffer overflow vulnerability in simplestring_addn in simplestring.c (bsc#991437).\n\n - CVE-2016-5769: Mcrypt: Heap Overflow due to integer overflows (bsc#986388).\n\n - CVE-2015-8935: XSS in header() with Internet Explorer (bsc#986004).\n\n - CVE-2016-5772: Double free corruption in wddx_deserialize (bsc#986244).\n\n - CVE-2016-5766: Integer Overflow in _gd2GetHeader() resulting in heap overflow (bsc#986386).\n\n - CVE-2016-5767: Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow (bsc#986393).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-09-02T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : php5 (SUSE-SU-2016:2080-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8935", "CVE-2016-5399", "CVE-2016-5766", "CVE-2016-5767", "CVE-2016-5769", "CVE-2016-5772", "CVE-2016-6288", "CVE-2016-6289", "CVE-2016-6290", "CVE-2016-6291", "CVE-2016-6296", "CVE-2016-6297"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_php5", "p-cpe:/a:novell:suse_linux:php5", "p-cpe:/a:novell:suse_linux:php5-bcmath", "p-cpe:/a:novell:suse_linux:php5-bz2", "p-cpe:/a:novell:suse_linux:php5-calendar", "p-cpe:/a:novell:suse_linux:php5-ctype", "p-cpe:/a:novell:suse_linux:php5-curl", "p-cpe:/a:novell:suse_linux:php5-dba", "p-cpe:/a:novell:suse_linux:php5-dbase", "p-cpe:/a:novell:suse_linux:php5-dom", "p-cpe:/a:novell:suse_linux:php5-exif", "p-cpe:/a:novell:suse_linux:php5-fastcgi", "p-cpe:/a:novell:suse_linux:php5-ftp", "p-cpe:/a:novell:suse_linux:php5-gd", "p-cpe:/a:novell:suse_linux:php5-gettext", "p-cpe:/a:novell:suse_linux:php5-gmp", "p-cpe:/a:novell:suse_linux:php5-hash", "p-cpe:/a:novell:suse_linux:php5-iconv", "p-cpe:/a:novell:suse_linux:php5-json", "p-cpe:/a:novell:suse_linux:php5-ldap", "p-cpe:/a:novell:suse_linux:php5-mbstring", "p-cpe:/a:novell:suse_linux:php5-mcrypt", "p-cpe:/a:novell:suse_linux:php5-mysql", "p-cpe:/a:novell:suse_linux:php5-odbc", "p-cpe:/a:novell:suse_linux:php5-openssl", "p-cpe:/a:novell:suse_linux:php5-pcntl", "p-cpe:/a:novell:suse_linux:php5-pdo", "p-cpe:/a:novell:suse_linux:php5-pear", "p-cpe:/a:novell:suse_linux:php5-pgsql", "p-cpe:/a:novell:suse_linux:php5-pspell", "p-cpe:/a:novell:suse_linux:php5-shmop", "p-cpe:/a:novell:suse_linux:php5-snmp", "p-cpe:/a:novell:suse_linux:php5-soap", "p-cpe:/a:novell:suse_linux:php5-suhosin", "p-cpe:/a:novell:suse_linux:php5-sysvmsg", "p-cpe:/a:novell:suse_linux:php5-sysvsem", "p-cpe:/a:novell:suse_linux:php5-sysvshm", "p-cpe:/a:novell:suse_linux:php5-tokenizer", "p-cpe:/a:novell:suse_linux:php5-wddx", "p-cpe:/a:novell:suse_linux:php5-xmlreader", "p-cpe:/a:novell:suse_linux:php5-xmlrpc", "p-cpe:/a:novell:suse_linux:php5-xmlwriter", "p-cpe:/a:novell:suse_linux:php5-xsl", "p-cpe:/a:novell:suse_linux:php5-zip", "p-cpe:/a:novell:suse_linux:php5-zlib", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2016-2080-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93293", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2080-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93293);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-8935\", \"CVE-2016-5399\", \"CVE-2016-5766\", \"CVE-2016-5767\", \"CVE-2016-5769\", \"CVE-2016-5772\", \"CVE-2016-6288\", \"CVE-2016-6289\", \"CVE-2016-6290\", \"CVE-2016-6291\", \"CVE-2016-6296\", \"CVE-2016-6297\");\n\n script_name(english:\"SUSE SLES11 Security Update : php5 (SUSE-SU-2016:2080-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"php5 was updated to fix the following security issues :\n\n - CVE-2016-6297: Stack-based buffer overflow vulnerability\n in php_stream_zip_opener (bsc#991426).\n\n - CVE-2016-6291: Out-of-bounds access in\n exif_process_IFD_in_MAKERNOTE (bsc#991427).\n\n - CVE-2016-6289: Integer overflow leads to buffer overflow\n in virtual_file_ex (bsc#991428).\n\n - CVE-2016-6290: Use after free in unserialize() with\n Unexpected Session Deserialization (bsc#991429).\n\n - CVE-2016-5399: Improper error handling in bzread()\n (bsc#991430).\n\n - CVE-2016-6288: Buffer over-read in php_url_parse_ex\n (bsc#991433).\n\n - CVE-2016-6296: Heap buffer overflow vulnerability in\n simplestring_addn in simplestring.c (bsc#991437).\n\n - CVE-2016-5769: Mcrypt: Heap Overflow due to integer\n overflows (bsc#986388).\n\n - CVE-2015-8935: XSS in header() with Internet Explorer\n (bsc#986004).\n\n - CVE-2016-5772: Double free corruption in\n wddx_deserialize (bsc#986244).\n\n - CVE-2016-5766: Integer Overflow in _gd2GetHeader()\n resulting in heap overflow (bsc#986386).\n\n - CVE-2016-5767: Integer Overflow in\n gdImagePaletteToTrueColor() resulting in heap overflow\n (bsc#986393).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=986004\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=986244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=986386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=986388\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=986393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991426\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991427\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991433\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8935/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5399/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5766/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5767/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5769/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5772/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6288/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6289/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6290/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6291/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6296/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6297/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162080-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?50764ab8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP2-LTSS:zypper in -t patch\nslessp2-php5-12696=1\n\nSUSE Linux Enterprise Debuginfo 11-SP2:zypper in -t patch\ndbgsp2-php5-12696=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"apache2-mod_php5-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-bcmath-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-bz2-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-calendar-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-ctype-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-curl-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-dba-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-dbase-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-dom-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-exif-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-fastcgi-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-ftp-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-gd-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-gettext-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-gmp-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-hash-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-iconv-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-json-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-ldap-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-mbstring-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-mcrypt-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-mysql-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-odbc-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-openssl-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-pcntl-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-pdo-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-pear-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-pgsql-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-pspell-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-shmop-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-snmp-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-soap-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-suhosin-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-sysvmsg-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-sysvsem-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-sysvshm-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-tokenizer-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-wddx-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-xmlreader-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-xmlrpc-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-xmlwriter-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-xsl-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-zip-5.2.14-0.7.30.89.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-zlib-5.2.14-0.7.30.89.1\")) flag++;\n\n\nif (flag)\n{\n set_kb_item(name:'www/0/XSS', value:TRUE);\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php5\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:53:35", "description": "This update for php53 fixes the following issues :\n\n - security update :\n\n - CVE-2014-3587: Integer overflow in the cdf_read_property_info affecting SLES11 SP3 [bsc#987530]\n\n - CVE-2016-6297: Stack-based buffer overflow vulnerability in php_stream_zip_opener [bsc#991426]\n\n - CVE-2016-6291: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE [bsc#991427]\n\n - CVE-2016-6289: Integer overflow leads to buffer overflow in virtual_file_ex [bsc#991428]\n\n - CVE-2016-6290: Use after free in unserialize() with Unexpected Session Deserialization [bsc#991429]\n\n - CVE-2016-5399: Improper error handling in bzread() [bsc#991430]\n\n - CVE-2016-6288: Buffer over-read in php_url_parse_ex [bsc#991433]\n\n - CVE-2016-6296: Heap buffer overflow vulnerability in simplestring_addn in simplestring.c [bsc#991437]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-09-08T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : php53 (SUSE-SU-2016:2210-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3587", "CVE-2016-3587", "CVE-2016-5399", "CVE-2016-6288", "CVE-2016-6289", "CVE-2016-6290", "CVE-2016-6291", "CVE-2016-6296", "CVE-2016-6297"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_php53", "p-cpe:/a:novell:suse_linux:php53", "p-cpe:/a:novell:suse_linux:php53-bcmath", "p-cpe:/a:novell:suse_linux:php53-bz2", "p-cpe:/a:novell:suse_linux:php53-calendar", "p-cpe:/a:novell:suse_linux:php53-ctype", "p-cpe:/a:novell:suse_linux:php53-curl", "p-cpe:/a:novell:suse_linux:php53-dba", "p-cpe:/a:novell:suse_linux:php53-dom", "p-cpe:/a:novell:suse_linux:php53-exif", "p-cpe:/a:novell:suse_linux:php53-fastcgi", "p-cpe:/a:novell:suse_linux:php53-fileinfo", "p-cpe:/a:novell:suse_linux:php53-ftp", "p-cpe:/a:novell:suse_linux:php53-gd", "p-cpe:/a:novell:suse_linux:php53-gettext", "p-cpe:/a:novell:suse_linux:php53-gmp", "p-cpe:/a:novell:suse_linux:php53-iconv", "p-cpe:/a:novell:suse_linux:php53-intl", "p-cpe:/a:novell:suse_linux:php53-json", "p-cpe:/a:novell:suse_linux:php53-ldap", "p-cpe:/a:novell:suse_linux:php53-mbstring", "p-cpe:/a:novell:suse_linux:php53-mcrypt", "p-cpe:/a:novell:suse_linux:php53-mysql", "p-cpe:/a:novell:suse_linux:php53-odbc", "p-cpe:/a:novell:suse_linux:php53-openssl", "p-cpe:/a:novell:suse_linux:php53-pcntl", "p-cpe:/a:novell:suse_linux:php53-pdo", "p-cpe:/a:novell:suse_linux:php53-pear", "p-cpe:/a:novell:suse_linux:php53-pgsql", "p-cpe:/a:novell:suse_linux:php53-pspell", "p-cpe:/a:novell:suse_linux:php53-shmop", "p-cpe:/a:novell:suse_linux:php53-snmp", "p-cpe:/a:novell:suse_linux:php53-soap", "p-cpe:/a:novell:suse_linux:php53-suhosin", "p-cpe:/a:novell:suse_linux:php53-sysvmsg", "p-cpe:/a:novell:suse_linux:php53-sysvsem", "p-cpe:/a:novell:suse_linux:php53-sysvshm", "p-cpe:/a:novell:suse_linux:php53-tokenizer", "p-cpe:/a:novell:suse_linux:php53-wddx", "p-cpe:/a:novell:suse_linux:php53-xmlreader", "p-cpe:/a:novell:suse_linux:php53-xmlrpc", "p-cpe:/a:novell:suse_linux:php53-xmlwriter", "p-cpe:/a:novell:suse_linux:php53-xsl", "p-cpe:/a:novell:suse_linux:php53-zip", "p-cpe:/a:novell:suse_linux:php53-zlib", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2016-2210-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93367", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2210-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93367);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3587\", \"CVE-2016-3587\", \"CVE-2016-5399\", \"CVE-2016-6288\", \"CVE-2016-6289\", \"CVE-2016-6290\", \"CVE-2016-6291\", \"CVE-2016-6296\", \"CVE-2016-6297\");\n script_bugtraq_id(69325);\n\n script_name(english:\"SUSE SLES11 Security Update : php53 (SUSE-SU-2016:2210-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for php53 fixes the following issues :\n\n - security update :\n\n - CVE-2014-3587: Integer overflow in the\n cdf_read_property_info affecting SLES11 SP3 [bsc#987530]\n\n - CVE-2016-6297: Stack-based buffer overflow vulnerability\n in php_stream_zip_opener [bsc#991426]\n\n - CVE-2016-6291: Out-of-bounds access in\n exif_process_IFD_in_MAKERNOTE [bsc#991427]\n\n - CVE-2016-6289: Integer overflow leads to buffer overflow\n in virtual_file_ex [bsc#991428]\n\n - CVE-2016-6290: Use after free in unserialize() with\n Unexpected Session Deserialization [bsc#991429]\n\n - CVE-2016-5399: Improper error handling in bzread()\n [bsc#991430]\n\n - CVE-2016-6288: Buffer over-read in php_url_parse_ex\n [bsc#991433]\n\n - CVE-2016-6296: Heap buffer overflow vulnerability in\n simplestring_addn in simplestring.c [bsc#991437]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=987530\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991426\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991427\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991433\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-3587/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3587/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5399/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6288/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6289/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6290/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6291/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6296/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6297/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162210-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?afc57c21\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-php53-12724=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-php53-12724=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-php53-12724=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/08/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"apache2-mod_php53-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-bcmath-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-bz2-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-calendar-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-ctype-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-curl-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-dba-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-dom-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-exif-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-fastcgi-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-fileinfo-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-ftp-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-gd-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-gettext-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-gmp-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-iconv-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-intl-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-json-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-ldap-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-mbstring-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-mcrypt-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-mysql-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-odbc-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-openssl-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pcntl-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pdo-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pear-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pgsql-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pspell-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-shmop-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-snmp-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-soap-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-suhosin-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-sysvmsg-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-sysvsem-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-sysvshm-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-tokenizer-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-wddx-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xmlreader-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xmlrpc-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xmlwriter-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xsl-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-zip-5.3.17-79.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-zlib-5.3.17-79.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:39:45", "description": "Versions of PHP 5.6.x prior to 5.6.26 and 7.0.x prior to 7.0.11 are vulnerable to the following issues :\n\n - An overflow condition exists in the 'msgfmt_format_message()' function in 'common/locid.cpp' that is triggered when handling local strings. This may allow a remote attacker to cause a stack-based buffer overflow, resulting in a crash or potentially allowing the execution of arbitrary code.\n - An overflow condition exists in the 'php_mysqlnd_rowp_read_text_protocol_aux()' function in 'ext/mysqlnd/mysqlnd_wireprotocol.c' that is triggered when handling the BIT field. This may allow a context-dependent or Man-in-the-Middle (MitM) attacker to cause a heap-based buffer overflow, resulting in a crash or potentially allowing the execution of arbitrary code.\n - A use-after-free error exists in the 'wddx_stack_destroy()' function in 'ext/wddx/wddx.c' that is triggered when deserializing 'recordset' elements. This may allow a remote attacker to dereference already freed memory and potentially execute arbitrary code.\n - An out-of-bounds access flaw exists in the 'phar_parse_zipfile()' function in 'ext/phar/zip.c' that is triggered when handling the uncompressed file size. This may allow a remote attacker to have an unspecified impact.\n - A flaw exists in the 'spl_array_get_dimension_ptr_ptr()' function in 'ext/spl/spl_array.c' that is triggered as types are not properly checked during the unserialization of 'SplArray'. This may allow a remote attacker to cause a crash or potentially have a more severe, unspecified impact.\n - An out-of-bounds access flaw exists in the 'phar_parse_tarfile()' function in 'ext/phar/tar.c' that is triggered during the verification of signatures. This may allow a remote attacker to have an unspecified impact.\n - A flaw is triggered as certain input is not properly validated when destroying deserialized objects. This may allow a remote attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code.\n - An out-of-bounds read flaw exists in the 'php_wddx_push_element()' function in 'ext/wddx/wddx.c' that may allow a remote attacker to cause a crash or potentially disclose memory contents.\n - An integer overflow flaw exists in the 'fgetcsv()' function. The issue is triggered as certain input is not properly validated when handling CSV field lengths. This may allow a remote attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code.\n - An integer overflow flaw exists in the 'wordwrap()' function in 'ext/standard/string.c'. The issue is triggered as certain input is not properly validated. This may allow a remote attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code.\n - An integer overflow flaw exists in the 'fgets()' function in 'ext/standard/file.c'. The issue is triggered as certain input is not properly validated. This may allow a remote attacker to corrupt memory and cause a denial of service or potentially execute arbitrary code.\n - An integer overflow condition exists in the 'xml_utf8_encode()' function in 'ext/xml/xml.c'. The issue is triggered as certain input is not properly validated. This may allow a remote attacker to have an unspecified impact.\n - A flaw exists in the 'exif_process_IFD_in_TIFF()' function in 'ext/exif/exif.c' that is triggered during the handling of uninitialized thumbnail data. This may allow a remote attacker to disclose the contents of memory.", "cvss3": {"score": 7.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2016-09-26T00:00:00", "type": "nessus", "title": "PHP 5.6.x < 5.6.26 / 7.0.x < 7.0.11 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7411", "CVE-2016-7412", "CVE-2016-7413", "CVE-2016-7414", "CVE-2016-7416", "CVE-2016-7417", "CVE-2016-7418", "CVE-2016-7415"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "9580.PRM", "href": "https://www.tenable.com/plugins/nnm/9580", "sourceData": "Binary data 9580.prm", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-11T15:16:16", "description": "This update for php5 fixes the following security issues :\n\n - CVE-2016-6294: The locale_accept_from_http function in ext/intl/locale/locale_methods.c did not properly restrict calls to the ICU uloc_acceptLanguageFromHTTP function, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long argument (bsc#1035111).\n\n - CVE-2017-9227: A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching.\n (bsc#1040883)\n\n - CVE-2017-9226: A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. (bsc#1040889)\n\n - CVE-2017-9224: A stack out-of-bounds read occurs in match_at() during regular expression searching.\n (bsc#1040891)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : php5 (SUSE-SU-2017:1662-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6294", "CVE-2017-9224", "CVE-2017-9226", "CVE-2017-9227"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_php5", "p-cpe:/a:novell:suse_linux:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:suse_linux:php5", "p-cpe:/a:novell:suse_linux:php5-bcmath", "p-cpe:/a:novell:suse_linux:php5-bcmath-debuginfo", "p-cpe:/a:novell:suse_linux:php5-bz2", "p-cpe:/a:novell:suse_linux:php5-bz2-debuginfo", "p-cpe:/a:novell:suse_linux:php5-calendar", "p-cpe:/a:novell:suse_linux:php5-calendar-debuginfo", "p-cpe:/a:novell:suse_linux:php5-ctype", "p-cpe:/a:novell:suse_linux:php5-ctype-debuginfo", "p-cpe:/a:novell:suse_linux:php5-curl", "p-cpe:/a:novell:suse_linux:php5-curl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-dba", "p-cpe:/a:novell:suse_linux:php5-dba-debuginfo", "p-cpe:/a:novell:suse_linux:php5-debuginfo", "p-cpe:/a:novell:suse_linux:php5-debugsource", "p-cpe:/a:novell:suse_linux:php5-dom", "p-cpe:/a:novell:suse_linux:php5-dom-debuginfo", "p-cpe:/a:novell:suse_linux:php5-enchant", "p-cpe:/a:novell:suse_linux:php5-enchant-debuginfo", "p-cpe:/a:novell:suse_linux:php5-exif", "p-cpe:/a:novell:suse_linux:php5-exif-debuginfo", "p-cpe:/a:novell:suse_linux:php5-fastcgi", "p-cpe:/a:novell:suse_linux:php5-fastcgi-debuginfo", "p-cpe:/a:novell:suse_linux:php5-fileinfo", "p-cpe:/a:novell:suse_linux:php5-fileinfo-debuginfo", "p-cpe:/a:novell:suse_linux:php5-fpm", "p-cpe:/a:novell:suse_linux:php5-fpm-debuginfo", "p-cpe:/a:novell:suse_linux:php5-ftp", "p-cpe:/a:novell:suse_linux:php5-ftp-debuginfo", "p-cpe:/a:novell:suse_linux:php5-gd", "p-cpe:/a:novell:suse_linux:php5-gd-debuginfo", "p-cpe:/a:novell:suse_linux:php5-gettext", "p-cpe:/a:novell:suse_linux:php5-gettext-debuginfo", "p-cpe:/a:novell:suse_linux:php5-gmp", "p-cpe:/a:novell:suse_linux:php5-gmp-debuginfo", "p-cpe:/a:novell:suse_linux:php5-iconv", "p-cpe:/a:novell:suse_linux:php5-iconv-debuginfo", "p-cpe:/a:novell:suse_linux:php5-imap", "p-cpe:/a:novell:suse_linux:php5-imap-debuginfo", "p-cpe:/a:novell:suse_linux:php5-intl", "p-cpe:/a:novell:suse_linux:php5-intl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-json", "p-cpe:/a:novell:suse_linux:php5-json-debuginfo", "p-cpe:/a:novell:suse_linux:php5-ldap", "p-cpe:/a:novell:suse_linux:php5-ldap-debuginfo", "p-cpe:/a:novell:suse_linux:php5-mbstring", "p-cpe:/a:novell:suse_linux:php5-mbstring-debuginfo", "p-cpe:/a:novell:suse_linux:php5-mcrypt", "p-cpe:/a:novell:suse_linux:php5-mcrypt-debuginfo", "p-cpe:/a:novell:suse_linux:php5-mysql", "p-cpe:/a:novell:suse_linux:php5-mysql-debuginfo", "p-cpe:/a:novell:suse_linux:php5-odbc", "p-cpe:/a:novell:suse_linux:php5-odbc-debuginfo", "p-cpe:/a:novell:suse_linux:php5-opcache", "p-cpe:/a:novell:suse_linux:php5-opcache-debuginfo", "p-cpe:/a:novell:suse_linux:php5-openssl", "p-cpe:/a:novell:suse_linux:php5-openssl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pcntl", "p-cpe:/a:novell:suse_linux:php5-pcntl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pdo", "p-cpe:/a:novell:suse_linux:php5-pdo-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pgsql", "p-cpe:/a:novell:suse_linux:php5-pgsql-debuginfo", "p-cpe:/a:novell:suse_linux:php5-phar", "p-cpe:/a:novell:suse_linux:php5-phar-debuginfo", "p-cpe:/a:novell:suse_linux:php5-posix", "p-cpe:/a:novell:suse_linux:php5-posix-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pspell", "p-cpe:/a:novell:suse_linux:php5-pspell-debuginfo", "p-cpe:/a:novell:suse_linux:php5-shmop", "p-cpe:/a:novell:suse_linux:php5-shmop-debuginfo", "p-cpe:/a:novell:suse_linux:php5-snmp", "p-cpe:/a:novell:suse_linux:php5-snmp-debuginfo", "p-cpe:/a:novell:suse_linux:php5-soap", "p-cpe:/a:novell:suse_linux:php5-soap-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sockets", "p-cpe:/a:novell:suse_linux:php5-sockets-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sqlite", "p-cpe:/a:novell:suse_linux:php5-sqlite-debuginfo", "p-cpe:/a:novell:suse_linux:php5-suhosin", "p-cpe:/a:novell:suse_linux:php5-suhosin-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sysvmsg", "p-cpe:/a:novell:suse_linux:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sysvsem", "p-cpe:/a:novell:suse_linux:php5-sysvsem-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sysvshm", "p-cpe:/a:novell:suse_linux:php5-sysvshm-debuginfo", "p-cpe:/a:novell:suse_linux:php5-tokenizer", "p-cpe:/a:novell:suse_linux:php5-tokenizer-debuginfo", "p-cpe:/a:novell:suse_linux:php5-wddx", "p-cpe:/a:novell:suse_linux:php5-wddx-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xmlreader", "p-cpe:/a:novell:suse_linux:php5-xmlreader-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xmlrpc", "p-cpe:/a:novell:suse_linux:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xmlwriter", "p-cpe:/a:novell:suse_linux:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xsl", "p-cpe:/a:novell:suse_linux:php5-xsl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-zip", "p-cpe:/a:novell:suse_linux:php5-zip-debuginfo", "p-cpe:/a:novell:suse_linux:php5-zlib", "p-cpe:/a:novell:suse_linux:php5-zlib-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1662-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119999", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1662-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119999);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-6294\", \"CVE-2017-9224\", \"CVE-2017-9226\", \"CVE-2017-9227\");\n\n script_name(english:\"SUSE SLES12 Security Update : php5 (SUSE-SU-2017:1662-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for php5 fixes the following security issues :\n\n - CVE-2016-6294: The locale_accept_from_http function in\n ext/intl/locale/locale_methods.c did not properly\n restrict calls to the ICU uloc_acceptLanguageFromHTTP\n function, which allowed remote attackers to cause a\n denial of service (out-of-bounds read) or possibly have\n unspecified other impact via a call with a long argument\n (bsc#1035111).\n\n - CVE-2017-9227: A stack out-of-bounds read occurs in\n mbc_enc_len() during regular expression searching.\n (bsc#1040883)\n\n - CVE-2017-9226: A heap out-of-bounds write or read occurs\n in next_state_val() during regular expression\n compilation. (bsc#1040889)\n\n - CVE-2017-9224: A stack out-of-bounds read occurs in\n match_at() during regular expression searching.\n (bsc#1040891)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1035111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1040883\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1040889\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1040891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6294/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-9224/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-9226/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-9227/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171662-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fcca347d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t\npatch SUSE-SLE-SDK-12-SP2-2017-1030=1\n\nSUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-12-2017-1030=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-opcache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"apache2-mod_php5-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"apache2-mod_php5-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-bcmath-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-bcmath-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-bz2-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-bz2-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-calendar-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-calendar-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ctype-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ctype-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-curl-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-curl-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-dba-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-dba-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-debugsource-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-dom-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-dom-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-enchant-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-enchant-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-exif-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-exif-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fastcgi-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fastcgi-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fileinfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fileinfo-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fpm-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fpm-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ftp-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ftp-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gd-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gd-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gettext-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gettext-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gmp-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gmp-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-iconv-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-iconv-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-imap-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-imap-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-intl-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-intl-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-json-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-json-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ldap-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ldap-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mbstring-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mbstring-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mcrypt-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mcrypt-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mysql-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mysql-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-odbc-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-odbc-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-opcache-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-opcache-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-openssl-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-openssl-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pcntl-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pcntl-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pdo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pdo-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pgsql-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pgsql-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-phar-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-phar-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-posix-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-posix-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pspell-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pspell-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-shmop-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-shmop-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-snmp-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-snmp-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-soap-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-soap-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sockets-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sockets-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sqlite-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sqlite-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-suhosin-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-suhosin-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvmsg-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvmsg-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvsem-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvsem-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvshm-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvshm-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-tokenizer-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-tokenizer-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-wddx-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-wddx-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlreader-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlreader-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlrpc-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlrpc-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlwriter-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlwriter-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xsl-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xsl-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-zip-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-zip-debuginfo-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-zlib-5.5.14-108.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-zlib-debuginfo-5.5.14-108.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php5\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-11T15:17:51", "description": "This update for php5 fixes the following security issues :\n\n - CVE-2016-6294: The locale_accept_from_http function in ext/intl/locale/locale_methods.c did not properly restrict calls to the ICU uloc_acceptLanguageFromHTTP function, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long argument (bsc#1035111).\n\n - CVE-2017-9227: A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching.\n (bsc#1040883)\n\n - CVE-2017-9226: A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. (bsc#1040889)\n\n - CVE-2017-9224: A stack out-of-bounds read occurs in match_at() during regular expression searching.\n (bsc#1040891)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-07-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : php5 (openSUSE-2017-764)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6294", "CVE-2017-9224", "CVE-2017-9226", "CVE-2017-9227"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:php5-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:php5-curl-debuginfo", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-dba-debuginfo", "p-cpe:/a:novell:opensuse:php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-debugsource", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-dom-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-exif-debuginfo", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php5-firebird", "p-cpe:/a:novell:opensuse:php5-firebird-debuginfo", "p-cpe:/a:novell:opensuse:php5-fpm", "p-cpe:/a:novell:opensuse:php5-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-gd-debuginfo", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-imap-debuginfo", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-intl-debuginfo", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-json-debuginfo", "p-cpe:/a:novell:opensuse:php5-ldap", "p-cpe:/a:novell:opensuse:php5-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo", "p-cpe:/a:novell:opensuse:php5-mssql", "p-cpe:/a:novell:opensuse:php5-mssql-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php5-opcache", "p-cpe:/a:novell:opensuse:php5-opcache-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-pdo-debuginfo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-phar-debuginfo", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-posix-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-pspell-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-readline-debuginfo", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-soap-debuginfo", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-zip-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib", "p-cpe:/a:novell:opensuse:php5-zlib-debuginfo", "cpe:/o:novell:opensuse:42.2"], "id": "OPENSUSE-2017-764.NASL", "href": "https://www.tenable.com/plugins/nessus/101219", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-764.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101219);\n script_version(\"3.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-6294\", \"CVE-2017-9224\", \"CVE-2017-9226\", \"CVE-2017-9227\");\n\n script_name(english:\"openSUSE Security Update : php5 (openSUSE-2017-764)\");\n script_summary(english:\"Check for the openSUSE-2017-764 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for php5 fixes the following security issues :\n\n - CVE-2016-6294: The locale_accept_from_http function in\n ext/intl/locale/locale_methods.c did not properly\n restrict calls to the ICU uloc_acceptLanguageFromHTTP\n function, which allowed remote attackers to cause a\n denial of service (out-of-bounds read) or possibly have\n unspecified other impact via a call with a long argument\n (bsc#1035111).\n\n - CVE-2017-9227: A stack out-of-bounds read occurs in\n mbc_enc_len() during regular expression searching.\n (bsc#1040883)\n\n - CVE-2017-9226: A heap out-of-bounds write or read occurs\n in next_state_val() during regular expression\n compilation. (bsc#1040889)\n\n - CVE-2017-9224: A stack out-of-bounds read occurs in\n match_at() during regular expression searching.\n (bsc#1040891)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1035111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1040883\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1040889\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1040891\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-opcache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"apache2-mod_php5-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"apache2-mod_php5-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-bcmath-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-bcmath-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-bz2-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-bz2-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-calendar-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-calendar-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-ctype-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-ctype-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-curl-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-curl-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-dba-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-dba-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-debugsource-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-devel-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-dom-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-dom-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-enchant-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-enchant-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-exif-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-exif-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-fastcgi-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-fastcgi-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-fileinfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-fileinfo-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-firebird-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-firebird-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-fpm-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-fpm-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-ftp-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-ftp-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-gd-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-gd-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-gettext-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-gettext-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-gmp-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-gmp-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-iconv-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-iconv-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-imap-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-imap-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-intl-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-intl-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-json-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-json-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-ldap-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-ldap-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-mbstring-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-mbstring-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-mcrypt-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-mcrypt-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-mssql-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-mssql-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-mysql-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-mysql-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-odbc-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-odbc-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-opcache-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-opcache-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-openssl-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-openssl-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-pcntl-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-pcntl-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-pdo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-pdo-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-pear-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-pgsql-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-pgsql-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-phar-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-phar-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-posix-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-posix-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-pspell-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-pspell-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-readline-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-readline-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-shmop-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-shmop-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-snmp-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-snmp-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-soap-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-soap-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-sockets-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-sockets-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-sqlite-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-sqlite-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-suhosin-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-suhosin-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-sysvmsg-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-sysvmsg-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-sysvsem-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-sysvsem-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-sysvshm-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-sysvshm-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-tidy-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-tidy-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-tokenizer-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-tokenizer-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-wddx-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-wddx-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-xmlreader-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-xmlreader-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-xmlrpc-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-xmlrpc-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-xmlwriter-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-xmlwriter-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-xsl-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-xsl-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-zip-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-zip-debuginfo-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-zlib-5.5.14-77.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"php5-zlib-debuginfo-5.5.14-77.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-11T15:49:50", "description": "According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error involving order of validation and access in match_at() could result in an out-of-bounds read from a stack buffer.(CVE-2017-9224)\n\n - An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of '\\700' would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption.(CVE-2017-9226)\n\n - An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching.\n Invalid handling of reg->dmin in forward_search_range() could result in an invalid pointer dereference, as an out-of-bounds read from a stack buffer.(CVE-2017-9227)\n\n - An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitset_set_range() during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect state transition in parse_char_class() could create an execution path that leaves a critical local variable uninitialized until it's used as an index, resulting in an out-of-bounds write memory corruption.(CVE-2017-9228)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-12-10T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : ruby (EulerOS-SA-2019-2403)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9224", "CVE-2017-9226", "CVE-2017-9227", "CVE-2017-9228"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ruby", "p-cpe:/a:huawei:euleros:ruby-irb", "p-cpe:/a:huawei:euleros:ruby-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2403.NASL", "href": "https://www.tenable.com/plugins/nessus/131895", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131895);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-9224\",\n \"CVE-2017-9226\",\n \"CVE-2017-9227\",\n \"CVE-2017-9228\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : ruby (EulerOS-SA-2019-2403)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ruby packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - An issue was discovered in Oniguruma 6.2.0, as used in\n Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP\n through 7.1.5. A stack out-of-bounds read occurs in\n match_at() during regular expression searching. A\n logical error involving order of validation and access\n in match_at() could result in an out-of-bounds read\n from a stack buffer.(CVE-2017-9224)\n\n - An issue was discovered in Oniguruma 6.2.0, as used in\n Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP\n through 7.1.5. A heap out-of-bounds write or read\n occurs in next_state_val() during regular expression\n compilation. Octal numbers larger than 0xff are not\n handled correctly in fetch_token() and\n fetch_token_in_cc(). A malformed regular expression\n containing an octal number in the form of '\\700' would\n produce an invalid code point value larger than 0xff in\n next_state_val(), resulting in an out-of-bounds write\n memory corruption.(CVE-2017-9226)\n\n - An issue was discovered in Oniguruma 6.2.0, as used in\n Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP\n through 7.1.5. A stack out-of-bounds read occurs in\n mbc_enc_len() during regular expression searching.\n Invalid handling of reg->dmin in forward_search_range()\n could result in an invalid pointer dereference, as an\n out-of-bounds read from a stack buffer.(CVE-2017-9227)\n\n - An issue was discovered in Oniguruma 6.2.0, as used in\n Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP\n through 7.1.5. A heap out-of-bounds write occurs in\n bitset_set_range() during regular expression\n compilation due to an uninitialized variable from an\n incorrect state transition. An incorrect state\n transition in parse_char_class() could create an\n execution path that leaves a critical local variable\n uninitialized until it's used as an index, resulting in\n an out-of-bounds write memory\n corruption.(CVE-2017-9228)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2403\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bde7aae9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ruby-2.0.0.648-33.h16\",\n \"ruby-irb-2.0.0.648-33.h16\",\n \"ruby-libs-2.0.0.648-33.h16\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-11T15:18:22", "description": "the PHP project reports :\n\n- A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error involving order of validation and access in match_at() could result in an out-of-bounds read from a stack buffer (CVE-2017-9224).\n\n- A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of '\\700' would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption (CVE-2017-9226).\n\n- A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching. Invalid handling of reg->dmin in forward_search_range() could result in an invalid pointer dereference, as an out-of-bounds read from a stack buffer (CVE-2017-9227).\n\n- A heap out-of-bounds write occurs in bitset_set_range() during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect state transition in parse_char_class() could create an execution path that leaves a critical local variable uninitialized until it's used as an index, resulting in an out-of-bounds write memory corruption (CVE-2017-9228).\n\n- A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg->dmax in forward_search_range() could result in an invalid pointer dereference, normally as an immediate denial-of-service condition (CVE-2017-9228).", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-07-10T00:00:00", "type": "nessus", "title": "FreeBSD : oniguruma -- multiple vulnerabilities (b396cf6c-62e6-11e7-9def-b499baebfeaf)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9224", "CVE-2017-9226", "CVE-2017-9227", "CVE-2017-9228"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:libevhtp", "p-cpe:/a:freebsd:freebsd:oniguruma4", "p-cpe:/a:freebsd:freebsd:oniguruma5", "p-cpe:/a:freebsd:freebsd:oniguruma6", "p-cpe:/a:freebsd:freebsd:php56-mbstring", "p-cpe:/a:freebsd:freebsd:php70-mbstring", "p-cpe:/a:freebsd:freebsd:php71-mbstring", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_B396CF6C62E611E79DEFB499BAEBFEAF.NASL", "href": "https://www.tenable.com/plugins/nessus/101332", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101332);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-9224\", \"CVE-2017-9226\", \"CVE-2017-9227\", \"CVE-2017-9228\");\n\n script_name(english:\"FreeBSD : oniguruma -- multiple vulnerabilities (b396cf6c-62e6-11e7-9def-b499baebfeaf)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"the PHP project reports :\n\n- A stack out-of-bounds read occurs in match_at() during regular\nexpression searching. A logical error involving order of validation\nand access in match_at() could result in an out-of-bounds read from a\nstack buffer (CVE-2017-9224).\n\n- A heap out-of-bounds write or read occurs in next_state_val() during\nregular expression compilation. Octal numbers larger than 0xff are not\nhandled correctly in fetch_token() and fetch_token_in_cc(). A\nmalformed regular expression containing an octal number in the form of\n'\\700' would produce an invalid code point value larger than 0xff in\nnext_state_val(), resulting in an out-of-bounds write memory\ncorruption (CVE-2017-9226).\n\n- A stack out-of-bounds read occurs in mbc_enc_len() during regular\nexpression searching. Invalid handling of reg->dmin in\nforward_search_range() could result in an invalid pointer dereference,\nas an out-of-bounds read from a stack buffer (CVE-2017-9227).\n\n- A heap out-of-bounds write occurs in bitset_set_range() during\nregular expression compilation due to an uninitialized variable from\nan incorrect state transition. An incorrect state transition in\nparse_char_class() could create an execution path that leaves a\ncritical local variable uninitialized until it's used as an index,\nresulting in an out-of-bounds write memory corruption (CVE-2017-9228).\n\n- A SIGSEGV occurs in left_adjust_char_head() during regular\nexpression compilation. Invalid handling of reg->dmax in\nforward_search_range() could result in an invalid pointer dereference,\nnormally as an immediate denial-of-service condition (CVE-2017-9228).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-7.php\"\n );\n # https://vuxml.freebsd.org/freebsd/b396cf6c-62e6-11e7-9def-b499baebfeaf.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d3123c8d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libevhtp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:oniguruma4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:oniguruma5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:oniguruma6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php56-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php70-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php71-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"libevhtp<1.2.14\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"oniguruma4<4.7.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"oniguruma5<5.9.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"oniguruma6<6.4.0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php56-mbstring<5.6.31\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php70-mbstring<7.0.21\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php71-mbstring<7.1.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:39:43", "description": "According to its banner, the version of PHP running on the remote web server is 5.5.x prior to 5.5.28. It is, therefore, affected by multiple vulnerabilities :\n\n - Multiple use-after-free errors exist in spl_array.c, spl_observer.c, and spl_dllist.c due to improper sanitization of input to the unserialize() function. An attacker can exploit these issues, by using a specially crafted SplDoublyLinkedList, SplArrayObject, or SplObjectStorage object, to deference freed memory and thus execute arbitrary code. (CVE-2015-6831)\n\n - A dangling pointer error exists in file spl_array.c due to improper sanitization of input to the unserialize() function. An attacker can exploit this, by using a specially crafted SplDoublyLinkedList object, to gain control over a deallocated pointer and thus execute arbitrary code. (CVE-2015-6832)\n\n - A path traversal flaw exists in file phar_object.c due to improper sanitization of user-supplied input. An attacker can exploit this to write arbitrary files.\n (CVE-2015-6833)\n\n - A type confusion flaw exists in the serialize_function_call() function in soap.c due to improper validation of input passed via the header field. A remote attacker can exploit this to execute arbitrary code. (CVE-2015-6836)\n\n - Multiple type confusion flaws exist in the _call() method in file php_http.c when handling calls for zend_hash_get_current_key or 'Z*'. An attacker can exploit this to disclose memory contents or crash an application using PHP. (CVE-2015-8835)\n\n - The openssl_random_pseudo_bytes() function in file openssl.c does not generate sufficiently random numbers.\n This allows an attacker to more easily predict the results, thus allowing further attacks to be carried out. (CVE-2015-8867)\n\n - A flaw exists in file zend_exceptions.c due to the improper use of the function unserialize() during recursive method calls. A remote attacker can exploit this to crash an application using PHP. (CVE-2015-8873)\n\n - A flaw exists in file zend_exceptions.c due to insufficient type checking by functions unserialize() and __toString(). A remote attacker can exploit this to cause a NULL pointer deference or unexpected method execution, thus causing an application using PHP to crash. (CVE-2015-8876)\n\n - An integer truncation flaw exists in the zend_hash_compare() function in zend_hash.c that is triggered when comparing arrays. A remote attacker can exploit this to cause arrays to be improperly matched during comparison.\n Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-08-11T00:00:00", "type": "nessus", "title": "PHP 5.5.x < 5.5.28 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-6831", "CVE-2015-6832", "CVE-2015-6833", "CVE-2015-6836", "CVE-2015-8835", "CVE-2015-8867", "CVE-2015-8873", "CVE-2015-8876"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_5_28.NASL", "href": "https://www.tenable.com/plugins/nessus/85299", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85299);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2015-6831\",\n \"CVE-2015-6832\",\n \"CVE-2015-6833\",\n \"CVE-2015-6836\",\n \"CVE-2015-8835\",\n \"CVE-2015-8867\",\n \"CVE-2015-8873\",\n \"CVE-2015-8876\"\n );\n script_xref(name:\"EDB-ID\", value:\"38304\");\n\n script_name(english:\"PHP 5.5.x < 5.5.28 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP running on the remote web\nserver is 5.5.x prior to 5.5.28. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - Multiple use-after-free errors exist in spl_array.c,\n spl_observer.c, and spl_dllist.c due to improper\n sanitization of input to the unserialize() function. An\n attacker can exploit these issues, by using a specially\n crafted SplDoublyLinkedList, SplArrayObject, or\n SplObjectStorage object, to deference freed memory and\n thus execute arbitrary code. (CVE-2015-6831)\n\n - A dangling pointer error exists in file spl_array.c due\n to improper sanitization of input to the unserialize()\n function. An attacker can exploit this, by using a\n specially crafted SplDoublyLinkedList object, to gain\n control over a deallocated pointer and thus execute\n arbitrary code. (CVE-2015-6832)\n\n - A path traversal flaw exists in file phar_object.c due\n to improper sanitization of user-supplied input. An\n attacker can exploit this to write arbitrary files.\n (CVE-2015-6833)\n\n - A type confusion flaw exists in the\n serialize_function_call() function in soap.c due to\n improper validation of input passed via the header\n field. A remote attacker can exploit this to execute\n arbitrary code. (CVE-2015-6836)\n\n - Multiple type confusion flaws exist in the _call()\n method in file php_http.c when handling calls for\n zend_hash_get_current_key or 'Z*'. An attacker can\n exploit this to disclose memory contents or crash\n an application using PHP. (CVE-2015-8835)\n\n - The openssl_random_pseudo_bytes() function in file\n openssl.c does not generate sufficiently random numbers.\n This allows an attacker to more easily predict the\n results, thus allowing further attacks to be carried\n out. (CVE-2015-8867)\n\n - A flaw exists in file zend_exceptions.c due to the\n improper use of the function unserialize() during\n recursive method calls. A remote attacker can exploit\n this to crash an application using PHP. (CVE-2015-8873)\n\n - A flaw exists in file zend_exceptions.c due to\n insufficient type checking by functions unserialize()\n and __toString(). A remote attacker can exploit this to\n cause a NULL pointer deference or unexpected method\n execution, thus causing an application using PHP to\n crash. (CVE-2015-8876)\n\n - An integer truncation flaw exists in the\n zend_hash_compare() function in zend_hash.c that is\n triggered when comparing arrays. A remote attacker can\n exploit this to cause arrays to be improperly matched\n during comparison.\n \nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.5.28\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/fulldisclosure/2015/Aug/17\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/fulldisclosure/2015/Aug/18\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/fulldisclosure/2015/Aug/19\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=69793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=70121\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.5.28 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-8876\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/06/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.5)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.5\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.5.x\", port);\n\nif (version =~ \"^5\\.5\\.([0-9]|1[0-9]|2[0-7])($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 5.5.28' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-12T14:39:15", "description": "According to its banner, the version of PHP running on the remote web server is 5.5.x prior to 5.5.38. It is, therefore, affected by multiple vulnerabilities :\n\n - A Segfault condition occurs when accessing nvarchar(max) defined columns. (CVE-2015-8879)\n\n - A man-in-the-middle vulnerability exists, known as 'httpoxy', due to a failure to properly resolve namespace conflicts in accordance with RFC 3875 section 4.1.18. The HTTP_PROXY environment variable is set based on untrusted user data in the 'Proxy' header of HTTP requests. The HTTP_PROXY environment variable is used by some web client libraries to specify a remote proxy server. An unauthenticated, remote attacker can exploit this, via a crafted 'Proxy' header in an HTTP request, to redirect an application's internal HTTP traffic to an arbitrary proxy server where it may be observed or manipulated. (CVE-2016-5385)\n\n - An overflow condition exists in the php_bz2iop_read() function within file ext/bz2/bz2.c due to improper handling of error conditions. An unauthenticated, remote attacker can exploit this, via a crafted request, to execute arbitrary code. (CVE-2016-5399)\n\n - A flaw exists in the GD Graphics Library (libgd), specifically in the gdImageScaleTwoPass() function within file gd_interpolation.c, due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a denial of service condition. (CVE-2016-6207)\n\n - A buffer overflow condition exists in the php_url_parse_ex() function. (CVE-2016-6288)\n\n - An integer overflow condition exists in the virtual_file_ex() function within file Zend/zend_virtual_cwd.c due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-6289)\n\n - A use-after-free error exists within the file ext/session/session.c when handling 'var_hash' destruction. An unauthenticated, remote attacker can exploit this to deference already freed memory, resulting in the execution of arbitrary code.\n (CVE-2016-6290)\n\n - An out-of-bounds read error exists in the exif_process_IFD_in_MAKERNOTE() function within file ext/exif/exif.c. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or disclose memory contents. (CVE-2016-6291)\n\n - A NULL pointer dereference flaw exists in the exif_process_user_comment() function within file ext/exif/exif.c. An unauthenticated, remote attacker can exploit this to cause a denial of service condition.\n (CVE-2016-6292)\n\n - Multiple out-of-bounds read errors exist in the locale_accept_from_http() function within file ext/intl/locale/locale_methods.c. An unauthenticated, remote attacker can exploit these to cause a denial of service condition or disclose memory contents.\n (CVE-2016-6293, CVE-2016-6294)\n\n - A use-after-free error exists within file ext/snmp/snmp.c when handling garbage collection during deserialization of user-supplied input. An unauthenticated, remote attacker can exploit this to deference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-6295)\n\n - A heap-based buffer overflow condition exists in the simplestring_addn() function within file simplestring.c due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-6296)\n\n - An integer overflow condition exists in the php_stream_zip_opener() function within file ext/zip/zip_stream.c due to improper validation of user-supplied input when handling zip streams. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-6297)\n\n - An out-of-bounds read error exists in the GD Graphics Library (libgd), specifically in the gdImageScaleBilinearPalette() function within file gd_interpolation.c, when handling transparent color. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or disclose memory contents.\n\n - A heap-based buffer overflow condition exists in the mdecrypt_generic() function within file ext/mcrypt/mcrypt.c due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or the execution of arbitrary code.\n\n - A NULL write flaw exists in the GD Graphics Library (libgd) in the gdImageColorTransparent() function due to improper handling of negative transparent colors. A remote attacker can exploit this to disclose memory contents.\n\n - An overflow condition exists in the php_url_prase_ex() function due to improper validation of user-supplied input. A remote attacker can exploit this to cause a buffer overflow, resulting in a denial of service condition.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-07-26T00:00:00", "type": "nessus", "title": "PHP 5.5.x < 5.5.38 Multiple Vulnerabilities (httpoxy)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8879", "CVE-2016-5385", "CVE-2016-5399", "CVE-2016-6207", "CVE-2016-6288", "CVE-2016-6289", "CVE-2016-6290", "CVE-2016-6291", "CVE-2016-6292", "CVE-2016-6293", "CVE-2016-6294", "CVE-2016-6295", "CVE-2016-6296", "CVE-2016-6297"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_5_38.NASL", "href": "https://www.tenable.com/plugins/nessus/92554", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92554);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2015-8879\",\n \"CVE-2016-5385\",\n \"CVE-2016-5399\",\n \"CVE-2016-6207\",\n \"CVE-2016-6288\",\n \"CVE-2016-6289\",\n \"CVE-2016-6290\",\n \"CVE-2016-6291\",\n \"CVE-2016-6292\",\n \"CVE-2016-6293\",\n \"CVE-2016-6294\",\n \"CVE-2016-6295\",\n \"CVE-2016-6296\",\n \"CVE-2016-6297\"\n );\n script_bugtraq_id(\n 90842,\n 91821,\n 92051,\n 92073,\n 92074,\n 92078,\n 92094,\n 92095,\n 92097,\n 92099,\n 92111\n );\n script_xref(name:\"CERT\", value:\"797896\");\n script_xref(name:\"EDB-ID\", value:\"40155\");\n\n script_name(english:\"PHP 5.5.x < 5.5.38 Multiple Vulnerabilities (httpoxy)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of PHP running on the remote web server is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP running on the remote web\nserver is 5.5.x prior to 5.5.38. It is, therefore, affected by\nmultiple vulnerabilities :\n\n - A Segfault condition occurs when accessing\n nvarchar(max) defined columns. (CVE-2015-8879)\n\n - A man-in-the-middle vulnerability exists, known as\n 'httpoxy', due to a failure to properly resolve\n namespace conflicts in accordance with RFC 3875 section\n 4.1.18. The HTTP_PROXY environment variable is set based\n on untrusted user data in the 'Proxy' header of HTTP\n requests. The HTTP_PROXY environment variable is used by\n some web client libraries to specify a remote proxy\n server. An unauthenticated, remote attacker can exploit\n this, via a crafted 'Proxy' header in an HTTP request,\n to redirect an application's internal HTTP traffic to an\n arbitrary proxy server where it may be observed or\n manipulated. (CVE-2016-5385)\n\n - An overflow condition exists in the php_bz2iop_read()\n function within file ext/bz2/bz2.c due to improper\n handling of error conditions. An unauthenticated, remote\n attacker can exploit this, via a crafted request, to\n execute arbitrary code. (CVE-2016-5399)\n\n - A flaw exists in the GD Graphics Library (libgd),\n specifically in the gdImageScaleTwoPass() function\n within file gd_interpolation.c, due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit this to cause a denial of\n service condition. (CVE-2016-6207)\n\n - A buffer overflow condition exists in the\n php_url_parse_ex() function. (CVE-2016-6288)\n\n - An integer overflow condition exists in the\n virtual_file_ex() function within file\n Zend/zend_virtual_cwd.c due to improper validation of\n user-supplied input. An unauthenticated, remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code. (CVE-2016-6289)\n\n - A use-after-free error exists within the file\n ext/session/session.c when handling 'var_hash'\n destruction. An unauthenticated, remote attacker can\n exploit this to deference already freed memory,\n resulting in the execution of arbitrary code.\n (CVE-2016-6290)\n\n - An out-of-bounds read error exists in the\n exif_process_IFD_in_MAKERNOTE() function within file\n ext/exif/exif.c. An unauthenticated, remote attacker can\n exploit this to cause a denial of service condition or\n disclose memory contents. (CVE-2016-6291)\n\n - A NULL pointer dereference flaw exists in the\n exif_process_user_comment() function within file\n ext/exif/exif.c. An unauthenticated, remote attacker can\n exploit this to cause a denial of service condition.\n (CVE-2016-6292)\n\n - Multiple out-of-bounds read errors exist in the\n locale_accept_from_http() function within file\n ext/intl/locale/locale_methods.c. An unauthenticated,\n remote attacker can exploit these to cause a denial of\n service condition or disclose memory contents.\n (CVE-2016-6293, CVE-2016-6294)\n\n - A use-after-free error exists within file\n ext/snmp/snmp.c when handling garbage collection during\n deserialization of user-supplied input. An\n unauthenticated, remote attacker can exploit this to\n deference already freed memory, resulting in the\n execution of arbitrary code. (CVE-2016-6295)\n\n - A heap-based buffer overflow condition exists in the\n simplestring_addn() function within file simplestring.c\n due to improper validation of user-supplied input. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2016-6296)\n\n - An integer overflow condition exists in the\n php_stream_zip_opener() function within file\n ext/zip/zip_stream.c due to improper validation of\n user-supplied input when handling zip streams. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or the execution of\n arbitrary code. (CVE-2016-6297)\n\n - An out-of-bounds read error exists in the GD Graphics\n Library (libgd), specifically in the\n gdImageScaleBilinearPalette() function within file\n gd_interpolation.c, when handling transparent color. An\n unauthenticated, remote attacker can exploit this to\n cause a denial of service condition or disclose\n memory contents.\n\n - A heap-based buffer overflow condition exists in the\n mdecrypt_generic() function within file\n ext/mcrypt/mcrypt.c due to improper validation of\n user-supplied input. An unauthenticated, remote attacker\n can exploit this to cause a denial of service condition\n or the execution of arbitrary code.\n\n - A NULL write flaw exists in the GD Graphics Library\n (libgd) in the gdImageColorTransparent() function due to\n improper handling of negative transparent colors. A\n remote attacker can exploit this to disclose memory\n contents.\n\n - An overflow condition exists in the php_url_prase_ex()\n function due to improper validation of user-supplied\n input. A remote attacker can exploit this to cause a\n buffer overflow, resulting in a denial of service\n condition.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/ChangeLog-5.php#5.5.38\");\n script_set_attribute(attribute:\"see_also\", value:\"https://httpoxy.org\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.5.38 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-6290\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported)\n audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.5)?$\")\n audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.5\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.5.x\", port);\n\nif (version =~ \"^5\\.5\\.\" && ver_compare(ver:version, fix:\"5.5.38\", strict:FALSE) < 0){\n security_report_v4(\n port : port,\n extra :\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 5.5.38' +\n '\\n',\n severity:SECURITY_HOLE\n );\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-11T15:18:46", "description": "Out-of-bounds heap write in bitset_set_range() :\n\nAn issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitset_set_range() during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect state transition in parse_char_class() could create an execution path that leaves a critical local variable uninitialized until it's used as an index, resulting in an out-of-bounds write memory corruption. (CVE-2017-9228)\n\nBuffer over-read from unitialized data in gdImageCreateFromGifCtx function\n\nThe GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information. (CVE-2017-7890)\n\nInvalid pointer dereference in left_adjust_char_head() :\n\nAn issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg->dmax in forward_search_range() could result in an invalid pointer dereference, normally as an immediate denial-of-service condition. (CVE-2017-9229)\n\nHeap buffer overflow in next_state_val() during regular expression compilation :\n\nAn issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of \\\\700 would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption.(CVE-2017-9226)\n\nOut-of-bounds stack read in mbc_enc_len() during regular expression searching :\n\nAn issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching. Invalid handling of reg->dmin in forward_search_range() could result in an invalid pointer dereference, as an out-of-bounds read from a stack buffer. (CVE-2017-9227)\n\nOut-of-bounds stack read in match_at() during regular expression searching :\n\nAn issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error involving order of validation and access in match_at() could result in an out-of-bounds read from a stack buffer.\n(CVE-2017-9224)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-08-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : php70 (ALAS-2017-867)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-7890", "CVE-2017-9224", "CVE-2017-9226", "CVE-2017-9227", "CVE-2017-9228", "CVE-2017-9229"], "modified": "2019-07-10T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php70", "p-cpe:/a:amazon:linux:php70-bcmath", "p-cpe:/a:amazon:linux:php70-cli", "p-cpe:/a:amazon:linux:php70-common", "p-cpe:/a:amazon:linux:php70-dba", "p-cpe:/a:amazon:linux:php70-dbg", "p-cpe:/a:amazon:linux:php70-debuginfo", "p-cpe:/a:amazon:linux:php70-devel", "p-cpe:/a:amazon:linux:php70-embedded", "p-cpe:/a:amazon:linux:php70-enchant", "p-cpe:/a:amazon:linux:php70-fpm", "p-cpe:/a:amazon:linux:php70-gd", "p-cpe:/a:amazon:linux:php70-gmp", "p-cpe:/a:amazon:linux:php70-imap", "p-cpe:/a:amazon:linux:php70-intl", "p-cpe:/a:amazon:linux:php70-json", "p-cpe:/a:amazon:linux:php70-ldap", "p-cpe:/a:amazon:linux:php70-mbstring", "p-cpe:/a:amazon:linux:php70-mcrypt", "p-cpe:/a:amazon:linux:php70-mysqlnd", "p-cpe:/a:amazon:linux:php70-odbc", "p-cpe:/a:amazon:linux:php70-opcache", "p-cpe:/a:amazon:linux:php70-pdo", "p-cpe:/a:amazon:linux:php70-pdo-dblib", "p-cpe:/a:amazon:linux:php70-pgsql", "p-cpe:/a:amazon:linux:php70-process", "p-cpe:/a:amazon:linux:php70-pspell", "p-cpe:/a:amazon:linux:php70-recode", "p-cpe:/a:amazon:linux:php70-snmp", "p-cpe:/a:amazon:linux:php70-soap", "p-cpe:/a:amazon:linux:php70-tidy", "p-cpe:/a:amazon:linux:php70-xml", "p-cpe:/a:amazon:linux:php70-xmlrpc", "p-cpe:/a:amazon:linux:php70-zip", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2017-867.NASL", "href": "https://www.tenable.com/plugins/nessus/102181", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2017-867.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102181);\n script_version(\"3.4\");\n script_cvs_date(\"Date: 2019/07/10 16:04:12\");\n\n script_cve_id(\"CVE-2017-7890\", \"CVE-2017-9224\", \"CVE-2017-9226\", \"CVE-2017-9227\", \"CVE-2017-9228\", \"CVE-2017-9229\");\n script_xref(name:\"ALAS\", value:\"2017-867\");\n\n script_name(english:\"Amazon Linux AMI : php70 (ALAS-2017-867)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Out-of-bounds heap write in bitset_set_range() :\n\nAn issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod\nin Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap\nout-of-bounds write occurs in bitset_set_range() during regular\nexpression compilation due to an uninitialized variable from an\nincorrect state transition. An incorrect state transition in\nparse_char_class() could create an execution path that leaves a\ncritical local variable uninitialized until it's used as an index,\nresulting in an out-of-bounds write memory corruption. (CVE-2017-9228)\n\nBuffer over-read from unitialized data in gdImageCreateFromGifCtx\nfunction\n\nThe GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in\nthe GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and\n7.x before 7.1.7, does not zero colorMap arrays before use. A\nspecially crafted GIF image could use the uninitialized tables to read\n~700 bytes from the top of the stack, potentially disclosing sensitive\ninformation. (CVE-2017-7890)\n\nInvalid pointer dereference in left_adjust_char_head() :\n\nAn issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod\nin Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV\noccurs in left_adjust_char_head() during regular expression\ncompilation. Invalid handling of reg->dmax in forward_search_range()\ncould result in an invalid pointer dereference, normally as an\nimmediate denial-of-service condition. (CVE-2017-9229)\n\nHeap buffer overflow in next_state_val() during regular expression\ncompilation :\n\nAn issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod\nin Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap\nout-of-bounds write or read occurs in next_state_val() during regular\nexpression compilation. Octal numbers larger than 0xff are not handled\ncorrectly in fetch_token() and fetch_token_in_cc(). A malformed\nregular expression containing an octal number in the form of \\\\700\nwould produce an invalid code point value larger than 0xff in\nnext_state_val(), resulting in an out-of-bounds write memory\ncorruption.(CVE-2017-9226)\n\nOut-of-bounds stack read in mbc_enc_len() during regular expression\nsearching :\n\nAn issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod\nin Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack\nout-of-bounds read occurs in mbc_enc_len() during regular expression\nsearching. Invalid handling of reg->dmin in forward_search_range()\ncould result in an invalid pointer dereference, as an out-of-bounds\nread from a stack buffer. (CVE-2017-9227)\n\nOut-of-bounds stack read in match_at() during regular expression\nsearching :\n\nAn issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod\nin Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack\nout-of-bounds read occurs in match_at() during regular expression\nsearching. A logical error involving order of validation and access in\nmatch_at() could result in an out-of-bounds read from a stack buffer.\n(CVE-2017-9224)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2017-867.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php70' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-pdo-dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php70-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php70-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-bcmath-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-cli-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-common-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-dba-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-dbg-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-debuginfo-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-devel-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-embedded-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-enchant-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-fpm-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-gd-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-gmp-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-imap-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-intl-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-json-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-ldap-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-mbstring-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-mcrypt-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-mysqlnd-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-odbc-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-opcache-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-pdo-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-pdo-dblib-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-pgsql-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-process-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-pspell-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-recode-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-snmp-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-soap-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-tidy-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-xml-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-xmlrpc-7.0.21-1.23.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php70-zip-7.0.21-1.23.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php70 / php70-bcmath / php70-cli / php70-common / php70-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-12T14:38:54", "description": "Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.\n\nThe vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.24, which includes additional bug fixes. Please refer to the upstream changelog for more information :", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-07-27T00:00:00", "type": "nessus", "title": "Debian DSA-3631-1 : php5 - security update (httpoxy)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5385", "CVE-2016-5399", "CVE-2016-6289", "CVE-2016-6290", "CVE-2016-6291", "CVE-2016-6292", "CVE-2016-6294", "CVE-2016-6295", "CVE-2016-6296", "CVE-2016-6297"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:php5", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3631.NASL", "href": "https://www.tenable.com/plugins/nessus/92573", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3631. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92573);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5385\", \"CVE-2016-5399\", \"CVE-2016-6289\", \"CVE-2016-6290\", \"CVE-2016-6291\", \"CVE-2016-6292\", \"CVE-2016-6294\", \"CVE-2016-6295\", \"CVE-2016-6296\", \"CVE-2016-6297\");\n script_xref(name:\"DSA\", value:\"3631\");\n\n script_name(english:\"Debian DSA-3631-1 : php5 - security update (httpoxy)\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development.\n\nThe vulnerabilities are addressed by upgrading PHP to the new upstream\nversion 5.6.24, which includes additional bug fixes. Please refer to\nthe upstream changelog for more information :\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/php5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3631\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the php5 packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 5.6.24+dfsg-0+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/07/26\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libapache2-mod-php5\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libphp5-embed\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-pear\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-cgi\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-cli\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-common\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-curl\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-dbg\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-dev\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-enchant\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-fpm\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-gd\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-gmp\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-imap\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-interbase\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-intl\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-ldap\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-mcrypt\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-mysql\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-mysqlnd\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-odbc\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-pgsql\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-phpdbg\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-pspell\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-readline\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-recode\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-snmp\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-sqlite\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-sybase\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-tidy\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-xmlrpc\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-xsl\", reference:\"5.6.24+dfsg-0+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:14:09", "description": "According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a (1)\n __destruct call or (2) magic method call.(CVE-2016-7124)\n\n - Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TAR archive.(CVE-2016-2554)\n\n - A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code.(CVE-2015-6831)\n\n - The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer by leveraging (1) %0A%20 or (2) %0D%0A%20 mishandling in the header function.(CVE-2015-8935)\n\n - The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RAND_pseudo_bytes function, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.(CVE-2015-8867)\n\n - Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/spl_array.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to execute arbitrary code via crafted serialized data that triggers misuse of an array field.(CVE-2015-6832)\n\n - Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extractTo call.(CVE-2015-6833)\n\n - Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive.(CVE-2014-9767)\n\n - The ZIP signature-verification feature in PHP before 5.6.26 and 7.x before 7.0.11 does not ensure that the uncompressed_filesize field is large enough, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via a crafted PHAR archive, related to ext/phar/util.c and ext/phar/zip.c.(CVE-2016-7414)\n\n - ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string.(CVE-2016-9934)\n\n - The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.29 and 7.x before 7.0.14 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document.(CVE-2016-9935)\n\n - In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wddx/wddx.c.(CVE-2017-11143)\n\n - Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars function.(CVE-2016-5094)\n\n - The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted locale_get_primary_language call.(CVE-2016-5093)\n\n - The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset.(CVE-2016-4541)\n\n - The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.(CVE-2016-4542)\n\n - The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) by placing a PK\\x05\\x06 signature at an invalid location.(CVE-2016-3142)\n\n - ** DISPUTED ** Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function. NOTE: the vendor says 'Not sure if this qualifies as security issue (probably not).'(CVE-2016-4070)\n\n - The xml_parse_into_struct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (buffer under-read and segmentation fault) or possibly have unspecified other impact via crafted XML data in the second argument, leading to a parser level of zero.(CVE-2016-4539)\n\n - The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset.(CVE-2016-4540)\n\n - Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by triggering a wddx_deserialize call on XML data containing a crafted var element.(CVE-2016-3141)\n\n - In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c.(CVE-2017-11147)\n\n - The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.(CVE-2016-4543)\n\n - The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior for SQL_WVARCHAR columns, which allows remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table.(CVE-2015-8879)\n\n - An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of '\\700' would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption.(CVE-2017-9226)\n\n - In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative number in ext/openssl/openssl.c, and an OpenSSL documentation omission.(CVE-2017-11144)\n\n - The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, 5.6.x before 5.6.12, and 7.x before 7.0.4 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (type confusion and application crash) via crafted serialized\n _cookies data, related to the SoapClient::__call method in ext/soap/soap.c.(CVE-2016-3185)\n\n - The object_common1 function in ext/standard/var_unserializer.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) via crafted serialized data that is mishandled in a finish_nested_data call.(CVE-2016-10161)\n\n - The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data.\n Exploitation of this issue can have an unspecified impact on the integrity of PHP.(CVE-2017-12933)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : php (EulerOS-SA-2019-2221)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9767", "CVE-2015-6831", "CVE-2015-6832", "CVE-2015-6833", "CVE-2015-8867", "CVE-2015-8879", "CVE-2015-8935", "CVE-2016-10161", "CVE-2016-2554", "CVE-2016-3141", "CVE-2016-3142", "CVE-2016-3185", "CVE-2016-4070", "CVE-2016-4539", "CVE-2016-4540", "CVE-2016-4541", "CVE-2016-4542", "CVE-2016-4543", "CVE-2016-5093", "CVE-2016-5094", "CVE-2016-7124", "CVE-2016-7414", "CVE-2016-9934", "CVE-2016-9935", "CVE-2017-11143", "CVE-2017-11144", "CVE-2017-11147", "CVE-2017-12933", "CVE-2017-9226"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:php", "p-cpe:/a:huawei:euleros:php-cli", "p-cpe:/a:huawei:euleros:php-common", "p-cpe:/a:huawei:euleros:php-gd", "p-cpe:/a:huawei:euleros:php-ldap", "p-cpe:/a:huawei:euleros:php-mysql", "p-cpe:/a:huawei:euleros:php-odbc", "p-cpe:/a:huawei:euleros:php-pdo", "p-cpe:/a:huawei:euleros:php-pgsql", "p-cpe:/a:huawei:euleros:php-process", "p-cpe:/a:huawei:euleros:php-recode", "p-cpe:/a:huawei:euleros:php-soap", "p-cpe:/a:huawei:euleros:php-xml", "p-cpe:/a:huawei:euleros:php-xmlrpc", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2221.NASL", "href": "https://www.tenable.com/plugins/nessus/130683", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130683);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2014-9767\",\n \"CVE-2015-6831\",\n \"CVE-2015-6832\",\n \"CVE-2015-6833\",\n \"CVE-2015-8867\",\n \"CVE-2015-8879\",\n \"CVE-2015-8935\",\n \"CVE-2016-10161\",\n \"CVE-2016-2554\",\n \"CVE-2016-3141\",\n \"CVE-2016-3142\",\n \"CVE-2016-3185\",\n \"CVE-2016-4070\",\n \"CVE-2016-4539\",\n \"CVE-2016-4540\",\n \"CVE-2016-4541\",\n \"CVE-2016-4542\",\n \"CVE-2016-4543\",\n \"CVE-2016-5093\",\n \"CVE-2016-5094\",\n \"CVE-2016-7124\",\n \"CVE-2016-7414\",\n \"CVE-2016-9934\",\n \"CVE-2016-9935\",\n \"CVE-2017-11143\",\n \"CVE-2017-11144\",\n \"CVE-2017-11147\",\n \"CVE-2017-12933\",\n \"CVE-2017-9226\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : php (EulerOS-SA-2019-2221)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the php packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - ext/standard/var_unserializer.c in PHP before 5.6.25\n and 7.x before 7.0.10 mishandles certain invalid\n objects, which allows remote attackers to cause a\n denial of service or possibly have unspecified other\n impact via crafted serialized data that leads to a (1)\n __destruct call or (2) magic method\n call.(CVE-2016-7124)\n\n - Stack-based buffer overflow in ext/phar/tar.c in PHP\n before 5.5.32, 5.6.x before 5.6.18, and 7.x before\n 7.0.3 allows remote attackers to cause a denial of\n service (application crash) or possibly have\n unspecified other impact via a crafted TAR\n archive.(CVE-2016-2554)\n\n - A flaw was discovered in the way PHP performed object\n unserialization. Specially crafted input processed by\n the unserialize() function could cause a PHP\n application to crash or, possibly, execute arbitrary\n code.(CVE-2015-6831)\n\n - The sapi_header_op function in main/SAPI.c in PHP\n before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before\n 5.6.6 supports deprecated line folding without\n considering browser compatibility, which allows remote\n attackers to conduct cross-site scripting (XSS) attacks\n against Internet Explorer by leveraging (1) %0A%20 or\n (2) %0D%0A%20 mishandling in the header\n function.(CVE-2015-8935)\n\n - The openssl_random_pseudo_bytes function in\n ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x\n before 5.5.28, and 5.6.x before 5.6.12 incorrectly\n relies on the deprecated RAND_pseudo_bytes function,\n which makes it easier for remote attackers to defeat\n cryptographic protection mechanisms via unspecified\n vectors.(CVE-2015-8867)\n\n - Use-after-free vulnerability in the SPL unserialize\n implementation in ext/spl/spl_array.c in PHP before\n 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12\n allows remote attackers to execute arbitrary code via\n crafted serialized data that triggers misuse of an\n array field.(CVE-2015-6832)\n\n - Directory traversal vulnerability in the PharData class\n in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x\n before 5.6.12 allows remote attackers to write to\n arbitrary files via a .. (dot dot) in a ZIP archive\n entry that is mishandled during an extractTo\n call.(CVE-2015-6833)\n\n - Directory traversal vulnerability in the\n ZipArchive::extractTo function in ext/zip/php_zip.c in\n PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x\n before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before\n 3.12.1 allows remote attackers to create arbitrary\n empty directories via a crafted ZIP\n archive.(CVE-2014-9767)\n\n - The ZIP signature-verification feature in PHP before\n 5.6.26 and 7.x before 7.0.11 does not ensure that the\n uncompressed_filesize field is large enough, which\n allows remote attackers to cause a denial of service\n (out-of-bounds memory access) or possibly have\n unspecified other impact via a crafted PHAR archive,\n related to ext/phar/util.c and\n ext/phar/zip.c.(CVE-2016-7414)\n\n - ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before\n 7.0.13 allows remote attackers to cause a denial of\n service (NULL pointer dereference) via crafted\n serialized data in a wddxPacket XML document, as\n demonstrated by a PDORow string.(CVE-2016-9934)\n\n - The php_wddx_push_element function in ext/wddx/wddx.c\n in PHP before 5.6.29 and 7.x before 7.0.14 allows\n remote attackers to cause a denial of service\n (out-of-bounds read and memory corruption) or possibly\n have unspecified other impact via an empty boolean\n element in a wddxPacket XML document.(CVE-2016-9935)\n\n - In PHP before 5.6.31, an invalid free in the WDDX\n deserialization of boolean parameters could be used by\n attackers able to inject XML for deserialization to\n crash the PHP interpreter, related to an invalid free\n for an empty boolean element in\n ext/wddx/wddx.c.(CVE-2017-11143)\n\n - Integer overflow in the php_html_entities function in\n ext/standard/html.c in PHP before 5.5.36 and 5.6.x\n before 5.6.22 allows remote attackers to cause a denial\n of service or possibly have unspecified other impact by\n triggering a large output string from the\n htmlspecialchars function.(CVE-2016-5094)\n\n - The get_icu_value_internal function in\n ext/intl/locale/locale_methods.c in PHP before 5.5.36,\n 5.6.x before 5.6.22, and 7.x before 7.0.7 does not\n ensure the presence of a '\\0' character, which allows\n remote attackers to cause a denial of service\n (out-of-bounds read) or possibly have unspecified other\n impact via a crafted locale_get_primary_language\n call.(CVE-2016-5093)\n\n - The grapheme_strpos function in\n ext/intl/grapheme/grapheme_string.c in PHP before\n 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6\n allows remote attackers to cause a denial of service\n (out-of-bounds read) or possibly have unspecified other\n impact via a negative offset.(CVE-2016-4541)\n\n - The exif_process_IFD_TAG function in ext/exif/exif.c in\n PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before\n 7.0.6 does not properly construct spprintf arguments,\n which allows remote attackers to cause a denial of\n service (out-of-bounds read) or possibly have\n unspecified other impact via crafted header\n data.(CVE-2016-4542)\n\n - The phar_parse_zipfile function in zip.c in the PHAR\n extension in PHP before 5.5.33 and 5.6.x before 5.6.19\n allows remote attackers to obtain sensitive information\n from process memory or cause a denial of service\n (out-of-bounds read and application crash) by placing a\n PK\\x05\\x06 signature at an invalid\n location.(CVE-2016-3142)\n\n - ** DISPUTED ** Integer overflow in the\n php_raw_url_encode function in ext/standard/url.c in\n PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before\n 7.0.5 allows remote attackers to cause a denial of\n service (application crash) via a long string to the\n rawurlencode function. NOTE: the vendor says 'Not sure\n if this qualifies as security issue (probably\n not).'(CVE-2016-4070)\n\n - The xml_parse_into_struct function in ext/xml/xml.c in\n PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before\n 7.0.6 allows remote attackers to cause a denial of\n service (buffer under-read and segmentation fault) or\n possibly have unspecified other impact via crafted XML\n data in the second argument, leading to a parser level\n of zero.(CVE-2016-4539)\n\n - The grapheme_stripos function in\n ext/intl/grapheme/grapheme_string.c in PHP before\n 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6\n allows remote attackers to cause a denial of service\n (out-of-bounds read) or possibly have unspecified other\n impact via a negative offset.(CVE-2016-4540)\n\n - Use-after-free vulnerability in wddx.c in the WDDX\n extension in PHP before 5.5.33 and 5.6.x before 5.6.19\n allows remote attackers to cause a denial of service\n (memory corruption and application crash) or possibly\n have unspecified other impact by triggering a\n wddx_deserialize call on XML data containing a crafted\n var element.(CVE-2016-3141)\n\n - In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR\n archive handler could be used by attackers supplying\n malicious archive files to crash the PHP interpreter or\n potentially disclose information due to a buffer\n over-read in the phar_parse_pharfile function in\n ext/phar/phar.c.(CVE-2017-11147)\n\n - The exif_process_IFD_in_JPEG function in\n ext/exif/exif.c in PHP before 5.5.35, 5.6.x before\n 5.6.21, and 7.x before 7.0.6 does not validate IFD\n sizes, which allows remote attackers to cause a denial\n of service (out-of-bounds read) or possibly have\n unspecified other impact via crafted header\n data.(CVE-2016-4543)\n\n - The odbc_bindcols function in ext/odbc/php_odbc.c in\n PHP before 5.6.12 mishandles driver behavior for\n SQL_WVARCHAR columns, which allows remote attackers to\n cause a denial of service (application crash) in\n opportunistic circumstances by leveraging use of the\n odbc_fetch_array function to access a certain type of\n Microsoft SQL Server table.(CVE-2015-8879)\n\n - An issue was discovered in Oniguruma 6.2.0, as used in\n Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP\n through 7.1.5. A heap out-of-bounds write or read\n occurs in next_state_val() during regular expression\n compilation. Octal numbers larger than 0xff are not\n handled correctly in fetch_token() and\n fetch_token_in_cc(). A malformed regular expression\n containing an octal number in the form of '\\700' would\n produce an invalid code point value larger than 0xff in\n next_state_val(), resulting in an out-of-bounds write\n memory corruption.(CVE-2017-9226)\n\n - In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x\n before 7.1.7, the openssl extension PEM sealing code\n did not check the return value of the OpenSSL sealing\n function, which could lead to a crash of the PHP\n interpreter, related to an interpretation conflict for\n a negative number in ext/openssl/openssl.c, and an\n OpenSSL documentation omission.(CVE-2017-11144)\n\n - The make_http_soap_request function in\n ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before\n 5.5.28, 5.6.x before 5.6.12, and 7.x before 7.0.4\n allows remote attackers to obtain sensitive information\n from process memory or cause a denial of service (type\n confusion and application crash) via crafted serialized\n _cookies data, related to the SoapClient::__call method\n in ext/soap/soap.c.(CVE-2016-3185)\n\n - The object_common1 function in\n ext/standard/var_unserializer.c in PHP before 5.6.30,\n 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows\n remote attackers to cause a denial of service (buffer\n over-read and application crash) via crafted serialized\n data that is mishandled in a finish_nested_data\n call.(CVE-2016-10161)\n\n - The finish_nested_data function in\n ext/standard/var_unserializer.re in PHP before 5.6.31,\n 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to\n a buffer over-read while unserializing untrusted data.\n Exploitation of this issue can have an unspecified\n impact on the integrity of PHP.(CVE-2017-12933)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2221\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ce72047f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"php-5.4.16-45.h19.eulerosv2r7\",\n \"php-cli-5.4.16-45.h19.eulerosv2r7\",\n \"php-common-5.4.16-45.h19.eulerosv2r7\",\n \"php-gd-5.4.16-45.h19.eulerosv2r7\",\n \"php-ldap-5.4.16-45.h19.eulerosv2r7\",\n \"php-mysql-5.4.16-45.h19.eulerosv2r7\",\n \"php-odbc-5.4.16-45.h19.eulerosv2r7\",\n \"php-pdo-5.4.16-45.h19.eulerosv2r7\",\n \"php-pgsql-5.4.16-45.h19.eulerosv2r7\",\n \"php-process-5.4.16-45.h19.eulerosv2r7\",\n \"php-recode-5.4.16-45.h19.eulerosv2r7\",\n \"php-soap-5.4.16-45.h19.eulerosv2r7\",\n \"php-xml-5.4.16-45.h19.eulerosv2r7\",\n \"php-xmlrpc-5.4.16-45.h19.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:40:44", "description": "Versions of PHP 5.5.x prior to 5.5.38, or 5.6.x prior to 5.6.24, or 7.0.x prior to 7.0.9 are vulnerable to the following issues :\n\n - A NULL pointer dereference flaw within the '_gdScaleVert()' function inside of 'ext/gd/libgd/gd_interpolation.c' is triggered during the handling of '_gdContributionsCalc' return values. This may allow a remote attacker to cause a denial of service in a process linked against PHP.\n - A flaw related to missing protection against 'RFC 3875 section 4.1.18' namespace conflicts is triggered when handling requests containing 'Proxy' HTTP headers. These may be stored in the 'HTTP_PROXY' environment variable also commonly used to configure an outbound HTTP proxy for applications. With a specially crafted request, a remote attacker can specify an arbitrary HTTP proxy server to be used by applications relying on the HTTP_PROXY environment variable. (CVE-2016-5385)\n - An out-of-bounds read flaw within the 'gdImageScaleBilinearPalette()' function inside of 'gd_interpolation.c' is triggered when handling transparent colors. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.\n - A flaw within the 'gdImageScaleTwoPass()' function inside of 'gd_interpolation.c' is triggered as certain input is not properly validated. This may allow a context-dependent attacker to crash a process linked against the library. (CVE-2016-6207)\n - A use-after-free error within 'ext/snmp/snmp.c' is triggered during the unserialization of user-supplied input when handling garbage collection. This may allow a remote attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-6295)\n - An out-of-bounds read flaw within the 'uloc_acceptLanguageFromHTTP()' function inside of 'common/uloc.cpp' may allow a remote attacker to crash a program using the language or potentially disclose memory contents. (CVE-2016-6293, CVE-2016-6294)\n - A use-after-free error within 'ext/session/session.c' is triggered during the handling of 'var_hash destruction'. This may allow a remote attacker to dereference already freed memory and potentially execute arbitrary code. (CVE-2016-6290)\n - An out-of-bounds read flaw within the 'exif_process_IFD_in_MAKERNOTE()' function inside of 'ext/exif/exif.c' may allow a remote attacker to crash a program using the language or potentially disclose memory contents. (CVE-2016-6291)\n - An overflow condition within the 'php_bz2iop_read()' function inside of 'ext/bz2/bz2.c' is triggered as error conditions are not properly handled. With a specially crafted request, a remote attacker can cause a buffer overflow and potentially execute arbitrary code. (CVE-2016-5399)\n - An overflow condition within the 'mdecrypt_generic()' function inside of 'ext/mcrypt/mcrypt.c' is triggered as user-supplied input is not properly validated. This may allow a remote attacker to cause a heap-based buffer overflow, crashing a program using the language or potentially allowing the execution of arbitrary code.\n - A NULL pointer dereference flaw within the 'exif_process_user_comment()' function inside of 'ext/exif/exif.c' may allow a remote attacker to crash a program using the language. (CVE-2016-6292)\n - A flaw within the 'curl_unescape()' function inside of 'ext/curl/interface.c' is triggered during the handling of string lengths. This may allow a remote attacker to trigger heap corruption and crash a program using the language.\n - An overflow condition within the 'mcrypt_generic()' function inside of 'ext/mcrypt/mcrypt.c' is triggered as user-supplied input is not properly validated. This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.\n - An integer overflow condition within the 'php_stream_zip_opener()' function inside of 'ext/zip/zip_stream.c' is triggered as user-supplied input is not properly validated when handling zip streams. This may allow a remote attacker to cause a stack-based buffer overflow, crashing a program using the language or potentially allowing the execution of arbitrary code. (CVE-2016-6297)\n - An integer overflow condition within the 'virtual_file_ex()' function inside of 'Zend/zend_virtual_cwd.c' is triggered as user-supplied input is not properly validated when handling variables. This may allow a remote attacker to cause a stack-based buffer overflow, crashing a program using the language or potentially allowing the execution of arbitrary code. (CVE-2016-6289)\n - An overflow condition within the 'simplestring_addn()' function inside of 'simplestring.c.' is triggered as user-supplied input is not properly validated. This may allow a context-dependent attacker to cause a heap-based buffer overflow, resulting in a denial of service in a process linked against the library or potentially allowing the execution of arbitrary code. (CVE-2016-6296)\n - A NULL write flaw within the 'gdImageColorTransparent()' function inside of 'gd.c' is triggered during the handling of negative transparent colors. This may allow a context-dependent attacker to disclose memory.\n - An overflow condition within the 'php_url_prase_ex()' function inside of 'ext/standard/url.c' is triggered as user-supplied input is not properly validated. This may allow a remote attacker to cause a buffer overflow, potentially resulting in a denial of service in a process utilizing the language. (CVE-2016-6288)", "cvss3": {"score": 7.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2016-08-05T00:00:00", "type": "nessus", "title": "PHP 5.5.x < 5.5.38 / 5.6.x < 5.6.24 / 7.0.x < 7.0.9 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6293", "CVE-2016-5399", "CVE-2016-6288", "CVE-2016-6289", "CVE-2016-6290", "CVE-2016-6291", "CVE-2016-6296", "CVE-2016-6297", "CVE-2016-6207", "CVE-2016-6294", "CVE-2016-6292", "CVE-2016-6295", "CVE-2016-5385"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "9460.PRM", "href": "https://www.tenable.com/plugins/nnm/9460", "sourceData": "Binary data 9460.prm", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T16:42:28", "description": "- CVE-2015-6831 Use after free vulnerability was found in unserialize() function. We can create ZVAL and free it via Serializable::unserialize. However the unserialize() will still allow to use R: or r: to set references to that already freed memory. It is possible to use-after-free attack and execute arbitrary code remotely.\n\n - CVE-2015-6832 Dangling pointer in the unserialization of ArrayObject items.\n\n - CVE-2015-6833 Files extracted from archive may be placed outside of destination directory\n\n - CVE-2015-6834 Use after free vulnerability was found in unserialize() function. We can create ZVAL and free it via Serializable::unserialize. However the unserialize() will still allow to use R: or r: to set references to that already freed memory. It is possible to use-after-free attack and execute arbitrary code remotely.\n\n - CVE-2015-6836 A type confusion occurs within SOAP serialize_function_call due to an insufficient validation of the headers field. In the SoapClient's\n __call method, the verify_soap_headers_array check is applied only to headers retrieved from zend_parse_parameters; problem is that a few lines later, soap_headers could be updated or even replaced with values from the __default_headers object fields.\n\n - CVE-2015-6837 The XSLTProcessor class misses a few checks on the input from the libxslt library. The valuePop() function call is able to return NULL pointer and php does not check that.\n\n - CVE-2015-6838 The XSLTProcessor class misses a few checks on the input from the libxslt library. The valuePop() function call is able to return NULL pointer and php does not check that.\n\n - CVE-2015-7803 A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash.\n\n - CVE-2015-7804 An uninitialized pointer use flaw was found in the phar_make_dirstream() function of PHP's Phar extension. A specially crafted phar file in the ZIP format with a directory entry with a file name '/ZIP' could cause a PHP application function to crash.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-11-09T00:00:00", "type": "nessus", "title": "Debian DLA-341-1 : php5 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-6831", "CVE-2015-6832", "CVE-2015-6833", "CVE-2015-6834", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6838", "CVE-2015-7803", "CVE-2015-7804"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libapache2-mod-php5", "p-cpe:/a:debian:debian_linux:libapache2-mod-php5filter", "p-cpe:/a:debian:debian_linux:php-pear", "p-cpe:/a:debian:debian_linux:php5", "p-cpe:/a:debian:debian_linux:php5-cgi", "p-cpe:/a:debian:debian_linux:php5-cli", "p-cpe:/a:debian:debian_linux:php5-common", "p-cpe:/a:debian:debian_linux:php5-curl", "p-cpe:/a:debian:debian_linux:php5-dbg", "p-cpe:/a:debian:debian_linux:php5-dev", "p-cpe:/a:debian:debian_linux:php5-enchant", "p-cpe:/a:debian:debian_linux:php5-gd", "p-cpe:/a:debian:debian_linux:php5-gmp", "p-cpe:/a:debian:debian_linux:php5-imap", "p-cpe:/a:debian:debian_linux:php5-interbase", "p-cpe:/a:debian:debian_linux:php5-intl", "p-cpe:/a:debian:debian_linux:php5-ldap", "p-cpe:/a:debian:debian_linux:php5-mcrypt", "p-cpe:/a:debian:debian_linux:php5-mysql", "p-cpe:/a:debian:debian_linux:php5-odbc", "p-cpe:/a:debian:debian_linux:php5-pgsql", "p-cpe:/a:debian:debian_linux:php5-pspell", "p-cpe:/a:debian:debian_linux:php5-recode", "p-cpe:/a:debian:debian_linux:php5-snmp", "p-cpe:/a:debian:debian_linux:php5-sqlite", "p-cpe:/a:debian:debian_linux:php5-sybase", "p-cpe:/a:debian:debian_linux:php5-tidy", "p-cpe:/a:debian:debian_linux:php5-xmlrpc", "p-cpe:/a:debian:debian_linux:php5-xsl", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-341.NASL", "href": "https://www.tenable.com/plugins/nessus/86794", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-341-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86794);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-6831\", \"CVE-2015-6832\", \"CVE-2015-6833\", \"CVE-2015-6834\", \"CVE-2015-6836\", \"CVE-2015-6837\", \"CVE-2015-6838\", \"CVE-2015-7803\", \"CVE-2015-7804\");\n\n script_name(english:\"Debian DLA-341-1 : php5 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - CVE-2015-6831 Use after free vulnerability was found in\n unserialize() function. We can create ZVAL and free it\n via Serializable::unserialize. However the unserialize()\n will still allow to use R: or r: to set references to\n that already freed memory. It is possible to\n use-after-free attack and execute arbitrary code\n remotely.\n\n - CVE-2015-6832 Dangling pointer in the unserialization of\n ArrayObject items.\n\n - CVE-2015-6833 Files extracted from archive may be placed\n outside of destination directory\n\n - CVE-2015-6834 Use after free vulnerability was found in\n unserialize() function. We can create ZVAL and free it\n via Serializable::unserialize. However the unserialize()\n will still allow to use R: or r: to set references to\n that already freed memory. It is possible to\n use-after-free attack and execute arbitrary code\n remotely.\n\n - CVE-2015-6836 A type confusion occurs within SOAP\n serialize_function_call due to an insufficient\n validation of the headers field. In the SoapClient's\n __call method, the verify_soap_headers_array check is\n applied only to headers retrieved from\n zend_parse_parameters; problem is that a few lines\n later, soap_headers could be updated or even replaced\n with values from the __default_headers object fields.\n\n - CVE-2015-6837 The XSLTProcessor class misses a few\n checks on the input from the libxslt library. The\n valuePop() function call is able to return NULL pointer\n and php does not check that.\n\n - CVE-2015-6838 The XSLTProcessor class misses a few\n checks on the input from the libxslt library. The\n valuePop() function call is able to return NULL pointer\n and php does not check that.\n\n - CVE-2015-7803 A NULL pointer dereference flaw was found\n in the way PHP's Phar extension parsed Phar archives. A\n specially crafted archive could cause PHP to crash.\n\n - CVE-2015-7804 An uninitialized pointer use flaw was\n found in the phar_make_dirstream() function of PHP's\n Phar extension. A specially crafted phar file in the ZIP\n format with a directory entry with a file name '/ZIP'\n could cause a PHP application function to crash.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/11/msg00002.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/php5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache2-mod-php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache2-mod-php5filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-interbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-sybase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libapache2-mod-php5\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php-pear\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-cgi\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-cli\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-common\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-curl\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-dbg\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-dev\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-enchant\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-gd\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-gmp\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-imap\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-interbase\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-intl\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-ldap\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-mcrypt\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-mysql\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-odbc\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-pgsql\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-pspell\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-recode\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-snmp\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-sqlite\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-sybase\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-tidy\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-xmlrpc\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-xsl\", reference:\"5.3.3.1-7+squeeze28\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:40:57", "description": "It was discovered that PHP incorrectly handled certain SplMinHeap::compare operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-4116)\n\nIt was discovered that PHP incorrectly handled recursive method calls.\nA remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8873)\n\nIt was discovered that PHP incorrectly validated certain Exception objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8876)\n\nIt was discovered that PHP header() function performed insufficient filtering for Internet Explorer. A remote attacker could possibly use this issue to perform a XSS attack. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8935)\n\nIt was discovered that PHP incorrectly handled certain locale operations. An attacker could use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5093)\n\nIt was discovered that the PHP php_html_entities() function incorrectly handled certain string lengths. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5094, CVE-2016-5095)\n\nIt was discovered that the PHP fread() function incorrectly handled certain lengths. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.\n(CVE-2016-5096)\n\nIt was discovered that the PHP FastCGI Process Manager (FPM) SAPI incorrectly handled memory in the access logging feature. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly expose sensitive information. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5114)\n\nIt was discovered that PHP would not protect applications from contents of the HTTP_PROXY environment variable when based on the contents of the Proxy header from HTTP requests. A remote attacker could possibly use this issue in combination with scripts that honour the HTTP_PROXY variable to redirect outgoing HTTP requests.\n(CVE-2016-5385)\n\nHans Jerry Illikainen discovered that the PHP bzread() function incorrectly performed error handling. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-5399)\n\nIt was discovered that certain PHP multibyte string functions incorrectly handled memory. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS.\n(CVE-2016-5768)\n\nIt was discovered that the PHP Mcrypt extension incorrectly handled memory. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code.\nThis issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.\n(CVE-2016-5769)\n\nIt was discovered that the PHP garbage collector incorrectly handled certain objects when unserializing malicious data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue was only addressed in Ubuntu Ubuntu 14.04 LTS. (CVE-2016-5771, CVE-2016-5773)\n\nIt was discovered that PHP incorrectly handled memory when unserializing malicious xml data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5772)\n\nIt was discovered that the PHP php_url_parse_ex() function incorrectly handled string termination. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-6288)\n\nIt was discovered that PHP incorrectly handled path lengths when extracting certain Zip archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6289)\n\nIt was discovered that PHP incorrectly handled session deserialization. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6290)\n\nIt was discovered that PHP incorrectly handled exif headers when processing certain JPEG images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6291, CVE-2016-6292)\n\nIt was discovered that PHP incorrectly handled certain locale operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6294)\n\nIt was discovered that the PHP garbage collector incorrectly handled certain objects when unserializing SNMP data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-6295)\n\nIt was discovered that the PHP xmlrpc_encode_request() function incorrectly handled certain lengths. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6296)\n\nIt was discovered that the PHP php_stream_zip_opener() function incorrectly handled memory. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6297).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-08-03T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : php5, php7.0 vulnerabilities (USN-3045-1) (httpoxy)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-4116", "CVE-2015-8873", "CVE-2015-8876", "CVE-2015-8935", "CVE-2016-5093", "CVE-2016-5094", "CVE-2016-5095", "CVE-2016-5096", "CVE-2016-5114", "CVE-2016-5385", "CVE-2016-5399", "CVE-2016-5768", "CVE-2016-5769", "CVE-2016-5771", "CVE-2016-5772", "CVE-2016-5773", "CVE-2016-6288", "CVE-2016-6289", "CVE-2016-6290", "CVE-2016-6291", "CVE-2016-6292", "CVE-2016-6294", "CVE-2016-6295", "CVE-2016-6296", "CVE-2016-6297"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5", "p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.0", "p-cpe:/a:canonical:ubuntu_linux:php5-cgi", "p-cpe:/a:canonical:ubuntu_linux:php5-cli", "p-cpe:/a:canonical:ubuntu_linux:php5-fpm", "p-cpe:/a:canonical:ubuntu_linux:php7.0-cgi", "p-cpe:/a:canonical:ubuntu_linux:php7.0-cli", "p-cpe:/a:canonical:ubuntu_linux:php7.0-fpm", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3045-1.NASL", "href": "https://www.tenable.com/plugins/nessus/92699", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3045-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(92699);\n script_version(\"2.12\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2015-4116\", \"CVE-2015-8873\", \"CVE-2015-8876\", \"CVE-2015-8935\", \"CVE-2016-5093\", \"CVE-2016-5094\", \"CVE-2016-5095\", \"CVE-2016-5096\", \"CVE-2016-5114\", \"CVE-2016-5385\", \"CVE-2016-5399\", \"CVE-2016-5768\", \"CVE-2016-5769\", \"CVE-2016-5771\", \"CVE-2016-5772\", \"CVE-2016-5773\", \"CVE-2016-6288\", \"CVE-2016-6289\", \"CVE-2016-6290\", \"CVE-2016-6291\", \"CVE-2016-6292\", \"CVE-2016-6294\", \"CVE-2016-6295\", \"CVE-2016-6296\", \"CVE-2016-6297\");\n script_xref(name:\"USN\", value:\"3045-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : php5, php7.0 vulnerabilities (USN-3045-1) (httpoxy)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that PHP incorrectly handled certain\nSplMinHeap::compare operations. A remote attacker could use this issue\nto cause PHP to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 12.04 LTS and\nUbuntu 14.04 LTS. (CVE-2015-4116)\n\nIt was discovered that PHP incorrectly handled recursive method calls.\nA remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service. This issue only affected Ubuntu\n12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8873)\n\nIt was discovered that PHP incorrectly validated certain Exception\nobjects when unserializing data. A remote attacker could use this\nissue to cause PHP to crash, resulting in a denial of service, or\npossibly execute arbitrary code. This issue only affected Ubuntu 12.04\nLTS and Ubuntu 14.04 LTS. (CVE-2015-8876)\n\nIt was discovered that PHP header() function performed insufficient\nfiltering for Internet Explorer. A remote attacker could possibly use\nthis issue to perform a XSS attack. This issue only affected Ubuntu\n12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8935)\n\nIt was discovered that PHP incorrectly handled certain locale\noperations. An attacker could use this issue to cause PHP to crash,\nresulting in a denial of service. This issue only affected Ubuntu\n12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5093)\n\nIt was discovered that the PHP php_html_entities() function\nincorrectly handled certain string lengths. A remote attacker could\nuse this issue to cause PHP to crash, resulting in a denial of\nservice, or possibly execute arbitrary code. This issue only affected\nUbuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5094, CVE-2016-5095)\n\nIt was discovered that the PHP fread() function incorrectly handled\ncertain lengths. An attacker could use this issue to cause PHP to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.\n(CVE-2016-5096)\n\nIt was discovered that the PHP FastCGI Process Manager (FPM) SAPI\nincorrectly handled memory in the access logging feature. An attacker\ncould use this issue to cause PHP to crash, resulting in a denial of\nservice, or possibly expose sensitive information. This issue only\naffected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5114)\n\nIt was discovered that PHP would not protect applications from\ncontents of the HTTP_PROXY environment variable when based on the\ncontents of the Proxy header from HTTP requests. A remote attacker\ncould possibly use this issue in combination with scripts that honour\nthe HTTP_PROXY variable to redirect outgoing HTTP requests.\n(CVE-2016-5385)\n\nHans Jerry Illikainen discovered that the PHP bzread() function\nincorrectly performed error handling. A remote attacker could use this\nissue to cause PHP to crash, resulting in a denial of service, or\npossibly execute arbitrary code. (CVE-2016-5399)\n\nIt was discovered that certain PHP multibyte string functions\nincorrectly handled memory. A remote attacker could use this issue to\ncause PHP to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 14.04 LTS.\n(CVE-2016-5768)\n\nIt was discovered that the PHP Mcrypt extension incorrectly handled\nmemory. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\nThis issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.\n(CVE-2016-5769)\n\nIt was discovered that the PHP garbage collector incorrectly handled\ncertain objects when unserializing malicious data. A remote attacker\ncould use this issue to cause PHP to crash, resulting in a denial of\nservice, or possibly execute arbitrary code. This issue was only\naddressed in Ubuntu Ubuntu 14.04 LTS. (CVE-2016-5771, CVE-2016-5773)\n\nIt was discovered that PHP incorrectly handled memory when\nunserializing malicious xml data. A remote attacker could use this\nissue to cause PHP to crash, resulting in a denial of service, or\npossibly execute arbitrary code. This issue only affected Ubuntu 12.04\nLTS and Ubuntu 14.04 LTS. (CVE-2016-5772)\n\nIt was discovered that the PHP php_url_parse_ex() function incorrectly\nhandled string termination. A remote attacker could use this issue to\ncause PHP to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. This issue only affected Ubuntu 12.04 LTS and\nUbuntu 14.04 LTS. (CVE-2016-6288)\n\nIt was discovered that PHP incorrectly handled path lengths when\nextracting certain Zip archives. A remote attacker could use this\nissue to cause PHP to crash, resulting in a denial of service, or\npossibly execute arbitrary code. (CVE-2016-6289)\n\nIt was discovered that PHP incorrectly handled session\ndeserialization. A remote attacker could use this issue to cause PHP\nto crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2016-6290)\n\nIt was discovered that PHP incorrectly handled exif headers when\nprocessing certain JPEG images. A remote attacker could use this issue\nto cause PHP to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. (CVE-2016-6291, CVE-2016-6292)\n\nIt was discovered that PHP incorrectly handled certain locale\noperations. A remote attacker could use this issue to cause PHP to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-6294)\n\nIt was discovered that the PHP garbage collector incorrectly handled\ncertain objects when unserializing SNMP data. A remote attacker could\nuse this issue to cause PHP to crash, resulting in a denial of\nservice, or possibly execute arbitrary code. This issue only affected\nUbuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-6295)\n\nIt was discovered that the PHP xmlrpc_encode_request() function\nincorrectly handled certain lengths. An attacker could use this issue\nto cause PHP to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. (CVE-2016-6296)\n\nIt was discovered that the PHP php_stream_zip_opener() function\nincorrectly handled memory. An attacker could use this issue to cause\nPHP to crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2016-6297).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3045-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php7.0-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php7.0-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php7.0-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/05/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/03\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.3.10-1ubuntu3.24\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-cgi\", pkgver:\"5.3.10-1ubuntu3.24\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-cli\", pkgver:\"5.3.10-1ubuntu3.24\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-fpm\", pkgver:\"5.3.10-1ubuntu3.24\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.5.9+dfsg-1ubuntu4.19\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-cgi\", pkgver:\"5.5.9+dfsg-1ubuntu4.19\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-cli\", pkgver:\"5.5.9+dfsg-1ubuntu4.19\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-fpm\", pkgver:\"5.5.9+dfsg-1ubuntu4.19\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libapache2-mod-php7.0\", pkgver:\"7.0.8-0ubuntu0.16.04.2\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"php7.0-cgi\", pkgver:\"7.0.8-0ubuntu0.16.04.2\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"php7.0-cli\", pkgver:\"7.0.8-0ubuntu0.16.04.2\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"php7.0-fpm\", pkgver:\"7.0.8-0ubuntu0.16.04.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapache2-mod-php5 / libapache2-mod-php7.0 / php5-cgi / php5-cli / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-11T15:15:31", "description": "This update for php53 fixes the following issues: This security issue was fixed :\n\n - CVE-2017-7272: PHP enabled potential SSRF in applications that accept an fsockopen hostname argument with an expectation that the port number is constrained.\n Because a :port syntax was recognized, fsockopen used the port number that is specified in the hostname argument, instead of the port number in the second argument of the function (bsc#1031246)\n\n - CVE-2016-6294: The locale_accept_from_http function in ext/intl/locale/locale_methods.c did not properly restrict calls to the ICU uloc_acceptLanguageFromHTTP function, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long argument (bsc#1035111).\n\n - CVE-2017-9227: An issue was discovered in Oniguruma 6.2.0, as used in mbstring in PHP. A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching. Invalid handling of reg->dmin in forward_search_range() could result in an invalid pointer dereference, as an out-of-bounds read from a stack buffer. (bsc#1040883)\n\n - CVE-2017-9226: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in mbstring in PHP. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation.\n Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of '\\700' would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption. (bsc#1040889)\n\n - CVE-2017-9224: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in mbstring in PHP. A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error involving order of validation and access in match_at() could result in an out-of-bounds read from a stack buffer.\n (bsc#1040891)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-06-19T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : php53 (SUSE-SU-2017:1585-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6294", "CVE-2017-7272", "CVE-2017-9224", "CVE-2017-9226", "CVE-2017-9227"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_php53", "p-cpe:/a:novell:suse_linux:php53", "p-cpe:/a:novell:suse_linux:php53-bcmath", "p-cpe:/a:novell:suse_linux:php53-bz2", "p-cpe:/a:novell:suse_linux:php53-calendar", "p-cpe:/a:novell:suse_linux:php53-ctype", "p-cpe:/a:novell:suse_linux:php53-curl", "p-cpe:/a:novell:suse_linux:php53-dba", "p-cpe:/a:novell:suse_linux:php53-dom", "p-cpe:/a:novell:suse_linux:php53-exif", "p-cpe:/a:novell:suse_linux:php53-fastcgi", "p-cpe:/a:novell:suse_linux:php53-fileinfo", "p-cpe:/a:novell:suse_linux:php53-ftp", "p-cpe:/a:novell:suse_linux:php53-gd", "p-cpe:/a:novell:suse_linux:php53-gettext", "p-cpe:/a:novell:suse_linux:php53-gmp", "p-cpe:/a:novell:suse_linux:php53-iconv", "p-cpe:/a:novell:suse_linux:php53-intl", "p-cpe:/a:novell:suse_linux:php53-json", "p-cpe:/a:novell:suse_linux:php53-ldap", "p-cpe:/a:novell:suse_linux:php53-mbstring", "p-cpe:/a:novell:suse_linux:php53-mcrypt", "p-cpe:/a:novell:suse_linux:php53-mysql", "p-cpe:/a:novell:suse_linux:php53-odbc", "p-cpe:/a:novell:suse_linux:php53-openssl", "p-cpe:/a:novell:suse_linux:php53-pcntl", "p-cpe:/a:novell:suse_linux:php53-pdo", "p-cpe:/a:novell:suse_linux:php53-pear", "p-cpe:/a:novell:suse_linux:php53-pgsql", "p-cpe:/a:novell:suse_linux:php53-pspell", "p-cpe:/a:novell:suse_linux:php53-shmop", "p-cpe:/a:novell:suse_linux:php53-snmp", "p-cpe:/a:novell:suse_linux:php53-soap", "p-cpe:/a:novell:suse_linux:php53-suhosin", "p-cpe:/a:novell:suse_linux:php53-sysvmsg", "p-cpe:/a:novell:suse_linux:php53-sysvsem", "p-cpe:/a:novell:suse_linux:php53-sysvshm", "p-cpe:/a:novell:suse_linux:php53-tokenizer", "p-cpe:/a:novell:suse_linux:php53-wddx", "p-cpe:/a:novell:suse_linux:php53-xmlreader", "p-cpe:/a:novell:suse_linux:php53-xmlrpc", "p-cpe:/a:novell:suse_linux:php53-xmlwriter", "p-cpe:/a:novell:suse_linux:php53-xsl", "p-cpe:/a:novell:suse_linux:php53-zip", "p-cpe:/a:novell:suse_linux:php53-zlib", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2017-1585-1.NASL", "href": "https://www.tenable.com/plugins/nessus/100866", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1585-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100866);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-6294\", \"CVE-2017-7272\", \"CVE-2017-9224\", \"CVE-2017-9226\", \"CVE-2017-9227\");\n\n script_name(english:\"SUSE SLES11 Security Update : php53 (SUSE-SU-2017:1585-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for php53 fixes the following issues: This security issue\nwas fixed :\n\n - CVE-2017-7272: PHP enabled potential SSRF in\n applications that accept an fsockopen hostname argument\n with an expectation that the port number is constrained.\n Because a :port syntax was recognized, fsockopen used\n the port number that is specified in the hostname\n argument, instead of the port number in the second\n argument of the function (bsc#1031246)\n\n - CVE-2016-6294: The locale_accept_from_http function in\n ext/intl/locale/locale_methods.c did not properly\n restrict calls to the ICU uloc_acceptLanguageFromHTTP\n function, which allowed remote attackers to cause a\n denial of service (out-of-bounds read) or possibly have\n unspecified other impact via a call with a long argument\n (bsc#1035111).\n\n - CVE-2017-9227: An issue was discovered in Oniguruma\n 6.2.0, as used in mbstring in PHP. A stack out-of-bounds\n read occurs in mbc_enc_len() during regular expression\n searching. Invalid handling of reg->dmin in\n forward_search_range() could result in an invalid\n pointer dereference, as an out-of-bounds read from a\n stack buffer. (bsc#1040883)\n\n - CVE-2017-9226: An issue was discovered in Oniguruma\n 6.2.0, as used in Oniguruma-mod in mbstring in PHP. A\n heap out-of-bounds write or read occurs in\n next_state_val() during regular expression compilation.\n Octal numbers larger than 0xff are not handled correctly\n in fetch_token() and fetch_token_in_cc(). A malformed\n regular expression containing an octal number in the\n form of '\\700' would produce an invalid code point value\n larger than 0xff in next_state_val(), resulting in an\n out-of-bounds write memory corruption. (bsc#1040889)\n\n - CVE-2017-9224: An issue was discovered in Oniguruma\n 6.2.0, as used in Oniguruma-mod in mbstring in PHP. A\n stack out-of-bounds read occurs in match_at() during\n regular expression searching. A logical error involving\n order of validation and access in match_at() could\n result in an out-of-bounds read from a stack buffer.\n (bsc#1040891)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1035111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1040883\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1040889\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1040891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6294/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-7272/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-9224/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-9226/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-9227/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171585-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?52357544\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-php53-13151=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-php53-13151=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-php53-13151=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"apache2-mod_php53-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-bcmath-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-bz2-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-calendar-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-ctype-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-curl-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-dba-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-dom-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-exif-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-fastcgi-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-fileinfo-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-ftp-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-gd-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-gettext-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-gmp-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-iconv-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-intl-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-json-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-ldap-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-mbstring-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-mcrypt-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-mysql-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-odbc-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-openssl-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pcntl-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pdo-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pear-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pgsql-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-pspell-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-shmop-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-snmp-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-soap-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-suhosin-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-sysvmsg-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-sysvsem-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-sysvshm-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-tokenizer-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-wddx-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xmlreader-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xmlrpc-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xmlwriter-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-xsl-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-zip-5.3.17-108.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"php53-zlib-5.3.17-108.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-11T15:16:52", "description": "This update for php7 fixes the following security issues :\n\n - CVE-2017-9224: stack out-of-bounds read occurs in match_at() could lead to Denial of service (bsc#1040891)\n\n - CVE-2017-9226: heap out-of-bounds write orread occurs in next_state_val() could lead to Denial of service(bsc#1040889)\n\n - CVE-2017-9227: stack out-of-bounds read in mbc_enc_len() could lead to Denial of service (bsc#1040883)\n\n - CVE-2017-6441: The _zval_get_long_func_ex in Zend/zend_operators.c in PHP allowed attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted use of 'declare(ticks=' in a PHP script (bsc#1032155).\n\n - CVE-2016-6294: The locale_accept_from_http function in ext/intl/locale/locale_methods.c did not properly restrict calls to the ICU uloc_acceptLanguageFromHTTP function, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long argument (bsc#1035111).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : php7 (SUSE-SU-2017:1717-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6294", "CVE-2017-6441", "CVE-2017-9224", "CVE-2017-9226", "CVE-2017-9227"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_php7", "p-cpe:/a:novell:suse_linux:apache2-mod_php7-debuginfo", "p-cpe:/a:novell:suse_linux:php7", "p-cpe:/a:novell:suse_linux:php7-bcmath", "p-cpe:/a:novell:suse_linux:php7-bcmath-debuginfo", "p-cpe:/a:novell:suse_linux:php7-bz2", "p-cpe:/a:novell:suse_linux:php7-bz2-debuginfo", "p-cpe:/a:novell:suse_linux:php7-calendar", "p-cpe:/a:novell:suse_linux:php7-calendar-debuginfo", "p-cpe:/a:novell:suse_linux:php7-ctype", "p-cpe:/a:novell:suse_linux:php7-ctype-debuginfo", "p-cpe:/a:novell:suse_linux:php7-curl", "p-cpe:/a:novell:suse_linux:php7-curl-debuginfo", "p-cpe:/a:novell:suse_linux:php7-dba", "p-cpe:/a:novell:suse_linux:php7-dba-debuginfo", "p-cpe:/a:novell:suse_linux:php7-debuginfo", "p-cpe:/a:novell:suse_linux:php7-debugsource", "p-cpe:/a:novell:suse_linux:php7-dom", "p-cpe:/a:novell:suse_linux:php7-dom-debuginfo", "p-cpe:/a:novell:suse_linux:php7-enchant", "p-cpe:/a:novell:suse_linux:php7-enchant-debuginfo", "p-cpe:/a:novell:suse_linux:php7-exif", "p-cpe:/a:novell:suse_linux:php7-exif-debuginfo", "p-cpe:/a:novell:suse_linux:php7-fastcgi", "p-cpe:/a:novell:suse_linux:php7-fastcgi-debuginfo", "p-cpe:/a:novell:suse_linux:php7-fileinfo", "p-cpe:/a:novell:suse_linux:php7-fileinfo-debuginfo", "p-cpe:/a:novell:suse_linux:php7-fpm", "p-cpe:/a:novell:suse_linux:php7-fpm-debuginfo", "p-cpe:/a:novell:suse_linux:php7-ftp", "p-cpe:/a:novell:suse_linux:php7-ftp-debuginfo", "p-cpe:/a:novell:suse_linux:php7-gd", "p-cpe:/a:novell:suse_linux:php7-gd-debuginfo", "p-cpe:/a:novell:suse_linux:php7-gettext", "p-cpe:/a:novell:suse_linux:php7-gettext-debuginfo", "p-cpe:/a:novell:suse_linux:php7-gmp", "p-cpe:/a:novell:suse_linux:php7-gmp-debuginfo", "p-cpe:/a:novell:suse_linux:php7-iconv", "p-cpe:/a:novell:suse_linux:php7-iconv-debuginfo", "p-cpe:/a:novell:suse_linux:php7-imap", "p-cpe:/a:novell:suse_linux:php7-imap-debuginfo", "p-cpe:/a:novell:suse_linux:php7-intl", "p-cpe:/a:novell:suse_linux:php7-intl-debuginfo", "p-cpe:/a:novell:suse_linux:php7-json", "p-cpe:/a:novell:suse_linux:php7-json-debuginfo", "p-cpe:/a:novell:suse_linux:php7-ldap", "p-cpe:/a:novell:suse_linux:php7-ldap-debuginfo", "p-cpe:/a:novell:suse_linux:php7-mbstring", "p-cpe:/a:novell:suse_linux:php7-mbstring-debuginfo", "p-cpe:/a:novell:suse_linux:php7-mcrypt", "p-cpe:/a:novell:suse_linux:php7-mcrypt-debuginfo", "p-cpe:/a:novell:suse_linux:php7-mysql", "p-cpe:/a:novell:suse_linux:php7-mysql-debuginfo", "p-cpe:/a:novell:suse_linux:php7-odbc", "p-cpe:/a:novell:suse_linux:php7-odbc-debuginfo", "p-cpe:/a:novell:suse_linux:php7-opcache", "p-cpe:/a:novell:suse_linux:php7-opcache-debuginfo", "p-cpe:/a:novell:suse_linux:php7-openssl", "p-cpe:/a:novell:suse_linux:php7-openssl-debuginfo", "p-cpe:/a:novell:suse_linux:php7-pcntl", "p-cpe:/a:novell:suse_linux:php7-pcntl-debuginfo", "p-cpe:/a:novell:suse_linux:php7-pdo", "p-cpe:/a:novell:suse_linux:php7-pdo-debuginfo", "p-cpe:/a:novell:suse_linux:php7-pgsql", "p-cpe:/a:novell:suse_linux:php7-pgsql-debuginfo", "p-cpe:/a:novell:suse_linux:php7-phar", "p-cpe:/a:novell:suse_linux:php7-phar-debuginfo", "p-cpe:/a:novell:suse_linux:php7-posix", "p-cpe:/a:novell:suse_linux:php7-posix-debuginfo", "p-cpe:/a:novell:suse_linux:php7-pspell", "p-cpe:/a:novell:suse_linux:php7-pspell-debuginfo", "p-cpe:/a:novell:suse_linux:php7-shmop", "p-cpe:/a:novell:suse_linux:php7-shmop-debuginfo", "p-cpe:/a:novell:suse_linux:php7-snmp", "p-cpe:/a:novell:suse_linux:php7-snmp-debuginfo", "p-cpe:/a:novell:suse_linux:php7-soap", "p-cpe:/a:novell:suse_linux:php7-soap-debuginfo", "p-cpe:/a:novell:suse_linux:php7-sockets", "p-cpe:/a:novell:suse_linux:php7-sockets-debuginfo", "p-cpe:/a:novell:suse_linux:php7-sqlite", "p-cpe:/a:novell:suse_linux:php7-sqlite-debuginfo", "p-cpe:/a:novell:suse_linux:php7-sysvmsg", "p-cpe:/a:novell:suse_linux:php7-sysvmsg-debuginfo", "p-cpe:/a:novell:suse_linux:php7-sysvsem", "p-cpe:/a:novell:suse_linux:php7-sysvsem-debuginfo", "p-cpe:/a:novell:suse_linux:php7-sysvshm", "p-cpe:/a:novell:suse_linux:php7-sysvshm-debuginfo", "p-cpe:/a:novell:suse_linux:php7-tokenizer", "p-cpe:/a:novell:suse_linux:php7-tokenizer-debuginfo", "p-cpe:/a:novell:suse_linux:php7-wddx", "p-cpe:/a:novell:suse_linux:php7-wddx-debuginfo", "p-cpe:/a:novell:suse_linux:php7-xmlreader", "p-cpe:/a:novell:suse_linux:php7-xmlreader-debuginfo", "p-cpe:/a:novell:suse_linux:php7-xmlrpc", "p-cpe:/a:novell:suse_linux:php7-xmlrpc-debuginfo", "p-cpe:/a:novell:suse_linux:php7-xmlwriter", "p-cpe:/a:novell:suse_linux:php7-xmlwriter-debuginfo", "p-cpe:/a:novell:suse_linux:php7-xsl", "p-cpe:/a:novell:suse_linux:php7-xsl-debuginfo", "p-cpe:/a:novell:suse_linux:php7-zip", "p-cpe:/a:novell:suse_linux:php7-zip-debuginfo", "p-cpe:/a:novell:suse_linux:php7-zlib", "p-cpe:/a:novell:suse_linux:php7-zlib-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1717-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120000", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1717-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120000);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-6294\", \"CVE-2017-6441\", \"CVE-2017-9224\", \"CVE-2017-9226\", \"CVE-2017-9227\");\n\n script_name(english:\"SUSE SLES12 Security Update : php7 (SUSE-SU-2017:1717-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for php7 fixes the following security issues :\n\n - CVE-2017-9224: stack out-of-bounds read occurs in\n match_at() could lead to Denial of service (bsc#1040891)\n\n - CVE-2017-9226: heap out-of-bounds write orread occurs in\n next_state_val() could lead to Denial of\n service(bsc#1040889)\n\n - CVE-2017-9227: stack out-of-bounds read in mbc_enc_len()\n could lead to Denial of service (bsc#1040883)\n\n - CVE-2017-6441: The _zval_get_long_func_ex in\n Zend/zend_operators.c in PHP allowed attackers to cause\n a denial of service (NULL pointer dereference and\n application crash) via crafted use of 'declare(ticks='\n in a PHP script (bsc#1032155).\n\n - CVE-2016-6294: The locale_accept_from_http function in\n ext/intl/locale/locale_methods.c did not properly\n restrict calls to the ICU uloc_acceptLanguageFromHTTP\n function, which allowed remote attackers to cause a\n denial of service (out-of-bounds read) or possibly have\n unspecified other impact via a call with a long argument\n (bsc#1035111).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1032155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1035111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1040883\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1040889\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1040891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6294/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-6441/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-9224/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-9226/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-9227/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171717-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4cbc06da\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t\npatch SUSE-SLE-SDK-12-SP2-2017-1068=1\n\nSUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-12-2017-1068=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-opcache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"apache2-mod_php7-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"apache2-mod_php7-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-bcmath-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-bcmath-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-bz2-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-bz2-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-calendar-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-calendar-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-ctype-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-ctype-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-curl-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-curl-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-dba-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-dba-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-debugsource-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-dom-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-dom-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-enchant-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-enchant-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-exif-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-exif-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-fastcgi-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-fastcgi-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-fileinfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-fileinfo-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-fpm-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-fpm-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-ftp-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-ftp-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-gd-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-gd-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-gettext-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-gettext-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-gmp-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-gmp-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-iconv-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-iconv-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-imap-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-imap-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-intl-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-intl-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-json-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-json-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-ldap-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-ldap-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-mbstring-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-mbstring-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-mcrypt-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-mcrypt-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-mysql-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-mysql-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-odbc-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-odbc-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-opcache-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-opcache-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-openssl-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-openssl-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-pcntl-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-pcntl-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-pdo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-pdo-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-pgsql-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-pgsql-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-phar-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-phar-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-posix-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-posix-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-pspell-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-pspell-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-shmop-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-shmop-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-snmp-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-snmp-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-soap-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-soap-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sockets-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sockets-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sqlite-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sqlite-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sysvmsg-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sysvmsg-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sysvsem-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sysvsem-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sysvshm-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sysvshm-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-tokenizer-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-tokenizer-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-wddx-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-wddx-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-xmlreader-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-xmlreader-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-xmlrpc-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-xmlrpc-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-xmlwriter-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-xmlwriter-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-xsl-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-xsl-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-zip-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-zip-debuginfo-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-zlib-7.0.7-49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-zlib-debuginfo-7.0.7-49.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php7\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-11T15:17:51", "description": "This update for php7 fixes the following security issues :\n\n - CVE-2017-9224: stack out-of-bounds read occurs in match_at() could lead to Denial of service (bsc#1040891)\n\n - CVE-2017-9226: heap out-of-bounds write orread occurs in next_state_val() could lead to Denial of service(bsc#1040889)\n\n - CVE-2017-9227: stack out-of-bounds read in mbc_enc_len() could lead to Denial of service (bsc#1040883)\n\n - CVE-2017-6441: The _zval_get_long_func_ex in Zend/zend_operators.c in PHP allowed attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted use of 'declare(ticks=' in a PHP script (bsc#1032155).\n\n - CVE-2016-6294: The locale_accept_from_http function in ext/intl/locale/locale_methods.c did not properly restrict calls to the ICU uloc_acceptLanguageFromHTTP function, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long argument (bsc#1035111).\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-07-07T00:00:00", "type": "nessus", "title": "openSUSE Security Update : php7 (openSUSE-2017-790)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6294", "CVE-2017-6441", "CVE-2017-9224", "CVE-2017-9226", "CVE-2017-9227"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_php7", "p-cpe:/a:novell:opensuse:apache2-mod_php7-debuginfo", "p-cpe:/a:novell:opensuse:php7", "p-cpe:/a:novell:opensuse:php7-bcmath", "p-cpe:/a:novell:opensuse:php7-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php7-bz2", "p-cpe:/a:novell:opensuse:php7-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php7-calendar", "p-cpe:/a:novell:opensuse:php7-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php7-ctype", "p-cpe:/a:novell:opensuse:php7-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php7-curl", "p-cpe:/a:novell:opensuse:php7-curl-debuginfo", "p-cpe:/a:novell:opensuse:php7-dba", "p-cpe:/a:novell:opensuse:php7-dba-debuginfo", "p-cpe:/a:novell:opensuse:php7-debuginfo", "p-cpe:/a:novell:opensuse:php7-debugsource", "p-cpe:/a:novell:opensuse:php7-devel", "p-cpe:/a:novell:opensuse:php7-dom", "p-cpe:/a:novell:opensuse:php7-dom-debuginfo", "p-cpe:/a:novell:opensuse:php7-enchant", "p-cpe:/a:novell:opensuse:php7-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php7-exif", "p-cpe:/a:novell:opensuse:php7-exif-debuginfo", "p-cpe:/a:novell:opensuse:php7-fastcgi", "p-cpe:/a:novell:opensuse:php7-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php7-fileinfo", "p-cpe:/a:novell:opensuse:php7-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php7-firebird", "p-cpe:/a:novell:opensuse:php7-firebird-debuginfo", "p-cpe:/a:novell:opensuse:php7-fpm", "p-cpe:/a:novell:opensuse:php7-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php7-ftp", "p-cpe:/a:novell:opensuse:php7-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php7-gd", "p-cpe:/a:novell:opensuse:php7-gd-debuginfo", "p-cpe:/a:novell:opensuse:php7-gettext", "p-cpe:/a:novell:opensuse:php7-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php7-gmp", "p-cpe:/a:novell:opensuse:php7-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php7-iconv", "p-cpe:/a:novell:opensuse:php7-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php7-imap", "p-cpe:/a:novell:opensuse:php7-imap-debuginfo", "p-cpe:/a:novell:opensuse:php7-intl", "p-cpe:/a:novell:opensuse:php7-intl-debuginfo", "p-cpe:/a:novell:opensuse:php7-json", "p-cpe:/a:novell:opensuse:php7-json-debuginfo", "p-cpe:/a:novell:opensuse:php7-ldap", "p-cpe:/a:novell:opensuse:php7-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php7-mbstring", "p-cpe:/a:novell:opensuse:php7-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php7-mcrypt", "p-cpe:/a:novell:opensuse:php7-mcrypt-debuginfo", "p-cpe:/a:novell:opensuse:php7-mysql", "p-cpe:/a:novell:opensuse:php7-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php7-odbc", "p-cpe:/a:novell:opensuse:php7-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php7-opcache", "p-cpe:/a:novell:opensuse:php7-opcache-debuginfo", "p-cpe:/a:novell:opensuse:php7-openssl", "p-cpe:/a:novell:opensuse:php7-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php7-pcntl", "p-cpe:/a:novell:opensuse:php7-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php7-pdo", "p-cpe:/a:novell:opensuse:php7-pdo-debuginfo", "p-cpe:/a:novell:opensuse:php7-pear", "p-cpe:/a:novell:opensuse:php7-pear-Archive_Tar", "p-cpe:/a:novell:opensuse:php7-pgsql", "p-cpe:/a:novell:opensuse:php7-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php7-phar", "p-cpe:/a:novell:opensuse:php7-phar-debuginfo", "p-cpe:/a:novell:opensuse:php7-posix", "p-cpe:/a:novell:opensuse:php7-posix-debuginfo", "p-cpe:/a:novell:opensuse:php7-pspell", "p-cpe:/a:novell:opensuse:php7-pspell-debuginfo", "p-cpe:/a:novell:opensuse:php7-readline", "p-cpe:/a:novell:opensuse:php7-readline-debuginfo", "p-cpe:/a:novell:opensuse:php7-shmop", "p-cpe:/a:novell:opensuse:php7-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php7-snmp", "p-cpe:/a:novell:opensuse:php7-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php7-soap", "p-cpe:/a:novell:opensuse:php7-soap-debuginfo", "p-cpe:/a:novell:opensuse:php7-sockets", "p-cpe:/a:novell:opensuse:php7-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php7-sqlite", "p-cpe:/a:novell:opensuse:php7-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php7-sysvmsg", "p-cpe:/a:novell:opensuse:php7-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php7-sysvsem", "p-cpe:/a:novell:opensuse:php7-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php7-sysvshm", "p-cpe:/a:novell:opensuse:php7-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php7-tidy", "p-cpe:/a:novell:opensuse:php7-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php7-tokenizer", "p-cpe:/a:novell:opensuse:php7-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php7-wddx", "p-cpe:/a:novell:opensuse:php7-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php7-xmlreader", "p-cpe:/a:novell:opensuse:php7-xmlreader-debuginfo", "p-cpe:/a:novell:opensuse:php7-xmlrpc", "p-cpe:/a:novell:opensuse:php7-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php7-xmlwriter", "p-cpe:/a:novell:opensuse:php7-xmlwriter-debuginfo", "p-cpe:/a:novell:opensuse:php7-xsl", "p-cpe:/a:novell:opensuse:php7-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php7-zip", "p-cpe:/a:novell:opensuse:php7-zip-debuginfo", "p-cpe:/a:novell:opensuse:php7-zlib", "p-cpe:/a:novell:opensuse:php7-zlib-debuginfo", "cpe:/o:novell:opensuse:42.2"], "id": "OPENSUSE-2017-790.NASL", "href": "https://www.tenable.com/plugins/nessus/101287", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-790.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101287);\n script_version(\"3.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-6294\", \"CVE-2017-6441\", \"CVE-2017-9224\", \"CVE-2017-9226\", \"CVE-2017-9227\");\n\n script_name(english:\"openSUSE Security Update : php7 (openSUSE-2017-790)\");\n script_summary(english:\"Check for the openSUSE-2017-790 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for php7 fixes the following security issues :\n\n - CVE-2017-9224: stack out-of-bounds read occurs in\n match_at() could lead to Denial of service (bsc#1040891)\n\n - CVE-2017-9226: heap out-of-bounds write orread occurs in\n next_state_val() could lead to Denial of\n service(bsc#1040889)\n\n - CVE-2017-9227: stack out-of-bounds read in mbc_enc_len()\n could lead to Denial of service (bsc#1040883)\n\n - CVE-2017-6441: The _zval_get_long_func_ex in\n Zend/zend_operators.c in PHP allowed attackers to cause\n a denial of service (NULL pointer dereference and\n application crash) via crafted use of 'declare(ticks='\n in a PHP script (bsc#1032155).\n\n - CVE-2016-6294: The locale_accept_from_http function in\n ext/intl/locale/locale_methods.c did not properly\n restrict calls to the ICU uloc_acceptLanguageFromHTTP\n function, which allowed remote attackers to cause a\n denial of service (out-of-bounds read) or possibly have\n unspecified other impact via a call with a long argument\n (bsc#1035111).\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1032155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1035111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1040883\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1040889\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1040891\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php7 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-firebird-debuginfo\");\n script_set_attribute(