DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2010-3710", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2010-3710", "description": "Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string.", "published": "2010-10-25T20:01:00", "modified": "2016-08-23T02:02:00", "epss": [{"cve": "CVE-2010-3710", "epss": 0.0784, "percentile": 0.9352, "modified": "2023-12-03"}], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3710", "reporter": "secalert@redhat.com", "references": ["http://bugs.php.net/bug.php?id=52929", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:218", "http://www.vupen.com/english/advisories/2011/0020", "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html", "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html", "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html", "http://www.php.net/archive/2010.php#id2010-12-10-1", "http://www.ubuntu.com/usn/USN-1042-1", "http://www.vupen.com/english/advisories/2011/0021", "http://www.securityfocus.com/bid/43926", "http://www.php.net/releases/5_2_15.php", "http://www.vupen.com/english/advisories/2011/0077", "http://secunia.com/advisories/42812", "http://www.php.net/releases/5_3_4.php", "http://www.php.net/ChangeLog-5.php", "http://secunia.com/advisories/43189", "http://www.redhat.com/support/errata/RHSA-2011-0196.html", "http://support.apple.com/kb/HT4581", "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html", "http://marc.info/?l=bugtraq&m=133469208622507&w=2"], "cvelist": ["CVE-2010-3710"], "immutableFields": [], "lastseen": "2023-12-03T14:17:10", "viewCount": 51, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2011:0196"]}, {"type": "cve", "idList": ["CVE-2010-3717"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2195-1:4E400"]}, {"type": "f5", "idList": ["F5:K13519", "SOL13519"]}, {"type": "fedora", "idList": ["FEDORA:C9FB11110D9", "FEDORA:D1042111102", "FEDORA:D3AAD11111B", "FEDORA:E1A0E1110CE", "FEDORA:E5BC01110D2", "FEDORA:E97781110D7"]}, {"type": "freebsd", "idList": ["C623F058-10E7-11E0-BECC-0022156E8794"]}, {"type": "gentoo", "idList": ["GLSA-201110-06"]}, {"type": "nessus", "idList": ["5732.PRM", "801074.PRM", "CENTOS_RHSA-2011-0196.NASL", "DEBIAN_DSA-2195.NASL", "F5_BIGIP_SOL13519.NASL", "FEDORA_2010-18976.NASL", "FEDORA_2010-19011.NASL", "FREEBSD_PKG_C623F05810E711E0BECC0022156E8794.NASL", "GENTOO_GLSA-201110-06.NASL", "MACOSX_10_6_7.NASL", "MANDRIVA_MDVSA-2010-218.NASL", "MANDRIVA_MDVSA-2010-254.NASL", "ORACLELINUX_ELSA-2011-0196.NASL", "PHP_5_3_4.NASL", "REDHAT-RHSA-2011-0196.NASL", "SL_20110203_PHP53_ON_SL5_X.NASL", "SUSE_11_1_APACHE2-MOD_PHP5-101105.NASL", "SUSE_11_2_APACHE2-MOD_PHP5-101110.NASL", "SUSE_11_3_APACHE2-MOD_PHP5-101110.NASL", "SUSE_11_APACHE2-MOD_PHP5-101105.NASL", "SUSE_APACHE2-MOD_PHP5-7221.NASL", "UBUNTU_USN-1042-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310110181", "OPENVAS:1361412562310122274", "OPENVAS:136141256231068829", "OPENVAS:136141256231069331", "OPENVAS:136141256231070769", "OPENVAS:1361412562310801547", "OPENVAS:1361412562310831227", "OPENVAS:1361412562310831283", "OPENVAS:1361412562310840564", "OPENVAS:1361412562310862764", "OPENVAS:1361412562310862766", "OPENVAS:1361412562310862767", "OPENVAS:1361412562310862769", "OPENVAS:1361412562310862777", "OPENVAS:1361412562310862778", "OPENVAS:1361412562310870388", "OPENVAS:1361412562310880510", "OPENVAS:1361412562310881439", "OPENVAS:1361412562310902470", "OPENVAS:68829", "OPENVAS:69331", "OPENVAS:70769", "OPENVAS:831227", "OPENVAS:831283", "OPENVAS:840564", "OPENVAS:862764", "OPENVAS:862766", "OPENVAS:862767", "OPENVAS:862769", "OPENVAS:862777", "OPENVAS:862778", "OPENVAS:870388", "OPENVAS:880510", "OPENVAS:881439", "OPENVAS:902470"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0196"]}, {"type": "osv", "idList": ["OSV:DSA-2195-1"]}, {"type": "prion", "idList": ["PRION:CVE-2010-3710", "PRION:CVE-2010-3717"]}, {"type": "redhat", "idList": ["RHSA-2011:0196"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:25044", "SECURITYVULNS:DOC:25489", "SECURITYVULNS:DOC:25963", "SECURITYVULNS:DOC:27147", "SECURITYVULNS:VULN:11225", "SECURITYVULNS:VULN:11518"]}, {"type": "ubuntu", "idList": ["USN-1042-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-3710", "UB:CVE-2010-3717"]}]}, "score": {"value": 6.3, "uncertanity": 1.8, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2011:0196"]}, {"type": "f5", "idList": ["SOL13519"]}, {"type": "fedora", "idList": ["FEDORA:D3AAD11111B"]}, {"type": "freebsd", "idList": ["C623F058-10E7-11E0-BECC-0022156E8794"]}, {"type": "gentoo", "idList": ["GLSA-201110-06"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_C623F05810E711E0BECC0022156E8794.NASL", "SL_20110203_PHP53_ON_SL5_X.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310880510", "OPENVAS:1361412562310881439"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:25963"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-3710"]}]}, "exploitation": null, "affected_software": {"major_version": [{"name": "php", "version": 5}, {"name": "php", "version": 5}, {"name": "php", "version": 5}, {"name": "php", "version": 5}, {"name": "php", "version": 5}, {"name": "php", "version": 5}, {"name": "php", "version": 5}, {"name": "php", "version": 5}, {"name": "php", "version": 5}, {"name": "php", "version": 5}, {"name": "php", "version": 5}, {"name": "php", "version": 5}, {"name": "php", "version": 5}, {"name": "php", "version": 5}, {"name": "php", "version": 5}, {"name": "php", "version": 5}, {"name": "php", "version": 5}, {"name": "php", "version": 5}, {"name": "php", "version": 5}]}, "epss": [{"cve": "CVE-2010-3710", "epss": 0.0784, "percentile": 0.93234, "modified": "2023-05-07"}], "short_description": "Stack consumption vulnerability in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, causing denial of service via long email address string", "tags": ["cve-2010-3710", "php", "vulnerability", "denial of service", "nvd", "filter_var function", "memory consumption"], "vulnersScore": 6.3}, "_state": {"dependencies": 1701614324, "score": 1701614337, "affected_software_major_version": 0, "epss": 0, "chatgpt": 0}, "_internal": {"score_hash": "fbafee6ee2127b37d47f7a6a8768d053", "chatgpt": "bcd8b0c2eb1fce714eab6cef0d771acc"}, "cna_cvss": {"cna": "redhat", "cvss": {}}, "cpe": ["cpe:/a:php:php:5.2.3", "cpe:/a:php:php:5.3.3", "cpe:/a:php:php:5.2.11", "cpe:/a:php:php:5.3.1", "cpe:/a:php:php:5.3.2", "cpe:/a:php:php:5.2.5", "cpe:/a:php:php:5.3.0", "cpe:/a:php:php:5.2.8", "cpe:/a:php:php:5.2.0", "cpe:/a:php:php:5.2.4", "cpe:/a:php:php:5.2.6", "cpe:/a:php:php:5.2.7", "cpe:/a:php:php:5.2.13", "cpe:/a:php:php:5.2.1", "cpe:/a:php:php:5.2.14", "cpe:/a:php:php:5.2.9", "cpe:/a:php:php:5.2.10", "cpe:/a:php:php:5.2.2", "cpe:/a:php:php:5.2.12"], "cpe23": ["cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*"], "cwe": ["CWE-399"], "affectedSoftware": [{"cpeName": "php:php", "version": "5.2.9", "operator": "eq", "name": "php"}, {"cpeName": "php:php", "version": "5.3.1", "operator": "eq", "name": "php"}, {"cpeName": "php:php", "version": "5.2.14", "operator": "eq", "name": "php"}, {"cpeName": "php:php", "version": "5.2.7", "operator": "eq", "name": "php"}, {"cpeName": "php:php", "version": "5.2.2", "operator": "eq", "name": "php"}, {"cpeName": "php:php", "version": "5.2.5", "operator": "eq", "name": "php"}, {"cpeName": "php:php", "version": "5.2.12", "operator": "eq", "name": "php"}, {"cpeName": "php:php", "version": "5.2.11", "operator": "eq", "name": "php"}, {"cpeName": "php:php", "version": "5.2.6", "operator": "eq", "name": "php"}, {"cpeName": "php:php", "version": "5.3.0", "operator": "eq", "name": "php"}, {"cpeName": "php:php", "version": "5.2.3", "operator": "eq", "name": "php"}, {"cpeName": "php:php", "version": "5.3.3", "operator": "eq", "name": "php"}, {"cpeName": "php:php", "version": "5.2.13", "operator": "eq", "name": "php"}, {"cpeName": "php:php", "version": "5.2.0", "operator": "eq", "name": "php"}, {"cpeName": "php:php", "version": "5.2.4", "operator": "eq", "name": "php"}, {"cpeName": "php:php", "version": "5.3.2", "operator": "eq", "name": "php"}, {"cpeName": "php:php", "version": "5.2.10", "operator": "eq", "name": "php"}, {"cpeName": "php:php", "version": "5.2.1", "operator": "eq", "name": "php"}, {"cpeName": "php:php", "version": "5.2.8", "operator": "eq", "name": "php"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*", "cpe_name": []}]}]}, "extraReferences": [{"url": "http://bugs.php.net/bug.php?id=52929", "name": "http://bugs.php.net/bug.php?id=52929", "refsource": "CONFIRM", "tags": ["Exploit"]}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:218", "name": "MDVSA-2010:218", "refsource": "MANDRIVA", "tags": []}, {"url": "http://www.vupen.com/english/advisories/2011/0020", "name": "ADV-2011-0020", "refsource": "VUPEN", "tags": []}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html", "name": "FEDORA-2010-18976", "refsource": "FEDORA", "tags": []}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html", "name": "FEDORA-2010-19011", "refsource": "FEDORA", "tags": []}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html", "name": "SUSE-SR:2010:023", "refsource": "SUSE", "tags": []}, {"url": "http://www.php.net/archive/2010.php#id2010-12-10-1", "name": "http://www.php.net/archive/2010.php#id2010-12-10-1", "refsource": "CONFIRM", "tags": []}, {"url": "http://www.ubuntu.com/usn/USN-1042-1", "name": "USN-1042-1", "refsource": "UBUNTU", "tags": []}, {"url": "http://www.vupen.com/english/advisories/2011/0021", "name": "ADV-2011-0021", "refsource": "VUPEN", "tags": []}, {"url": "http://www.securityfocus.com/bid/43926", "name": "43926", "refsource": "BID", "tags": []}, {"url": "http://www.php.net/releases/5_2_15.php", "name": "http://www.php.net/releases/5_2_15.php", "refsource": "CONFIRM", "tags": []}, {"url": "http://www.vupen.com/english/advisories/2011/0077", "name": "ADV-2011-0077", "refsource": "VUPEN", "tags": []}, {"url": "http://secunia.com/advisories/42812", "name": "42812", "refsource": "SECUNIA", "tags": []}, {"url": "http://www.php.net/releases/5_3_4.php", "name": "http://www.php.net/releases/5_3_4.php", "refsource": "CONFIRM", "tags": []}, {"url": "http://www.php.net/ChangeLog-5.php", "name": "http://www.php.net/ChangeLog-5.php", "refsource": "CONFIRM", "tags": []}, {"url": "http://secunia.com/advisories/43189", "name": "43189", "refsource": "SECUNIA", "tags": []}, {"url": "http://www.redhat.com/support/errata/RHSA-2011-0196.html", "name": "RHSA-2011:0196", "refsource": "REDHAT", "tags": []}, {"url": "http://support.apple.com/kb/HT4581", "name": "http://support.apple.com/kb/HT4581", "refsource": "CONFIRM", "tags": []}, {"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html", "name": "APPLE-SA-2011-03-21-1", "refsource": "APPLE", "tags": []}, {"url": "http://marc.info/?l=bugtraq&m=133469208622507&w=2", "name": "SSRT100826", "refsource": "HP", "tags": []}], "product_info": [{"vendor": "Php", "product": "Php"}], "solutions": [], "workarounds": [], "impacts": [], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "exploits": [], "assigned": "2010-10-01T00:00:00"}

{"openvas": [{"lastseen": "2017-07-02T21:13:30", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2011-01-24T00:00:00", "type": "openvas", "title": "FreeBSD Ports: php5-filter", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3710"], "modified": "2017-02-25T00:00:00", "id": "OPENVAS:68829", "href": "http://plugins.openvas.org/nasl.php?oid=68829", "sourceData": "#\n#VID c623f058-10e7-11e0-becc-0022156e8794\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID c623f058-10e7-11e0-becc-0022156e8794\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n php5-filter\n php52-filter\n\nCVE-2010-3710\nStack consumption vulnerability in the filter_var function in PHP\n5.2.x through 5.2.14 and 5.3.x through 5.3.3, when\nFILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a\ndenial of service (memory consumption and application crash) via a\nlong e-mail address string.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.php.net/releases/5_3_4.php\nhttp://www.php.net/releases/5_2_15.php\nhttp://www.vuxml.org/freebsd/c623f058-10e7-11e0-becc-0022156e8794.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(68829);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-24 17:55:59 +0100 (Mon, 24 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2010-3710\");\n script_name(\"FreeBSD Ports: php5-filter\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"php5-filter\");\nif(!isnull(bver) && revcomp(a:bver, b:\"5.3.4\")<0) {\n txt += 'Package php5-filter version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"php52-filter\");\nif(!isnull(bver) && revcomp(a:bver, b:\"5.2.15\")<0) {\n txt += 'Package php52-filter version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:59", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2011-01-24T00:00:00", "type": "openvas", "title": "FreeBSD Ports: php5-filter", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3710"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231068829", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068829", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_php5-filter.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID c623f058-10e7-11e0-becc-0022156e8794\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68829\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-24 17:55:59 +0100 (Mon, 24 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2010-3710\");\n script_name(\"FreeBSD Ports: php5-filter\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following packages are affected:\n\n php5-filter\n php52-filter\n\nCVE-2010-3710\nStack consumption vulnerability in the filter_var function in PHP\n5.2.x through 5.2.14 and 5.3.x through 5.3.3, when\nFILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a\ndenial of service (memory consumption and application crash) via a\nlong e-mail address string.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/releases/5_3_4.php\");\n script_xref(name:\"URL\", value:\"http://www.php.net/releases/5_2_15.php\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/c623f058-10e7-11e0-becc-0022156e8794.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"php5-filter\");\nif(!isnull(bver) && revcomp(a:bver, b:\"5.3.4\")<0) {\n txt += 'Package php5-filter version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"php52-filter\");\nif(!isnull(bver) && revcomp(a:bver, b:\"5.2.15\")<0) {\n txt += 'Package php52-filter version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:40:06", "description": "This host is running PHP and is prone to a stack consumption\n vulnerability", "cvss3": {}, "published": "2010-11-23T00:00:00", "type": "openvas", "title": "PHP 'filter_var()' function Stack Consumption Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3709", "CVE-2010-3710"], "modified": "2019-03-01T00:00:00", "id": "OPENVAS:1361412562310801547", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801547", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_stack_consumption_vuln.nasl 13960 2019-03-01 13:18:27Z cfischer $\n#\n# PHP 'filter_var()' function Stack Consumption Vulnerability\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801547\");\n script_version(\"$Revision: 13960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-01 14:18:27 +0100 (Fri, 01 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-23 14:41:37 +0100 (Tue, 23 Nov 2010)\");\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-3709\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_name(\"PHP 'filter_var()' function Stack Consumption Vulnerability\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\");\n script_mandatory_keys(\"php/installed\");\n\n script_xref(name:\"URL\", value:\"http://bugs.php.net/bug.php?id=52929\");\n script_xref(name:\"URL\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=646684\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/archive/1/514562/30/150/threaded\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow remote attackers to\n cause a denial of service (memory consumption and application crash)\n via a long e-mail address string.\");\n\n script_tag(name:\"affected\", value:\"PHP version 5.2 through 5.2.14 and 5.3 through 5.3.3\");\n\n script_tag(name:\"insight\", value:\"- The flaw exists due to an error in 'filter_var()' function, when\n FILTER_VALIDATE_EMAIL mode is used while processing the long e-mail address string.\n\n - A NULL pointer dereference vulnerability exists in 'ZipArchive::getArchiveComment'.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.2.15/5.3.4 or later.\");\n\n script_tag(name:\"summary\", value:\"This host is running PHP and is prone to a stack consumption\n vulnerability\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/downloads.php\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( port = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! vers = get_app_version( cpe:CPE, port:port ) ) exit( 0 );\n\nif( version_in_range( version:vers, test_version:\"5.2\", test_version2:\"5.2.14\" ) ||\n version_in_range( version:vers, test_version:\"5.3\", test_version2:\"5.3.3\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"5.2.15/5.3.4\" );\n security_message( data:report, port:port );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-03T10:58:21", "description": "Check for the Version of php53", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for php53 CESA-2011:0196 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4645", "CVE-2010-4156", "CVE-2010-3710"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:881439", "href": "http://plugins.openvas.org/nasl.php?oid=881439", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php53 CESA-2011:0196 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n A flaw was found in the way PHP converted certain floating point values\n from string representation to a number. If a PHP script evaluated an\n attacker's input in a numeric context, the PHP interpreter could cause high\n CPU usage until the script execution time limit is reached. This issue only\n affected i386 systems. (CVE-2010-4645)\n \n A stack memory exhaustion flaw was found in the way the PHP filter_var()\n function validated email addresses. An attacker could use this flaw to\n crash the PHP interpreter by providing excessively long input to be\n validated as an email address. (CVE-2010-3710)\n \n A memory disclosure flaw was found in the PHP multi-byte string extension.\n If the mb_strcut() function was called with a length argument exceeding the\n input string size, the function could disclose a portion of the PHP\n interpreter's memory. (CVE-2010-4156)\n \n All php53 users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_affected = \"php53 on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-April/017380.html\");\n script_id(881439);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:52:14 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-4156\", \"CVE-2010-4645\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"CESA\", value: \"2011:0196\");\n script_name(\"CentOS Update for php53 CESA-2011:0196 centos5 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php53\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-cli\", rpm:\"php53-cli~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-common\", rpm:\"php53-common~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-devel\", rpm:\"php53-devel~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-imap\", rpm:\"php53-imap~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-process\", rpm:\"php53-process~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xml\", rpm:\"php53-xml~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:25", "description": "Check for the Version of php53", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for php53 CESA-2011:0196 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4645", "CVE-2010-4156", "CVE-2010-3710"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880510", "href": "http://plugins.openvas.org/nasl.php?oid=880510", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php53 CESA-2011:0196 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n A flaw was found in the way PHP converted certain floating point values\n from string representation to a number. If a PHP script evaluated an\n attacker's input in a numeric context, the PHP interpreter could cause high\n CPU usage until the script execution time limit is reached. This issue only\n affected i386 systems. (CVE-2010-4645)\n \n A stack memory exhaustion flaw was found in the way the PHP filter_var()\n function validated email addresses. An attacker could use this flaw to\n crash the PHP interpreter by providing excessively long input to be\n validated as an email address. (CVE-2010-3710)\n \n A memory disclosure flaw was found in the PHP multi-byte string extension.\n If the mb_strcut() function was called with a length argument exceeding the\n input string size, the function could disclose a portion of the PHP\n interpreter's memory. (CVE-2010-4156)\n \n All php53 users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php53 on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-April/017379.html\");\n script_id(880510);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"CESA\", value: \"2011:0196\");\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-4156\", \"CVE-2010-4645\");\n script_name(\"CentOS Update for php53 CESA-2011:0196 centos5 i386\");\n\n script_summary(\"Check for the Version of php53\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-cli\", rpm:\"php53-cli~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-common\", rpm:\"php53-common~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-devel\", rpm:\"php53-devel~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-imap\", rpm:\"php53-imap~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-process\", rpm:\"php53-process~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xml\", rpm:\"php53-xml~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for php53 CESA-2011:0196 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4645", "CVE-2010-4156", "CVE-2010-3710"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880510", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880510", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php53 CESA-2011:0196 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-April/017379.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880510\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"CESA\", value:\"2011:0196\");\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-4156\", \"CVE-2010-4645\");\n script_name(\"CentOS Update for php53 CESA-2011:0196 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php53'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"php53 on CentOS 5\");\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n A flaw was found in the way PHP converted certain floating point values\n from string representation to a number. If a PHP script evaluated an\n attacker's input in a numeric context, the PHP interpreter could cause high\n CPU usage until the script execution time limit is reached. This issue only\n affected i386 systems. (CVE-2010-4645)\n\n A stack memory exhaustion flaw was found in the way the PHP filter_var()\n function validated email addresses. An attacker could use this flaw to\n crash the PHP interpreter by providing excessively long input to be\n validated as an email address. (CVE-2010-3710)\n\n A memory disclosure flaw was found in the PHP multi-byte string extension.\n If the mb_strcut() function was called with a length argument exceeding the\n input string size, the function could disclose a portion of the PHP\n interpreter's memory. (CVE-2010-4156)\n\n All php53 users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-cli\", rpm:\"php53-cli~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-common\", rpm:\"php53-common~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-devel\", rpm:\"php53-devel~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-imap\", rpm:\"php53-imap~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-process\", rpm:\"php53-process~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xml\", rpm:\"php53-xml~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-12-21T11:32:37", "description": "Check for the Version of php", "cvss3": {}, "published": "2010-11-16T00:00:00", "type": "openvas", "title": "Mandriva Update for php MDVSA-2010:218 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3436", "CVE-2010-3709", "CVE-2010-3710"], "modified": "2017-12-21T00:00:00", "id": "OPENVAS:831227", "href": "http://plugins.openvas.org/nasl.php?oid=831227", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for php MDVSA-2010:218 (php)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were discovered and corrected in php:\n\n Stack consumption vulnerability in the filter_var function in PHP 5.2.x\n through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL\n mode is used, allows remote attackers to cause a denial of service\n (memory consumption and application crash) via a long e-mail address\n string (CVE-2010-3710).\n \n A NULL pointer dereference was discovered in\n ZipArchive::getArchiveComment (CVE-2010-3709).\n \n A possible flaw was discovered in open_basedir (CVE-2010-3436).\n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\n \n The updated packages have been patched to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-10/msg00044.php\");\n script_id(831227);\n script_version(\"$Revision: 8205 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-21 07:30:37 +0100 (Thu, 21 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-16 14:49:48 +0100 (Tue, 16 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"MDVSA\", value: \"2010:218\");\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-3709\", \"CVE-2010-3436\");\n script_name(\"Mandriva Update for php MDVSA-2010:218 (php)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase\", rpm:\"php-sybase~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase\", rpm:\"php-sybase~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase\", rpm:\"php-sybase~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-27T10:55:07", "description": "Check for the Version of php53", "cvss3": {}, "published": "2011-02-04T00:00:00", "type": "openvas", "title": "RedHat Update for php53 RHSA-2011:0196-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4645", "CVE-2010-4156", "CVE-2010-3710"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870388", "href": "http://plugins.openvas.org/nasl.php?oid=870388", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php53 RHSA-2011:0196-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n A flaw was found in the way PHP converted certain floating point values\n from string representation to a number. If a PHP script evaluated an\n attacker's input in a numeric context, the PHP interpreter could cause high\n CPU usage until the script execution time limit is reached. This issue only\n affected i386 systems. (CVE-2010-4645)\n \n A stack memory exhaustion flaw was found in the way the PHP filter_var()\n function validated email addresses. An attacker could use this flaw to\n crash the PHP interpreter by providing excessively long input to be\n validated as an email address. (CVE-2010-3710)\n \n A memory disclosure flaw was found in the PHP multi-byte string extension.\n If the mb_strcut() function was called with a length argument exceeding the\n input string size, the function could disclose a portion of the PHP\n interpreter's memory. (CVE-2010-4156)\n \n All php53 users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_affected = \"php53 on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-February/msg00001.html\");\n script_id(870388);\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-04 14:19:53 +0100 (Fri, 04 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"RHSA\", value: \"2011:0196-01\");\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-4156\", \"CVE-2010-4645\");\n script_name(\"RedHat Update for php53 RHSA-2011:0196-01\");\n\n script_summary(\"Check for the Version of php53\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-cli\", rpm:\"php53-cli~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-common\", rpm:\"php53-common~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-debuginfo\", rpm:\"php53-debuginfo~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-devel\", rpm:\"php53-devel~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-imap\", rpm:\"php53-imap~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-process\", rpm:\"php53-process~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xml\", rpm:\"php53-xml~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-19T15:04:43", "description": "Check for the Version of php", "cvss3": {}, "published": "2010-11-16T00:00:00", "type": "openvas", "title": "Mandriva Update for php MDVSA-2010:218 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3436", "CVE-2010-3709", "CVE-2010-3710"], "modified": "2018-01-18T00:00:00", "id": "OPENVAS:1361412562310831227", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831227", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for php MDVSA-2010:218 (php)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were discovered and corrected in php:\n\n Stack consumption vulnerability in the filter_var function in PHP 5.2.x\n through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL\n mode is used, allows remote attackers to cause a denial of service\n (memory consumption and application crash) via a long e-mail address\n string (CVE-2010-3710).\n \n A NULL pointer dereference was discovered in\n ZipArchive::getArchiveComment (CVE-2010-3709).\n \n A possible flaw was discovered in open_basedir (CVE-2010-3436).\n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\n \n The updated packages have been patched to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-10/msg00044.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831227\");\n script_version(\"$Revision: 8457 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-18 08:58:32 +0100 (Thu, 18 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-16 14:49:48 +0100 (Tue, 16 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"MDVSA\", value: \"2010:218\");\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-3709\", \"CVE-2010-3436\");\n script_name(\"Mandriva Update for php MDVSA-2010:218 (php)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase\", rpm:\"php-sybase~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.14~0.2mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.3~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.3~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase\", rpm:\"php-sybase~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.14~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase\", rpm:\"php-sybase~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.14~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for php53 CESA-2011:0196 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4645", "CVE-2010-4156", "CVE-2010-3710"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881439", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881439", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php53 CESA-2011:0196 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-April/017380.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881439\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:52:14 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-4156\", \"CVE-2010-4645\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"CESA\", value:\"2011:0196\");\n script_name(\"CentOS Update for php53 CESA-2011:0196 centos5 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php53'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"php53 on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n A flaw was found in the way PHP converted certain floating point values\n from string representation to a number. If a PHP script evaluated an\n attacker's input in a numeric context, the PHP interpreter could cause high\n CPU usage until the script execution time limit is reached. This issue only\n affected i386 systems. (CVE-2010-4645)\n\n A stack memory exhaustion flaw was found in the way the PHP filter_var()\n function validated email addresses. An attacker could use this flaw to\n crash the PHP interpreter by providing excessively long input to be\n validated as an email address. (CVE-2010-3710)\n\n A memory disclosure flaw was found in the PHP multi-byte string extension.\n If the mb_strcut() function was called with a length argument exceeding the\n input string size, the function could disclose a portion of the PHP\n interpreter's memory. (CVE-2010-4156)\n\n All php53 users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-cli\", rpm:\"php53-cli~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-common\", rpm:\"php53-common~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-devel\", rpm:\"php53-devel~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-imap\", rpm:\"php53-imap~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-process\", rpm:\"php53-process~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xml\", rpm:\"php53-xml~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.3~1.el5_6.1\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:36:25", "description": "Oracle Linux Local Security Checks ELSA-2011-0196", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0196", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4645", "CVE-2010-4156", "CVE-2010-3710"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122274", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122274", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0196.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122274\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:15:48 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0196\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0196 - php53 security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0196\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0196.html\");\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-4156\", \"CVE-2010-4645\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-cli\", rpm:\"php53-cli~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-common\", rpm:\"php53-common~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-devel\", rpm:\"php53-devel~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-imap\", rpm:\"php53-imap~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-process\", rpm:\"php53-process~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-xml\", rpm:\"php53-xml~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.3~1.el5_6.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-02-04T00:00:00", "type": "openvas", "title": "RedHat Update for php53 RHSA-2011:0196-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4645", "CVE-2010-4156", "CVE-2010-3710"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870388", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870388", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php53 RHSA-2011:0196-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-February/msg00001.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870388\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-04 14:19:53 +0100 (Fri, 04 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"RHSA\", value:\"2011:0196-01\");\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-4156\", \"CVE-2010-4645\");\n script_name(\"RedHat Update for php53 RHSA-2011:0196-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php53'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"php53 on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n A flaw was found in the way PHP converted certain floating point values\n from string representation to a number. If a PHP script evaluated an\n attacker's input in a numeric context, the PHP interpreter could cause high\n CPU usage until the script execution time limit is reached. This issue only\n affected i386 systems. (CVE-2010-4645)\n\n A stack memory exhaustion flaw was found in the way the PHP filter_var()\n function validated email addresses. An attacker could use this flaw to\n crash the PHP interpreter by providing excessively long input to be\n validated as an email address. (CVE-2010-3710)\n\n A memory disclosure flaw was found in the PHP multi-byte string extension.\n If the mb_strcut() function was called with a length argument exceeding the\n input string size, the function could disclose a portion of the PHP\n interpreter's memory. (CVE-2010-4156)\n\n All php53 users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-cli\", rpm:\"php53-cli~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-common\", rpm:\"php53-common~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-debuginfo\", rpm:\"php53-debuginfo~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-devel\", rpm:\"php53-devel~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-imap\", rpm:\"php53-imap~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-process\", rpm:\"php53-process~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xml\", rpm:\"php53-xml~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.3~1.el5_6.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-24T12:55:51", "description": "The remote host is missing an update to php5\nannounced via advisory DSA 2195-1.", "cvss3": {}, "published": "2011-05-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2195-1 (php5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0441", "CVE-2010-3870", "CVE-2010-3709", "CVE-2010-3710", "CVE-2010-4150"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:69331", "href": "http://plugins.openvas.org/nasl.php?oid=69331", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2195_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2195-1 (php5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Stephane Chazelas discovered that the cronjob of the PHP 5 package in\nDebian suffers from a race condition which might be used to remove\narbitrary files from a system (CVE-2011-0441).\n\nWhen upgrading your php5-common package take special care to _accept_\nthe changes to the /etc/cron.d/php5 file. Ignoring them would leave the\nsystem vulnerable.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 5.2.6.dfsg.1-1+lenny10.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 5.3.3-7+squeeze1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 5.3.6-1.\n\nAdditionally, the following vulnerabilities have also been fixed in the\noldstable distribution (lenny):\n\nCVE-2010-3709\n\nMaksymilian Arciemowicz discovered that the ZipArchive class\nmay dereference a NULL pointer when extracting comments from a zip\narchive, leading to application crash and possible denial of\nservice.\n\nCVE-2010-3710\n\nStefan Neufeind discovered that the FILTER_VALIDATE_EMAIL filter\ndoes not correctly handle long, to be validated, strings. Such\ncrafted strings may lead to denial of service because of high memory\nconsumption and application crash.\n\nCVE-2010-3870\n\nIt was discovered that PHP does not correctly handle certain UTF-8\nsequences and may be used to bypass XSS protections.\n\nCVE-2010-4150\n\nMateusz Kocielski discovered that the imap extension may try to\nfree already freed memory when processing user credentials, leading\nto application crash and possibly arbitrary code execution.\n\nWe recommend that you upgrade your php5 packages.\";\ntag_summary = \"The remote host is missing an update to php5\nannounced via advisory DSA 2195-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202195-1\";\n\n\nif(description)\n{\n script_id(69331);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-12 19:21:50 +0200 (Thu, 12 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-0441\", \"CVE-2010-3709\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4150\");\n script_name(\"Debian Security Advisory DSA 2195-1 (php5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:51", "description": "The remote host is missing an update to php5\nannounced via advisory DSA 2195-1.", "cvss3": {}, "published": "2011-05-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2195-1 (php5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0441", "CVE-2010-3870", "CVE-2010-3709", "CVE-2010-3710", "CVE-2010-4150"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231069331", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069331", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2195_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2195-1 (php5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69331\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-12 19:21:50 +0200 (Thu, 12 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2011-0441\", \"CVE-2010-3709\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4150\");\n script_name(\"Debian Security Advisory DSA 2195-1 (php5)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(5|6)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202195-1\");\n script_tag(name:\"insight\", value:\"Stephane Chazelas discovered that the cronjob of the PHP 5 package in\nDebian suffers from a race condition which might be used to remove\narbitrary files from a system (CVE-2011-0441).\n\nWhen upgrading your php5-common package take special care to _accept_\nthe changes to the /etc/cron.d/php5 file. Ignoring them would leave the\nsystem vulnerable.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 5.2.6.dfsg.1-1+lenny10.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 5.3.3-7+squeeze1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 5.3.6-1.\n\nAdditionally, the following vulnerabilities have also been fixed in the\noldstable distribution (lenny):\n\nCVE-2010-3709\n\nMaksymilian Arciemowicz discovered that the ZipArchive class\nmay dereference a NULL pointer when extracting comments from a zip\narchive, leading to application crash and possible denial of\nservice.\n\nCVE-2010-3710\n\nStefan Neufeind discovered that the FILTER_VALIDATE_EMAIL filter\ndoes not correctly handle long, to be validated, strings. Such\ncrafted strings may lead to denial of service because of high memory\nconsumption and application crash.\n\nCVE-2010-3870\n\nIt was discovered that PHP does not correctly handle certain UTF-8\nsequences and may be used to bypass XSS protections.\n\nCVE-2010-4150\n\nMateusz Kocielski discovered that the imap extension may try to\nfree already freed memory when processing user credentials, leading\nto application crash and possibly arbitrary code execution.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your php5 packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to php5\nannounced via advisory DSA 2195-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.6.dfsg.1-1+lenny10\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.3-7+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-22T13:06:18", "description": "Check for the Version of php", "cvss3": {}, "published": "2010-12-28T00:00:00", "type": "openvas", "title": "Mandriva Update for php MDVSA-2010:254 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-3436", "CVE-2010-3870", "CVE-2010-3709", "CVE-2010-3710", "CVE-2010-4150", "CVE-2010-4409"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:1361412562310831283", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831283", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for php MDVSA-2010:254 (php)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This is a maintenance and security update that upgrades php to 5.3.4\n for 2010.0/2010.1.\n\n Security Enhancements and Fixes in PHP 5.3.4:\n \n * Paths with NULL in them (foo\\0bar.txt) are now considered as invalid\n (CVE-2006-7243).\n * Fixed bug #53512 (NumberFormatter::setSymbol crash on bogus values)\n (CVE-2010-4409)\n \n Please note that CVE-2010-4150, CVE-2010-3870, CVE-2010-3436,\n CVE-2010-3709, CVE-2010-3710 were fixed in previous advisories.\n \n Key Bug Fixes in PHP 5.3.4 include:\n \n * Added stat support for zip stream.\n * Added follow_location (enabled by default) option for the http\n stream support.\n * Added a 3rd parameter to get_html_translation_table. It now takes\n a charset hint, like htmlentities et al.\n * Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect\n zend multibyte at runtime.\n * Multiple improvements to the FPM SAPI.\n * Over 100 other bug fixes.\n \n Additional post 5.3.4 fixes:\n \n * Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres\n is down).\n * Fixed bug #53541 (format string bug in ext/phar).\n \n Additionally some of the PECL extensions has been upgraded and/or\n rebuilt for the new php version.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-12/msg00015.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831283\");\n script_version(\"$Revision: 8485 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:254\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2010-4409\", \"CVE-2010-4150\", \"CVE-2010-3870\", \"CVE-2010-3436\", \"CVE-2010-3709\", \"CVE-2010-3710\");\n script_name(\"Mandriva Update for php MDVSA-2010:254 (php)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-apc\", rpm:\"php-apc~3.1.6~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-apc-admin\", rpm:\"php-apc-admin~3.1.6~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~1.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator-admin\", rpm:\"php-eaccelerator-admin~0.9.6.1~1.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gearman\", rpm:\"php-gearman~0.7.0~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mailparse\", rpm:\"php-mailparse~2.1.5~8.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcal\", rpm:\"php-mcal~0.6~35.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-optimizer\", rpm:\"php-optimizer~0.1~0.alpha2.8.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pinba\", rpm:\"php-pinba~0.0.5~2.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sasl\", rpm:\"php-sasl~0.1.0~33.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sphinx\", rpm:\"php-sphinx~1.0.4~2.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ssh2\", rpm:\"php-ssh2~0.11.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-suhosin\", rpm:\"php-suhosin~0.9.32.1~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tclink\", rpm:\"php-tclink~3.4.5~7.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-timezonedb\", rpm:\"php-timezonedb~2010.15~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-translit\", rpm:\"php-translit~0.6.0~15.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-vld\", rpm:\"php-vld~0.10.1~1.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xattr\", rpm:\"php-xattr~1.1.0~13.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xdebug\", rpm:\"php-xdebug~2.1.0~0.3mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-apc\", rpm:\"php-apc~3.1.6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-apc-admin\", rpm:\"php-apc-admin~3.1.6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dio\", rpm:\"php-dio~0.0.2~6.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~0.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator-admin\", rpm:\"php-eaccelerator-admin~0.9.6.1~0.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fam\", rpm:\"php-fam~5.0.1~10.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filepro\", rpm:\"php-filepro~5.1.6~20.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-idn\", rpm:\"php-idn~1.2b~18.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mailparse\", rpm:\"php-mailparse~2.1.5~3.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcal\", rpm:\"php-mcal~0.6~30.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-optimizer\", rpm:\"php-optimizer~0.1~0.alpha2.3.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sasl\", rpm:\"php-sasl~0.1.0~28.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ssh2\", rpm:\"php-ssh2~0.11.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-suhosin\", rpm:\"php-suhosin~0.9.32.1~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tclink\", rpm:\"php-tclink~3.4.5~1.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-timezonedb\", rpm:\"php-timezonedb~2010.15~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-translit\", rpm:\"php-translit~0.6.0~10.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-vld\", rpm:\"php-vld~0.10.1~0.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xattr\", rpm:\"php-xattr~1.1.0~9.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xdebug\", rpm:\"php-xdebug~2.1.0~0.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:59", "description": "Check for the Version of php", "cvss3": {}, "published": "2010-12-28T00:00:00", "type": "openvas", "title": "Mandriva Update for php MDVSA-2010:254 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-3436", "CVE-2010-3870", "CVE-2010-3709", "CVE-2010-3710", "CVE-2010-4150", "CVE-2010-4409"], "modified": "2017-12-22T00:00:00", "id": "OPENVAS:831283", "href": "http://plugins.openvas.org/nasl.php?oid=831283", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for php MDVSA-2010:254 (php)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This is a maintenance and security update that upgrades php to 5.3.4\n for 2010.0/2010.1.\n\n Security Enhancements and Fixes in PHP 5.3.4:\n \n * Paths with NULL in them (foo\\0bar.txt) are now considered as invalid\n (CVE-2006-7243).\n * Fixed bug #53512 (NumberFormatter::setSymbol crash on bogus values)\n (CVE-2010-4409)\n \n Please note that CVE-2010-4150, CVE-2010-3870, CVE-2010-3436,\n CVE-2010-3709, CVE-2010-3710 were fixed in previous advisories.\n \n Key Bug Fixes in PHP 5.3.4 include:\n \n * Added stat support for zip stream.\n * Added follow_location (enabled by default) option for the http\n stream support.\n * Added a 3rd parameter to get_html_translation_table. It now takes\n a charset hint, like htmlentities et al.\n * Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect\n zend multibyte at runtime.\n * Multiple improvements to the FPM SAPI.\n * Over 100 other bug fixes.\n \n Additional post 5.3.4 fixes:\n \n * Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres\n is down).\n * Fixed bug #53541 (format string bug in ext/phar).\n \n Additionally some of the PECL extensions has been upgraded and/or\n rebuilt for the new php version.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-12/msg00015.php\");\n script_id(831283);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:254\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2010-4409\", \"CVE-2010-4150\", \"CVE-2010-3870\", \"CVE-2010-3436\", \"CVE-2010-3709\", \"CVE-2010-3710\");\n script_name(\"Mandriva Update for php MDVSA-2010:254 (php)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-apc\", rpm:\"php-apc~3.1.6~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-apc-admin\", rpm:\"php-apc-admin~3.1.6~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~1.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator-admin\", rpm:\"php-eaccelerator-admin~0.9.6.1~1.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gearman\", rpm:\"php-gearman~0.7.0~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mailparse\", rpm:\"php-mailparse~2.1.5~8.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcal\", rpm:\"php-mcal~0.6~35.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-optimizer\", rpm:\"php-optimizer~0.1~0.alpha2.8.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pinba\", rpm:\"php-pinba~0.0.5~2.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sasl\", rpm:\"php-sasl~0.1.0~33.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sphinx\", rpm:\"php-sphinx~1.0.4~2.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ssh2\", rpm:\"php-ssh2~0.11.2~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-suhosin\", rpm:\"php-suhosin~0.9.32.1~0.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tclink\", rpm:\"php-tclink~3.4.5~7.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-timezonedb\", rpm:\"php-timezonedb~2010.15~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-translit\", rpm:\"php-translit~0.6.0~15.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-vld\", rpm:\"php-vld~0.10.1~1.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xattr\", rpm:\"php-xattr~1.1.0~13.2mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xdebug\", rpm:\"php-xdebug~2.1.0~0.3mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.4~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-apc\", rpm:\"php-apc~3.1.6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-apc-admin\", rpm:\"php-apc-admin~3.1.6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dio\", rpm:\"php-dio~0.0.2~6.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~0.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator-admin\", rpm:\"php-eaccelerator-admin~0.9.6.1~0.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fam\", rpm:\"php-fam~5.0.1~10.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filepro\", rpm:\"php-filepro~5.1.6~20.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-idn\", rpm:\"php-idn~1.2b~18.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mailparse\", rpm:\"php-mailparse~2.1.5~3.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcal\", rpm:\"php-mcal~0.6~30.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-optimizer\", rpm:\"php-optimizer~0.1~0.alpha2.3.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sasl\", rpm:\"php-sasl~0.1.0~28.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ssh2\", rpm:\"php-ssh2~0.11.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-suhosin\", rpm:\"php-suhosin~0.9.32.1~0.2mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tclink\", rpm:\"php-tclink~3.4.5~1.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-timezonedb\", rpm:\"php-timezonedb~2010.15~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-translit\", rpm:\"php-translit~0.6.0~10.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-vld\", rpm:\"php-vld~0.10.1~0.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xattr\", rpm:\"php-xattr~1.1.0~9.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xdebug\", rpm:\"php-xdebug~2.1.0~0.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:27:25", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1042-1", "cvss3": {}, "published": "2011-01-14T00:00:00", "type": "openvas", "title": "Ubuntu Update for php5 vulnerabilities USN-1042-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4645", "CVE-2010-3436", "CVE-2010-3870", "CVE-2010-3709", "CVE-2009-5016", "CVE-2010-4156", "CVE-2010-3710", "CVE-2010-4409"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840564", "href": "http://plugins.openvas.org/nasl.php?oid=840564", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1042_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for php5 vulnerabilities USN-1042-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that an integer overflow in the XML UTF-8 decoding\n code could allow an attacker to bypass cross-site scripting (XSS)\n protections. This issue only affected Ubuntu 6.06 LTS, Ubuntu 8.04 LTS,\n and Ubuntu 9.10. (CVE-2009-5016)\n\n It was discovered that the XML UTF-8 decoding code did not properly\n handle non-shortest form UTF-8 encoding and ill-formed subsequences\n in UTF-8 data, which could allow an attacker to bypass cross-site\n scripting (XSS) protections. (CVE-2010-3870)\n \n It was discovered that attackers might be able to bypass open_basedir()\n restrictions by passing a specially crafted filename. (CVE-2010-3436)\n \n Maksymilian Arciemowicz discovered that a NULL pointer derefence in the\n ZIP archive handling code could allow an attacker to cause a denial\n of service through a specially crafted ZIP archive. This issue only\n affected Ubuntu 8.04 LTS, Ubuntu 9.10, Ubuntu 10.04 LTS, and Ubuntu\n 10.10. (CVE-2010-3709)\n \n It was discovered that a stack consumption vulnerability in the\n filter_var() PHP function when in FILTER_VALIDATE_EMAIL mode, could\n allow a remote attacker to cause a denial of service. This issue\n only affected Ubuntu 8.04 LTS, Ubuntu 9.10, Ubuntu 10.04 LTS, and\n Ubuntu 10.10. (CVE-2010-3710)\n \n It was discovered that the mb_strcut function in the Libmbfl\n library within PHP could allow an attacker to read arbitrary memory\n within the application process. This issue only affected Ubuntu\n 10.10. (CVE-2010-4156)\n \n Maksymilian Arciemowicz discovered that an integer overflow in the\n NumberFormatter::getSymbol function could allow an attacker to cause\n a denial of service. This issue only affected Ubuntu 10.04 LTS and\n Ubuntu 10.10. (CVE-2010-4409)\n \n Rick Regan discovered that when handing PHP textual representations\n of the largest subnormal double-precision floating-point number,\n the zend_strtod function could go into an infinite loop on 32bit\n x86 processors, allowing an attacker to cause a denial of service.\n (CVE-2010-4645)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1042-1\";\ntag_affected = \"php5 vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1042-1/\");\n script_id(840564);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-14 16:07:43 +0100 (Fri, 14 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1042-1\");\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-3436\", \"CVE-2010-3709\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4156\", \"CVE-2010-4409\", \"CVE-2010-4645\");\n script_name(\"Ubuntu Update for php5 vulnerabilities USN-1042-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysqli\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-09-23T15:15:20", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1042-1", "cvss3": {}, "published": "2011-01-14T00:00:00", "type": "openvas", "title": "Ubuntu Update for php5 vulnerabilities USN-1042-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4645", "CVE-2010-3436", "CVE-2010-3870", "CVE-2010-3709", "CVE-2009-5016", "CVE-2010-4156", "CVE-2010-3710", "CVE-2010-4409"], "modified": "2019-09-16T00:00:00", "id": "OPENVAS:1361412562310840564", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840564", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for php5 vulnerabilities USN-1042-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1042-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840564\");\n script_version(\"2019-09-16T06:54:58+0000\");\n script_tag(name:\"last_modification\", value:\"2019-09-16 06:54:58 +0000 (Mon, 16 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2011-01-14 16:07:43 +0100 (Fri, 14 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"USN\", value:\"1042-1\");\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-3436\", \"CVE-2010-3709\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4156\", \"CVE-2010-4409\", \"CVE-2010-4645\");\n script_name(\"Ubuntu Update for php5 vulnerabilities USN-1042-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(9\\.10|6\\.06 LTS|10\\.04 LTS|8\\.04 LTS|10\\.10)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1042-1\");\n script_tag(name:\"affected\", value:\"php5 vulnerabilities on Ubuntu 6.06 LTS,\n Ubuntu 8.04 LTS,\n Ubuntu 9.10,\n Ubuntu 10.04 LTS,\n Ubuntu 10.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that an integer overflow in the XML UTF-8 decoding\n code could allow an attacker to bypass cross-site scripting (XSS)\n protections. This issue only affected Ubuntu 6.06 LTS, Ubuntu 8.04 LTS,\n and Ubuntu 9.10. (CVE-2009-5016)\n\n It was discovered that the XML UTF-8 decoding code did not properly\n handle non-shortest form UTF-8 encoding and ill-formed subsequences\n in UTF-8 data, which could allow an attacker to bypass cross-site\n scripting (XSS) protections. (CVE-2010-3870)\n\n It was discovered that attackers might be able to bypass open_basedir()\n restrictions by passing a specially crafted filename. (CVE-2010-3436)\n\n Maksymilian Arciemowicz discovered that a NULL pointer dereference in the\n ZIP archive handling code could allow an attacker to cause a denial\n of service through a specially crafted ZIP archive. This issue only\n affected Ubuntu 8.04 LTS, Ubuntu 9.10, Ubuntu 10.04 LTS, and Ubuntu\n 10.10. (CVE-2010-3709)\n\n It was discovered that a stack consumption vulnerability in the\n filter_var() PHP function when in FILTER_VALIDATE_EMAIL mode, could\n allow a remote attacker to cause a denial of service. This issue\n only affected Ubuntu 8.04 LTS, Ubuntu 9.10, Ubuntu 10.04 LTS, and\n Ubuntu 10.10. (CVE-2010-3710)\n\n It was discovered that the mb_strcut function in the Libmbfl\n library within PHP could allow an attacker to read arbitrary memory\n within the application process. This issue only affected Ubuntu\n 10.10. (CVE-2010-4156)\n\n Maksymilian Arciemowicz discovered that an integer overflow in the\n NumberFormatter::getSymbol function could allow an attacker to cause\n a denial of service. This issue only affected Ubuntu 10.04 LTS and\n Ubuntu 10.10. (CVE-2010-4409)\n\n Rick Regan discovered that when handing PHP textual representations\n of the largest subnormal double-precision floating-point number,\n the zend_strtod function could go into an infinite loop on 32bit\n x86 processors, allowing an attacker to cause a denial of service.\n (CVE-2010-4645)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.10.dfsg.1-2ubuntu6.6\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysqli\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.1.2-1ubuntu3.20\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.2-1ubuntu4.6\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.4-2ubuntu5.13\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.3-1ubuntu9.2\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:53", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2010-18976", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-3436", "CVE-2010-3870", "CVE-2010-3709", "CVE-2009-5016", "CVE-2010-4156", "CVE-2010-3710", "CVE-2010-4150", "CVE-2010-2950", "CVE-2010-4409"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310862767", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862767", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2010-18976\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862767\");\n script_version(\"$Revision: 14316 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 12:36:02 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2010-18976\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2010-4150\", \"CVE-2010-3709\", \"CVE-2010-3436\", \"CVE-2010-2950\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4156\", \"CVE-2009-5016\", \"CVE-2010-4409\");\n script_name(\"Fedora Update for maniadrive FEDORA-2010-18976\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'maniadrive'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"maniadrive on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~23.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:27", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2010-18976", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-3436", "CVE-2010-3870", "CVE-2010-3709", "CVE-2009-5016", "CVE-2010-4156", "CVE-2010-3710", "CVE-2010-4150", "CVE-2010-2950", "CVE-2010-4409"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310862778", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862778", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2010-18976\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052844.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862778\");\n script_version(\"$Revision: 14316 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 12:36:02 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2010-18976\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2010-4150\", \"CVE-2010-3709\", \"CVE-2010-3436\", \"CVE-2010-2950\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4156\", \"CVE-2009-5016\", \"CVE-2010-4409\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2010-18976\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-eaccelerator'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"php-eaccelerator on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~3.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:55:43", "description": "Check for the Version of maniadrive", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2010-19011", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-3436", "CVE-2010-3870", "CVE-2010-3709", "CVE-2009-5016", "CVE-2010-4156", "CVE-2010-3710", "CVE-2010-4150", "CVE-2010-2950", "CVE-2010-4409"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862766", "href": "http://plugins.openvas.org/nasl.php?oid=862766", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2010-19011\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"maniadrive on Fedora 13\";\ntag_insight = \"ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous\n gameplay (tracks almost never exceed one minute). Features: Complex car\n physics, Challenging &quot;story mode&quot;, LAN and Internet mode, Live scores,\n Track editor, Dedicated server with HTTP interface and More than 30 blocks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html\");\n script_id(862766);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-19011\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2010-4150\", \"CVE-2010-3709\", \"CVE-2010-3436\", \"CVE-2010-2950\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4156\", \"CVE-2009-5016\", \"CVE-2010-4409\");\n script_name(\"Fedora Update for maniadrive FEDORA-2010-19011\");\n\n script_summary(\"Check for the Version of maniadrive\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~23.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:42", "description": "Check for the Version of php-eaccelerator", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2010-18976", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-3436", "CVE-2010-3870", "CVE-2010-3709", "CVE-2009-5016", "CVE-2010-4156", "CVE-2010-3710", "CVE-2010-4150", "CVE-2010-2950", "CVE-2010-4409"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862778", "href": "http://plugins.openvas.org/nasl.php?oid=862778", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2010-18976\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"php-eaccelerator on Fedora 14\";\ntag_insight = \"eAccelerator is a further development of the MMCache PHP Accelerator &amp; Encoder.\n It increases performance of PHP scripts by caching them in compiled state, so\n that the overhead of compiling is almost completely eliminated.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052844.html\");\n script_id(862778);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-18976\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2010-4150\", \"CVE-2010-3709\", \"CVE-2010-3436\", \"CVE-2010-2950\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4156\", \"CVE-2009-5016\", \"CVE-2010-4409\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2010-18976\");\n\n script_summary(\"Check for the Version of php-eaccelerator\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~3.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:25", "description": "Check for the Version of maniadrive", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2010-18976", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-3436", "CVE-2010-3870", "CVE-2010-3709", "CVE-2009-5016", "CVE-2010-4156", "CVE-2010-3710", "CVE-2010-4150", "CVE-2010-2950", "CVE-2010-4409"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862767", "href": "http://plugins.openvas.org/nasl.php?oid=862767", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2010-18976\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"maniadrive on Fedora 14\";\ntag_insight = \"ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous\n gameplay (tracks almost never exceed one minute). Features: Complex car\n physics, Challenging &quot;story mode&quot;, LAN and Internet mode, Live scores,\n Track editor, Dedicated server with HTTP interface and More than 30 blocks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html\");\n script_id(862767);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-18976\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2010-4150\", \"CVE-2010-3709\", \"CVE-2010-3436\", \"CVE-2010-2950\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4156\", \"CVE-2009-5016\", \"CVE-2010-4409\");\n script_name(\"Fedora Update for maniadrive FEDORA-2010-18976\");\n\n script_summary(\"Check for the Version of maniadrive\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~23.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2010-19011", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-3436", "CVE-2010-3870", "CVE-2010-3709", "CVE-2009-5016", "CVE-2010-4156", "CVE-2010-3710", "CVE-2010-4150", "CVE-2010-2950", "CVE-2010-4409"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310862777", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862777", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2010-19011\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052835.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862777\");\n script_version(\"$Revision: 14316 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 12:36:02 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2010-19011\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2010-4150\", \"CVE-2010-3709\", \"CVE-2010-3436\", \"CVE-2010-2950\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4156\", \"CVE-2009-5016\", \"CVE-2010-4409\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2010-19011\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-eaccelerator'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"php-eaccelerator on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~3.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:40:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2010-18976", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-3436", "CVE-2010-3870", "CVE-2010-3709", "CVE-2009-5016", "CVE-2010-4156", "CVE-2010-3710", "CVE-2010-4150", "CVE-2010-2950", "CVE-2010-4409"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310862769", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862769", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2010-18976\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052843.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862769\");\n script_version(\"$Revision: 14316 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 12:36:02 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2010-18976\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2010-4150\", \"CVE-2010-3709\", \"CVE-2010-3436\", \"CVE-2010-2950\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4156\", \"CVE-2009-5016\", \"CVE-2010-4409\");\n script_name(\"Fedora Update for php FEDORA-2010-18976\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"php on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.4~1.fc14.1\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2010-19011", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-3436", "CVE-2010-3870", "CVE-2010-3709", "CVE-2009-5016", "CVE-2010-4156", "CVE-2010-3710", "CVE-2010-4150", "CVE-2010-2950", "CVE-2010-4409"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310862764", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862764", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2010-19011\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052837.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862764\");\n script_version(\"$Revision: 14316 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 12:36:02 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2010-19011\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2010-4150\", \"CVE-2010-3709\", \"CVE-2010-3436\", \"CVE-2010-2950\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4156\", \"CVE-2009-5016\", \"CVE-2010-4409\");\n script_name(\"Fedora Update for php FEDORA-2010-19011\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"php on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.4~1.fc13.1\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:55:39", "description": "Check for the Version of php", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2010-19011", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-3436", "CVE-2010-3870", "CVE-2010-3709", "CVE-2009-5016", "CVE-2010-4156", "CVE-2010-3710", "CVE-2010-4150", "CVE-2010-2950", "CVE-2010-4409"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862764", "href": "http://plugins.openvas.org/nasl.php?oid=862764", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2010-19011\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated web pages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052837.html\");\n script_id(862764);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-19011\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2010-4150\", \"CVE-2010-3709\", \"CVE-2010-3436\", \"CVE-2010-2950\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4156\", \"CVE-2009-5016\", \"CVE-2010-4409\");\n script_name(\"Fedora Update for php FEDORA-2010-19011\");\n\n script_summary(\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.4~1.fc13.1\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:28", "description": "Check for the Version of php-eaccelerator", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2010-19011", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-3436", "CVE-2010-3870", "CVE-2010-3709", "CVE-2009-5016", "CVE-2010-4156", "CVE-2010-3710", "CVE-2010-4150", "CVE-2010-2950", "CVE-2010-4409"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862777", "href": "http://plugins.openvas.org/nasl.php?oid=862777", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2010-19011\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"php-eaccelerator on Fedora 13\";\ntag_insight = \"eAccelerator is a further development of the MMCache PHP Accelerator &amp; Encoder.\n It increases performance of PHP scripts by caching them in compiled state, so\n that the overhead of compiling is almost completely eliminated.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052835.html\");\n script_id(862777);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-19011\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2010-4150\", \"CVE-2010-3709\", \"CVE-2010-3436\", \"CVE-2010-2950\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4156\", \"CVE-2009-5016\", \"CVE-2010-4409\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2010-19011\");\n\n script_summary(\"Check for the Version of php-eaccelerator\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~3.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:44", "description": "Check for the Version of php", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2010-18976", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-3436", "CVE-2010-3870", "CVE-2010-3709", "CVE-2009-5016", "CVE-2010-4156", "CVE-2010-3710", "CVE-2010-4150", "CVE-2010-2950", "CVE-2010-4409"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862769", "href": "http://plugins.openvas.org/nasl.php?oid=862769", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2010-18976\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated web pages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on Fedora 14\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052843.html\");\n script_id(862769);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-18976\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2010-4150\", \"CVE-2010-3709\", \"CVE-2010-3436\", \"CVE-2010-2950\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4156\", \"CVE-2009-5016\", \"CVE-2010-4409\");\n script_name(\"Fedora Update for php FEDORA-2010-18976\");\n\n script_summary(\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.4~1.fc14.1\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2010-19011", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-3436", "CVE-2010-3870", "CVE-2010-3709", "CVE-2009-5016", "CVE-2010-4156", "CVE-2010-3710", "CVE-2010-4150", "CVE-2010-2950", "CVE-2010-4409"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310862766", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862766", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2010-19011\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862766\");\n script_version(\"$Revision: 14316 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 12:36:02 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2010-19011\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2010-4150\", \"CVE-2010-3709\", \"CVE-2010-3436\", \"CVE-2010-2950\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4156\", \"CVE-2009-5016\", \"CVE-2010-4409\");\n script_name(\"Fedora Update for maniadrive FEDORA-2010-19011\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'maniadrive'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"maniadrive on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~23.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:03", "description": "PHP version smaller than 5.3.4 suffers from multiple vulnerabilities.", "cvss3": {}, "published": "2012-06-21T00:00:00", "type": "openvas", "title": "PHP Version < 5.3.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0754", "CVE-2010-4697", "CVE-2010-4698", "CVE-2006-7243", "CVE-2011-0753", "CVE-2010-3436", "CVE-2010-3870", "CVE-2010-2094", "CVE-2010-3709", "CVE-2010-4156", "CVE-2010-3710", "CVE-2010-4150", "CVE-2011-0755", "CVE-2010-4699", "CVE-2010-2950", "CVE-2010-4700", "CVE-2010-4409"], "modified": "2018-07-09T00:00:00", "id": "OPENVAS:1361412562310110181", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310110181", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: nopsec_php_5_3_4.nasl 10460 2018-07-09 07:50:03Z cfischer $\n#\n# PHP Version < 5.3.4 Multiple Vulnerabilities\n#\n# Authors:\n# Songhan Yu <syu@nopsec.com>\n#\n# Copyright:\n# Copyright NopSec Inc. 2012, http://www.nopsec.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.110181\");\n script_version(\"$Revision: 10460 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-07-09 09:50:03 +0200 (Mon, 09 Jul 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-21 11:43:12 +0100 (Thu, 21 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2010-2094\", \"CVE-2010-2950\", \"CVE-2010-3436\",\n \"CVE-2010-3709\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4150\",\n \"CVE-2010-4156\", \"CVE-2010-4409\", \"CVE-2010-4697\", \"CVE-2010-4698\",\n \"CVE-2010-4699\", \"CVE-2010-4700\", \"CVE-2011-0753\", \"CVE-2011-0754\",\n \"CVE-2011-0755\");\n script_bugtraq_id(40173, 43926, 44605, 44718, 44723, 44951, 44980, 45119, 45335,\n 45338, 45339, 45952, 45954, 46056, 46168);\n script_name(\"PHP Version < 5.3.4 Multiple Vulnerabilities\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"Copyright NopSec Inc. 2012\");\n script_dependencies(\"gb_php_detect.nasl\");\n script_mandatory_keys(\"php/installed\");\n\n script_tag(name:\"solution\", value:\"Update PHP to version 5.3.4 or later.\");\n\n script_tag(name:\"summary\", value:\"PHP version smaller than 5.3.4 suffers from multiple vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( port = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! vers = get_app_version( cpe:CPE, port:port ) ) exit( 0 );\n\nif( version_is_less( version:vers, test_version:\"5.3.4\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"5.3.4\" );\n security_message( data:report, port:port );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-09-04T14:19:59", "description": "This host is missing an important security update according to\n Mac OS X 10.6.6 Update/Mac OS X Security Update 2011-001.", "cvss3": {}, "published": "2011-08-26T00:00:00", "type": "openvas", "title": "Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0187", "CVE-2010-4008", "CVE-2011-0181", "CVE-2011-0174", "CVE-2011-0186", "CVE-2011-0182", "CVE-2011-0173", "CVE-2011-0188", "CVE-2011-0176", "CVE-2010-1324", "CVE-2010-4020", "CVE-2010-4261", "CVE-2010-3802", "CVE-2010-3089", "CVE-2011-0175", "CVE-2006-7243", "CVE-2010-3436", "CVE-2011-0189", "CVE-2010-4021", "CVE-2011-0180", "CVE-2010-3870", "CVE-2011-0184", "CVE-2011-0190", "CVE-2011-0179", "CVE-2011-0170", "CVE-2010-4009", "CVE-2010-3801", "CVE-2010-2068", "CVE-2011-0191", "CVE-2011-0178", "CVE-2010-0405", "CVE-2011-1417", "CVE-2011-0194", "CVE-2010-3315", "CVE-2010-1452", "CVE-2010-4479", "CVE-2010-3709", "CVE-2011-0172", "CVE-2011-0193", "CVE-2010-4494", "CVE-2011-0177", "CVE-2010-3710", "CVE-2010-3855", "CVE-2010-4150", "CVE-2010-2950", "CVE-2010-3814", "CVE-2010-4409", "CVE-2010-4260", "CVE-2010-1323", "CVE-2010-3434", "CVE-2010-3069", "CVE-2011-0192", "CVE-2011-0183"], "modified": "2017-08-28T00:00:00", "id": "OPENVAS:902470", "href": "http://plugins.openvas.org/nasl.php?oid=902470", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_macosx_su11-001.nasl 7015 2017-08-28 11:51:24Z teissa $\n#\n# Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions or cause a denial-of-service condition.\n Impact Level: System/Application\";\ntag_affected = \"X11,\n ATS,\n PHP,\n HFS,\n Ruby,\n Samba,\n bzip2,\n Kernel,\n AirPort,\n Apache,\n ClamAV,\n Mailman,\n Libinfo,\n libxml,\n ImageIO,\n Kerberos,\n CoreText,\n Terminal,\n Installer,\n QuickLook,\n QuickTime,\n Image RAW,\n Subversion,\n CarbonCore,\n AppleScript,\n File Quarantine\";\ntag_insight = \"For more information on the vulnerabilities refer to the links below.\";\ntag_solution = \"Upgrade to Mac OS X 10.6.7 or Run Mac Updates and update the Security\n Update 2011-001\n For updates refer to http://support.apple.com/kb/HT1222\";\ntag_summary = \"This host is missing an important security update according to\n Mac OS X 10.6.6 Update/Mac OS X Security Update 2011-001.\";\n\nif(description)\n{\n script_id(902470);\n script_version(\"$Revision: 7015 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-28 13:51:24 +0200 (Mon, 28 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-26 14:59:42 +0200 (Fri, 26 Aug 2011)\");\n script_cve_id(\"CVE-2011-0172\", \"CVE-2010-1452\", \"CVE-2010-2068\", \"CVE-2011-0173\",\n \"CVE-2011-0174\", \"CVE-2011-0175\", \"CVE-2011-0176\", \"CVE-2011-0177\",\n \"CVE-2010-0405\", \"CVE-2011-0178\", \"CVE-2010-3434\", \"CVE-2010-4260\",\n \"CVE-2010-4261\", \"CVE-2010-4479\", \"CVE-2011-0179\", \"CVE-2011-0180\",\n \"CVE-2011-0170\", \"CVE-2011-0181\", \"CVE-2011-0191\", \"CVE-2011-0192\",\n \"CVE-2011-0194\", \"CVE-2011-0193\", \"CVE-2011-0190\", \"CVE-2010-1323\",\n \"CVE-2010-1324\", \"CVE-2010-4020\", \"CVE-2010-4021\", \"CVE-2011-0182\",\n \"CVE-2011-0183\", \"CVE-2010-4008\", \"CVE-2010-4494\", \"CVE-2010-3089\",\n \"CVE-2006-7243\", \"CVE-2010-2950\", \"CVE-2010-3709\", \"CVE-2010-3710\",\n \"CVE-2010-4409\", \"CVE-2010-3436\", \"CVE-2010-3709\", \"CVE-2010-4150\",\n \"CVE-2011-0184\", \"CVE-2011-1417\", \"CVE-2011-0186\", \"CVE-2010-4009\",\n \"CVE-2010-3801\", \"CVE-2011-0187\", \"CVE-2010-3802\", \"CVE-2011-0188\",\n \"CVE-2010-3069\", \"CVE-2010-3315\", \"CVE-2011-0189\", \"CVE-2010-3814\",\n \"CVE-2010-3855\", \"CVE-2010-3870\", \"CVE-2010-4150\");\n script_bugtraq_id(46988, 41963, 40827, 46984, 46987, 46991, 46971, 46994, 43331,\n 46989, 43555, 45152, 45152, 45152, 46993, 46982, 46659, 46996,\n 46657, 46658, 46973, 46972, 47023, 45118, 45116, 45117, 45122,\n 46997, 46990, 44779, 45617, 43187, 44951, 44718, 43926, 45119,\n 44723, 44718, 44980, 46965, 46832, 46995, 45241, 45240, 46992,\n 45239, 46966, 43212, 43678, 44643, 44214, 44605, 44980);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT1222\");\n script_xref(name : \"URL\" , value : \"http://lists.apple.com/archives/security-announce//2011//Mar/msg00006.html\");\n\n script_copyright(\"Copyright (c) 2011 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_require_ports(\"Services/ssh\", 22);\n script_mandatory_keys(\"ssh/login/osx_name\",\"ssh/login/osx_version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-macosx.inc\");\ninclude(\"version_func.inc\");\n\n## Get the OS name\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName){\n exit (0);\n}\n\n## Get the OS Version\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer){\n exit(0);\n}\n\n## Check for the Mac OS X and Mac OS X Server\nif(\"Mac OS X\" >< osName || \"Mac OS X Server\" >< osName)\n{\n ## Check the affected OS versions\n if(version_is_less_equal(version:osVer, test_version:\"10.5.8\") ||\n version_in_range(version:osVer, test_version:\"10.6\", test_version2:\"10.6.6\"))\n {\n ## Check for the security update 2011.001\n if(isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2011.001\"))\n {\n security_message(0);\n exit(0);\n }\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-08-01T16:18:37", "description": "This host is missing an important security update according to\n Mac OS X 10.6.6 Update/Mac OS X Security Update 2011-001.", "cvss3": {}, "published": "2011-08-26T00:00:00", "type": "openvas", "title": "Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0187", "CVE-2010-4008", "CVE-2011-0181", "CVE-2011-0174", "CVE-2011-0186", "CVE-2011-0182", "CVE-2011-0173", "CVE-2011-0188", "CVE-2011-0176", "CVE-2010-1324", "CVE-2010-4020", "CVE-2010-4261", "CVE-2010-3802", "CVE-2010-3089", "CVE-2011-0175", "CVE-2006-7243", "CVE-2010-3436", "CVE-2011-0189", "CVE-2010-4021", "CVE-2011-0180", "CVE-2010-3870", "CVE-2011-0184", "CVE-2011-0190", "CVE-2011-0179", "CVE-2011-0170", "CVE-2010-4009", "CVE-2010-3801", "CVE-2010-2068", "CVE-2011-0191", "CVE-2011-0178", "CVE-2010-0405", "CVE-2011-1417", "CVE-2011-0194", "CVE-2010-3315", "CVE-2010-1452", "CVE-2010-4479", "CVE-2010-3709", "CVE-2011-0172", "CVE-2011-0193", "CVE-2010-4494", "CVE-2011-0177", "CVE-2010-3710", "CVE-2010-3855", "CVE-2010-4150", "CVE-2010-2950", "CVE-2010-3814", "CVE-2010-4409", "CVE-2010-4260", "CVE-2010-1323", "CVE-2010-3434", "CVE-2010-3069", "CVE-2011-0192", "CVE-2011-0183"], "modified": "2019-09-20T00:00:00", "id": "OPENVAS:1361412562310902470", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902470", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902470\");\n script_version(\"2019-09-20T11:01:01+0000\");\n script_tag(name:\"last_modification\", value:\"2019-09-20 11:01:01 +0000 (Fri, 20 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2011-08-26 14:59:42 +0200 (Fri, 26 Aug 2011)\");\n script_cve_id(\"CVE-2011-0172\", \"CVE-2010-1452\", \"CVE-2010-2068\", \"CVE-2011-0173\",\n \"CVE-2011-0174\", \"CVE-2011-0175\", \"CVE-2011-0176\", \"CVE-2011-0177\",\n \"CVE-2010-0405\", \"CVE-2011-0178\", \"CVE-2010-3434\", \"CVE-2010-4260\",\n \"CVE-2010-4261\", \"CVE-2010-4479\", \"CVE-2011-0179\", \"CVE-2011-0180\",\n \"CVE-2011-0170\", \"CVE-2011-0181\", \"CVE-2011-0191\", \"CVE-2011-0192\",\n \"CVE-2011-0194\", \"CVE-2011-0193\", \"CVE-2011-0190\", \"CVE-2010-1323\",\n \"CVE-2010-1324\", \"CVE-2010-4020\", \"CVE-2010-4021\", \"CVE-2011-0182\",\n \"CVE-2011-0183\", \"CVE-2010-4008\", \"CVE-2010-4494\", \"CVE-2010-3089\",\n \"CVE-2006-7243\", \"CVE-2010-2950\", \"CVE-2010-3709\", \"CVE-2010-3710\",\n \"CVE-2010-4409\", \"CVE-2010-3436\",\n \"CVE-2011-0184\", \"CVE-2011-1417\", \"CVE-2011-0186\", \"CVE-2010-4009\",\n \"CVE-2010-3801\", \"CVE-2011-0187\", \"CVE-2010-3802\", \"CVE-2011-0188\",\n \"CVE-2010-3069\", \"CVE-2010-3315\", \"CVE-2011-0189\", \"CVE-2010-3814\",\n \"CVE-2010-3855\", \"CVE-2010-3870\", \"CVE-2010-4150\");\n script_bugtraq_id(46988, 41963, 40827, 46984, 46987, 46991, 46971, 46994, 43331,\n 46989, 43555, 45152, 45152, 45152, 46993, 46982, 46659, 46996,\n 46657, 46658, 46973, 46972, 47023, 45118, 45116, 45117, 45122,\n 46997, 46990, 44779, 45617, 43187, 44951, 44718, 43926, 45119,\n 44723, 44718, 44980, 46965, 46832, 46995, 45241, 45240, 46992,\n 45239, 46966, 43212, 43678, 44643, 44214, 44605, 44980);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT1222\");\n script_xref(name:\"URL\", value:\"https://lists.apple.com/archives/security-announce//2011//Mar/msg00006.html\");\n\n script_copyright(\"Copyright (c) 2011 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.[0-6]\\.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions or cause a denial-of-service condition.\");\n\n script_tag(name:\"affected\", value:\"X11,\n\n ATS,\n\n PHP,\n\n HFS,\n\n Ruby,\n\n Samba,\n\n bzip2,\n\n Kernel,\n\n AirPort,\n\n Apache,\n\n ClamAV,\n\n Mailman,\n\n Libinfo,\n\n libxml,\n\n ImageIO,\n\n Kerberos,\n\n CoreText,\n\n Terminal,\n\n Installer,\n\n QuickLook,\n\n QuickTime,\n\n Image RAW,\n\n Subversion,\n\n CarbonCore,\n\n AppleScript,\n\n File Quarantine\");\n\n script_tag(name:\"insight\", value:\"Please see the references for more information on the vulnerabilities.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mac OS X 10.6.7 or Run Mac Updates and update the Security\n Update 2011-001\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Mac OS X 10.6.6 Update/Mac OS X Security Update 2011-001.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-macosx.inc\");\ninclude(\"version_func.inc\");\n\nosName = get_kb_item( \"ssh/login/osx_name\" );\nif( ! osName ) exit( 0 );\n\nosVer = get_kb_item( \"ssh/login/osx_version\" );\nif( ! osVer ) exit( 0 );\n\nif( \"Mac OS X\" >< osName || \"Mac OS X Server\" >< osName ) {\n if( version_is_less_equal( version:osVer, test_version:\"10.5.8\" ) ||\n version_in_range( version:osVer, test_version:\"10.6\", test_version2:\"10.6.6\" ) ) {\n if( isosxpkgvuln( fixed:\"com.apple.pkg.update.security.\", diff:\"2011.001\" ) ) {\n report = report_fixed_ver( installed_version:osName + \" \" + osVer, fixed_version:\"Install the missing security update 2011.001\" );\n security_message( port:0, data:report );\n exit( 0 );\n }\n }\n}\n\nexit( 99 );\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:00", "description": "The remote host is missing updates announced in\nadvisory GLSA 201110-06.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201110-06 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0421", "CVE-2011-0752", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2010-1129", "CVE-2010-2225", "CVE-2010-1868", "CVE-2011-1148", "CVE-2010-2484", "CVE-2010-2097", "CVE-2011-1466", "CVE-2010-2531", "CVE-2011-3189", "CVE-2010-3065", "CVE-2010-2191", "CVE-2011-1938", "CVE-2010-4697", "CVE-2010-1866", "CVE-2010-1915", "CVE-2011-1092", "CVE-2010-4698", "CVE-2011-2483", "CVE-2006-7243", "CVE-2011-0753", "CVE-2010-4645", "CVE-2010-3436", "CVE-2010-2093", "CVE-2011-1657", "CVE-2011-0708", "CVE-2010-3870", "CVE-2011-3268", "CVE-2010-1861", "CVE-2010-2190", "CVE-2010-3063", "CVE-2011-3182", "CVE-2010-2101", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-3062", "CVE-2010-1914", "CVE-2011-1470", "CVE-2010-1860", "CVE-2010-2094", "CVE-2010-3709", "CVE-2010-3064", "CVE-2011-1469", "CVE-2009-5016", "CVE-2011-3267", "CVE-2010-3710", "CVE-2010-4150", "CVE-2011-1464", "CVE-2011-0755", "CVE-2010-4699", "CVE-2010-1130", "CVE-2010-2100", "CVE-2011-2202", "CVE-2010-2950", "CVE-2010-4700", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-1864", "CVE-2010-4409", "CVE-2010-1862"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231070769", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070769", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201110_06.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70769\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2009-5016\", \"CVE-2010-1128\", \"CVE-2010-1129\", \"CVE-2010-1130\", \"CVE-2010-1860\", \"CVE-2010-1861\", \"CVE-2010-1862\", \"CVE-2010-1864\", \"CVE-2010-1866\", \"CVE-2010-1868\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\", \"CVE-2010-2093\", \"CVE-2010-2094\", \"CVE-2010-2097\", \"CVE-2010-2100\", \"CVE-2010-2101\", \"CVE-2010-2190\", \"CVE-2010-2191\", \"CVE-2010-2225\", \"CVE-2010-2484\", \"CVE-2010-2531\", \"CVE-2010-2950\", \"CVE-2010-3062\", \"CVE-2010-3063\", \"CVE-2010-3064\", \"CVE-2010-3065\", \"CVE-2010-3436\", \"CVE-2010-3709\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4150\", \"CVE-2010-4409\", \"CVE-2010-4645\", \"CVE-2010-4697\", \"CVE-2010-4698\", \"CVE-2010-4699\", \"CVE-2010-4700\", \"CVE-2011-0420\", \"CVE-2011-0421\", \"CVE-2011-0708\", \"CVE-2011-0752\", \"CVE-2011-0753\", \"CVE-2011-0755\", \"CVE-2011-1092\", \"CVE-2011-1148\", \"CVE-2011-1153\", \"CVE-2011-1464\", \"CVE-2011-1466\", \"CVE-2011-1467\", \"CVE-2011-1468\", \"CVE-2011-1469\", \"CVE-2011-1470\", \"CVE-2011-1471\", \"CVE-2011-1657\", \"CVE-2011-1938\", \"CVE-2011-2202\", \"CVE-2011-2483\", \"CVE-2011-3182\", \"CVE-2011-3189\", \"CVE-2011-3267\", \"CVE-2011-3268\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:39 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201110-06 (php)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities were found in PHP, the worst of which\n leading to remote execution of arbitrary code.\");\n script_tag(name:\"solution\", value:\"All PHP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.3.8'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201110-06\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=306939\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=332039\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=340807\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=350908\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=355399\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=358791\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=358975\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=369071\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=372745\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=373965\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=380261\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201110-06.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.3.8\"), vulnerable: make_list(\"lt 5.3.8\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:51:09", "description": "The remote host is missing updates announced in\nadvisory GLSA 201110-06.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201110-06 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0421", "CVE-2011-0752", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2010-1129", "CVE-2010-2225", "CVE-2010-1868", "CVE-2011-1148", "CVE-2010-2484", "CVE-2010-2097", "CVE-2011-1466", "CVE-2010-2531", "CVE-2011-3189", "CVE-2010-3065", "CVE-2010-2191", "CVE-2011-1938", "CVE-2010-4697", "CVE-2010-1866", "CVE-2010-1915", "CVE-2011-1092", "CVE-2010-4698", "CVE-2011-2483", "CVE-2006-7243", "CVE-2011-0753", "CVE-2010-4645", "CVE-2010-3436", "CVE-2010-2093", "CVE-2011-1657", "CVE-2011-0708", "CVE-2010-3870", "CVE-2011-3268", "CVE-2010-1861", "CVE-2010-2190", "CVE-2010-3063", "CVE-2011-3182", "CVE-2010-2101", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-3062", "CVE-2010-1914", "CVE-2011-1470", "CVE-2010-1860", "CVE-2010-2094", "CVE-2010-3709", "CVE-2010-3064", "CVE-2011-1469", "CVE-2009-5016", "CVE-2011-3267", "CVE-2010-3710", "CVE-2010-4150", "CVE-2011-1464", "CVE-2011-0755", "CVE-2010-4699", "CVE-2010-1130", "CVE-2010-2100", "CVE-2011-2202", "CVE-2010-2950", "CVE-2010-4700", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-1864", "CVE-2010-4409", "CVE-2010-1862"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:70769", "href": "http://plugins.openvas.org/nasl.php?oid=70769", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were found in PHP, the worst of which\n leading to remote execution of arbitrary code.\";\ntag_solution = \"All PHP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.3.8'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201110-06\nhttp://bugs.gentoo.org/show_bug.cgi?id=306939\nhttp://bugs.gentoo.org/show_bug.cgi?id=332039\nhttp://bugs.gentoo.org/show_bug.cgi?id=340807\nhttp://bugs.gentoo.org/show_bug.cgi?id=350908\nhttp://bugs.gentoo.org/show_bug.cgi?id=355399\nhttp://bugs.gentoo.org/show_bug.cgi?id=358791\nhttp://bugs.gentoo.org/show_bug.cgi?id=358975\nhttp://bugs.gentoo.org/show_bug.cgi?id=369071\nhttp://bugs.gentoo.org/show_bug.cgi?id=372745\nhttp://bugs.gentoo.org/show_bug.cgi?id=373965\nhttp://bugs.gentoo.org/show_bug.cgi?id=380261\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201110-06.\";\n\n \n \nif(description)\n{\n script_id(70769);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2009-5016\", \"CVE-2010-1128\", \"CVE-2010-1129\", \"CVE-2010-1130\", \"CVE-2010-1860\", \"CVE-2010-1861\", \"CVE-2010-1862\", \"CVE-2010-1864\", \"CVE-2010-1866\", \"CVE-2010-1868\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\", \"CVE-2010-2093\", \"CVE-2010-2094\", \"CVE-2010-2097\", \"CVE-2010-2100\", \"CVE-2010-2101\", \"CVE-2010-2190\", \"CVE-2010-2191\", \"CVE-2010-2225\", \"CVE-2010-2484\", \"CVE-2010-2531\", \"CVE-2010-2950\", \"CVE-2010-3062\", \"CVE-2010-3063\", \"CVE-2010-3064\", \"CVE-2010-3065\", \"CVE-2010-3436\", \"CVE-2010-3709\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4150\", \"CVE-2010-4409\", \"CVE-2010-4645\", \"CVE-2010-4697\", \"CVE-2010-4698\", \"CVE-2010-4699\", \"CVE-2010-4700\", \"CVE-2011-0420\", \"CVE-2011-0421\", \"CVE-2011-0708\", \"CVE-2011-0752\", \"CVE-2011-0753\", \"CVE-2011-0755\", \"CVE-2011-1092\", \"CVE-2011-1148\", \"CVE-2011-1153\", \"CVE-2011-1464\", \"CVE-2011-1466\", \"CVE-2011-1467\", \"CVE-2011-1468\", \"CVE-2011-1469\", \"CVE-2011-1470\", \"CVE-2011-1471\", \"CVE-2011-1657\", \"CVE-2011-1938\", \"CVE-2011-2202\", \"CVE-2011-2483\", \"CVE-2011-3182\", \"CVE-2011-3189\", \"CVE-2011-3267\", \"CVE-2011-3268\");\n script_version(\"$Revision: 6593 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:18:14 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:39 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201110-06 (php)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.3.8\"), vulnerable: make_list(\"lt 5.3.8\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2023-12-02T15:31:23", "description": "The following DoS condition in filter extension was fixed in PHP 5.3.4 and PHP 5.2.15 :\n\nStack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string.", "cvss3": {}, "published": "2011-01-13T00:00:00", "type": "nessus", "title": "FreeBSD : php-filter -- Denial of Service (c623f058-10e7-11e0-becc-0022156e8794)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3710"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:php5-filter", "p-cpe:/a:freebsd:freebsd:php52-filter", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_C623F05810E711E0BECC0022156E8794.NASL", "href": "https://www.tenable.com/plugins/nessus/51507", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51507);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-3710\");\n\n script_name(english:\"FreeBSD : php-filter -- Denial of Service (c623f058-10e7-11e0-becc-0022156e8794)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following DoS condition in filter extension was fixed in PHP 5.3.4\nand PHP 5.2.15 :\n\nStack consumption vulnerability in the filter_var function in PHP\n5.2.x through 5.2.14 and 5.3.x through 5.3.3, when\nFILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a\ndenial of service (memory consumption and application crash) via a\nlong e-mail address string.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/releases/5_3_4.php\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/releases/5_2_15.php\"\n );\n # https://vuxml.freebsd.org/freebsd/c623f058-10e7-11e0-becc-0022156e8794.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3f2423c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php5-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php52-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"php5-filter<5.3.4\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php52-filter<5.2.15\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-03T15:01:29", "description": "The following issues have been fixed :\n\n - Insufficient handling of certain character sequences in the utf8_decode() function could be leveraged to conduct cross-site scripting (XSS) attacks. (CVE-2010-3870)\n\n - php5 could also consume large amounts of memory and crash if a long mail address was passed to filter_var() with the parameter FILTER_VALIDATE_EMAIL.\n (CVE-2010-3710)", "cvss3": {}, "published": "2010-12-03T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : PHP5 (ZYPP Patch Number 7221)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3710", "CVE-2010-3870"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_APACHE2-MOD_PHP5-7221.NASL", "href": "https://www.tenable.com/plugins/nessus/50975", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50975);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-3870\");\n\n script_name(english:\"SuSE 10 Security Update : PHP5 (ZYPP Patch Number 7221)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following issues have been fixed :\n\n - Insufficient handling of certain character sequences in\n the utf8_decode() function could be leveraged to conduct\n cross-site scripting (XSS) attacks. (CVE-2010-3870)\n\n - php5 could also consume large amounts of memory and\n crash if a long mail address was passed to filter_var()\n with the parameter FILTER_VALIDATE_EMAIL.\n (CVE-2010-3710)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3710.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3870.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7221.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"apache2-mod_php5-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-bcmath-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-bz2-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-calendar-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-ctype-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-curl-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-dba-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-dbase-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-devel-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-dom-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-exif-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-fastcgi-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-ftp-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-gd-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-gettext-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-gmp-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-hash-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-iconv-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-imap-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-json-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-ldap-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-mbstring-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-mcrypt-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-mhash-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-mysql-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-ncurses-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-odbc-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-openssl-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-pcntl-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-pdo-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-pear-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-pgsql-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-posix-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-pspell-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-shmop-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-snmp-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-soap-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-sockets-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-sqlite-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-suhosin-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-sysvmsg-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-sysvsem-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-sysvshm-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-tokenizer-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-wddx-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-xmlreader-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-xmlrpc-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-xsl-5.2.14-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"php5-zlib-5.2.14-0.8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:31:33", "description": "Insufficient handling of certain character sequences in the utf8_decode() function could be leveraged to conduct cross-site-scripting (XSS) attacks (CVE-2010-3870). php5 could also consume large amounts of memory and crash if a long mail address was passed to filter_var() with parmeter FILTER_VALIDATE_EMAIL (CVE-2010-3710).", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:1012-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3710", "CVE-2010-3870"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-hash", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-ldap", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-zlib", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_APACHE2-MOD_PHP5-101110.NASL", "href": "https://www.tenable.com/plugins/nessus/75430", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update apache2-mod_php5-3485.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75430);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-3870\");\n\n script_name(english:\"openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:1012-1)\");\n script_summary(english:\"Check for the apache2-mod_php5-3485 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Insufficient handling of certain character sequences in the\nutf8_decode() function could be leveraged to conduct\ncross-site-scripting (XSS) attacks (CVE-2010-3870). php5 could also\nconsume large amounts of memory and crash if a long mail address was\npassed to filter_var() with parmeter FILTER_VALIDATE_EMAIL\n(CVE-2010-3710).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=650700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-12/msg00006.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2-mod_php5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"apache2-mod_php5-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-bcmath-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-bz2-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-calendar-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-ctype-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-curl-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-dba-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-devel-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-dom-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-enchant-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-exif-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-fastcgi-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-fileinfo-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-ftp-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-gd-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-gettext-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-gmp-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-hash-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-iconv-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-imap-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-intl-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-json-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-ldap-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-mbstring-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-mcrypt-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-mysql-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-odbc-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-openssl-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-pcntl-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-pdo-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-pear-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-pgsql-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-phar-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-posix-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-pspell-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-readline-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-shmop-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-snmp-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-soap-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-sockets-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-sqlite-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-suhosin-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-sysvmsg-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-sysvsem-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-sysvshm-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-tidy-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-tokenizer-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-wddx-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-xmlreader-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-xmlrpc-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-xmlwriter-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-xsl-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-zip-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-zlib-5.3.3-0.7.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / php5 / php5-bcmath / php5-bz2 / php5-calendar / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-03T15:02:52", "description": "The following issues have been fixed :\n\n - Insufficient handling of certain character sequences in the utf8_decode() function could be leveraged to conduct cross-site scripting (XSS) attacks. (CVE-2010-3870)\n\n - php5 could also consume large amounts of memory and crash if a long mail address was passed to filter_var() with parmeter FILTER_VALIDATE_EMAIL. (CVE-2010-3710)", "cvss3": {}, "published": "2010-12-03T00:00:00", "type": "nessus", "title": "SuSE 11 / 11.1 Security Update : PHP5 (SAT Patch Numbers 3489 / 3490)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3710", "CVE-2010-3870"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:apache2-mod_php5", "p-cpe:/a:novell:suse_linux:11:php5", "p-cpe:/a:novell:suse_linux:11:php5-bcmath", "p-cpe:/a:novell:suse_linux:11:php5-bz2", "p-cpe:/a:novell:suse_linux:11:php5-calendar", "p-cpe:/a:novell:suse_linux:11:php5-ctype", "p-cpe:/a:novell:suse_linux:11:php5-curl", "p-cpe:/a:novell:suse_linux:11:php5-dba", "p-cpe:/a:novell:suse_linux:11:php5-dbase", "p-cpe:/a:novell:suse_linux:11:php5-dom", "p-cpe:/a:novell:suse_linux:11:php5-exif", "p-cpe:/a:novell:suse_linux:11:php5-fastcgi", "p-cpe:/a:novell:suse_linux:11:php5-ftp", "p-cpe:/a:novell:suse_linux:11:php5-gd", "p-cpe:/a:novell:suse_linux:11:php5-gettext", "p-cpe:/a:novell:suse_linux:11:php5-gmp", "p-cpe:/a:novell:suse_linux:11:php5-hash", "p-cpe:/a:novell:suse_linux:11:php5-iconv", "p-cpe:/a:novell:suse_linux:11:php5-json", "p-cpe:/a:novell:suse_linux:11:php5-ldap", "p-cpe:/a:novell:suse_linux:11:php5-mbstring", "p-cpe:/a:novell:suse_linux:11:php5-mcrypt", "p-cpe:/a:novell:suse_linux:11:php5-mysql", "p-cpe:/a:novell:suse_linux:11:php5-pgsql", "p-cpe:/a:novell:suse_linux:11:php5-odbc", "p-cpe:/a:novell:suse_linux:11:php5-pspell", "p-cpe:/a:novell:suse_linux:11:php5-openssl", "p-cpe:/a:novell:suse_linux:11:php5-shmop", "p-cpe:/a:novell:suse_linux:11:php5-pcntl", "p-cpe:/a:novell:suse_linux:11:php5-snmp", "p-cpe:/a:novell:suse_linux:11:php5-pdo", "p-cpe:/a:novell:suse_linux:11:php5-pear", "p-cpe:/a:novell:suse_linux:11:php5-soap", "p-cpe:/a:novell:suse_linux:11:php5-suhosin", "p-cpe:/a:novell:suse_linux:11:php5-sysvmsg", "p-cpe:/a:novell:suse_linux:11:php5-sysvsem", "p-cpe:/a:novell:suse_linux:11:php5-sysvshm", "p-cpe:/a:novell:suse_linux:11:php5-tokenizer", "p-cpe:/a:novell:suse_linux:11:php5-wddx", "p-cpe:/a:novell:suse_linux:11:php5-xmlreader", "p-cpe:/a:novell:suse_linux:11:php5-xmlrpc", "p-cpe:/a:novell:suse_linux:11:php5-xmlwriter", "p-cpe:/a:novell:suse_linux:11:php5-xsl", "p-cpe:/a:novell:suse_linux:11:php5-zip", "p-cpe:/a:novell:suse_linux:11:php5-zlib", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_APACHE2-MOD_PHP5-101105.NASL", "href": "https://www.tenable.com/plugins/nessus/50973", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50973);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-3870\");\n\n script_name(english:\"SuSE 11 / 11.1 Security Update : PHP5 (SAT Patch Numbers 3489 / 3490)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following issues have been fixed :\n\n - Insufficient handling of certain character sequences in\n the utf8_decode() function could be leveraged to conduct\n cross-site scripting (XSS) attacks. (CVE-2010-3870)\n\n - php5 could also consume large amounts of memory and\n crash if a long mail address was passed to filter_var()\n with parmeter FILTER_VALIDATE_EMAIL. (CVE-2010-3710)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=649210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=650700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3710.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3870.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 3489 / 3490 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-dbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"apache2-mod_php5-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-bcmath-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-bz2-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-calendar-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-ctype-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-curl-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-dba-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-dbase-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-dom-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-exif-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-fastcgi-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-ftp-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-gd-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-gettext-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-gmp-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-hash-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-iconv-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-json-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-ldap-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-mbstring-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-mcrypt-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-mysql-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-odbc-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-openssl-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-pcntl-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-pdo-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-pear-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-pgsql-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-pspell-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-shmop-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-snmp-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-soap-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-suhosin-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-sysvmsg-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-sysvsem-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-sysvshm-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-tokenizer-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-wddx-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-xmlreader-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-xmlrpc-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-xmlwriter-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-xsl-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-zip-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"php5-zlib-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"apache2-mod_php5-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-bcmath-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-bz2-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-calendar-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-ctype-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-curl-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-dba-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-dbase-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-dom-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-exif-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-fastcgi-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-ftp-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-gd-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-gettext-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-gmp-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-hash-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-iconv-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-json-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-ldap-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-mbstring-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-mcrypt-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-mysql-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-odbc-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-openssl-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-pcntl-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-pdo-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-pear-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-pgsql-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-pspell-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-shmop-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-snmp-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-soap-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-suhosin-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-sysvmsg-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-sysvsem-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-sysvshm-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-tokenizer-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-wddx-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-xmlreader-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-xmlrpc-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-xmlwriter-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-xsl-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-zip-5.2.14-0.7.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"php5-zlib-5.2.14-0.7.13.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:37:56", "description": "Insufficient handling of certain character sequences in the utf8_decode() function could be leveraged to conduct cross-site-scripting (XSS) attacks (CVE-2010-3870). php5 could also consume large amounts of memory and crash if a long mail address was passed to filter_var() with parmeter FILTER_VALIDATE_EMAIL (CVE-2010-3710).", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:1012-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3710", "CVE-2010-3870"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-dbase", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-hash", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-ldap", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-zlib", "p-cpe:/a:novell:opensuse:php5-mysql", "cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:php5-ncurses", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-sysvshm"], "id": "SUSE_11_1_APACHE2-MOD_PHP5-101105.NASL", "href": "https://www.tenable.com/plugins/nessus/53652", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update apache2-mod_php5-3485.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53652);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-3870\");\n\n script_name(english:\"openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:1012-1)\");\n script_summary(english:\"Check for the apache2-mod_php5-3485 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Insufficient handling of certain character sequences in the\nutf8_decode() function could be leveraged to conduct\ncross-site-scripting (XSS) attacks (CVE-2010-3870). php5 could also\nconsume large amounts of memory and crash if a long mail address was\npassed to filter_var() with parmeter FILTER_VALIDATE_EMAIL\n(CVE-2010-3710).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=650700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-12/msg00006.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2-mod_php5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"apache2-mod_php5-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-bcmath-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-bz2-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-calendar-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-ctype-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-curl-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-dba-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-dbase-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-devel-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-dom-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-exif-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-fastcgi-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-ftp-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-gd-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-gettext-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-gmp-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-hash-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-iconv-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-imap-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-json-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-ldap-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-mbstring-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-mcrypt-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-mysql-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-ncurses-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-odbc-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-openssl-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-pcntl-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-pdo-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-pear-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-pgsql-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-posix-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-pspell-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-readline-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-shmop-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-snmp-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-soap-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-sockets-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-sqlite-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-suhosin-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-sysvmsg-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-sysvsem-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-sysvshm-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-tidy-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-tokenizer-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-wddx-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-xmlreader-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-xmlrpc-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-xmlwriter-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-xsl-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-zip-5.2.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"php5-zlib-5.2.14-0.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / php5 / php5-bcmath / php5-bz2 / php5-calendar / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:39:38", "description": "Insufficient handling of certain character sequences in the utf8_decode() function could be leveraged to conduct cross-site-scripting (XSS) attacks (CVE-2010-3870). php5 could also consume large amounts of memory and crash if a long mail address was passed to filter_var() with parmeter FILTER_VALIDATE_EMAIL (CVE-2010-3710).", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:1012-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3710", "CVE-2010-3870"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-hash", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-ldap", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-zlib", "cpe:/o:novell:opensuse:11.2"], "id": "SUSE_11_2_APACHE2-MOD_PHP5-101110.NASL", "href": "https://www.tenable.com/plugins/nessus/53694", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update apache2-mod_php5-3485.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53694);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-3870\");\n\n script_name(english:\"openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:1012-1)\");\n script_summary(english:\"Check for the apache2-mod_php5-3485 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Insufficient handling of certain character sequences in the\nutf8_decode() function could be leveraged to conduct\ncross-site-scripting (XSS) attacks (CVE-2010-3870). php5 could also\nconsume large amounts of memory and crash if a long mail address was\npassed to filter_var() with parmeter FILTER_VALIDATE_EMAIL\n(CVE-2010-3710).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=650700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-12/msg00006.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2-mod_php5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"apache2-mod_php5-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-bcmath-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-bz2-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-calendar-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-ctype-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-curl-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-dba-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-devel-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-dom-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-enchant-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-exif-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-fastcgi-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-fileinfo-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-ftp-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-gd-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-gettext-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-gmp-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-hash-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-iconv-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-imap-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-intl-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-json-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-ldap-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-mbstring-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-mcrypt-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-mysql-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-odbc-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-openssl-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-pcntl-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-pdo-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-pear-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-pgsql-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-phar-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-posix-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-pspell-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-readline-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-shmop-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-snmp-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-soap-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-sockets-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-sqlite-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-suhosin-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-sysvmsg-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-sysvsem-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-sysvshm-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-tidy-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-tokenizer-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-wddx-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-xmlreader-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-xmlrpc-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-xmlwriter-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-xsl-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-zip-5.3.3-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"php5-zlib-5.3.3-0.7.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / php5 / php5-bcmath / php5-bz2 / php5-calendar / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-01T14:58:41", "description": "Updated php53 packages that fix three security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nA flaw was found in the way PHP converted certain floating point values from string representation to a number. If a PHP script evaluated an attacker's input in a numeric context, the PHP interpreter could cause high CPU usage until the script execution time limit is reached. This issue only affected i386 systems.\n(CVE-2010-4645)\n\nA stack memory exhaustion flaw was found in the way the PHP filter_var() function validated email addresses. An attacker could use this flaw to crash the PHP interpreter by providing excessively long input to be validated as an email address. (CVE-2010-3710)\n\nA memory disclosure flaw was found in the PHP multi-byte string extension. If the mb_strcut() function was called with a length argument exceeding the input string size, the function could disclose a portion of the PHP interpreter's memory. (CVE-2010-4156)\n\nAll php53 users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {}, "published": "2011-02-04T00:00:00", "type": "nessus", "title": "RHEL 5 : php53 (RHSA-2011:0196)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3710", "CVE-2010-4156", "CVE-2010-4645"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:php53", "p-cpe:/a:redhat:enterprise_linux:php53-bcmath", "p-cpe:/a:redhat:enterprise_linux:php53-cli", "p-cpe:/a:redhat:enterprise_linux:php53-common", "p-cpe:/a:redhat:enterprise_linux:php53-dba", "p-cpe:/a:redhat:enterprise_linux:php53-devel", "p-cpe:/a:redhat:enterprise_linux:php53-gd", "p-cpe:/a:redhat:enterprise_linux:php53-imap", "p-cpe:/a:redhat:enterprise_linux:php53-intl", "p-cpe:/a:redhat:enterprise_linux:php53-ldap", "p-cpe:/a:redhat:enterprise_linux:php53-mbstring", "p-cpe:/a:redhat:enterprise_linux:php53-mysql", "p-cpe:/a:redhat:enterprise_linux:php53-odbc", "p-cpe:/a:redhat:enterprise_linux:php53-pdo", "p-cpe:/a:redhat:enterprise_linux:php53-pgsql", "p-cpe:/a:redhat:enterprise_linux:php53-process", "p-cpe:/a:redhat:enterprise_linux:php53-pspell", "p-cpe:/a:redhat:enterprise_linux:php53-snmp", "p-cpe:/a:redhat:enterprise_linux:php53-soap", "p-cpe:/a:redhat:enterprise_linux:php53-xml", "p-cpe:/a:redhat:enterprise_linux:php53-xmlrpc", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.6"], "id": "REDHAT-RHSA-2011-0196.NASL", "href": "https://www.tenable.com/plugins/nessus/51867", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0196. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51867);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-4156\", \"CVE-2010-4645\");\n script_bugtraq_id(43926, 44727, 45668);\n script_xref(name:\"RHSA\", value:\"2011:0196\");\n\n script_name(english:\"RHEL 5 : php53 (RHSA-2011:0196)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php53 packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA flaw was found in the way PHP converted certain floating point\nvalues from string representation to a number. If a PHP script\nevaluated an attacker's input in a numeric context, the PHP\ninterpreter could cause high CPU usage until the script execution time\nlimit is reached. This issue only affected i386 systems.\n(CVE-2010-4645)\n\nA stack memory exhaustion flaw was found in the way the PHP\nfilter_var() function validated email addresses. An attacker could use\nthis flaw to crash the PHP interpreter by providing excessively long\ninput to be validated as an email address. (CVE-2010-3710)\n\nA memory disclosure flaw was found in the PHP multi-byte string\nextension. If the mb_strcut() function was called with a length\nargument exceeding the input string size, the function could disclose\na portion of the PHP interpreter's memory. (CVE-2010-4156)\n\nAll php53 users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-4156\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-4645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0196\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/02/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0196\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-bcmath-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-bcmath-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-bcmath-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-cli-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-cli-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-cli-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-common-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-common-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-common-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-dba-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-dba-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-dba-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-devel-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-devel-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-devel-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-gd-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-gd-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-gd-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-imap-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-imap-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-imap-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-intl-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-intl-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-intl-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-ldap-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-ldap-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-ldap-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-mbstring-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-mbstring-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-mbstring-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-mysql-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-mysql-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-mysql-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-odbc-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-odbc-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-odbc-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-pdo-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-pdo-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-pdo-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-pgsql-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-pgsql-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-pgsql-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-process-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-process-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-process-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-pspell-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-pspell-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-pspell-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-snmp-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-snmp-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-snmp-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-soap-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-soap-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-soap-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-xml-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-xml-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-xml-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-xmlrpc-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-xmlrpc-5.3.3-1.el5_6.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-xmlrpc-5.3.3-1.el5_6.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53 / php53-bcmath / php53-cli / php53-common / php53-dba / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-03T16:06:39", "description": "A flaw was found in the way PHP converted certain floating point values from string representation to a number. If a PHP script evaluated an attacker's input in a numeric context, the PHP interpreter could cause high CPU usage until the script execution time limit is reached. This issue only affected i386 systems.\n(CVE-2010-4645)\n\nA stack memory exhaustion flaw was found in the way the PHP filter_var() function validated email addresses. An attacker could use this flaw to crash the PHP interpreter by providing excessively long input to be validated as an email address. (CVE-2010-3710)\n\nA memory disclosure flaw was found in the PHP multi-byte string extension. If the mb_strcut() function was called with a length argument exceeding the input string size, the function could disclose a portion of the PHP interpreter's memory. (CVE-2010-4156)\n\nAfter installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : php53 on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3710", "CVE-2010-4156", "CVE-2010-4645"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110203_PHP53_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60948", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60948);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-4156\", \"CVE-2010-4645\");\n\n script_name(english:\"Scientific Linux Security Update : php53 on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way PHP converted certain floating point\nvalues from string representation to a number. If a PHP script\nevaluated an attacker's input in a numeric context, the PHP\ninterpreter could cause high CPU usage until the script execution time\nlimit is reached. This issue only affected i386 systems.\n(CVE-2010-4645)\n\nA stack memory exhaustion flaw was found in the way the PHP\nfilter_var() function validated email addresses. An attacker could use\nthis flaw to crash the PHP interpreter by providing excessively long\ninput to be validated as an email address. (CVE-2010-3710)\n\nA memory disclosure flaw was found in the PHP multi-byte string\nextension. If the mb_strcut() function was called with a length\nargument exceeding the input string size, the function could disclose\na portion of the PHP interpreter's memory. (CVE-2010-4156)\n\nAfter installing the updated packages, the httpd daemon must be\nrestarted for the update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1102&L=scientific-linux-errata&T=0&P=619\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3c521b3d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"php53-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-bcmath-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-cli-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-common-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-dba-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-devel-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-gd-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-imap-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-intl-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-ldap-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-mbstring-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-mysql-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-odbc-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-pdo-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-pgsql-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-process-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-pspell-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-snmp-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-soap-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-xml-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-xmlrpc-5.3.3-1.el5_6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:11:37", "description": "From Red Hat Security Advisory 2011:0196 :\n\nUpdated php53 packages that fix three security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nA flaw was found in the way PHP converted certain floating point values from string representation to a number. If a PHP script evaluated an attacker's input in a numeric context, the PHP interpreter could cause high CPU usage until the script execution time limit is reached. This issue only affected i386 systems.\n(CVE-2010-4645)\n\nA stack memory exhaustion flaw was found in the way the PHP filter_var() function validated email addresses. An attacker could use this flaw to crash the PHP interpreter by providing excessively long input to be validated as an email address. (CVE-2010-3710)\n\nA memory disclosure flaw was found in the PHP multi-byte string extension. If the mb_strcut() function was called with a length argument exceeding the input string size, the function could disclose a portion of the PHP interpreter's memory. (CVE-2010-4156)\n\nAll php53 users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : php53 (ELSA-2011-0196)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3710", "CVE-2010-4156", "CVE-2010-4645"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:php53", "p-cpe:/a:oracle:linux:php53-bcmath", "p-cpe:/a:oracle:linux:php53-cli", "p-cpe:/a:oracle:linux:php53-common", "p-cpe:/a:oracle:linux:php53-dba", "p-cpe:/a:oracle:linux:php53-devel", "p-cpe:/a:oracle:linux:php53-gd", "p-cpe:/a:oracle:linux:php53-imap", "p-cpe:/a:oracle:linux:php53-intl", "p-cpe:/a:oracle:linux:php53-ldap", "p-cpe:/a:oracle:linux:php53-mbstring", "p-cpe:/a:oracle:linux:php53-mysql", "p-cpe:/a:oracle:linux:php53-odbc", "p-cpe:/a:oracle:linux:php53-pdo", "p-cpe:/a:oracle:linux:php53-pgsql", "p-cpe:/a:oracle:linux:php53-process", "p-cpe:/a:oracle:linux:php53-pspell", "p-cpe:/a:oracle:linux:php53-snmp", "p-cpe:/a:oracle:linux:php53-soap", "p-cpe:/a:oracle:linux:php53-xml", "p-cpe:/a:oracle:linux:php53-xmlrpc", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2011-0196.NASL", "href": "https://www.tenable.com/plugins/nessus/68192", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0196 and \n# Oracle Linux Security Advisory ELSA-2011-0196 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68192);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-4156\", \"CVE-2010-4645\");\n script_bugtraq_id(43926, 44727, 45668);\n script_xref(name:\"RHSA\", value:\"2011:0196\");\n\n script_name(english:\"Oracle Linux 5 : php53 (ELSA-2011-0196)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0196 :\n\nUpdated php53 packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA flaw was found in the way PHP converted certain floating point\nvalues from string representation to a number. If a PHP script\nevaluated an attacker's input in a numeric context, the PHP\ninterpreter could cause high CPU usage until the script execution time\nlimit is reached. This issue only affected i386 systems.\n(CVE-2010-4645)\n\nA stack memory exhaustion flaw was found in the way the PHP\nfilter_var() function validated email addresses. An attacker could use\nthis flaw to crash the PHP interpreter by providing excessively long\ninput to be validated as an email address. (CVE-2010-3710)\n\nA memory disclosure flaw was found in the PHP multi-byte string\nextension. If the mb_strcut() function was called with a length\nargument exceeding the input string size, the function could disclose\na portion of the PHP interpreter's memory. (CVE-2010-4156)\n\nAll php53 users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-February/001813.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php53 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"php53-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-bcmath-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-cli-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-common-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-dba-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-devel-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-gd-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-imap-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-intl-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-ldap-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-mbstring-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-mysql-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-odbc-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-pdo-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-pgsql-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-process-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-pspell-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-snmp-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-soap-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-xml-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-xmlrpc-5.3.3-1.el5_6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53 / php53-bcmath / php53-cli / php53-common / php53-dba / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:33:44", "description": "Multiple vulnerabilities were discovered and corrected in php :\n\nStack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string (CVE-2010-3710).\n\nA NULL pointer dereference was discovered in ZipArchive::getArchiveComment (CVE-2010-3709).\n\nA possible flaw was discovered in open_basedir (CVE-2010-3436).\n\nPackages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&amp;products_id=4 90\n\nThe updated packages have been patched to correct these issues.", "cvss3": {}, "published": "2010-11-01T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : php (MDVSA-2010:218)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3436", "CVE-2010-3709", "CVE-2010-3710"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64php5_common5", "p-cpe:/a:mandriva:linux:libphp5_common5", "p-cpe:/a:mandriva:linux:php-bcmath", "p-cpe:/a:mandriva:linux:php-bz2", "p-cpe:/a:mandriva:linux:php-calendar", "p-cpe:/a:mandriva:linux:php-cgi", "p-cpe:/a:mandriva:linux:php-cli", "p-cpe:/a:mandriva:linux:php-ctype", "p-cpe:/a:mandriva:linux:php-curl", "p-cpe:/a:mandriva:linux:php-dba", "p-cpe:/a:mandriva:linux:php-dbase", "p-cpe:/a:mandriva:linux:php-devel", "p-cpe:/a:mandriva:linux:php-doc", "p-cpe:/a:mandriva:linux:php-dom", "p-cpe:/a:mandriva:linux:php-enchant", "p-cpe:/a:mandriva:linux:php-exif", "p-cpe:/a:mandriva:linux:php-fcgi", "p-cpe:/a:mandriva:linux:php-fileinfo", "p-cpe:/a:mandriva:linux:php-filter", "p-cpe:/a:mandriva:linux:php-fpm", "p-cpe:/a:mandriva:linux:php-sysvshm", "p-cpe:/a:mandriva:linux:php-ftp", "p-cpe:/a:mandriva:linux:php-gd", "p-cpe:/a:mandriva:linux:php-tidy", "p-cpe:/a:mandriva:linux:php-gettext", "p-cpe:/a:mandriva:linux:php-gmp", "p-cpe:/a:mandriva:linux:php-hash", "p-cpe:/a:mandriva:linux:php-iconv", "p-cpe:/a:mandriva:linux:php-tokenizer", "p-cpe:/a:mandriva:linux:php-imap", "p-cpe:/a:mandriva:linux:php-intl", "p-cpe:/a:mandriva:linux:php-wddx", "p-cpe:/a:mandriva:linux:php-json", "p-cpe:/a:mandriva:linux:php-xml", "p-cpe:/a:mandriva:linux:php-ldap", "p-cpe:/a:mandriva:linux:php-xmlreader", "p-cpe:/a:mandriva:linux:php-mbstring", "p-cpe:/a:mandriva:linux:php-mcrypt", "p-cpe:/a:mandriva:linux:php-xmlrpc", "p-cpe:/a:mandriva:linux:php-mhash", "p-cpe:/a:mandriva:linux:php-xmlwriter", "p-cpe:/a:mandriva:linux:php-mime_magic", "p-cpe:/a:mandriva:linux:php-ming", "p-cpe:/a:mandriva:linux:php-xsl", "p-cpe:/a:mandriva:linux:php-mssql", "p-cpe:/a:mandriva:linux:php-mysql", "p-cpe:/a:mandriva:linux:php-zip", "p-cpe:/a:mandriva:linux:php-mysqli", "p-cpe:/a:mandriva:linux:php-zlib", "p-cpe:/a:mandriva:linux:php-ncurses", "p-cpe:/a:mandriva:linux:php-odbc", "cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:php-openssl", "p-cpe:/a:mandriva:linux:php-pcntl", "p-cpe:/a:mandriva:linux:php-pdo", "cpe:/o:mandriva:linux:2009.1", "p-cpe:/a:mandriva:linux:php-pdo_dblib", "p-cpe:/a:mandriva:linux:php-pdo_mysql", "cpe:/o:mandriva:linux:2010.0", "p-cpe:/a:mandriva:linux:php-pdo_odbc", "cpe:/o:mandriva:linux:2010.1", "p-cpe:/a:mandriva:linux:php-pdo_pgsql", "p-cpe:/a:mandriva:linux:php-pdo_sqlite", "p-cpe:/a:mandriva:linux:php-pgsql", "p-cpe:/a:mandriva:linux:php-posix", "p-cpe:/a:mandriva:linux:php-pspell", "p-cpe:/a:mandriva:linux:php-readline", "p-cpe:/a:mandriva:linux:php-recode", "p-cpe:/a:mandriva:linux:php-session", "p-cpe:/a:mandriva:linux:php-shmop", "p-cpe:/a:mandriva:linux:php-snmp", "p-cpe:/a:mandriva:linux:php-soap", "p-cpe:/a:mandriva:linux:php-sockets", "p-cpe:/a:mandriva:linux:php-sqlite", "p-cpe:/a:mandriva:linux:php-sqlite3", "p-cpe:/a:mandriva:linux:php-sybase", "p-cpe:/a:mandriva:linux:php-sybase_ct", "p-cpe:/a:mandriva:linux:php-sysvmsg", "p-cpe:/a:mandriva:linux:php-sysvsem"], "id": "MANDRIVA_MDVSA-2010-218.NASL", "href": "https://www.tenable.com/plugins/nessus/50429", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:218. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50429);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-3436\", \"CVE-2010-3709\", \"CVE-2010-3710\");\n script_xref(name:\"MDVSA\", value:\"2010:218\");\n\n script_name(english:\"Mandriva Linux Security Advisory : php (MDVSA-2010:218)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered and corrected in php :\n\nStack consumption vulnerability in the filter_var function in PHP\n5.2.x through 5.2.14 and 5.3.x through 5.3.3, when\nFILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a\ndenial of service (memory consumption and application crash) via a\nlong e-mail address string (CVE-2010-3710).\n\nA NULL pointer dereference was discovered in\nZipArchive::getArchiveComment (CVE-2010-3709).\n\nA possible flaw was discovered in open_basedir (CVE-2010-3436).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&amp;products_id=4\n90\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64php5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libphp5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mhash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mime_magic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ming\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sybase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sybase_ct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libphp5_common5-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-bcmath-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-bz2-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-calendar-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-cgi-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-cli-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-ctype-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-curl-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-dba-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-dbase-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-devel-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-dom-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-exif-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-fcgi-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-filter-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-ftp-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-gd-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-gettext-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-gmp-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-hash-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-iconv-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-imap-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-json-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-ldap-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mbstring-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mcrypt-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mhash-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mime_magic-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-ming-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mssql-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mysql-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-mysqli-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-ncurses-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-odbc-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-openssl-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pcntl-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pdo-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pdo_dblib-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pdo_mysql-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pdo_odbc-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pdo_pgsql-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pdo_sqlite-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pgsql-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-posix-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-pspell-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-readline-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-recode-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-session-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-shmop-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-snmp-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-soap-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-sockets-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-sqlite-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-sybase-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-sysvmsg-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-sysvsem-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-sysvshm-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-tidy-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-tokenizer-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-wddx-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-xml-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-xmlreader-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-xmlrpc-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-xmlwriter-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-xsl-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-zip-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"php-zlib-5.2.14-0.2mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libphp5_common5-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-bcmath-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-bz2-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-calendar-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-cgi-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-cli-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-ctype-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-curl-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-dba-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-dbase-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-devel-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-dom-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-exif-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-fcgi-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-filter-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-ftp-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-gd-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-gettext-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-gmp-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-hash-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-iconv-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-imap-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-json-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-ldap-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-mbstring-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-mcrypt-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-mhash-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-mime_magic-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-ming-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-mssql-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-mysql-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-mysqli-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-ncurses-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-odbc-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-openssl-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-pcntl-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-pdo-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-pdo_dblib-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-pdo_mysql-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-pdo_odbc-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-pdo_pgsql-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-pdo_sqlite-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-pgsql-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-posix-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-pspell-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-readline-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-recode-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-session-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-shmop-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-snmp-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-soap-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-sockets-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-sqlite-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-sybase-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-sysvmsg-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-sysvsem-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-sysvshm-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-tidy-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-tokenizer-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-wddx-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-xml-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-xmlreader-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-xmlrpc-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-xmlwriter-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-xsl-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-zip-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"php-zlib-5.2.14-0.2mdv2009.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libphp5_common5-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-bcmath-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-bz2-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-calendar-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-cgi-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-cli-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-ctype-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-curl-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-dba-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-devel-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-doc-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-dom-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-enchant-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-exif-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-fileinfo-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-filter-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-fpm-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-ftp-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-gd-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-gettext-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-gmp-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-hash-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-iconv-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-imap-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-intl-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-json-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-ldap-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-mbstring-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-mcrypt-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-mssql-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-mysql-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-mysqli-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-odbc-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-openssl-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pcntl-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pdo-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pdo_dblib-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pdo_mysql-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pdo_odbc-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pdo_pgsql-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pdo_sqlite-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pgsql-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-posix-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pspell-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-readline-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-recode-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-session-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-shmop-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-snmp-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-soap-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-sockets-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-sqlite3-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-sybase_ct-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-sysvmsg-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-sysvsem-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-sysvshm-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-tidy-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-tokenizer-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-wddx-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-xml-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-xmlreader-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-xmlrpc-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-xmlwriter-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-xsl-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-zip-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-zlib-5.3.3-0.2mdv2010.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libphp5_common5-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-bcmath-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-bz2-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-calendar-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-cgi-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-cli-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-ctype-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-curl-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-dba-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-devel-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-doc-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-dom-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-enchant-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-exif-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-fileinfo-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-filter-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-fpm-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-ftp-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-gd-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-gettext-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-gmp-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-hash-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-iconv-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-imap-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-intl-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-json-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-ldap-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mbstring-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mcrypt-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mssql-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mysql-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mysqli-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-odbc-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-openssl-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pcntl-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_dblib-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_mysql-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_odbc-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_pgsql-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_sqlite-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pgsql-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-posix-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pspell-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-readline-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-recode-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-session-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-shmop-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-snmp-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-soap-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sockets-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sqlite3-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sybase_ct-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sysvmsg-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sysvsem-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sysvshm-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-tidy-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-tokenizer-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-wddx-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xml-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xmlreader-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xmlrpc-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xmlwriter-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xsl-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-zip-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-zlib-5.3.3-0.2mdv2010.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-03T14:52:17", "description": "Updated php53 packages that fix three security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nA flaw was found in the way PHP converted certain floating point values from string representation to a number. If a PHP script evaluated an attacker's input in a numeric context, the PHP interpreter could cause high CPU usage until the script execution time limit is reached. This issue only affected i386 systems.\n(CVE-2010-4645)\n\nA stack memory exhaustion flaw was found in the way the PHP filter_var() function validated email addresses. An attacker could use this flaw to crash the PHP interpreter by providing excessively long input to be validated as an email address. (CVE-2010-3710)\n\nA memory disclosure flaw was found in the PHP multi-byte string extension. If the mb_strcut() function was called with a length argument exceeding the input string size, the function could disclose a portion of the PHP interpreter's memory. (CVE-2010-4156)\n\nAll php53 users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {}, "published": "2011-04-15T00:00:00", "type": "nessus", "title": "CentOS 5 : php53 (CESA-2011:0196)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3710", "CVE-2010-4156", "CVE-2010-4645"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:php53", "p-cpe:/a:centos:centos:php53-bcmath", "p-cpe:/a:centos:centos:php53-cli", "p-cpe:/a:centos:centos:php53-common", "p-cpe:/a:centos:centos:php53-dba", "p-cpe:/a:centos:centos:php53-devel", "p-cpe:/a:centos:centos:php53-gd", "p-cpe:/a:centos:centos:php53-imap", "p-cpe:/a:centos:centos:php53-intl", "p-cpe:/a:centos:centos:php53-ldap", "p-cpe:/a:centos:centos:php53-mbstring", "p-cpe:/a:centos:centos:php53-mysql", "p-cpe:/a:centos:centos:php53-odbc", "p-cpe:/a:centos:centos:php53-pdo", "p-cpe:/a:centos:centos:php53-pgsql", "p-cpe:/a:centos:centos:php53-process", "p-cpe:/a:centos:centos:php53-pspell", "p-cpe:/a:centos:centos:php53-snmp", "p-cpe:/a:centos:centos:php53-soap", "p-cpe:/a:centos:centos:php53-xml", "p-cpe:/a:centos:centos:php53-xmlrpc", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2011-0196.NASL", "href": "https://www.tenable.com/plugins/nessus/53416", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0196 and \n# CentOS Errata and Security Advisory 2011:0196 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53416);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-3710\", \"CVE-2010-4156\", \"CVE-2010-4645\");\n script_bugtraq_id(43926, 44727, 45668);\n script_xref(name:\"RHSA\", value:\"2011:0196\");\n\n script_name(english:\"CentOS 5 : php53 (CESA-2011:0196)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php53 packages that fix three security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA flaw was found in the way PHP converted certain floating point\nvalues from string representation to a number. If a PHP script\nevaluated an attacker's input in a numeric context, the PHP\ninterpreter could cause high CPU usage until the script execution time\nlimit is reached. This issue only affected i386 systems.\n(CVE-2010-4645)\n\nA stack memory exhaustion flaw was found in the way the PHP\nfilter_var() function validated email addresses. An attacker could use\nthis flaw to crash the PHP interpreter by providing excessively long\ninput to be validated as an email address. (CVE-2010-3710)\n\nA memory disclosure flaw was found in the PHP multi-byte string\nextension. If the mb_strcut() function was called with a length\nargument exceeding the input string size, the function could disclose\na portion of the PHP interpreter's memory. (CVE-2010-4156)\n\nAll php53 users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-April/017379.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9629ba3f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-April/017380.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4e6a84dc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php53 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-bcmath-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-cli-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-common-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-dba-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-devel-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-gd-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-imap-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-intl-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-ldap-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-mbstring-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-mysql-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-odbc-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-pdo-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-pgsql-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-process-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-pspell-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-snmp-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-soap-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-xml-5.3.3-1.el5_6.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-xmlrpc-5.3.3-1.el5_6.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53 / php53-bcmath / php53-cli / php53-common / php53-dba / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-03T14:49:59", "description": "Stephane Chazelas discovered that the cronjob of the PHP 5 package in Debian suffers from a race condition which might be used to remove arbitrary files from a system (CVE-2011-0441 ).\n\nWhen upgrading your php5-common package take special care to acceptthe changes to the /etc/cron.d/php5 file. Ignoring them would leave the system vulnerable.", "cvss3": {}, "published": "2011-03-21T00:00:00", "type": "nessus", "title": "Debian DSA-2195-1 : php5 - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3709", "CVE-2010-3710", "CVE-2010-3870", "CVE-2010-4150", "CVE-2011-0441"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:php5", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2195.NASL", "href": "https://www.tenable.com/plugins/nessus/52719", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2195. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(52719);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-3709\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4150\", \"CVE-2011-0441\");\n script_bugtraq_id(43926, 44605, 44718, 44980);\n script_xref(name:\"DSA\", value:\"2195\");\n\n script_name(english:\"Debian DSA-2195-1 : php5 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Stephane Chazelas discovered that the cronjob of the PHP 5 package in\nDebian suffers from a race condition which might be used to remove\narbitrary files from a system (CVE-2011-0441 ).\n\nWhen upgrading your php5-common package take special care to acceptthe\nchanges to the /etc/cron.d/php5 file. Ignoring them would leave the\nsystem vulnerable.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-0441\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-4150\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/php5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2195\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the php5 packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 5.2.6.dfsg.1-1+lenny10.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 5.3.3-7+squeeze1.\n\nAdditionally, the following vulnerabilities have also been fixed in\nthe oldstable distribution (lenny) :\n\n - CVE-2010-3709\n Maksymilian Arciemowicz discovered that the ZipArchive\n class may dereference a NULL pointer when extracting\n comments from a ZIP archive, leading to application\n crash and possible denial of service.\n\n - CVE-2010-3710\n\n Stefan Neufeind discovered that the\n FILTER_VALIDATE_EMAIL filter does not correctly handle\n long, to be validated, strings. Such crafted strings may\n lead to denial of service because of high memory\n consumption and application crash.\n\n - CVE-2010-3870\n\n It was discovered that PHP does not correctly handle\n certain UTF-8 sequences and may be used to bypass XSS\n protections.\n\n - CVE-2010-4150\n\n Mateusz Kocielski discovered that the IMAP extension may\n try to free already freed memory when processing user\n credentials, leading to application crash and possibly\n arbitrary code execution.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"php5\", reference:\"5.2.6.dfsg.1-1+lenny10\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libapache2-mod-php5\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php-pear\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-cgi\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-cli\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-common\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-curl\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-dbg\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-dev\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-enchant\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-gd\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-gmp\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-imap\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-interbase\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-intl\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-ldap\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-mcrypt\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-mysql\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-odbc\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-pgsql\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-pspell\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-recode\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-snmp\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-sqlite\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-sybase\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-tidy\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-xmlrpc\", reference:\"5.3.3-7+squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-xsl\", reference:\"5.3.3-7+squeeze1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-03T15:02:19", "description": "This is a maintenance and security update that upgrades php to 5.3.4 for 2010.0/2010.1.\n\nSecurity Enhancements and Fixes in PHP 5.3.4 :\n\n - Paths with NULL in them (foo\\0bar.txt) are now considered as invalid (CVE-2006-7243).\n\n - Fixed bug #53512 (NumberFormatter::setSymbol crash on bogus values) (CVE-2010-4409)\n\nPlease note that CVE-2010-4150, CVE-2010-3870, CVE-2010-3436, CVE-2010-3709, CVE-2010-3710 were fixed in previous advisories.\n\nKey Bug Fixes in PHP 5.3.4 include :\n\n - Added stat support for zip stream.\n\n - Added follow_location (enabled by default) option for the http stream support.\n\n - Added a 3rd parameter to get_html_translation_table. It now takes a charset hint, like htmlentities et al.\n\n - Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend multibyte at runtime.\n\n - Multiple improvements to the FPM SAPI.\n\n - Over 100 other bug fixes.\n\nAdditional post 5.3.4 fixes :\n\n - Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is down).\n\n - Fixed bug #53541 (format string bug in ext/phar).\n\nAdditionally some of the PECL extensions has been upgraded and/or rebuilt for the new php version.", "cvss3": {}, "published": "2010-12-16T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : php (MDVSA-2010:254)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-2950", "CVE-2010-3436", "CVE-2010-3709", "CVE-2010-3710", "CVE-2010-3870", "CVE-2010-4150", "CVE-2010-4409"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:apache-mod_php", "p-cpe:/a:mandriva:linux:lib64php5_common5", "p-cpe:/a:mandriva:linux:libphp5_common5", "p-cpe:/a:mandriva:linux:php-apc", "p-cpe:/a:mandriva:linux:php-apc-admin", "p-cpe:/a:mandriva:linux:php-bcmath", "p-cpe:/a:mandriva:linux:php-bz2", "p-cpe:/a:mandriva:linux:php-calendar", "p-cpe:/a:mandriva:linux:php-cgi", "p-cpe:/a:mandriva:linux:php-cli", "p-cpe:/a:mandriva:linux:php-ctype", "p-cpe:/a:mandriva:linux:php-curl", "p-cpe:/a:mandriva:linux:php-dba", "p-cpe:/a:mandriva:linux:php-devel", "p-cpe:/a:mandriva:linux:php-dio", "p-cpe:/a:mandriva:linux:php-doc", "p-cpe:/a:mandriva:linux:php-dom", "p-cpe:/a:mandriva:linux:php-eaccelerator", "p-cpe:/a:mandriva:linux:php-eaccelerator-admin", "p-cpe:/a:mandriva:linux:php-enchant", "p-cpe:/a:mandriva:linux:php-exif", "p-cpe:/a:mandriva:linux:php-fam", "p-cpe:/a:mandriva:linux:php-fileinfo", "p-cpe:/a:mandriva:linux:php-filepro", "p-cpe:/a:mandriva:linux:php-filter", "p-cpe:/a:mandriva:linux:php-fpm", "p-cpe:/a:mandriva:linux:php-ftp", "p-cpe:/a:mandriva:linux:php-gd", "p-cpe:/a:mandriva:linux:php-mysql", "p-cpe:/a:mandriva:linux:php-mysqli", "p-cpe:/a:mandriva:linux:php-odbc", "p-cpe:/a:mandriva:linux:php-openssl", "p-cpe:/a:mandriva:linux:php-optimizer", "p-cpe:/a:mandriva:linux:php-pcntl", "p-cpe:/a:mandriva:linux:php-pdo", "p-cpe:/a:mandriva:linux:php-pdo_dblib", "p-cpe:/a:mandriva:linux:php-pdo_mysql", "p-cpe:/a:mandriva:linux:php-pdo_odbc", "p-cpe:/a:mandriva:linux:php-pdo_pgsql", "p-cpe:/a:mandriva:linux:php-pdo_sqlite", "p-cpe:/a:mandriva:linux:php-pgsql", "p-cpe:/a:mandriva:linux:php-phar", "p-cpe:/a:mandriva:linux:php-pinba", "p-cpe:/a:mandriva:linux:php-posix", "p-cpe:/a:mandriva:linux:php-pspell", "p-cpe:/a:mandriva:linux:php-readline", "p-cpe:/a:mandriva:linux:php-recode", "p-cpe:/a:mandriva:linux:php-sasl", "p-cpe:/a:mandriva:linux:php-session", "p-cpe:/a:mandriva:linux:php-shmop", "p-cpe:/a:mandriva:linux:php-snmp", "p-cpe:/a:mandriva:linux:php-soap", "p-cpe:/a:mandriva:linux:php-sockets", "p-cpe:/a:mandriva:linux:php-sphinx", "p-cpe:/a:mandriva:linux:php-sqlite3", "p-cpe:/a:mandriva:linux:php-ssh2", "p-cpe:/a:mandriva:linux:php-suhosin", "p-cpe:/a:mandriva:linux:php-sybase_ct", "p-cpe:/a:mandriva:linux:php-sysvmsg", "p-cpe:/a:mandriva:linux:php-sysvsem", "p-cpe:/a:mandriva:linux:php-sysvshm", "p-cpe:/a:mandriva:linux:php-tclink", "p-cpe:/a:mandriva:linux:php-tidy", "p-cpe:/a:mandriva:linux:php-timezonedb", "p-cpe:/a:mandriva:linux:php-tokenizer", "p-cpe:/a:mandriva:linux:php-translit", "p-cpe:/a:mandriva:linux:php-gearman", "p-cpe:/a:mandriva:linux:php-gettext", "p-cpe:/a:mandriva:linux:php-gmp", "p-cpe:/a:mandriva:linux:php-hash", "p-cpe:/a:mandriva:linux:php-iconv", "p-cpe:/a:mandriva:linux:php-idn", "p-cpe:/a:mandriva:linux:php-imap", "p-cpe:/a:mandriva:linux:php-ini", "p-cpe:/a:mandriva:linux:php-intl", "p-cpe:/a:mandriva:linux:php-json", "p-cpe:/a:mandriva:linux:php-ldap", "p-cpe:/a:mandriva:linux:php-mailparse", "p-cpe:/a:mandriva:linux:php-mbstring", "p-cpe:/a:mandriva:linux:php-mcal", "p-cpe:/a:mandriva:linux:php-mcrypt", "p-cpe:/a:mandriva:linux:php-mssql", "p-cpe:/a:mandriva:linux:php-vld", "p-cpe:/a:mandriva:linux:php-wddx", "p-cpe:/a:mandriva:linux:php-xattr", "p-cpe:/a:mandriva:linux:php-xdebug", "p-cpe:/a:mandriva:linux:php-xml", "p-cpe:/a:mandriva:linux:php-xmlreader", "p-cpe:/a:mandriva:linux:php-xmlrpc", "p-cpe:/a:mandriva:linux:php-xmlwriter", "p-cpe:/a:mandriva:linux:php-xsl", "p-cpe:/a:mandriva:linux:php-zip", "p-cpe:/a:mandriva:linux:php-zlib", "cpe:/o:mandriva:linux:2010.0", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2010-254.NASL", "href": "https://www.tenable.com/plugins/nessus/51196", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:254. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51196);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-7243\", \"CVE-2010-2950\", \"CVE-2010-4409\");\n script_bugtraq_id(44951, 45119);\n script_xref(name:\"MDVSA\", value:\"2010:254\");\n\n script_name(english:\"Mandriva Linux Security Advisory : php (MDVSA-2010:254)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is a maintenance and security update that upgrades php to 5.3.4\nfor 2010.0/2010.1.\n\nSecurity Enhancements and Fixes in PHP 5.3.4 :\n\n - Paths with NULL in them (foo\\0bar.txt) are now\n considered as invalid (CVE-2006-7243).\n\n - Fixed bug #53512 (NumberFormatter::setSymbol crash on\n bogus values) (CVE-2010-4409)\n\nPlease note that CVE-2010-4150, CVE-2010-3870, CVE-2010-3436,\nCVE-2010-3709, CVE-2010-3710 were fixed in previous advisories.\n\nKey Bug Fixes in PHP 5.3.4 include :\n\n - Added stat support for zip stream.\n\n - Added follow_location (enabled by default) option for\n the http stream support.\n\n - Added a 3rd parameter to get_html_translation_table. It\n now takes a charset hint, like htmlentities et al.\n\n - Implemented FR #52348, added new constant ZEND_MULTIBYTE\n to detect zend multibyte at runtime.\n\n - Multiple improvements to the FPM SAPI.\n\n - Over 100 other bug fixes.\n\nAdditional post 5.3.4 fixes :\n\n - Fixed bug #53517 (segfault in pgsql_stmt_execute() when\n postgres is down).\n\n - Fixed bug #53541 (format string bug in ext/phar).\n\nAdditionally some of the PECL extensions has been upgraded and/or\nrebuilt for the new php version.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.php.net/bug.php?id=53517\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.php.net/bug.php?id=53541\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/ChangeLog-5.php#5.3.4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64php5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libphp5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-apc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-apc-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-eaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-eaccelerator-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-filepro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gearman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-idn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mailparse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mcal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-optimizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pinba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sasl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sphinx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ssh2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sybase_ct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tclink\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-timezonedb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-translit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-vld\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xattr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.0\", reference:\"apache-mod_php-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libphp5_common5-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-apc-3.1.6-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-apc-admin-3.1.6-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-bcmath-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-bz2-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-calendar-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-cgi-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-cli-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-ctype-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-curl-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-dba-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-devel-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-dio-0.0.2-6.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-doc-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-dom-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-eaccelerator-0.9.6.1-0.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-eaccelerator-admin-0.9.6.1-0.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-enchant-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-exif-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-fam-5.0.1-10.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-fileinfo-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-filepro-5.1.6-20.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-filter-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-fpm-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-ftp-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-gd-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-gettext-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-gmp-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-hash-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-iconv-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-idn-1.2b-18.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-imap-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-ini-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-intl-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-json-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-ldap-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-mailparse-2.1.5-3.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-mbstring-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-mcal-0.6-30.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-mcrypt-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-mssql-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-mysql-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-mysqli-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-odbc-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-openssl-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-optimizer-0.1-0.alpha2.3.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pcntl-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pdo-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pdo_dblib-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pdo_mysql-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pdo_odbc-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pdo_pgsql-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pdo_sqlite-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pgsql-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-phar-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-posix-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-pspell-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-readline-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-recode-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-sasl-0.1.0-28.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-session-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-shmop-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-snmp-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-soap-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-sockets-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-sqlite3-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-ssh2-0.11.2-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-suhosin-0.9.32.1-0.2mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-sybase_ct-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-sysvmsg-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-sysvsem-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-sysvshm-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-tclink-3.4.5-1.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-tidy-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-timezonedb-2010.15-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-tokenizer-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-translit-0.6.0-10.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-vld-0.10.1-0.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-wddx-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-xattr-1.1.0-9.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-xdebug-2.1.0-0.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-xml-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-xmlreader-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-xmlrpc-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-xmlwriter-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-xsl-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-zip-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"php-zlib-5.3.4-0.1mdv2010.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", reference:\"apache-mod_php-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libphp5_common5-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-apc-3.1.6-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-apc-admin-3.1.6-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-bcmath-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-bz2-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-calendar-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-cgi-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-cli-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-ctype-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-curl-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-dba-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-devel-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-doc-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-dom-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-eaccelerator-0.9.6.1-1.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-eaccelerator-admin-0.9.6.1-1.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-enchant-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-exif-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-fileinfo-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-filter-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-fpm-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-ftp-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-gd-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-gearman-0.7.0-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-gettext-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-gmp-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-hash-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-iconv-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-imap-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-ini-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-intl-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-json-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-ldap-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mailparse-2.1.5-8.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mbstring-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mcal-0.6-35.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mcrypt-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mssql-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mysql-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mysqli-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-odbc-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-openssl-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-optimizer-0.1-0.alpha2.8.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pcntl-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_dblib-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_mysql-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_odbc-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_pgsql-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_sqlite-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pgsql-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-phar-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pinba-0.0.5-2.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-posix-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pspell-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-readline-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-recode-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sasl-0.1.0-33.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-session-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-shmop-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-snmp-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-soap-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sockets-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sphinx-1.0.4-2.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sqlite3-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-ssh2-0.11.2-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-suhosin-0.9.32.1-0.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sybase_ct-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sysvmsg-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sysvsem-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sysvshm-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-tclink-3.4.5-7.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-tidy-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-timezonedb-2010.15-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-tokenizer-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-translit-0.6.0-15.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-vld-0.10.1-1.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-wddx-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xattr-1.1.0-13.2mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xdebug-2.1.0-0.3mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xml-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xmlreader-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xmlrpc-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xmlwriter-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xsl-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-zip-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-zlib-5.3.4-0.1mdv2010.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-03T14:47:02", "description": "It was discovered that an integer overflow in the XML UTF-8 decoding code could allow an attacker to bypass cross-site scripting (XSS) protections. This issue only affected Ubuntu 6.06 LTS, Ubuntu 8.04 LTS, and Ubuntu 9.10. (CVE-2009-5016)\n\nIt was discovered that the XML UTF-8 decoding code did not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which could allow an attacker to bypass cross-site scripting (XSS) protections. (CVE-2010-3870)\n\nIt was discovered that attackers might be able to bypass open_basedir() restrictions by passing a specially crafted filename.\n(CVE-2010-3436)\n\nMaksymilian Arciemowicz discovered that a NULL pointer derefence in the ZIP archive handling code could allow an attacker to cause a denial of service through a specially crafted ZIP archive. This issue only affected Ubuntu 8.04 LTS, Ubuntu 9.10, Ubuntu 10.04 LTS, and Ubuntu 10.10. (CVE-2010-3709)\n\nIt was discovered that a stack consumption vulnerability in the filter_var() PHP function when in FILTER_VALIDATE_EMAIL mode, could allow a remote attacker to cause a denial of service. This issue only affected Ubuntu 8.04 LTS, Ubuntu 9.10, Ubuntu 10.04 LTS, and Ubuntu 10.10. (CVE-2010-3710)\n\nIt was discovered that the mb_strcut function in the Libmbfl library within PHP could allow an attacker to read arbitrary memory within the application process. This issue only affected Ubuntu 10.10.\n(CVE-2010-4156)\n\nMaksymilian Arciemowicz discovered that an integer overflow in the NumberFormatter::getSymbol function could allow an attacker to cause a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 10.10. (CVE-2010-4409)\n\nRick Regan discovered that when handing PHP textual representations of the largest subnormal double-precision floating-point number, the zend_strtod function could go into an infinite loop on 32bit x86 processors, allowing an attacker to cause a denial of service.\n(CVE-2010-4645).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-01-12T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : php5 vulnerabilities (USN-1042-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-5016", "CVE-2010-3436", "CVE-2010-3709", "CVE-2010-3710", "CVE-2010-3870", "CVE-2010-4156", "CVE-2010-4409", "CVE-2010-4645"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5", "p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5filter", "p-cpe:/a:canonical:ubuntu_linux:php-pear", "p-cpe:/a:canonical:ubuntu_linux:php5", "p-cpe:/a:canonical:ubuntu_linux:php5-cgi", "p-cpe:/a:canonical:ubuntu_linux:php5-cli", "p-cpe:/a:canonical:ubuntu_linux:php5-common", "p-cpe:/a:canonical:ubuntu_linux:php5-curl", "p-cpe:/a:canonical:ubuntu_linux:php5-dbg", "p-cpe:/a:canonical:ubuntu_linux:php5-dev", "p-cpe:/a:canonical:ubuntu_linux:php5-enchant", "p-cpe:/a:canonical:ubuntu_linux:php5-fpm", "p-cpe:/a:canonical:ubuntu_linux:php5-gd", "p-cpe:/a:canonical:ubuntu_linux:php5-gmp", "p-cpe:/a:canonical:ubuntu_linux:php5-intl", "p-cpe:/a:canonical:ubuntu_linux:php5-ldap", "p-cpe:/a:canonical:ubuntu_linux:php5-mhash", "p-cpe:/a:canonical:ubuntu_linux:php5-mysql", "p-cpe:/a:canonical:ubuntu_linux:php5-mysqli", "p-cpe:/a:canonical:ubuntu_linux:php5-odbc", "p-cpe:/a:canonical:ubuntu_linux:php5-pgsql", "p-cpe:/a:canonical:ubuntu_linux:php5-pspell", "p-cpe:/a:canonical:ubuntu_linux:php5-recode", "p-cpe:/a:canonical:ubuntu_linux:php5-snmp", "p-cpe:/a:canonical:ubuntu_linux:php5-sqlite", "p-cpe:/a:canonical:ubuntu_linux:php5-sybase", "p-cpe:/a:canonical:ubuntu_linux:php5-tidy", "p-cpe:/a:canonical:ubuntu_linux:php5-xmlrpc", "p-cpe:/a:canonical:ubuntu_linux:php5-xsl", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:9.10"], "id": "UBUNTU_USN-1042-1.NASL", "href": "https://www.tenable.com/plugins/nessus/51502", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1042-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51502);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-3436\", \"CVE-2010-3709\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4156\", \"CVE-2010-4409\", \"CVE-2010-4645\");\n script_bugtraq_id(43926, 44605, 44718, 44723, 44727, 44889, 45119, 45668);\n script_xref(name:\"USN\", value:\"1042-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : php5 vulnerabilities (USN-1042-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that an integer overflow in the XML UTF-8 decoding\ncode could allow an attacker to bypass cross-site scripting (XSS)\nprotections. This issue only affected Ubuntu 6.06 LTS, Ubuntu 8.04\nLTS, and Ubuntu 9.10. (CVE-2009-5016)\n\nIt was discovered that the XML UTF-8 decoding code did not properly\nhandle non-shortest form UTF-8 encoding and ill-formed subsequences in\nUTF-8 data, which could allow an attacker to bypass cross-site\nscripting (XSS) protections. (CVE-2010-3870)\n\nIt was discovered that attackers might be able to bypass\nopen_basedir() restrictions by passing a specially crafted filename.\n(CVE-2010-3436)\n\nMaksymilian Arciemowicz discovered that a NULL pointer derefence in\nthe ZIP archive handling code could allow an attacker to cause a\ndenial of service through a specially crafted ZIP archive. This issue\nonly affected Ubuntu 8.04 LTS, Ubuntu 9.10, Ubuntu 10.04 LTS, and\nUbuntu 10.10. (CVE-2010-3709)\n\nIt was discovered that a stack consumption vulnerability in the\nfilter_var() PHP function when in FILTER_VALIDATE_EMAIL mode, could\nallow a remote attacker to cause a denial of service. This issue only\naffected Ubuntu 8.04 LTS, Ubuntu 9.10, Ubuntu 10.04 LTS, and Ubuntu\n10.10. (CVE-2010-3710)\n\nIt was discovered that the mb_strcut function in the Libmbfl library\nwithin PHP could allow an attacker to read arbitrary memory within the\napplication process. This issue only affected Ubuntu 10.10.\n(CVE-2010-4156)\n\nMaksymilian Arciemowicz discovered that an integer overflow in the\nNumberFormatter::getSymbol function could allow an attacker to cause a\ndenial of service. This issue only affected Ubuntu 10.04 LTS and\nUbuntu 10.10. (CVE-2010-4409)\n\nRick Regan discovered that when handing PHP textual representations of\nthe largest subnormal double-precision floating-point number, the\nzend_strtod function could go into an infinite loop on 32bit x86\nprocessors, allowing an attacker to cause a denial of service.\n(CVE-2010-4645).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1042-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-mhash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-mysqli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-sybase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(6\\.06|8\\.04|9\\.10|10\\.04|10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 9.10 / 10.04 / 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php-pear\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-cgi\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-cli\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-common\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-curl\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-dev\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-gd\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-ldap\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-mhash\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-mysql\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-mysqli\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-odbc\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-pgsql\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-recode\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-snmp\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-sqlite\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-sybase\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-xmlrpc\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"php5-xsl\", pkgver:\"5.1.2-1ubuntu3.20\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php-pear\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-cgi\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-cli\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-common\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-curl\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-dev\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-gd\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-gmp\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-ldap\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-mhash\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-mysql\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-odbc\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-pgsql\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-pspell\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-recode\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-snmp\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-sqlite\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-sybase\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-tidy\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-xmlrpc\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5-xsl\", pkgver:\"5.2.4-2ubuntu5.13\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"libapache2-mod-php5filter\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php-pear\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-cgi\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-cli\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-common\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-curl\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-dbg\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-dev\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-gd\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-gmp\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-ldap\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-mhash\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-mysql\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-odbc\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-pgsql\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-pspell\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-recode\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-snmp\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-sqlite\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-sybase\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-tidy\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-xmlrpc\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"php5-xsl\", pkgver:\"5.2.10.dfsg.1-2ubuntu6.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libapache2-mod-php5filter\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php-pear\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-cgi\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-cli\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-common\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-curl\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-dbg\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-dev\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-enchant\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-gd\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-gmp\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-intl\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-ldap\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-mysql\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-odbc\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-pgsql\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-pspell\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-recode\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-snmp\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-sqlite\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-sybase\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-tidy\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-xmlrpc\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-xsl\", pkgver:\"5.3.2-1ubuntu4.6\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libapache2-mod-php5filter\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php-pear\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-cgi\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-cli\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-common\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-curl\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-dbg\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-dev\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-enchant\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-fpm\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-gd\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-gmp\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-intl\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-ldap\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-mysql\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-odbc\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-pgsql\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-pspell\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-recode\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-snmp\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-sqlite\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-sybase\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-tidy\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-xmlrpc\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"php5-xsl\", pkgver:\"5.3.3-1ubuntu9.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapache2-mod-php5 / libapache2-mod-php5filter / php-pear / php5 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:32:04", "description": "Security Enhancements and Fixes in PHP 5.3.4 :\n\n - Fixed crash in zip extract method (possible CWE-170).\n\n - Paths with NULL in them (foo\\0bar.txt) are now considered as invalid (CVE-2006-7243).\n\n - Fixed a possible double free in imap extension (Identified by Mateusz Kocielski). (CVE-2010-4150).\n\n - Fixed NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709).\n\n - Fixed possible flaw in open_basedir (CVE-2010-3436).\n\n - Fixed MOPS-2010-24, fix string validation.\n (CVE-2010-2950).\n\n - Fixed symbolic resolution support when the target is a DFS share.\n\n - Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data) (CVE-2010-3710).\n\nKey Bug Fixes in PHP 5.3.4 include :\n\n - Added stat support for zip stream.\n\n - Added follow_location (enabled by default) option for the http stream support.\n\n - Added a 3rd parameter to get_html_translation_table.\n It now takes a charset hint, like htmlentities et al.\n\n - Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend multibyte at runtime.\n\nFull upstream Changelog : http://www.php.net/ChangeLog-5.php#5.3.4\n\nThis update also provides php-eaccelerator and maniadrive packages rebuild against update php.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-01-05T00:00:00", "type": "nessus", "title": "Fedora 13 : maniadrive-1.2-23.fc13 / php-5.3.4-1.fc13.1 / php-eaccelerator-0.9.6.1-3.fc13 (2010-19011)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2009-5016", "CVE-2010-2950", "CVE-2010-3436", "CVE-2010-3709", "CVE-2010-3710", "CVE-2010-3870", "CVE-2010-4150", "CVE-2010-4156", "CVE-2010-4409"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:maniadrive", "p-cpe:/a:fedoraproject:fedora:php", "p-cpe:/a:fedoraproject:fedora:php-eaccelerator", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2010-19011.NASL", "href": "https://www.tenable.com/plugins/nessus/51413", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-19011.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51413);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-3709\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4150\", \"CVE-2010-4156\", \"CVE-2010-4409\");\n script_bugtraq_id(43926, 44605, 44718, 44727, 44889, 44980, 45119);\n script_xref(name:\"FEDORA\", value:\"2010-19011\");\n\n script_name(english:\"Fedora 13 : maniadrive-1.2-23.fc13 / php-5.3.4-1.fc13.1 / php-eaccelerator-0.9.6.1-3.fc13 (2010-19011)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Enhancements and Fixes in PHP 5.3.4 :\n\n - Fixed crash in zip extract method (possible CWE-170).\n\n - Paths with NULL in them (foo\\0bar.txt) are now\n considered as invalid (CVE-2006-7243).\n\n - Fixed a possible double free in imap extension\n (Identified by Mateusz Kocielski). (CVE-2010-4150).\n\n - Fixed NULL pointer dereference in\n ZipArchive::getArchiveComment. (CVE-2010-3709).\n\n - Fixed possible flaw in open_basedir (CVE-2010-3436).\n\n - Fixed MOPS-2010-24, fix string validation.\n (CVE-2010-2950).\n\n - Fixed symbolic resolution support when the target is a\n DFS share.\n\n - Fixed bug #52929 (Segfault in filter_var with\n FILTER_VALIDATE_EMAIL with large amount of data)\n (CVE-2010-3710).\n\nKey Bug Fixes in PHP 5.3.4 include :\n\n - Added stat support for zip stream.\n\n - Added follow_location (enabled by default) option for\n the http stream support.\n\n - Added a 3rd parameter to get_html_translation_table.\n It now takes a charset hint, like htmlentities et al.\n\n - Implemented FR #52348, added new constant\n ZEND_MULTIBYTE to detect zend multibyte at runtime.\n\nFull upstream Changelog : http://www.php.net/ChangeLog-5.php#5.3.4\n\nThis update also provides php-eaccelerator and maniadrive packages\nrebuild against update php.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/ChangeLog-5.php#5.3.4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=646684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=649056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=651206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=651682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=652836\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=656917\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660382\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-January/052835.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6016f929\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9c46c86e\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-January/052837.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ea13a1e7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected maniadrive, php and / or php-eaccelerator\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:maniadrive\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-eaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"maniadrive-1.2-23.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"php-5.3.4-1.fc13.1\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"php-eaccelerator-0.9.6.1-3.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"maniadrive / php / php-eaccelerator\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-03T14:47:35", "description": "Security Enhancements and Fixes in PHP 5.3.4 :\n\n - Fixed crash in zip extract method (possible CWE-170).\n\n - Paths with NULL in them (foo\\0bar.txt) are now considered as invalid (CVE-2006-7243).\n\n - Fixed a possible double free in imap extension (Identified by Mateusz Kocielski). (CVE-2010-4150).\n\n - Fixed NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709).\n\n - Fixed possible flaw in open_basedir (CVE-2010-3436).\n\n - Fixed MOPS-2010-24, fix string validation.\n (CVE-2010-2950).\n\n - Fixed symbolic resolution support when the target is a DFS share.\n\n - Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data) (CVE-2010-3710).\n\nKey Bug Fixes in PHP 5.3.4 include :\n\n - Added stat support for zip stream.\n\n - Added follow_location (enabled by default) option for the http stream support.\n\n - Added a 3rd parameter to get_html_translation_table.\n It now takes a charset hint, like htmlentities et al.\n\n - Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend multibyte at runtime.\n\nFull upstream Changelog : http://www.php.net/ChangeLog-5.php#5.3.4\n\nThis update also provides php-eaccelerator and maniadrive packages rebuild against update php.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-01-05T00:00:00", "type": "nessus", "title": "Fedora 14 : maniadrive-1.2-23.fc14 / php-5.3.4-1.fc14.1 / php-eaccelerator-0.9.6.1-3.fc14 (2010-18976)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2009-5016", "CVE-2010-2950", "CVE-2010-3436", "CVE-2010-3709", "CVE-2010-3710", "CVE-2010-3870", "CVE-2010-4150", "CVE-2010-4156", "CVE-2010-4409"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:maniadrive", "p-cpe:/a:fedoraproject:fedora:php", "p-cpe:/a:fedoraproject:fedora:php-eaccelerator", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2010-18976.NASL", "href": "https://www.tenable.com/plugins/nessus/51412", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-18976.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51412);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-3709\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4150\", \"CVE-2010-4156\", \"CVE-2010-4409\");\n script_bugtraq_id(43926, 44605, 44718, 44727, 44889, 44980, 45119);\n script_xref(name:\"FEDORA\", value:\"2010-18976\");\n\n script_name(english:\"Fedora 14 : maniadrive-1.2-23.fc14 / php-5.3.4-1.fc14.1 / php-eaccelerator-0.9.6.1-3.fc14 (2010-18976)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Enhancements and Fixes in PHP 5.3.4 :\n\n - Fixed crash in zip extract method (possible CWE-170).\n\n - Paths with NULL in them (foo\\0bar.txt) are now\n considered as invalid (CVE-2006-7243).\n\n - Fixed a possible double free in imap extension\n (Identified by Mateusz Kocielski). (CVE-2010-4150).\n\n - Fixed NULL pointer dereference in\n ZipArchive::getArchiveComment. (CVE-2010-3709).\n\n - Fixed possible flaw in open_basedir (CVE-2010-3436).\n\n - Fixed MOPS-2010-24, fix string validation.\n (CVE-2010-2950).\n\n - Fixed symbolic resolution support when the target is a\n DFS share.\n\n - Fixed bug #52929 (Segfault in filter_var with\n FILTER_VALIDATE_EMAIL with large amount of data)\n (CVE-2010-3710).\n\nKey Bug Fixes in PHP 5.3.4 include :\n\n - Added stat support for zip stream.\n\n - Added follow_location (enabled by default) option for\n the http stream support.\n\n - Added a 3rd parameter to get_html_translation_table.\n It now takes a charset hint, like htmlentities et al.\n\n - Implemented FR #52348, added new constant\n ZEND_MULTIBYTE to detect zend multibyte at runtime.\n\nFull upstream Changelog : http://www.php.net/ChangeLog-5.php#5.3.4\n\nThis update also provides php-eaccelerator and maniadrive packages\nrebuild against update php.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/ChangeLog-5.php#5.3.4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=646684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=649056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=651206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=651682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=652836\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=656917\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660382\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-January/052843.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?730c2771\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-January/052844.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7a183384\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?85fdc87e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected maniadrive, php and / or php-eaccelerator\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:maniadrive\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-eaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/10/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"maniadrive-1.2-23.fc14\")) flag++;\nif (rpm_check(release:\"FC14\", reference:\"php-5.3.4-1.fc14.1\")) flag++;\nif (rpm_check(release:\"FC14\", reference:\"php-eaccelerator-0.9.6.1-3.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"maniadrive / php / php-eaccelerator\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:38:10", "description": "PHP has been cited with the following multiple vulnerabilities, which may be locally exploitable on some F5 products :\n\nCVE-2006-7243 PHP before 5.3.4 accepts the \\0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\\0.jpg at the end of the argument to the file_exists function.\n\nCVE-2007-3799 The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from (1) PATH_INFO, (2) the session_id function, and (3) the session_start function, which are not encoded or filtered when the new session cookie is generated, a related issue to CVE-2006-0207.\n\nCVE-2010-3710 Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string.\n\nCVE-2010-3870 The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string.\n\nCVE-2010-4697 Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of __set,\n__get, __isset, and __unset methods on objects accessed by a reference.\n\nCVE-2011-1470 The Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a ziparchive stream that is not properly handled by the stream_get_contents function.\n\nCVE-2011-3182 PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveraging the ability to provide an arbitrary value for a function argument, related to (1) ext/curl/interface.c, (2) ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c, (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6) ext/pdo_odbc/pdo_odbc.c, (7) ext/reflection/php_reflection.c, (8) ext/soap/php_sdl.c, (9) ext/xmlrpc/libxmlrpc/base64.c, (10) TSRM/tsrm_win32.c, and (11) the strtotime function.\n\nCVE-2011-3267 PHP before 5.3.7 does not properly implement the error_log function, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors.\n\nCVE-2011-3268 Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483.\n\nCVE-2011-4566 Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708.\n\nCVE-2012-0830 The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.", "cvss3": {}, "published": "2014-10-10T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Multiple PHP vulnerabilities (K13519)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-0207", "CVE-2006-7243", "CVE-2007-3799", "CVE-2010-3710", "CVE-2010-3870", "CVE-2010-4697", "CVE-2011-0708", "CVE-2011-1470", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-3267", "CVE-2011-3268", "CVE-2011-4566", "CVE-2011-4885", "CVE-2012-0830"], "modified": "2021-03-10T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL13519.NASL", "href": "https://www.tenable.com/plugins/nessus/78134", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K13519.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78134);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/10\");\n\n script_cve_id(\"CVE-2006-0207\", \"CVE-2006-7243\", \"CVE-2007-3799\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4697\", \"CVE-2011-0708\", \"CVE-2011-1470\", \"CVE-2011-2483\", \"CVE-2011-3182\", \"CVE-2011-3267\", \"CVE-2011-3268\", \"CVE-2011-4566\", \"CVE-2011-4885\", \"CVE-2012-0830\");\n script_bugtraq_id(16220, 24268, 43926, 44605, 44951, 45952, 46365, 46969, 49241, 49249, 50907, 51193, 51830);\n\n script_name(english:\"F5 Networks BIG-IP : Multiple PHP vulnerabilities (K13519)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"PHP has been cited with the following multiple vulnerabilities, which\nmay be locally exploitable on some F5 products :\n\nCVE-2006-7243 PHP before 5.3.4 accepts the \\0 character in a pathname,\nwhich might allow context-dependent attackers to bypass intended\naccess restrictions by placing a safe file extension after this\ncharacter, as demonstrated by .php\\0.jpg at the end of the argument to\nthe file_exists function.\n\nCVE-2007-3799 The session_start function in ext/session in PHP 4.x up\nto 4.4.7 and 5.x up to 5.2.3 allows remote attackers to insert\narbitrary attributes into the session cookie via special characters in\na cookie that is obtained from (1) PATH_INFO, (2) the session_id\nfunction, and (3) the session_start function, which are not encoded or\nfiltered when the new session cookie is generated, a related issue to\nCVE-2006-0207.\n\nCVE-2010-3710 Stack consumption vulnerability in the filter_var\nfunction in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when\nFILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a\ndenial of service (memory consumption and application crash) via a\nlong e-mail address string.\n\nCVE-2010-3870 The utf8_decode function in PHP before 5.3.4 does not\nproperly handle non-shortest form UTF-8 encoding and ill-formed\nsubsequences in UTF-8 data, which makes it easier for remote attackers\nto bypass cross-site scripting (XSS) and SQL injection protection\nmechanisms via a crafted string.\n\nCVE-2010-4697 Use-after-free vulnerability in the Zend engine in PHP\nbefore 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent\nattackers to cause a denial of service (heap memory corruption) or\nhave unspecified other impact via vectors related to use of __set,\n__get, __isset, and __unset methods on objects accessed by a\nreference.\n\nCVE-2011-1470 The Zip extension in PHP before 5.3.6 allows\ncontext-dependent attackers to cause a denial of service (application\ncrash) via a ziparchive stream that is not properly handled by the\nstream_get_contents function.\n\nCVE-2011-3182 PHP before 5.3.7 does not properly check the return\nvalues of the malloc, calloc, and realloc library functions, which\nallows context-dependent attackers to cause a denial of service (NULL\npointer dereference and application crash) or trigger a buffer\noverflow by leveraging the ability to provide an arbitrary value for a\nfunction argument, related to (1) ext/curl/interface.c, (2)\next/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c, (4)\next/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6)\next/pdo_odbc/pdo_odbc.c, (7) ext/reflection/php_reflection.c, (8)\next/soap/php_sdl.c, (9) ext/xmlrpc/libxmlrpc/base64.c, (10)\nTSRM/tsrm_win32.c, and (11) the strtotime function.\n\nCVE-2011-3267 PHP before 5.3.7 does not properly implement the\nerror_log function, which allows context-dependent attackers to cause\na denial of service (application crash) via unspecified vectors.\n\nCVE-2011-3268 Buffer overflow in the crypt function in PHP before\n5.3.7 allows context-dependent attackers to have an unspecified impact\nvia a long salt argument, a different vulnerability than\nCVE-2011-2483.\n\nCVE-2011-4566 Integer overflow in the exif_process_IFD_TAG function in\nexif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms\nallows remote attackers to read the contents of arbitrary memory\nlocations or cause a denial of service via a crafted offset_val value\nin an EXIF header in a JPEG file, a different vulnerability than\nCVE-2011-0708.\n\nCVE-2012-0830 The php_register_variable_ex function in php_variables.c\nin PHP 5.3.9 allows remote attackers to execute arbitrary code via a\nrequest containing a large number of variables, related to improper\nhandling of array variables. NOTE: this vulnerability exists because\nof an incorrect fix for CVE-2011-4885.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K13519\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K13519.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K13519\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\",\"11.0.0-11.1.0\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.2.0-11.4.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\",\"11.0.0-11.1.0\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.2.0-11.4.0\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"11.0.0-11.1.0\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"11.2.0-11.4.0\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\",\"11.0.0-11.1.0\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.2.0-11.4.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\",\"11.0.0-11.1.0\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.2.0-11.4.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\",\"11.0.0-11.1.0\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.2.0-11.4.0\");\n\n# PSM\nvmatrix[\"PSM\"] = make_array();\nvmatrix[\"PSM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\",\"11.0.0-11.1.0\");\nvmatrix[\"PSM\"][\"unaffected\"] = make_list(\"11.2.0-11.4.0\");\n\n# WOM\nvmatrix[\"WOM\"] = make_array();\nvmatrix[\"WOM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\",\"11.0.0-11.1.0\");\nvmatrix[\"WOM\"][\"unaffected\"] = make_list(\"11.2.0-11.3.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-03T15:01:36", "description": "According to its banner, the version of PHP 5.3 installed on the remote host is older than 5.3.4. Such versions may be affected by several security issues :\n\n - A crash in the zip extract method.\n\n - A stack-based buffer overflow in impagepstext() of the GD extension.\n\n - An unspecified vulnerability related to symbolic resolution when using a DFS share.\n\n - A security bypass vulnerability related to using pathnames containing NULL bytes.\n (CVE-2006-7243)\n\n - Multiple format string vulnerabilities.\n (CVE-2010-2094, CVE-2010-2950)\n\n - An unspecified security bypass vulnerability in open_basedir(). (CVE-2010-3436)\n\n - A NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709)\n\n - Memory corruption in php_filter_validate_email().\n (CVE-2010-3710)\n\n - An input validation vulnerability in xml_utf8_decode(). (CVE-2010-3870)\n\n - A possible double free in the IMAP extension.\n (CVE-2010-4150)\n\n - An information disclosure vulnerability in 'mb_strcut()'. (CVE-2010-4156)\n\n - An integer overflow vulnerability in 'getSymbol()'.\n (CVE-2010-4409)\n\n - A use-after-free vulnerability in the Zend engine when a '__set()', '__get()', '__isset()' or '__unset()' method is called can allow for a denial of service attack. (Bug #52879 / CVE-2010-4697)\n\n - A stack-based buffer overflow exists in the 'imagepstext()' function in the GD extension. (Bug #53492 / CVE-2010-4698)\n\n - The 'iconv_mime_decode_headers()' function in the iconv extension fails to properly handle encodings that are not recognized by the iconv and mbstring implementations. (Bug #52941 / CVE-2010-4699)\n\n - The 'set_magic_quotes_runtime()' function when the MySQLi extension is used does not properly interact with the 'mysqli_fetch_assoc()' function. (Bug #52221 / CVE-2010-4700)\n\n - A race condition exists in the PCNTL extension.\n (CVE-2011-0753)\n\n - The SplFileInfo::getType function in the Standard PHP Library extension does not properly detect symbolic links. (CVE-2011-0754)\n\n - An integer overflow exists in the mt_rand function.\n (CVE-2011-0755)", "cvss3": {}, "published": "2010-12-13T00:00:00", "type": "nessus", "title": "PHP 5.3 < 5.3.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-2094", "CVE-2010-2950", "CVE-2010-3436", "CVE-2010-3709", "CVE-2010-3710", "CVE-2010-3870", "CVE-2010-4150", "CVE-2010-4156", "CVE-2010-4409", "CVE-2010-4697", "CVE-2010-4698", "CVE-2010-4699", "CVE-2010-4700", "CVE-2011-0753", "CVE-2011-0754", "CVE-2011-0755"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_3_4.NASL", "href": "https://www.tenable.com/plugins/nessus/51140", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51140);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2006-7243\",\n \"CVE-2010-2094\",\n \"CVE-2010-2950\",\n \"CVE-2010-3436\",\n \"CVE-2010-3709\",\n \"CVE-2010-3710\",\n \"CVE-2010-3870\",\n \"CVE-2010-4150\",\n \"CVE-2010-4156\",\n \"CVE-2010-4409\",\n \"CVE-2010-4697\",\n \"CVE-2010-4698\",\n \"CVE-2010-4699\",\n \"CVE-2010-4700\",\n \"CVE-2011-0753\",\n \"CVE-2011-0754\",\n \"CVE-2011-0755\"\n );\n script_bugtraq_id(\n 40173,\n 43926,\n 44605,\n 44718,\n 44723,\n 44951,\n 44980,\n 45119,\n 45335,\n 45338,\n 45339,\n 45952,\n 45954,\n 46056,\n 46168\n );\n script_xref(name:\"CERT\", value:\"479900\");\n\n script_name(english:\"PHP 5.3 < 5.3.4 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple flaws.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.3 installed on the\nremote host is older than 5.3.4. Such versions may be affected by\nseveral security issues :\n\n - A crash in the zip extract method.\n\n - A stack-based buffer overflow in impagepstext()\n of the GD extension.\n\n - An unspecified vulnerability related to\n symbolic resolution when using a DFS share.\n\n - A security bypass vulnerability related\n to using pathnames containing NULL bytes.\n (CVE-2006-7243)\n\n - Multiple format string vulnerabilities.\n (CVE-2010-2094, CVE-2010-2950)\n\n - An unspecified security bypass vulnerability\n in open_basedir(). (CVE-2010-3436)\n\n - A NULL pointer dereference in\n ZipArchive::getArchiveComment. (CVE-2010-3709)\n\n - Memory corruption in php_filter_validate_email().\n (CVE-2010-3710)\n\n - An input validation vulnerability in\n xml_utf8_decode(). (CVE-2010-3870)\n\n - A possible double free in the IMAP extension.\n (CVE-2010-4150)\n\n - An information disclosure vulnerability in\n 'mb_strcut()'. (CVE-2010-4156)\n\n - An integer overflow vulnerability in 'getSymbol()'.\n (CVE-2010-4409)\n\n - A use-after-free vulnerability in the Zend engine when\n a '__set()', '__get()', '__isset()' or '__unset()'\n method is called can allow for a denial of service\n attack. (Bug #52879 / CVE-2010-4697)\n\n - A stack-based buffer overflow exists in the\n 'imagepstext()' function in the GD extension. (Bug\n #53492 / CVE-2010-4698)\n\n - The 'iconv_mime_decode_headers()' function in the iconv\n extension fails to properly handle encodings that are\n not recognized by the iconv and mbstring\n implementations. (Bug #52941 / CVE-2010-4699)\n\n - The 'set_magic_quotes_runtime()' function when the\n MySQLi extension is used does not properly interact\n with the 'mysqli_fetch_assoc()' function. (Bug #52221 /\n CVE-2010-4700)\n\n - A race condition exists in the PCNTL extension.\n (CVE-2011-0753)\n\n - The SplFileInfo::getType function in the Standard PHP\n Library extension does not properly detect symbolic\n links. (CVE-2011-0754)\n\n - An integer overflow exists in the mt_rand function.\n (CVE-2011-0755)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/releases/5_3_4.php\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/ChangeLog-5.php#5.3.4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP 5.3.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2010-4700\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"audit.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported)\n audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\nif (version =~ \"^5\\.3\\.[0-3]($|[^0-9])\") \n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version+\n '\\n Fixed version : 5.3.4\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:54:25", "description": "According to its banner the version of PHP installed on the remote host is 5.3.x earlier than 5.3.4. Such versions are potentially affected by multiple vulnerabilities :\n\n - A crash in the zip extract method.\n - A stack buffer overflow in impagepstext() of the GD extension.\n - An unspecified vulnerability related to symbolic resolution when using a DFS share.\n - A security bypass vulnerability related to using pathnames containing NULL bytes. (CVE-2006-7243)\n - Multiple format string vulnerabilities. (CVE-2010-2094, CVE-2010-2950)\n - An unspecified security bypass vulnerability in open_basedir(). (CVE-2010-3436)\n - A NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709)\n - Memory corruption in php_filter_validate_email(). (CVE-2010-3710)\n - An input validation vulnerability in xml_utf8_decode(). (CVE-2010-3870)\n - A possible double free in the IMAP extension. (CVE-2010-4150)\n - An information disclosure vulnerability in 'mb_strcut()'. (CVE-2010-4156)\n - An integer overflow vulnerability in 'getSymbol()'. (CVE-2010-4409)\n - A use-after-free vulnerability in the Zend engine when a '__set()', '__get()', '__isset()' or '__unset()' method is called can allow for a denial of service attack. (Bug #52879 / CVE-2010-4697)\n - A stack-based buffer overflow exists in the 'imagepstext()' function in the GD extension. (Bug #53492 / CVE-2010-4698)\n - The 'iconv_mime_decode_headers()' function in the iconv extension fails to properly handle encodings that are not recognized by the iconv and mbstring implementations. (Bug #52941 / CVE-2010-4699)\n - The 'set_magic_quotes_runtime()' function when the MySQLi extension is used does not properly interact with the 'mysqli_fetch_assoc()' function. (Bug #52221 / CVE-2010-4700)\n - A race condition exists in the PCNTL extension. (CVE-2011-0753)\n - The SplFileInfo::getType function in the Standard PHP Library extension does not properly detect symbolic links. (CVE-2011-0754)\n - An integer overflow exists in the mt_rand function. (CVE-2011-0755)", "cvss3": {}, "published": "2010-12-10T00:00:00", "type": "nessus", "title": "PHP 5.3.x < 5.3.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-2094", "CVE-2010-2950", "CVE-2010-3436", "CVE-2010-3709", "CVE-2010-3710", "CVE-2010-3870", "CVE-2010-4150", "CVE-2010-4156", "CVE-2010-4409", "CVE-2010-4697", "CVE-2010-4698", "CVE-2010-4699", "CVE-2010-4700", "CVE-2011-0753", "CVE-2011-0754", "CVE-2011-0755"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "5732.PRM", "href": "https://www.tenable.com/plugins/nnm/5732", "sourceData": "Binary data 5732.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:54:23", "description": "According to its banner the version of PHP installed on the remote host is 5.3.x earlier than 5.3.4. Such versions are potentially affected by multiple vulnerabilities :\n\n - A crash in the zip extract method.\n\n - A stack buffer overflow in impagepstext() of the GD extension.\n\n - An unspecified vulnerability related to symbolic resolution when using a DFS share.\n\n - A security bypass vulnerability related to using pathnames containing NULL bytes. (CVE-2006-7243)\n\n - Multiple format string vulnerabilities. (CVE-2010-2094, CVE-2010-2950)\n\n - An unspecified security bypass vulnerability in open_basedir(). (CVE-2010-3436)\n\n - A NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709)\n\n - Memory corruption in php_filter_validate_email(). (CVE-2010-3710)\n\n - An input validation vulnerability in xml_utf8_decode(). (CVE-2010-3870)\n\n - A possible double free in the IMAP extension. (CVE-2010-4150)\n - An information disclosure vulnerability in 'mb_strcut()'. (CVE-2010-4156)\n\n - An integer overflow vulnerability in 'getSymbol()'. (CVE-2010-4409)\n\n - A use-after-free vulnerability in the Zend engine when a '__set()', '__get()', '__isset()' or '__unset()' method is called can allow for a denial of service attack. (Bug #52879 / CVE-2010-4697)\n\n - A stack-based buffer overflow exists in the 'imagepstext()' function in the GD extension. (Bug #53492 / CVE-2010-4698)\n\n - The 'iconv_mime_decode_headers()' function in the iconv extension fails to properly handle encodings that are not recognized by the iconv and mbstring implementations. (Bug #52941 / CVE-2010-4699)\n\n - The 'set_magic_quotes_runtime()' function when the MySQLi extension is used does not properly interact with the 'mysqli_fetch_assoc()' function. (Bug #52221 / CVE-2010-4700)\n\n - A race condition exists in the PCNTL extension. (CVE-2011-0753)\n\n - The SplFileInfo::getType function in the Standard PHP Library extension does not properly detect symbolic links. (CVE-2011-0754)\n\n - An integer overflow exists in the mt_rand function. (CVE-2011-0755)", "cvss3": {}, "published": "2010-12-10T00:00:00", "type": "nessus", "title": "PHP 5.3 < 5.3.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-2094", "CVE-2010-2950", "CVE-2010-3436", "CVE-2010-3709", "CVE-2010-3710", "CVE-2010-3870", "CVE-2010-4150", "CVE-2010-4156", "CVE-2010-4409", "CVE-2010-4697", "CVE-2010-4698", "CVE-2010-4699", "CVE-2010-4700", "CVE-2011-0753", "CVE-2011-0754", "CVE-2011-0755"], "modified": "2010-12-10T00:00:00", "cpe": [], "id": "801074.PRM", "href": "https://www.tenable.com/plugins/lce/801074", "sourceData": "Binary data 801074.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-03T14:50:43", "description": "The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.7.\n\nMac OS X 10.6.7 contains security fixes for the following products :\n\n - AirPort\n - Apache\n - AppleScript\n - ATS\n - bzip2\n - CarbonCore\n - ClamAV\n - CoreText\n - File Quarantine\n - HFS\n - ImageIO\n - Image RAW\n - Installer\n - Kerberos\n - Kernel\n - Libinfo\n - libxml\n - Mailman\n - PHP\n - QuickLook\n - QuickTime\n - Ruby\n - Samba\n - Subversion\n - Terminal\n - X11", "cvss3": {}, "published": "2011-03-22T00:00:00", "type": "nessus", "title": "Mac OS X 10.6.x < 10.6.7 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2010-0405", "CVE-2010-1323", "CVE-2010-1324", "CVE-2010-1452", "CVE-2010-2068", "CVE-2010-2950", "CVE-2010-3069", "CVE-2010-3089", "CVE-2010-3315", "CVE-2010-3434", "CVE-2010-3709", "CVE-2010-3710", "CVE-2010-3801", "CVE-2010-3802", "CVE-2010-3814", "CVE-2010-3855", "CVE-2010-3870", "CVE-2010-4008", "CVE-2010-4009", "CVE-2010-4020", "CVE-2010-4021", "CVE-2010-4150", "CVE-2010-4260", "CVE-2010-4261", "CVE-2010-4409", "CVE-2010-4479", "CVE-2010-4494", "CVE-2011-0170", "CVE-2011-0172", "CVE-2011-0173", "CVE-2011-0174", "CVE-2011-0175", "CVE-2011-0176", "CVE-2011-0177", "CVE-2011-0178", "CVE-2011-0179", "CVE-2011-0180", "CVE-2011-0181", "CVE-2011-0182", "CVE-2011-0183", "CVE-2011-0184", "CVE-2011-0186", "CVE-2011-0187", "CVE-2011-0188", "CVE-2011-0189", "CVE-2011-0190", "CVE-2011-0191", "CVE-2011-0192", "CVE-2011-0193", "CVE-2011-0194", "CVE-2011-1417"], "modified": "2018-08-22T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_6_7.NASL", "href": "https://www.tenable.com/plugins/nessus/52754", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3000) exit(0); # Avoid problems with large number of xrefs.\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(52754);\n script_version(\"1.33\");\n script_cvs_date(\"Date: 2018/08/22 16:49:14\");\n\n script_cve_id(\n \"CVE-2006-7243\",\n \"CVE-2010-0405\",\n \"CVE-2010-1323\",\n \"CVE-2010-1324\",\n \"CVE-2010-1452\",\n \"CVE-2010-2068\",\n \"CVE-2010-2950\",\n \"CVE-2010-3069\",\n \"CVE-2010-3089\",\n \"CVE-2010-3315\",\n \"CVE-2010-3434\",\n \"CVE-2010-3709\",\n \"CVE-2010-3710\",\n \"CVE-2010-3801\",\n \"CVE-2010-3802\",\n \"CVE-2010-3814\",\n \"CVE-2010-3855\",\n \"CVE-2010-3870\",\n \"CVE-2010-4008\",\n \"CVE-2010-4009\",\n \"CVE-2010-4020\",\n \"CVE-2010-4021\",\n \"CVE-2010-4150\",\n \"CVE-2010-4260\",\n \"CVE-2010-4261\",\n \"CVE-2010-4409\",\n \"CVE-2010-4479\",\n \"CVE-2010-4494\",\n \"CVE-2011-0170\",\n \"CVE-2011-0172\",\n \"CVE-2011-0173\",\n \"CVE-2011-0174\",\n \"CVE-2011-0175\",\n \"CVE-2011-0176\",\n \"CVE-2011-0177\",\n \"CVE-2011-0178\",\n \"CVE-2011-0179\",\n \"CVE-2011-0180\",\n \"CVE-2011-0181\",\n \"CVE-2011-0182\",\n \"CVE-2011-0183\",\n \"CVE-2011-0184\",\n \"CVE-2011-0186\",\n \"CVE-2011-0187\",\n \"CVE-2011-0188\",\n \"CVE-2011-0189\",\n \"CVE-2011-0190\",\n \"CVE-2011-0191\",\n \"CVE-2011-0192\",\n \"CVE-2011-0193\",\n \"CVE-2011-0194\",\n \"CVE-2011-1417\"\n );\n script_bugtraq_id(\n 40827,\n 43212,\n 43555,\n 43926,\n 44214,\n 44605,\n 44643,\n 44718,\n 44779,\n 44980,\n 45116,\n 45117,\n 45118,\n 45119,\n 45122,\n 45152,\n 46832,\n 46965,\n 46966,\n 46971,\n 46972,\n 46973,\n 46982,\n 46984,\n 46987,\n 46988,\n 46989,\n 46990,\n 46991,\n 46992,\n 46993,\n 46994,\n 46995,\n 46996,\n 46997,\n 47023\n );\n script_xref(name:\"EDB-ID\", value:\"17901\");\n script_xref(name:\"IAVB\", value:\"2010-B-0083\");\n\n script_name(english:\"Mac OS X 10.6.x < 10.6.7 Multiple Vulnerabilities\");\n script_summary(english:\"Check the version of Mac OS X\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is missing a Mac OS X update that fixes several\nsecurity issues.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is running a version of Mac OS X 10.6.x that is prior\nto 10.6.7.\n\nMac OS X 10.6.7 contains security fixes for the following products :\n\n - AirPort\n - Apache\n - AppleScript\n - ATS\n - bzip2\n - CarbonCore\n - ClamAV\n - CoreText\n - File Quarantine\n - HFS\n - ImageIO\n - Image RAW\n - Installer\n - Kerberos\n - Kernel\n - Libinfo\n - libxml\n - Mailman\n - PHP\n - QuickLook\n - QuickTime\n - Ruby\n - Samba\n - Subversion\n - Terminal\n - X11\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://support.apple.com/kb/HT4581\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Mac OS X 10.6.7 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n \n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n\n exit(0);\n}\n\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item(\"Host/OS\");\n if (isnull(os)) exit(0, \"The 'Host/OS' KB item is missing.\");\n if (\"Mac OS X\" >!< os) exit(0, \"The host does not appear to be running Mac OS X.\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) exit(0, \"The host does not appear to be running Mac OS X.\");\n\n\nif (ereg(pattern:\"Mac OS X 10\\.6($|\\.[0-6]([^0-9]|$))\", string:os)) security_hole(0);\nelse exit(0, \"The host is not affected as it is running \"+os+\".\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-03T14:59:06", "description": "The remote host is affected by the vulnerability described in GLSA-201110-06 (PHP: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A context-dependent attacker could execute arbitrary code, obtain sensitive information from process memory, bypass intended access restrictions, or cause a Denial of Service in various ways.\n A remote attacker could cause a Denial of Service in various ways, bypass spam detections, or bypass open_basedir restrictions.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2011-10-12T00:00:00", "type": "nessus", "title": "GLSA-201110-06 : PHP: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7243", "CVE-2009-5016", "CVE-2010-1128", "CVE-2010-1129", "CVE-2010-1130", "CVE-2010-1860", "CVE-2010-1861", "CVE-2010-1862", "CVE-2010-1864", "CVE-2010-1866", "CVE-2010-1868", "CVE-2010-1914", "CVE-2010-1915", "CVE-2010-1917", "CVE-2010-2093", "CVE-2010-2094", "CVE-2010-2097", "CVE-2010-2100", "CVE-2010-2101", "CVE-2010-2190", "CVE-2010-2191", "CVE-2010-2225", "CVE-2010-2484", "CVE-2010-2531", "CVE-2010-2950", "CVE-2010-3062", "CVE-2010-3063", "CVE-2010-3064", "CVE-2010-3065", "CVE-2010-3436", "CVE-2010-3709", "CVE-2010-3710", "CVE-2010-3870", "CVE-2010-4150", "CVE-2010-4409", "CVE-2010-4645", "CVE-2010-4697", "CVE-2010-4698", "CVE-2010-4699", "CVE-2010-4700", "CVE-2011-0420", "CVE-2011-0421", "CVE-2011-0708", "CVE-2011-0752", "CVE-2011-0753", "CVE-2011-0755", "CVE-2011-1092", "CVE-2011-1148", "CVE-2011-1153", "CVE-2011-1464", "CVE-2011-1466", "CVE-2011-1467", "CVE-2011-1468", "CVE-2011-1469", "CVE-2011-1470", "CVE-2011-1471", "CVE-2011-1657", "CVE-2011-1938", "CVE-2011-2202", "CVE-2011-2483", "CVE-2011-3182", "CVE-2011-3189", "CVE-2011-3267", "CVE-2011-3268"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:php", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201110-06.NASL", "href": "https://www.tenable.com/plugins/nessus/56459", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201110-06.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56459);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2006-7243\", \"CVE-2009-5016\", \"CVE-2010-1128\", \"CVE-2010-1129\", \"CVE-2010-1130\", \"CVE-2010-1860\", \"CVE-2010-1861\", \"CVE-2010-1862\", \"CVE-2010-1864\", \"CVE-2010-1866\", \"CVE-2010-1868\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\", \"CVE-2010-2093\", \"CVE-2010-2094\", \"CVE-2010-2097\", \"CVE-2010-2100\", \"CVE-2010-2101\", \"CVE-2010-2190\", \"CVE-2010-2191\", \"CVE-2010-2225\", \"CVE-2010-2484\", \"CVE-2010-2531\", \"CVE-2010-2950\", \"CVE-2010-3062\", \"CVE-2010-3063\", \"CVE-2010-3064\", \"CVE-2010-3065\", \"CVE-2010-3436\", \"CVE-2010-3709\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4150\", \"CVE-2010-4409\", \"CVE-2010-4645\", \"CVE-2010-4697\", \"CVE-2010-4698\", \"CVE-2010-4699\", \"CVE-2010-4700\", \"CVE-2011-0420\", \"CVE-2011-0421\", \"CVE-2011-0708\", \"CVE-2011-0752\", \"CVE-2011-0753\", \"CVE-2011-0755\", \"CVE-2011-1092\", \"CVE-2011-1148\", \"CVE-2011-1153\", \"CVE-2011-1464\", \"CVE-2011-1466\", \"CVE-2011-1467\", \"CVE-2011-1468\", \"CVE-2011-1469\", \"CVE-2011-1470\", \"CVE-2011-1471\", \"CVE-2011-1657\", \"CVE-2011-1938\", \"CVE-2011-2202\", \"CVE-2011-2483\", \"CVE-2011-3182\", \"CVE-2011-3189\", \"CVE-2011-3267\", \"CVE-2011-3268\");\n script_xref(name:\"GLSA\", value:\"201110-06\");\n\n script_name(english:\"GLSA-201110-06 : PHP: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201110-06\n(PHP: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PHP. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A context-dependent attacker could execute arbitrary code, obtain\n sensitive information from process memory, bypass intended access\n restrictions, or cause a Denial of Service in various ways.\n A remote attacker could cause a Denial of Service in various ways,\n bypass spam detections, or bypass open_basedir restrictions.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201110-06\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All PHP users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.3.8'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-lang/php\", unaffected:make_list(\"ge 5.3.8\"), vulnerable:make_list(\"lt 5.3.8\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"PHP\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "freebsd": [{"lastseen": "2023-12-03T16:50:41", "description": "\n\nThe following DoS condition in filter extension\n\t was fixed in PHP 5.3.4 and PHP 5.2.15:\n\nStack consumption vulnerability in the filter_var\n\t function in PHP 5.2.x through 5.2.14 and 5.3.x through\n\t 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows\n\t remote attackers to cause a denial of service (memory\n\t consumption and application crash) via a long e-mail\n\t address string.\n\n\n", "cvss3": {}, "published": "2010-12-13T00:00:00", "type": "freebsd", "title": "php-filter -- Denial of Service", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3710"], "modified": "2010-12-13T00:00:00", "id": "C623F058-10E7-11E0-BECC-0022156E8794", "href": "https://vuxml.freebsd.org/freebsd/c623f058-10e7-11e0-becc-0022156e8794.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "prion": [{"lastseen": "2023-11-22T04:59:06", "description": "Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string.", "cvss3": {}, "published": "2010-10-25T20:01:00", "type": "prion", "title": "Stack overflow", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3710"], "modified": "2016-08-23T02:02:00", "id": "PRION:CVE-2010-3710", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2010-3710", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-22T04:59:06", "description": "The t3lib_div::validEmail function in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 does not properly restrict input to filter_var FILTER_VALIDATE_EMAIL operations in PHP, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string, a related issue to CVE-2010-3710.", "cvss3": {}, "published": "2010-10-25T20:01:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3710", "CVE-2010-3717"], "modified": "2010-10-27T04:00:00", "id": "PRION:CVE-2010-3717", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2010-3717", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntucve": [{"lastseen": "2023-12-03T15:27:00", "description": "Stack consumption vulnerability in the filter_var function in PHP 5.2.x\nthrough 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is\nused, allows remote attackers to cause a denial of service (memory\nconsumption and application crash) via a long e-mail address string.\n\n#### Bugs\n\n * <http://bugs.php.net/bug.php?id=52929>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | PoC in php bug \n[sbeattie](<https://launchpad.net/~sbeattie>) | logical_filter code doesn't exist in dapper's version of php\n", "cvss3": {}, "published": "2010-10-25T00:00:00", "type": "ubuntucve", "title": "CVE-2010-3710", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3710"], "modified": "2010-10-25T00:00:00", "id": "UB:CVE-2010-3710", "href": "https://ubuntu.com/security/CVE-2010-3710", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-03T15:26:59", "description": "The t3lib_div::validEmail function in TYPO3 4.2.x before 4.2.15, 4.3.x\nbefore 4.3.7, and 4.4.x before 4.4.4 does not properly restrict input to\nfilter_var FILTER_VALIDATE_EMAIL operations in PHP, which allows remote\nattackers to cause a denial of service (memory consumption and application\ncrash) via a long e-mail address string, a related issue to CVE-2010-3710.", "cvss3": {}, "published": "2010-10-25T00:00:00", "type": "ubuntucve", "title": "CVE-2010-3717", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3710", "CVE-2010-3717"], "modified": "2010-10-25T00:00:00", "id": "UB:CVE-2010-3717", "href": "https://ubuntu.com/security/CVE-2010-3717", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2023-12-03T14:17:10", "description": "The t3lib_div::validEmail function in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 does not properly restrict input to filter_var FILTER_VALIDATE_EMAIL operations in PHP, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string, a related issue to CVE-2010-3710.", "cvss3": {}, "published": "2010-10-25T20:01:00", "type": "cve", "title": "CVE-2010-3717", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3710", "CVE-2010-3717"], "modified": "2010-10-27T04:00:00", "cpe": ["cpe:/a:typo3:typo3:4.2.14", "cpe:/a:typo3:typo3:4.3.5", "cpe:/a:typo3:typo3:4.4.2", "cpe:/a:typo3:typo3:4.3.6", "cpe:/a:typo3:typo3:4.4", "cpe:/a:typo3:typo3:4.2.2", "cpe:/a:typo3:typo3:4.2.6", "cpe:/a:typo3:typo3:4.3.0", "cpe:/a:typo3:typo3:4.2.11", "cpe:/a:typo3:typo3:4.4.3", "cpe:/a:typo3:typo3:4.3.3", "cpe:/a:typo3:typo3:4.2.10", "cpe:/a:typo3:typo3:4.2.9", "cpe:/a:typo3:typo3:4.2.1", "cpe:/a:typo3:typo3:4.2.12", "cpe:/a:typo3:typo3:4.2.13", "cpe:/a:typo3:typo3:4.2.5", "cpe:/a:typo3:typo3:4.3.2", "cpe:/a:typo3:typo3:4.3.1", "cpe:/a:typo3:typo3:4.2.0", "cpe:/a:typo3:typo3:4.4.1", "cpe:/a:typo3:typo3:4.2.7", "cpe:/a:typo3:typo3:4.2.3", "cpe:/a:typo3:typo3:4.2.4", "cpe:/a:typo3:typo3:4.3.4", "cpe:/a:typo3:typo3:4.2.8"], "id": "CVE-2010-3717", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3717", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.4:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:typo3:typo3:4.4.1:*:*:*:*:*:*:*"]}], "redhat": [{"lastseen": "2021-10-21T04:43:43", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA flaw was found in the way PHP converted certain floating point values\nfrom string representation to a number. If a PHP script evaluated an\nattacker's input in a numeric context, the PHP interpreter could cause high\nCPU usage until the script execution time limit is reached. This issue only\naffected i386 systems. (CVE-2010-4645)\n\nA stack memory exhaustion flaw was found in the way the PHP filter_var()\nfunction validated email addresses. An attacker could use this flaw to\ncrash the PHP interpreter by providing excessively long input to be\nvalidated as an email address. (CVE-2010-3710)\n\nA memory disclosure flaw was found in the PHP multi-byte string extension.\nIf the mb_strcut() function was called with a length argument exceeding the\ninput string size, the function could disclose a portion of the PHP\ninterpreter's memory. (CVE-2010-4156)\n\nAll php53 users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. After installing the updated\npackages, the httpd daemon must be restarted for the update to take effect.\n", "cvss3": {}, "published": "2011-02-03T00:00:00", "type": "redhat", "title": "(RHSA-2011:0196) Moderate: php53 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3710", "CVE-2010-4156", "CVE-2010-4645"], "modified": "2017-09-08T08:06:09", "id": "RHSA-2011:0196", "href": "https://access.redhat.com/errata/RHSA-2011:0196", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:37", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2010:218\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : php\r\n Date : October 31, 2010\r\n Affected: 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0,\r\n Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Multiple vulnerabilities were discovered and corrected in php:\r\n \r\n Stack consumption vulnerability in the filter_var function in PHP 5.2.x\r\n through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL\r\n mode is used, allows remote attackers to cause a denial of service\r\n &#40;memory consumption and application crash&#41; via a long e-mail address\r\n string &#40;CVE-2010-3710&#41;.\r\n \r\n A NULL pointer dereference was discovered in\r\n ZipArchive::getArchiveComment &#40;CVE-2010-3709&#41;.\r\n \r\n A possible flaw was discovered in open_basedir &#40;CVE-2010-3436&#41;.\r\n \r\n Packages for 2009.0 are provided as of the Extended Maintenance\r\n Program. Please visit this link to learn more:\r\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\r\n \r\n The updated packages have been patched to correct these issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3710\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3709\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3436\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2009.0:\r\n fc502765867803c52331e330a8a25540 \r\n2009.0/i586/libphp5_common5-5.2.14-0.2mdv2009.0.i586.rpm\r\n 484d2996febdc3836031c497cc942aa6 \r\n2009.0/i586/php-bcmath-5.2.14-0.2mdv2009.0.i586.rpm\r\n d92285d261ad28e4917b4ae37f14af74 \r\n2009.0/i586/php-bz2-5.2.14-0.2mdv2009.0.i586.rpm\r\n 9f1e090f0db80d76c19c93be505c8934 \r\n2009.0/i586/php-calendar-5.2.14-0.2mdv2009.0.i586.rpm\r\n 89794fddcf52bd907497caa8b4a0dd6c \r\n2009.0/i586/php-cgi-5.2.14-0.2mdv2009.0.i586.rpm\r\n 5ef9385c9a8050a685a7d619a05a528c \r\n2009.0/i586/php-cli-5.2.14-0.2mdv2009.0.i586.rpm\r\n 6b4c49e362bc9f39dc1f984196295b65 \r\n2009.0/i586/php-ctype-5.2.14-0.2mdv2009.0.i586.rpm\r\n ed8288c4f3c1339ba2393243878eae57 \r\n2009.0/i586/php-curl-5.2.14-0.2mdv2009.0.i586.rpm\r\n 6c5429089ba1029317bf35f74fc7fd27 \r\n2009.0/i586/php-dba-5.2.14-0.2mdv2009.0.i586.rpm\r\n 02b0c07b8d0858d09cabed8734bab460 \r\n2009.0/i586/php-dbase-5.2.14-0.2mdv2009.0.i586.rpm\r\n 4fbc31935fdc6c2d1075973312ccc4b3 \r\n2009.0/i586/php-devel-5.2.14-0.2mdv2009.0.i586.rpm\r\n 6f2eeed1d5ed01486f9b1d4ac32e18b3 \r\n2009.0/i586/php-dom-5.2.14-0.2mdv2009.0.i586.rpm\r\n f2d2f7f6d634f9d3b5ce3a97e9ec1b9f \r\n2009.0/i586/php-exif-5.2.14-0.2mdv2009.0.i586.rpm\r\n 1a86c10c9ab965f8cabc8422d8792c3f \r\n2009.0/i586/php-fcgi-5.2.14-0.2mdv2009.0.i586.rpm\r\n ec61218fc78a72568647cedd16361f3e \r\n2009.0/i586/php-filter-5.2.14-0.2mdv2009.0.i586.rpm\r\n 1b9a342a71e2dedfc4618967a11aaaf1 \r\n2009.0/i586/php-ftp-5.2.14-0.2mdv2009.0.i586.rpm\r\n 9c2b7fc279befad873916df7bcbcd69a 2009.0/i586/php-gd-5.2.14-0.2mdv2009.0.i586.rpm\r\n 9d340079a036d79655c1b3b5416650f7 \r\n2009.0/i586/php-gettext-5.2.14-0.2mdv2009.0.i586.rpm\r\n 175e24cac0bc830d20417626964b4660 \r\n2009.0/i586/php-gmp-5.2.14-0.2mdv2009.0.i586.rpm\r\n 98958b95d9a842e257f4aff00c9bc98d \r\n2009.0/i586/php-hash-5.2.14-0.2mdv2009.0.i586.rpm\r\n ca1980a86fe61c6630d8ae51010237a7 \r\n2009.0/i586/php-iconv-5.2.14-0.2mdv2009.0.i586.rpm\r\n dc707f264bba30f4ce769e01146ed6c5 \r\n2009.0/i586/php-imap-5.2.14-0.2mdv2009.0.i586.rpm\r\n 8e0f028e2981c237428abce7955018d5 \r\n2009.0/i586/php-json-5.2.14-0.2mdv2009.0.i586.rpm\r\n dcb60abf201bfe091c7ad13494c72cfd \r\n2009.0/i586/php-ldap-5.2.14-0.2mdv2009.0.i586.rpm\r\n 764a4cc80ec0b9ffd3508cce27fe4554 \r\n2009.0/i586/php-mbstring-5.2.14-0.2mdv2009.0.i586.rpm\r\n acb825ca75464c65b09773b80531903e \r\n2009.0/i586/php-mcrypt-5.2.14-0.2mdv2009.0.i586.rpm\r\n 23ea3cbd80a837f6e18f7a95b7a7d624 \r\n2009.0/i586/php-mhash-5.2.14-0.2mdv2009.0.i586.rpm\r\n b543f6ffccc0b2e3bc552005f9a61571 \r\n2009.0/i586/php-mime_magic-5.2.14-0.2mdv2009.0.i586.rpm\r\n ac010a7cbda895304883a62f1f3b8ee6 \r\n2009.0/i586/php-ming-5.2.14-0.2mdv2009.0.i586.rpm\r\n 0809151cae6dbe357fba2a789ccecb46 \r\n2009.0/i586/php-mssql-5.2.14-0.2mdv2009.0.i586.rpm\r\n 28262b04d8cfa18d7b641021470224cc \r\n2009.0/i586/php-mysql-5.2.14-0.2mdv2009.0.i586.rpm\r\n 59a0b0478fdf159f76237d27f6763716 \r\n2009.0/i586/php-mysqli-5.2.14-0.2mdv2009.0.i586.rpm\r\n 9e12dfdda5ac553749cf0fc39cff2300 \r\n2009.0/i586/php-ncurses-5.2.14-0.2mdv2009.0.i586.rpm\r\n 72990b52f5aa83edfcfcf570c664045c \r\n2009.0/i586/php-odbc-5.2.14-0.2mdv2009.0.i586.rpm\r\n b770a1fd9a69095c93899deb6a0acf37 \r\n2009.0/i586/php-openssl-5.2.14-0.2mdv2009.0.i586.rpm\r\n f2ca1de62097905d20f5b96d760e2f5d \r\n2009.0/i586/php-pcntl-5.2.14-0.2mdv2009.0.i586.rpm\r\n c33e00021eeff68a2b668038f54e7fcc \r\n2009.0/i586/php-pdo-5.2.14-0.2mdv2009.0.i586.rpm\r\n 5582d9d1b06257818663e7ed16aef731 \r\n2009.0/i586/php-pdo_dblib-5.2.14-0.2mdv2009.0.i586.rpm\r\n 85f413c6a5de21112a0da189395302f0 \r\n2009.0/i586/php-pdo_mysql-5.2.14-0.2mdv2009.0.i586.rpm\r\n 84be39a6ce59c192fe7d80ac7b6eead4 \r\n2009.0/i586/php-pdo_odbc-5.2.14-0.2mdv2009.0.i586.rpm\r\n 0994fca09fde176038d0788e51055676 \r\n2009.0/i586/php-pdo_pgsql-5.2.14-0.2mdv2009.0.i586.rpm\r\n 6522ffb26ac9873fe0374041e829e562 \r\n2009.0/i586/php-pdo_sqlite-5.2.14-0.2mdv2009.0.i586.rpm\r\n dc1f84540841f198406e06eede70cf76 \r\n2009.0/i586/php-pgsql-5.2.14-0.2mdv2009.0.i586.rpm\r\n 11213c7b5f41671a6120c19db4d0ca30 \r\n2009.0/i586/php-posix-5.2.14-0.2mdv2009.0.i586.rpm\r\n c3503407e51ef6e705eb7aac9111693d \r\n2009.0/i586/php-pspell-5.2.14-0.2mdv2009.0.i586.rpm\r\n 0a82fb85977fac7d3bc48be247c13eb1 \r\n2009.0/i586/php-readline-5.2.14-0.2mdv2009.0.i586.rpm\r\n f1360ffcca7366be062fab870457a6cd \r\n2009.0/i586/php-recode-5.2.14-0.2mdv2009.0.i586.rpm\r\n 015773eb8770845138e9588b11927948 \r\n2009.0/i586/php-session-5.2.14-0.2mdv2009.0.i586.rpm\r\n 802c020f2bd78598e30ede06d4d13330 \r\n2009.0/i586/php-shmop-5.2.14-0.2mdv2009.0.i586.rpm\r\n ad42101ed15582e7be72bd4a928f070b \r\n2009.0/i586/php-snmp-5.2.14-0.2mdv2009.0.i586.rpm\r\n 1466e52f4185a40dfbc97b7c24cf28de \r\n2009.0/i586/php-soap-5.2.14-0.2mdv2009.0.i586.rpm\r\n 62b49b44ff2690c3dcadc000947dcc80 \r\n2009.0/i586/php-sockets-5.2.14-0.2mdv2009.0.i586.rpm\r\n b91bafa27a2c3aa5d5efe3b30929e538 \r\n2009.0/i586/php-sqlite-5.2.14-0.2mdv2009.0.i586.rpm\r\n 20fe5e6c6be593f167965a92f4362182 \r\n2009.0/i586/php-sybase-5.2.14-0.2mdv2009.0.i586.rpm\r\n bac57ff5c682d9b52f836924aa86d573 \r\n2009.0/i586/php-sysvmsg-5.2.14-0.2mdv2009.0.i586.rpm\r\n 911c811eb85697c41541061ebd4bdce7 \r\n2009.0/i586/php-sysvsem-5.2.14-0.2mdv2009.0.i586.rpm\r\n 00fb209268e4b2455b03853b5bbb85c7 \r\n2009.0/i586/php-sysvshm-5.2.14-0.2mdv2009.0.i586.rpm\r\n fa6c69784aa3b3690e7cd2cd773a6c69 \r\n2009.0/i586/php-tidy-5.2.14-0.2mdv2009.0.i586.rpm\r\n 0d3f321346d939d4ef9045da69c359c3 \r\n2009.0/i586/php-tokenizer-5.2.14-0.2mdv2009.0.i586.rpm\r\n 3691317a54b41b20d832b7e4f7521827 \r\n2009.0/i586/php-wddx-5.2.14-0.2mdv2009.0.i586.rpm\r\n 0888df260b707eb1934618b45e9ef3f9 \r\n2009.0/i586/php-xml-5.2.14-0.2mdv2009.0.i586.rpm\r\n f678171a452dcf1c3e4531d9efea68eb \r\n2009.0/i586/php-xmlreader-5.2.14-0.2mdv2009.0.i586.rpm\r\n 9a5a5d74aa83318c77a0b42392ab555e \r\n2009.0/i586/php-xmlrpc-5.2.14-0.2mdv2009.0.i586.rpm\r\n 05f85dac37337fed7298edb3c8db496a \r\n2009.0/i586/php-xmlwriter-5.2.14-0.2mdv2009.0.i586.rpm\r\n c5fae635c17960a486ca7ea69c41e3a0 \r\n2009.0/i586/php-xsl-5.2.14-0.2mdv2009.0.i586.rpm\r\n b7928851f53a86e216782fa4fa70f65c \r\n2009.0/i586/php-zip-5.2.14-0.2mdv2009.0.i586.rpm\r\n c6fa4e9c4b06eba23b368a52a3f93461 \r\n2009.0/i586/php-zlib-5.2.14-0.2mdv2009.0.i586.rpm \r\n b6f075621c76f6ef9eae1d118f1a8c29 2009.0/SRPMS/php-5.2.14-0.2mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n 8654829347d12d055a67e7accaee2075 \r\n2009.0/x86_64/lib64php5_common5-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 69b6c0783713744c56b3f3e5293c8d2c \r\n2009.0/x86_64/php-bcmath-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 867f23482296d9109a7a15ff990e37ae \r\n2009.0/x86_64/php-bz2-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 417ce631fa50c5e5dddcb1ea3644b536 \r\n2009.0/x86_64/php-calendar-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 8ecf7ba059aaaded502bcdc268069bf1 \r\n2009.0/x86_64/php-cgi-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 394e7d4c0c686ab747ebc87837b97fa7 \r\n2009.0/x86_64/php-cli-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n f59a48e99cc87ec675f60f79dd5711d1 \r\n2009.0/x86_64/php-ctype-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 9dd4f2c0684d321c4782a946b116d527 \r\n2009.0/x86_64/php-curl-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 9aad29dee6ea7b471d07ba6c4d912e17 \r\n2009.0/x86_64/php-dba-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n abc01b322bc801e634c1ba208e4f30ca \r\n2009.0/x86_64/php-dbase-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 34816f5e5dfa2678bfc8d3aeb48c003e \r\n2009.0/x86_64/php-devel-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 238e9e80426f4dcee3e11051bc62fd94 \r\n2009.0/x86_64/php-dom-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n c21a874317674b0dc5048d8382a7f9dc \r\n2009.0/x86_64/php-exif-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 36e944335a15dc8b924943c16f035128 \r\n2009.0/x86_64/php-fcgi-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 53a736ec8772660bc65fe76f9bedda0c \r\n2009.0/x86_64/php-filter-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n be25a67386ddbc18cc8fbc8dd4c86311 \r\n2009.0/x86_64/php-ftp-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n be6d82253fa905c22a466b7d9b8da387 \r\n2009.0/x86_64/php-gd-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 7615ed256ef9a24e0f5f90f628b22a79 \r\n2009.0/x86_64/php-gettext-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 6846ac04dd57c042753c3cf53014940e \r\n2009.0/x86_64/php-gmp-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 3db1b93b9accdd3c8cc59bbbb04a8093 \r\n2009.0/x86_64/php-hash-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 61143f3c5161881160b27a8d0d4b877a \r\n2009.0/x86_64/php-iconv-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 6ffbb7ff284523dbe0f0d31aea0edc77 \r\n2009.0/x86_64/php-imap-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n b7e4c7baef055f7afd7d1973cf7eff5a \r\n2009.0/x86_64/php-json-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 3f82ac35cb930c01365dbf31097f0011 \r\n2009.0/x86_64/php-ldap-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 5ed308febaf9bc57548d1ee0677694f3 \r\n2009.0/x86_64/php-mbstring-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 5b6c20e1c4123a39b0f5ce8cd97e6aab \r\n2009.0/x86_64/php-mcrypt-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 01a812645346f63b8657c15e2efa1026 \r\n2009.0/x86_64/php-mhash-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 088f6362cab65ac347c297b6b524f222 \r\n2009.0/x86_64/php-mime_magic-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n a5ab3bc8474fd9324491eeb1b8b8674f \r\n2009.0/x86_64/php-ming-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n b0e10c52296a981375bb963b7c8ab6b5 \r\n2009.0/x86_64/php-mssql-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n e8a384054e0f2a7e34ae66204a9558ff \r\n2009.0/x86_64/php-mysql-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 8d221440e6a014d73607633a748dca30 \r\n2009.0/x86_64/php-mysqli-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 231f7db336d7ec688ee6e8e5bd62ce3a \r\n2009.0/x86_64/php-ncurses-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 8a942e183e80afd7005085ed7e132f93 \r\n2009.0/x86_64/php-odbc-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 576605551e0b28b392b4a34ee94ab0ae \r\n2009.0/x86_64/php-openssl-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 9d3b9b9788afda0071eae7afaf4f7f21 \r\n2009.0/x86_64/php-pcntl-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n ed8d2cfceaba7a9fc7324a2319e82cd9 \r\n2009.0/x86_64/php-pdo-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n eca7d3866dd6425f100bf3b5e6d0c9c8 \r\n2009.0/x86_64/php-pdo_dblib-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 4871d95d0bd6ca449cc0d348c62c2814 \r\n2009.0/x86_64/php-pdo_mysql-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 5fe9f3a9f4f97c726a71259baa420c4b \r\n2009.0/x86_64/php-pdo_odbc-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 4e838ac592855bffa38d534a21868403 \r\n2009.0/x86_64/php-pdo_pgsql-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n dcea50586f752f7c1403d612efa945f0 \r\n2009.0/x86_64/php-pdo_sqlite-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 281e69926277cf6f7035b7f8ce57f036 \r\n2009.0/x86_64/php-pgsql-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 2dff4715ee26f795e25a4930626c8846 \r\n2009.0/x86_64/php-posix-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 08a2630e45335b3921272c255a50c32f \r\n2009.0/x86_64/php-pspell-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 53860147c5f132ec407b0e1d1f429180 \r\n2009.0/x86_64/php-readline-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n fefb10f5214f10fecea376860167fe2f \r\n2009.0/x86_64/php-recode-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n a70e836d43904543a7b6bd4b17001bd5 \r\n2009.0/x86_64/php-session-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 98788c625225a96c5acb17a3dc10b0c6 \r\n2009.0/x86_64/php-shmop-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 41202f5dc31bf7a85bfbeacca1881e58 \r\n2009.0/x86_64/php-snmp-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n ae1dab2a589b20db81e0011d31657be2 \r\n2009.0/x86_64/php-soap-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 1162d7de68989a7b2a4e22216535c13c \r\n2009.0/x86_64/php-sockets-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 03829be7322ee33de73fc14d6d26026b \r\n2009.0/x86_64/php-sqlite-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 27da4007a882d4125e6ca9d8d1b24cda \r\n2009.0/x86_64/php-sybase-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n df9c75c8f24c410669359e0d8b8e45a6 \r\n2009.0/x86_64/php-sysvmsg-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n f62693bc4089440d8b5245520b6bc735 \r\n2009.0/x86_64/php-sysvsem-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 1405738f1dc42b24a791104f205fb902 \r\n2009.0/x86_64/php-sysvshm-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 5254e62e5274bcbbf57d9755efae0dc3 \r\n2009.0/x86_64/php-tidy-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 0dce5985bf26b376c787364c9911295c \r\n2009.0/x86_64/php-tokenizer-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 6b26f6ccdee85b6bc5b47c8bccce63ce \r\n2009.0/x86_64/php-wddx-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 1a05972b34ef1365dc2cad0f3da42056 \r\n2009.0/x86_64/php-xml-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 4fcd162ccb7c97fcbd4da259cb59ad1b \r\n2009.0/x86_64/php-xmlreader-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 93a7ae04b9828b67f1f2ead72a436c10 \r\n2009.0/x86_64/php-xmlrpc-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 56d5c80acc2d822f19052e0080dcb5cf \r\n2009.0/x86_64/php-xmlwriter-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 75284c09346a76399bb1183198319227 \r\n2009.0/x86_64/php-xsl-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n 1964938515cc5c8c56a0876f4b9638f0 \r\n2009.0/x86_64/php-zip-5.2.14-0.2mdv2009.0.x86_64.rpm\r\n c78dcc02df632001106a23a2b09a0530 \r\n2009.0/x86_64/php-zlib-5.2.14-0.2mdv2009.0.x86_64.rpm \r\n b6f075621c76f6ef9eae1d118f1a8c29 2009.0/SRPMS/php-5.2.14-0.2mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.1:\r\n 40c80a005a9c887b46dc2170cf01911a \r\n2009.1/i586/libphp5_common5-5.2.14-0.2mdv2009.1.i586.rpm\r\n 655c94c225617d401be807512f62648d \r\n2009.1/i586/php-bcmath-5.2.14-0.2mdv2009.1.i586.rpm\r\n b525e3e7fb0776307ef98017b2b0f9e6 \r\n2009.1/i586/php-bz2-5.2.14-0.2mdv2009.1.i586.rpm\r\n ea9d79bf59652a7f36bc4a8530306667 \r\n2009.1/i586/php-calendar-5.2.14-0.2mdv2009.1.i586.rpm\r\n dcfb6d7a1c4d1d7889e3e22714f6641d \r\n2009.1/i586/php-cgi-5.2.14-0.2mdv2009.1.i586.rpm\r\n aefd3adbf9694c12d0e48411590756f5 \r\n2009.1/i586/php-cli-5.2.14-0.2mdv2009.1.i586.rpm\r\n 5681e806ccde04841b37b4f5f78de6b6 \r\n2009.1/i586/php-ctype-5.2.14-0.2mdv2009.1.i586.rpm\r\n 689c5389db39b4c226e39e65e9c06a46 \r\n2009.1/i586/php-curl-5.2.14-0.2mdv2009.1.i586.rpm\r\n 1e06d4802bfbca461bb74c2f7b3fdfb9 \r\n2009.1/i586/php-dba-5.2.14-0.2mdv2009.1.i586.rpm\r\n df546edd43dc87c950144c3a0652b0b5 \r\n2009.1/i586/php-dbase-5.2.14-0.2mdv2009.1.i586.rpm\r\n c056bbd3e4c565c70a1d3e27bd1f4573 \r\n2009.1/i586/php-devel-5.2.14-0.2mdv2009.1.i586.rpm\r\n 7b2026230168485f97f18fdd9d22b969 \r\n2009.1/i586/php-dom-5.2.14-0.2mdv2009.1.i586.rpm\r\n b3e8768d579f116a4ed793b2c5e5e5df \r\n2009.1/i586/php-exif-5.2.14-0.2mdv2009.1.i586.rpm\r\n 92af9f57293502a01381741e79c214a4 \r\n2009.1/i586/php-fcgi-5.2.14-0.2mdv2009.1.i586.rpm\r\n 53769eacc90a4e99933df1c9d1c13f6c \r\n2009.1/i586/php-filter-5.2.14-0.2mdv2009.1.i586.rpm\r\n fbb7daf7d347e78c66d674d51d9b6b65 \r\n2009.1/i586/php-ftp-5.2.14-0.2mdv2009.1.i586.rpm\r\n 6cb5f8df0af96cd2e54992a1d4227a9e 2009.1/i586/php-gd-5.2.14-0.2mdv2009.1.i586.rpm\r\n 1cb3c1f441771ad0546a66fd31bdcab3 \r\n2009.1/i586/php-gettext-5.2.14-0.2mdv2009.1.i586.rpm\r\n 6be2f50f5ad8a9431e6172f8ed1ff7c7 \r\n2009.1/i586/php-gmp-5.2.14-0.2mdv2009.1.i586.rpm\r\n ab46c0c1b248ca32903346b6aaba6cbc \r\n2009.1/i586/php-hash-5.2.14-0.2mdv2009.1.i586.rpm\r\n 79610e4080db62d6d26ebeefe51da19b \r\n2009.1/i586/php-iconv-5.2.14-0.2mdv2009.1.i586.rpm\r\n 6b53be639abf65eb304d717d91c716a2 \r\n2009.1/i586/php-imap-5.2.14-0.2mdv2009.1.i586.rpm\r\n 0cbf18ad47b7eca6a760e552dfd53c2a \r\n2009.1/i586/php-json-5.2.14-0.2mdv2009.1.i586.rpm\r\n d57dbed88cab2482d0e60c4eda79f176 \r\n2009.1/i586/php-ldap-5.2.14-0.2mdv2009.1.i586.rpm\r\n 632fc39112d7e023155fa11a77a564bf \r\n2009.1/i586/php-mbstring-5.2.14-0.2mdv2009.1.i586.rpm\r\n 7fa53336aaac71ed6aff4fcb10d02994 \r\n2009.1/i586/php-mcrypt-5.2.14-0.2mdv2009.1.i586.rpm\r\n c53e49df6f29e3461042830da42ecd5d \r\n2009.1/i586/php-mhash-5.2.14-0.2mdv2009.1.i586.rpm\r\n d386628e1061ae753096043eab541ef4 \r\n2009.1/i586/php-mime_magic-5.2.14-0.2mdv2009.1.i586.rpm\r\n ff4f8bf854a54d585c5e866c78353740 \r\n2009.1/i586/php-ming-5.2.14-0.2mdv2009.1.i586.rpm\r\n 5682bf7ab2b93f25e3c82ccbc7f348d2 \r\n2009.1/i586/php-mssql-5.2.14-0.2mdv2009.1.i586.rpm\r\n a73796e1c7254ce52059dc83ea53d2c1 \r\n2009.1/i586/php-mysql-5.2.14-0.2mdv2009.1.i586.rpm\r\n d026c149775e714cafbebdad05d73afb \r\n2009.1/i586/php-mysqli-5.2.14-0.2mdv2009.1.i586.rpm\r\n 030dd9a132a202fe1ffc8a0716b86ff9 \r\n2009.1/i586/php-ncurses-5.2.14-0.2mdv2009.1.i586.rpm\r\n 059158ccefe28badc86ec7f765afe058 \r\n2009.1/i586/php-odbc-5.2.14-0.2mdv2009.1.i586.rpm\r\n 672cea4af0c97f6f792c3e32d9fc0a4e \r\n2009.1/i586/php-openssl-5.2.14-0.2mdv2009.1.i586.rpm\r\n 06831420729fb9d49d97b5d2d23a6da0 \r\n2009.1/i586/php-pcntl-5.2.14-0.2mdv2009.1.i586.rpm\r\n eeb1f4fe4c9a31a570f5d65d74b51569 \r\n2009.1/i586/php-pdo-5.2.14-0.2mdv2009.1.i586.rpm\r\n fbcf127feb8102d401779b1beacaee24 \r\n2009.1/i586/php-pdo_dblib-5.2.14-0.2mdv2009.1.i586.rpm\r\n 44533e6a0083da4fbc0b49b7cccc5e94 \r\n2009.1/i586/php-pdo_mysql-5.2.14-0.2mdv2009.1.i586.rpm\r\n 71e4fb3237542d8580790ef0591e3f69 \r\n2009.1/i586/php-pdo_odbc-5.2.14-0.2mdv2009.1.i586.rpm\r\n e4a1cf5cc9b6a2152cb47c9910733887 \r\n2009.1/i586/php-pdo_pgsql-5.2.14-0.2mdv2009.1.i586.rpm\r\n 6c864996b3879affba3d9e3b1530e7a9 \r\n2009.1/i586/php-pdo_sqlite-5.2.14-0.2mdv2009.1.i586.rpm\r\n c1b616a4bf3cfbd64ec47fb965e6b1da \r\n2009.1/i586/php-pgsql-5.2.14-0.2mdv2009.1.i586.rpm\r\n cb9e9f6e6f98be02b7f80d40b57b46fb \r\n2009.1/i586/php-posix-5.2.14-0.2mdv2009.1.i586.rpm\r\n f83e5af2fa60ecf9b4b04fb5cc1c1932 \r\n2009.1/i586/php-pspell-5.2.14-0.2mdv2009.1.i586.rpm\r\n af63a15baa60ecb305bbd979498e0463 \r\n2009.1/i586/php-readline-5.2.14-0.2mdv2009.1.i586.rpm\r\n ddeb78813405a62db1cafa414fc410d0 \r\n2009.1/i586/php-recode-5.2.14-0.2mdv2009.1.i586.rpm\r\n fb9a1beb79f46610d81fd445cf370c95 \r\n2009.1/i586/php-session-5.2.14-0.2mdv2009.1.i586.rpm\r\n 49256ec1825f377b519b647f2a7c103f \r\n2009.1/i586/php-shmop-5.2.14-0.2mdv2009.1.i586.rpm\r\n c75dd2c51dae5763c94576e04c66d2c2 \r\n2009.1/i586/php-snmp-5.2.14-0.2mdv2009.1.i586.rpm\r\n 6ed4154d553595370f729886662c9b81 \r\n2009.1/i586/php-soap-5.2.14-0.2mdv2009.1.i586.rpm\r\n 14df37dd2533c6616e34b7ff3c112624 \r\n2009.1/i586/php-sockets-5.2.14-0.2mdv2009.1.i586.rpm\r\n 11d51b6b3f92a61e31b7fc9cc08c6e97 \r\n2009.1/i586/php-sqlite-5.2.14-0.2mdv2009.1.i586.rpm\r\n 8fb802cf6431ff684d344b4c524763ab \r\n2009.1/i586/php-sybase-5.2.14-0.2mdv2009.1.i586.rpm\r\n f4ee7885ab1c541c8e91fed2360e0017 \r\n2009.1/i586/php-sysvmsg-5.2.14-0.2mdv2009.1.i586.rpm\r\n 901b7ddf689db1783d39226d04fe51ee \r\n2009.1/i586/php-sysvsem-5.2.14-0.2mdv2009.1.i586.rpm\r\n 89b35016a8646244ab0696f25df140b4 \r\n2009.1/i586/php-sysvshm-5.2.14-0.2mdv2009.1.i586.rpm\r\n 50b353b2eedad4e7de9f5f04ad71adab \r\n2009.1/i586/php-tidy-5.2.14-0.2mdv2009.1.i586.rpm\r\n 1061f088d52f1c310b80f5dc8e5a712f \r\n2009.1/i586/php-tokenizer-5.2.14-0.2mdv2009.1.i586.rpm\r\n affa049612883f368682984c7acebbb3 \r\n2009.1/i586/php-wddx-5.2.14-0.2mdv2009.1.i586.rpm\r\n 38020ffe3ec77d9bdb7a1e4a4b603230 \r\n2009.1/i586/php-xml-5.2.14-0.2mdv2009.1.i586.rpm\r\n fecfd8841e772091d7c23135f7014e28 \r\n2009.1/i586/php-xmlreader-5.2.14-0.2mdv2009.1.i586.rpm\r\n 387351ba3c066e738be9545eb096ab27 \r\n2009.1/i586/php-xmlrpc-5.2.14-0.2mdv2009.1.i586.rpm\r\n dd1ef4a15b96cffecdbfa155beba3627 \r\n2009.1/i586/php-xmlwriter-5.2.14-0.2mdv2009.1.i586.rpm\r\n e9ad866fb44ba02f69cc19cab21ba4d2 \r\n2009.1/i586/php-xsl-5.2.14-0.2mdv2009.1.i586.rpm\r\n 9aad041ea90193e9e6163cdb3f179b16 \r\n2009.1/i586/php-zip-5.2.14-0.2mdv2009.1.i586.rpm\r\n 5be02ff40c26552c88c6c8abd6b49799 \r\n2009.1/i586/php-zlib-5.2.14-0.2mdv2009.1.i586.rpm \r\n bb482c6bd2d14f7d52c1aa5a934196a8 2009.1/SRPMS/php-5.2.14-0.2mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2009.1/X86_64:\r\n ebef2aa9c330e1272c9b49c254bfc7d7 \r\n2009.1/x86_64/lib64php5_common5-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 68ab897961e9af54e0ab0e13c8f62ff0 \r\n2009.1/x86_64/php-bcmath-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 036829e1438fdc2c9258c8e957f04ab6 \r\n2009.1/x86_64/php-bz2-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 8c9d0f258cd4c261f6ef40991a245f1c \r\n2009.1/x86_64/php-calendar-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 7bbb3b82c551079ee71ef53f82974e24 \r\n2009.1/x86_64/php-cgi-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 5fa13b6bf22877a451f450729149bb6a \r\n2009.1/x86_64/php-cli-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 20b5632cbd0eef84e6732d18f464b90e \r\n2009.1/x86_64/php-ctype-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n ccd41f770d6f0aba7f635ef4b4ce0352 \r\n2009.1/x86_64/php-curl-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 40c510409912aedd1ec696bea26cbcdc \r\n2009.1/x86_64/php-dba-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n fd4c2919ccdf6fb332fdf3ac7b5657fe \r\n2009.1/x86_64/php-dbase-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n d2e9b7c597117ef1d9f5ea22b45e131f \r\n2009.1/x86_64/php-devel-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 4a6b1c4c4e2022854f63d7c23f88f827 \r\n2009.1/x86_64/php-dom-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 1c2366eba6b64931959875b7b363ca39 \r\n2009.1/x86_64/php-exif-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 7433050da10ae034e33c674b5c181ff4 \r\n2009.1/x86_64/php-fcgi-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 0afe85aaec5e5ba121f3c9ebbfc08e48 \r\n2009.1/x86_64/php-filter-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n e336d6eae63cea976299ecf8ec499a00 \r\n2009.1/x86_64/php-ftp-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 0e4da4aac1cb5c7a2b18e93baa7df50a \r\n2009.1/x86_64/php-gd-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 0225e846be17152fdda203475a7ff7c3 \r\n2009.1/x86_64/php-gettext-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n d267d598cad3c663ee2dfa47394a1dac \r\n2009.1/x86_64/php-gmp-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 6d67e3b89156248fcc1ebf5df8593f48 \r\n2009.1/x86_64/php-hash-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 14a6bb2390e4c2f4f4999f46c8fd687f \r\n2009.1/x86_64/php-iconv-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 3888422371dee060d80e6f4b241416c4 \r\n2009.1/x86_64/php-imap-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 2b5a98d958b437cf7dc386b1e1826360 \r\n2009.1/x86_64/php-json-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n ffe95800ca5fc6ab3c427973160ce1b8 \r\n2009.1/x86_64/php-ldap-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 7fd8e1d366a339c9f61a8ec2740a638b \r\n2009.1/x86_64/php-mbstring-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n a8b37aa7b37e34323f171392504ef059 \r\n2009.1/x86_64/php-mcrypt-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 7355890f742cd4285b2700f4f47e660b \r\n2009.1/x86_64/php-mhash-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n ab37ece56bd0003000dd386144914e3d \r\n2009.1/x86_64/php-mime_magic-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 673b17f7d6b6ac5cf16d65456607a835 \r\n2009.1/x86_64/php-ming-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 5cd38a31672ece72ff9f91498b8e184d \r\n2009.1/x86_64/php-mssql-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 335cedadf385270675ece0e02dacca49 \r\n2009.1/x86_64/php-mysql-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 06e6ef70e4be249ddfc549a3f314b354 \r\n2009.1/x86_64/php-mysqli-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 700868a11164d4569932539076bc06f1 \r\n2009.1/x86_64/php-ncurses-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n bc122358b1ef2368aefea3d9b4765907 \r\n2009.1/x86_64/php-odbc-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n a65f676a45ad5a6b54c8dcf939d124f3 \r\n2009.1/x86_64/php-openssl-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n d8ec5f16432b6b17cd91a7e833a3a5fc \r\n2009.1/x86_64/php-pcntl-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n f0e0c0e8198a6243d5ccc63172a311f3 \r\n2009.1/x86_64/php-pdo-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 47efb119ac441e6b66ccf6b524a75d09 \r\n2009.1/x86_64/php-pdo_dblib-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 31eb2cdbe7a965ec5353100814a2c1eb \r\n2009.1/x86_64/php-pdo_mysql-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 7e9641b2b87a1c131a66ddc9b9d63b47 \r\n2009.1/x86_64/php-pdo_odbc-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 04fd3d6631e6bafe59e51b34cbbc5a0d \r\n2009.1/x86_64/php-pdo_pgsql-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 99944f56e62cf74657a758a92bb862de \r\n2009.1/x86_64/php-pdo_sqlite-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 6e182dfdc406fb21add2d391fef77a59 \r\n2009.1/x86_64/php-pgsql-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 52dc9d3161b72b38a48b31c244387a68 \r\n2009.1/x86_64/php-posix-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 8c7b7d243b210a3a3cf21b6b4f28b6ef \r\n2009.1/x86_64/php-pspell-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 3f990c9a353461f74bb20322606d70dc \r\n2009.1/x86_64/php-readline-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 20fd9e1e0706299f7e39d3028fb1bfe7 \r\n2009.1/x86_64/php-recode-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 020d2a6764d0804af3f4a8cf3d3806b4 \r\n2009.1/x86_64/php-session-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 945158d59e119abd34196342d18cb5ef \r\n2009.1/x86_64/php-shmop-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 38a59ad0964d2285dd22ec8a8dfba3fa \r\n2009.1/x86_64/php-snmp-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 5652a499ba12cb6c9bbda8cf3e41deb7 \r\n2009.1/x86_64/php-soap-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 1fed506dddcbba887afe2095540407b9 \r\n2009.1/x86_64/php-sockets-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 9f03c1b91b6fd08ca7cea6b9381a940f \r\n2009.1/x86_64/php-sqlite-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 0292232962af3fffcc529f1a74be9a85 \r\n2009.1/x86_64/php-sybase-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 7d98336c71a4938fd88f72e6f33a5c28 \r\n2009.1/x86_64/php-sysvmsg-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 43d4daabd6f65547d251213bc3f67292 \r\n2009.1/x86_64/php-sysvsem-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n adab3cd2fd16d0d4b1763431cbe64e54 \r\n2009.1/x86_64/php-sysvshm-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 648183705062b36db901184df308e7ca \r\n2009.1/x86_64/php-tidy-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 7e0f8c94ec712a62bcc66af259835ac0 \r\n2009.1/x86_64/php-tokenizer-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n aaf35c8d752a2687d2ec1c5b90ebfc2e \r\n2009.1/x86_64/php-wddx-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 22e4370ed9f2cb1c1ae946830fc2fdf6 \r\n2009.1/x86_64/php-xml-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n cbbe105e4b6057dededfe0c058a6bd89 \r\n2009.1/x86_64/php-xmlreader-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n dbc8d8033aa9c072aa8907a17cb83b5d \r\n2009.1/x86_64/php-xmlrpc-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n c6d44bffe5a6792a5c4ce30e0227e222 \r\n2009.1/x86_64/php-xmlwriter-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n c82a29791c12e2e5fc7c26f9b74cc4aa \r\n2009.1/x86_64/php-xsl-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n eed05c4f7bc2567015dee6495d54e1f1 \r\n2009.1/x86_64/php-zip-5.2.14-0.2mdv2009.1.x86_64.rpm\r\n 14a2cc3fefa8b567210d1f88a5fd0078 \r\n2009.1/x86_64/php-zlib-5.2.14-0.2mdv2009.1.x86_64.rpm \r\n bb482c6bd2d14f7d52c1aa5a934196a8 2009.1/SRPMS/php-5.2.14-0.2mdv2009.1.src.rpm\r\n\r\n Mandriva Linux 2010.0:\r\n 7008f7561a559d6549463b749195515b \r\n2010.0/i586/libphp5_common5-5.3.3-0.2mdv2010.0.i586.rpm\r\n 5f636a3cdf7c43f71cf20c0533eaca04 \r\n2010.0/i586/php-bcmath-5.3.3-0.2mdv2010.0.i586.rpm\r\n 51fb7db13a901acb2adee1b8716cf9d2 2010.0/i586/php-bz2-5.3.3-0.2mdv2010.0.i586.rpm\r\n 033b96a20a70ef4ed78e31cbe07c5049 \r\n2010.0/i586/php-calendar-5.3.3-0.2mdv2010.0.i586.rpm\r\n 70332830c24bfc4c684c46f740483c9f 2010.0/i586/php-cgi-5.3.3-0.2mdv2010.0.i586.rpm\r\n 251883aa969d33c0449838aa7c4aaaa5 2010.0/i586/php-cli-5.3.3-0.2mdv2010.0.i586.rpm\r\n bf5c010d54c5ae5821ae07a6b8d8f15b \r\n2010.0/i586/php-ctype-5.3.3-0.2mdv2010.0.i586.rpm\r\n ed6d5f568611fbb0455219a140d0c2b8 \r\n2010.0/i586/php-curl-5.3.3-0.2mdv2010.0.i586.rpm\r\n a9fb79f06b246c6e03fb6b2909690ce8 2010.0/i586/php-dba-5.3.3-0.2mdv2010.0.i586.rpm\r\n c4f8bdab970541c92ae2924ed4e32cbd \r\n2010.0/i586/php-devel-5.3.3-0.2mdv2010.0.i586.rpm\r\n 468dbc6ab3c0166276c36a97c5f9be3a 2010.0/i586/php-doc-5.3.3-0.2mdv2010.0.i586.rpm\r\n 41bcb35915b2ef724ea4f9a8fb4cccdd 2010.0/i586/php-dom-5.3.3-0.2mdv2010.0.i586.rpm\r\n d05bdaa9c79f2c201569c6df6c5b111b \r\n2010.0/i586/php-enchant-5.3.3-0.2mdv2010.0.i586.rpm\r\n e21efc27b34149eade9cac5d651fbdec \r\n2010.0/i586/php-exif-5.3.3-0.2mdv2010.0.i586.rpm\r\n fb0b5457315d3ced0ea05a14ceb06e90 \r\n2010.0/i586/php-fileinfo-5.3.3-0.2mdv2010.0.i586.rpm\r\n e3b7aa13cb82341db81f368602358272 \r\n2010.0/i586/php-filter-5.3.3-0.2mdv2010.0.i586.rpm\r\n 6150918a9d0c433aaf90d2c2e2605f06 2010.0/i586/php-fpm-5.3.3-0.2mdv2010.0.i586.rpm\r\n cbcde2f578a5c71b54aa88de5a3c3d52 2010.0/i586/php-ftp-5.3.3-0.2mdv2010.0.i586.rpm\r\n cae8f6d37d4e601a95270970b3cbf955 2010.0/i586/php-gd-5.3.3-0.2mdv2010.0.i586.rpm\r\n 87ea8eeaa28ac32326cad7b5356a44bd \r\n2010.0/i586/php-gettext-5.3.3-0.2mdv2010.0.i586.rpm\r\n b35a22b312e56978295281a5d059f0d7 2010.0/i586/php-gmp-5.3.3-0.2mdv2010.0.i586.rpm\r\n 4f522862a5c6ae67e2e02ded5f0b29d8 \r\n2010.0/i586/php-hash-5.3.3-0.2mdv2010.0.i586.rpm\r\n 0104423396431de9b25babce810d3873 \r\n2010.0/i586/php-iconv-5.3.3-0.2mdv2010.0.i586.rpm\r\n ab402a156819fd6ff40e5400e41082e6 \r\n2010.0/i586/php-imap-5.3.3-0.2mdv2010.0.i586.rpm\r\n 7aa80681ec50257249ad501368e4107a \r\n2010.0/i586/php-intl-5.3.3-0.2mdv2010.0.i586.rpm\r\n 5fd6225bc3ec8a2fcb78f54374dbd5c7 \r\n2010.0/i586/php-json-5.3.3-0.2mdv2010.0.i586.rpm\r\n 7c571f330b075b9f7ecf50e9a92505ee \r\n2010.0/i586/php-ldap-5.3.3-0.2mdv2010.0.i586.rpm\r\n aaffabcba5c6d2d71161be6625022300 \r\n2010.0/i586/php-mbstring-5.3.3-0.2mdv2010.0.i586.rpm\r\n 2360001f987098f15c0f2159100a83d7 \r\n2010.0/i586/php-mcrypt-5.3.3-0.2mdv2010.0.i586.rpm\r\n 901fc2812698b635dbdca6d29455f3fa \r\n2010.0/i586/php-mssql-5.3.3-0.2mdv2010.0.i586.rpm\r\n 035e212a962f7c68da0476255c7f699c \r\n2010.0/i586/php-mysql-5.3.3-0.2mdv2010.0.i586.rpm\r\n fa35496cb53adb83f62dbf8cf1fb61c0 \r\n2010.0/i586/php-mysqli-5.3.3-0.2mdv2010.0.i586.rpm\r\n 73f67b3c2a8c07125e878b15278ef048 \r\n2010.0/i586/php-odbc-5.3.3-0.2mdv2010.0.i586.rpm\r\n 91bcc578e75383f099343012210d93dc \r\n2010.0/i586/php-openssl-5.3.3-0.2mdv2010.0.i586.rpm\r\n 0caa23017fb14425aa2335af77110fe5 \r\n2010.0/i586/php-pcntl-5.3.3-0.2mdv2010.0.i586.rpm\r\n 7c2b158de2e52f4795f53cc794c2741e 2010.0/i586/php-pdo-5.3.3-0.2mdv2010.0.i586.rpm\r\n d4bcb032e659917412cd635f8bc2c88e \r\n2010.0/i586/php-pdo_dblib-5.3.3-0.2mdv2010.0.i586.rpm\r\n 2c981f93e1956acc986c38585e3e958b \r\n2010.0/i586/php-pdo_mysql-5.3.3-0.2mdv2010.0.i586.rpm\r\n d80d4f28aa35ab713724ebace9b8ecf4 \r\n2010.0/i586/php-pdo_odbc-5.3.3-0.2mdv2010.0.i586.rpm\r\n 940e44bb533ba72c10c2ab88902890a6 \r\n2010.0/i586/php-pdo_pgsql-5.3.3-0.2mdv2010.0.i586.rpm\r\n 2b020cb7b2ad1b98b94e203485ea3da6 \r\n2010.0/i586/php-pdo_sqlite-5.3.3-0.2mdv2010.0.i586.rpm\r\n e5fd6c3d25275b44714bde3663935410 \r\n2010.0/i586/php-pgsql-5.3.3-0.2mdv2010.0.i586.rpm\r\n 0ee626bcb30af3694999a945e25a31c1 \r\n2010.0/i586/php-posix-5.3.3-0.2mdv2010.0.i586.rpm\r\n c9481f4a6cf3fad5af10ef01730ebd9c \r\n2010.0/i586/php-pspell-5.3.3-0.2mdv2010.0.i586.rpm\r\n a56d285884af8288ece754994779fa60 \r\n2010.0/i586/php-readline-5.3.3-0.2mdv2010.0.i586.rpm\r\n 7bd819550e539e14a34b6d4cb3587989 \r\n2010.0/i586/php-recode-5.3.3-0.2mdv2010.0.i586.rpm\r\n 322f56a2fd1fcfd31e5230b2e6be5088 \r\n2010.0/i586/php-session-5.3.3-0.2mdv2010.0.i586.rpm\r\n a03cc35461076c555b121250b538ebdc \r\n2010.0/i586/php-shmop-5.3.3-0.2mdv2010.0.i586.rpm\r\n e5e67738a88f07acf04324286d46addd \r\n2010.0/i586/php-snmp-5.3.3-0.2mdv2010.0.i586.rpm\r\n 619d281559a9f7d29e9c9f082359e458 \r\n2010.0/i586/php-soap-5.3.3-0.2mdv2010.0.i586.rpm\r\n 52743e7a46deaf979a6605fb06821e83 \r\n2010.0/i586/php-sockets-5.3.3-0.2mdv2010.0.i586.rpm\r\n 848dc3ab1beca1617b417c30f3e42d9e \r\n2010.0/i586/php-sqlite3-5.3.3-0.2mdv2010.0.i586.rpm\r\n 183235ce11c3735df9fa8271f8e52e28 \r\n2010.0/i586/php-sybase_ct-5.3.3-0.2mdv2010.0.i586.rpm\r\n 16b12edd32de613b5a253839529f0a17 \r\n2010.0/i586/php-sysvmsg-5.3.3-0.2mdv2010.0.i586.rpm\r\n 33e0711e85f5b6e9081cbd1f9ef593a7 \r\n2010.0/i586/php-sysvsem-5.3.3-0.2mdv2010.0.i586.rpm\r\n 220f3957b090e4c262b06833320bc4ef \r\n2010.0/i586/php-sysvshm-5.3.3-0.2mdv2010.0.i586.rpm\r\n 80ba46a8b5456c6e7b17f2a615d9268c \r\n2010.0/i586/php-tidy-5.3.3-0.2mdv2010.0.i586.rpm\r\n 6211af3e83df2fcf0b57ddba58ca77c0 \r\n2010.0/i586/php-tokenizer-5.3.3-0.2mdv2010.0.i586.rpm\r\n e34d96228758aaee4ef283a7fbea8b67 \r\n2010.0/i586/php-wddx-5.3.3-0.2mdv2010.0.i586.rpm\r\n c0a5a672971961be0f440fb6b6b8c539 2010.0/i586/php-xml-5.3.3-0.2mdv2010.0.i586.rpm\r\n 1fbae195a487498227c8d56b372a90c2 \r\n2010.0/i586/php-xmlreader-5.3.3-0.2mdv2010.0.i586.rpm\r\n 2d77a4872311a9bb30bb26210a0563ec \r\n2010.0/i586/php-xmlrpc-5.3.3-0.2mdv2010.0.i586.rpm\r\n 9727fa43934aca74e643d12db15ef51b \r\n2010.0/i586/php-xmlwriter-5.3.3-0.2mdv2010.0.i586.rpm\r\n 25fa6c151929bb9bad1229eb1ca7a49a 2010.0/i586/php-xsl-5.3.3-0.2mdv2010.0.i586.rpm\r\n bb39a018c4e2643d29210548b0af9ac5 2010.0/i586/php-zip-5.3.3-0.2mdv2010.0.i586.rpm\r\n c5da63cebc2f42dc9d47af8ec2acf014 \r\n2010.0/i586/php-zlib-5.3.3-0.2mdv2010.0.i586.rpm \r\n 9960b5f2785dbfe6c4ba0856fb6c887f 2010.0/SRPMS/php-5.3.3-0.2mdv2010.0.src.rpm\r\n\r\n Mandriva Linux 2010.0/X86_64:\r\n dd551619adf416835829b9d8246d4caa \r\n2010.0/x86_64/lib64php5_common5-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n 4e5174d4251d8c3afdaae3405745842b \r\n2010.0/x86_64/php-bcmath-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n 8bcd47ba33a926718b5da55e54bd97c4 \r\n2010.0/x86_64/php-bz2-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n 8f4647862ae113e7ca9c67e2d8ae1cf5 \r\n2010.0/x86_64/php-calendar-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n 88df7560b93426ca270d55763c032b07 \r\n2010.0/x86_64/php-cgi-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n a2c066bf03b2e1a3676ea2202fb73e22 \r\n2010.0/x86_64/php-cli-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n 2cc2397e4cb50f04f210cf011d0b13c2 \r\n2010.0/x86_64/php-ctype-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n 5c52c74406121f94c313118753b80a02 \r\n2010.0/x86_64/php-curl-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n 045266e9fb042485c192fc3e2d105baa \r\n2010.0/x86_64/php-dba-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n 580dfcd93361d46ab59946fb037ce71e \r\n2010.0/x86_64/php-devel-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n ed7a6faaa80279e980faa7b93970ce59 \r\n2010.0/x86_64/php-doc-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n adfcbe1c59c9b4e1bd4916d21e68ed6c \r\n2010.0/x86_64/php-dom-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n 1032d3ecd66c7810a96c272b041174d8 \r\n2010.0/x86_64/php-enchant-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n 5dc71cace024d4fd6b136314f71da200 \r\n2010.0/x86_64/php-exif-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n cc975bc1abe99b224d2deb980a3cc7e7 \r\n2010.0/x86_64/php-fileinfo-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n 181b51575dd51d359bcfdbc8ccf043e5 \r\n2010.0/x86_64/php-filter-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n cc8e3b93c622d9fca42794193fc0ba56 \r\n2010.0/x86_64/php-fpm-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n ab9fdbebd21be4329c897616e537768a \r\n2010.0/x86_64/php-ftp-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n 9211f1d2cb90b21b29f0ea94b54096e4 \r\n2010.0/x86_64/php-gd-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n 05b9f43082a96d4ce1077b5c0f30c45a \r\n2010.0/x86_64/php-gettext-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n 13c8311a7e77836d94006ea63a740740 \r\n2010.0/x86_64/php-gmp-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n 1c9e996151d13dbd511731c2669dc798 \r\n2010.0/x86_64/php-hash-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n deb3088e921aa35c83ac1f4fc53359ea \r\n2010.0/x86_64/php-iconv-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n 962c4c1d9234929e4681afb3d5b1ab95 \r\n2010.0/x86_64/php-imap-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n 0955f02d6c596329658695562740c99b \r\n2010.0/x86_64/php-intl-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n c9124709562d967467933a4b68b9edce \r\n2010.0/x86_64/php-json-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n e0db53fe224c72461ceafea9a7b39601 \r\n2010.0/x86_64/php-ldap-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n 06beb9f512feed9ffc0d995766f9f927 \r\n2010.0/x86_64/php-mbstring-5.3.3-0.2mdv2010.0.x86_64.rpm\r\n f91efaa5a2f1522848c2219e981e70ef \r\n2010.0/x86_64/php-mcrypt-5.3.3-0.2mdv2010.0.x86_64.rpm\