{"id": "CVE-2018-11385", "bulletinFamily": "NVD", "title": "CVE-2018-11385", "description": "An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. A session fixation vulnerability within the \"Guard\" login feature may allow an attacker to impersonate a victim towards the web application if the session id value was previously known to the attacker.", "published": "2018-06-13T16:29:00", "modified": "2019-03-12T14:36:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11385", "reporter": "cve@mitre.org", "references": ["https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/", "https://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-guard-authentication", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/", "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html", "https://www.debian.org/security/2018/dsa-4262"], "cvelist": ["CVE-2018-11385"], "type": "cve", "lastseen": "2021-02-02T06:52:24", "edition": 6, "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "fedora", "idList": ["FEDORA:166FB601FD98", "FEDORA:D687460AEBD4", "FEDORA:EDF496193F11", "FEDORA:E962C6480ABF", "FEDORA:2577260200BA", "FEDORA:50F8460AEBD4"]}, {"type": "nessus", "idList": ["FEDORA_2018-C8DDC44BBB.NASL", "FEDORA_2018-96D770DDC9.NASL", "FEDORA_2018-2BDFC9DC67.NASL", "FEDORA_2018-EBA0006DF2.NASL", "DEBIAN_DSA-4262.NASL", "DEBIAN_DLA-1707.NASL", "FEDORA_2018-BA0B683C10.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310112433", "OPENVAS:1361412562310704262", "OPENVAS:1361412562310891707", "OPENVAS:1361412562310874951", "OPENVAS:1361412562310874782", "OPENVAS:1361412562310874781"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1707-1:A69DA", "DEBIAN:DSA-4262-1:A308E"]}], "modified": "2021-02-02T06:52:24", "rev": 2}, "score": {"value": 4.4, "vector": "NONE", "modified": "2021-02-02T06:52:24", "rev": 2}, "vulnersScore": 4.4}, "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/o:fedoraproject:fedora:28", "cpe:/o:debian:debian_linux:9.0"], "affectedSoftware": [{"cpeName": "sensiolabs:symfony", "name": "sensiolabs symfony", "operator": "lt", "version": "4.0.11"}, {"cpeName": "debian:debian_linux", "name": "debian debian linux", "operator": "eq", "version": "8.0"}, {"cpeName": "sensiolabs:symfony", "name": "sensiolabs symfony", "operator": "lt", "version": "3.3.17"}, {"cpeName": "fedoraproject:fedora", "name": "fedoraproject fedora", "operator": "eq", "version": "28"}, {"cpeName": "sensiolabs:symfony", "name": "sensiolabs symfony", "operator": "lt", "version": "3.4.11"}, {"cpeName": "debian:debian_linux", "name": "debian debian linux", "operator": "eq", "version": "9.0"}, {"cpeName": "sensiolabs:symfony", "name": "sensiolabs symfony", "operator": "lt", "version": "2.8.41"}, {"cpeName": "sensiolabs:symfony", "name": "sensiolabs symfony", "operator": "lt", "version": "2.7.48"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 5.9}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"], "cwe": ["CWE-384"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:a:sensiolabs:symfony:3.3.17:*:*:*:*:*:*:*", "versionEndExcluding": "3.3.17", "versionStartIncluding": "3.3.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:sensiolabs:symfony:3.4.11:*:*:*:*:*:*:*", "versionEndExcluding": "3.4.11", "versionStartIncluding": "3.4.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:sensiolabs:symfony:2.7.48:*:*:*:*:*:*:*", "versionEndExcluding": "2.7.48", "versionStartIncluding": "2.7.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:sensiolabs:symfony:2.8.41:*:*:*:*:*:*:*", "versionEndExcluding": "2.8.41", "versionStartIncluding": "2.8.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:sensiolabs:symfony:4.0.11:*:*:*:*:*:*:*", "versionEndExcluding": "4.0.11", "versionStartIncluding": "4.0.0", "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "DSA-4262", "refsource": "DEBIAN", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4262"}, {"name": "FEDORA-2018-ba0b683c10", "refsource": "FEDORA", "tags": ["Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/"}, {"name": "FEDORA-2018-96d770ddc9", "refsource": "FEDORA", "tags": ["Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBQK7JDXIELADIPGZIOUCZKMAJM5LSBW/"}, {"name": "[debian-lts-announce] 20190310 [SECURITY] [DLA 1707-1] symfony security update", "refsource": "MLIST", "tags": ["Third Party Advisory", "Mailing List"], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html"}, {"name": "FEDORA-2018-eba0006df2", "refsource": "FEDORA", "tags": ["Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G4XNBMFW33H47O5TZGA7JYCVLDBCXAJV/"}, {"name": "https://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-guard-authentication", "refsource": "CONFIRM", "tags": ["Vendor Advisory"], "url": "https://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-guard-authentication"}]}

{"fedora": [{"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2018-11385", "CVE-2018-11386", "CVE-2018-11406", "CVE-2018-11408"], "description": "Symfony PHP framework (version 3). NOTE: Does not require PHPUnit bridge. ", "modified": "2018-06-05T13:45:03", "published": "2018-06-05T13:45:03", "id": "FEDORA:EDF496193F11", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: php-symfony3-3.4.11-1.fc28", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2018-11385", "CVE-2018-11386", "CVE-2018-11406", "CVE-2018-11408"], "description": "PHP framework for web projects ", "modified": "2018-06-06T13:33:22", "published": "2018-06-06T13:33:22", "id": "FEDORA:50F8460AEBD4", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: php-symfony-2.8.41-1.fc28", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2018-11385", "CVE-2018-11386", "CVE-2018-11406", "CVE-2018-11408"], "description": "Symfony PHP framework (version 4). NOTE: Does not require PHPUnit bridge. ", "modified": "2018-06-06T13:33:23", "published": "2018-06-06T13:33:23", "id": "FEDORA:D687460AEBD4", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: php-symfony4-4.0.11-1.fc28", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-16652", "CVE-2018-11385", "CVE-2018-11386", "CVE-2018-11406", "CVE-2018-11407", "CVE-2018-11408"], "description": "PHP framework for web projects ", "modified": "2018-07-07T22:16:59", "published": "2018-07-07T22:16:59", "id": "FEDORA:2577260200BA", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: php-symfony-2.8.42-1.fc27", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-16652", "CVE-2018-11385", "CVE-2018-11386", "CVE-2018-11406", "CVE-2018-11407", "CVE-2018-11408"], "description": "Symfony PHP framework (version 3). NOTE: Does not require PHPUnit bridge. ", "modified": "2018-07-07T22:17:01", "published": "2018-07-07T22:17:01", "id": "FEDORA:166FB601FD98", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: php-symfony3-3.3.17-1.fc27", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2018-11385", "CVE-2018-11386", "CVE-2018-11406", "CVE-2018-11407", "CVE-2018-11408", "CVE-2018-14773", "CVE-2018-14774"], "description": "Symfony PHP framework (version 3). NOTE: Does not require PHPUnit bridge. ", "modified": "2018-08-14T20:21:45", "published": "2018-08-14T20:21:45", "id": "FEDORA:E962C6480ABF", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: php-symfony3-3.3.18-1.fc27", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-07T10:21:00", "description": "**Version 3.4.11** (2018-05-25)\n\n - bug #27364 [DI] Fix bad exception on uninitialized\n references to non-shared services (nicolas-grekas)\n\n - bug #27359 [HttpFoundation] Fix perf issue during\n MimeTypeGuesser intialization (nicolas-grekas)\n\n - security #cve-2018-11408 [SecurityBundle] Fail if\n security.http_utils cannot be configured\n\n - security #cve-2018-11406 clear CSRF tokens when the user\n is logged out\n\n - security #cve-2018-11385 migrating session for\n UsernamePasswordJsonAuthenticationListener\n\n - security #cve-2018-11385 Adding session authentication\n strategy to Guard to avoid session fixation\n\n - security #cve-2018-11385 Adding session strategy to ALL\n listeners to avoid *any* possible fixation\n\n - security #cve-2018-11386 [HttpFoundation] Break infinite\n loop in PdoSessionHandler when MySQL is in loose mode\n\n - bug #27341 [WebProfilerBundle] Fixed validator/dump\n trace CSS (yceruto)\n\n - bug #27337 [FrameworkBundle] fix typo in\n CacheClearCommand (emilielorenzo)\n\n----\n\n**Version 3.4.10** (2018-05-21)\n\n - bug #27264 [Validator] Use strict type in URL validator\n (mimol91)\n\n - bug #27267 [DependencyInjection] resolve array env vars\n (jamesthomasonjr)\n\n - bug #26781 [Form] Fix precision of\n MoneyToLocalizedStringTransformer's divisions on\n transform() (syastrebov)\n\n - bug #27286 [Translation] Add Occitan plural rule\n (kylekatarnls)\n\n - bug #27271 [DI] Allow defining bindings on\n ChildDefinition (nicolas-grekas)\n\n - bug #27246 Disallow invalid characters in session.name\n (ostrolucky)\n\n - bug #27287 [PropertyInfo] fix resolving parent|self type\n hints (nicolas-grekas)\n\n - bug #27281 [HttpKernel] Fix dealing with self/parent in\n ArgumentMetadataFactory (fabpot)\n\n - bug #24805 [Security] Fix logout (MatTheCat)\n\n - bug #27265 [DI] Shared services should not be inlined in\n non-shared ones (nicolas-grekas)\n\n - bug #27141 [Process] Suppress warnings when open_basedir\n is non-empty (cbj4074)\n\n - bug #27250 [Session] limiting :key for GET_LOCK to 64\n chars (oleg-andreyev)\n\n - bug #27237 [Debug] Fix populating error_get_last() for\n handled silent errors (nicolas-grekas)\n\n - bug #27232 [Cache][Lock] Fix usages of error_get_last()\n (nicolas-grekas)\n\n - bug #27236 [Filesystem] Fix usages of error_get_last()\n (nicolas-grekas)\n\n - bug #27191 [DI] Display previous error messages when\n throwing unused bindings (nicolas-grekas)\n\n - bug #27231 [FrameworkBundle] Fix cache:clear on vagrant\n (nicolas-grekas)\n\n - bug #27222 [WebProfilerBundle][Cache] Fix misses\n calculation when calling getItems (fsevestre)\n\n - bug #27227 [HttpKernel] Handle NoConfigurationException\n 'onKernelException()' (nicolas-grekas)\n\n - bug #27152 [HttpFoundation] use brace-style regex\n delimiters (xabbuh)\n\n - bug #27158 [Cache] fix logic for fetching tag versions\n on TagAwareAdapter (dmaicher)\n\n - bug #27143 [Console] By default hide the short exception\n trace line from exception messages in Symfony's commands\n (yceruto)\n\n - bug #27133 [Doctrine Bridge] fix priority for doctrine\n event listeners (dmaicher)\n\n - bug #27135 [FrameworkBundle] Use the correct service id\n for CachePoolPruneCommand in its compiler pass\n (DemonTPx)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 12, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-01-03T00:00:00", "title": "Fedora 28 : php-symfony3 (2018-ba0b683c10)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11406", "CVE-2018-11386", "CVE-2018-11385", "CVE-2018-11408"], "modified": "2019-01-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php-symfony3", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-BA0B683C10.NASL", "href": "https://www.tenable.com/plugins/nessus/120738", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-ba0b683c10.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120738);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-11385\", \"CVE-2018-11386\", \"CVE-2018-11406\", \"CVE-2018-11408\");\n script_xref(name:\"FEDORA\", value:\"2018-ba0b683c10\");\n\n script_name(english:\"Fedora 28 : php-symfony3 (2018-ba0b683c10)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"**Version 3.4.11** (2018-05-25)\n\n - bug #27364 [DI] Fix bad exception on uninitialized\n references to non-shared services (nicolas-grekas)\n\n - bug #27359 [HttpFoundation] Fix perf issue during\n MimeTypeGuesser intialization (nicolas-grekas)\n\n - security #cve-2018-11408 [SecurityBundle] Fail if\n security.http_utils cannot be configured\n\n - security #cve-2018-11406 clear CSRF tokens when the user\n is logged out\n\n - security #cve-2018-11385 migrating session for\n UsernamePasswordJsonAuthenticationListener\n\n - security #cve-2018-11385 Adding session authentication\n strategy to Guard to avoid session fixation\n\n - security #cve-2018-11385 Adding session strategy to ALL\n listeners to avoid *any* possible fixation\n\n - security #cve-2018-11386 [HttpFoundation] Break infinite\n loop in PdoSessionHandler when MySQL is in loose mode\n\n - bug #27341 [WebProfilerBundle] Fixed validator/dump\n trace CSS (yceruto)\n\n - bug #27337 [FrameworkBundle] fix typo in\n CacheClearCommand (emilielorenzo)\n\n----\n\n**Version 3.4.10** (2018-05-21)\n\n - bug #27264 [Validator] Use strict type in URL validator\n (mimol91)\n\n - bug #27267 [DependencyInjection] resolve array env vars\n (jamesthomasonjr)\n\n - bug #26781 [Form] Fix precision of\n MoneyToLocalizedStringTransformer's divisions on\n transform() (syastrebov)\n\n - bug #27286 [Translation] Add Occitan plural rule\n (kylekatarnls)\n\n - bug #27271 [DI] Allow defining bindings on\n ChildDefinition (nicolas-grekas)\n\n - bug #27246 Disallow invalid characters in session.name\n (ostrolucky)\n\n - bug #27287 [PropertyInfo] fix resolving parent|self type\n hints (nicolas-grekas)\n\n - bug #27281 [HttpKernel] Fix dealing with self/parent in\n ArgumentMetadataFactory (fabpot)\n\n - bug #24805 [Security] Fix logout (MatTheCat)\n\n - bug #27265 [DI] Shared services should not be inlined in\n non-shared ones (nicolas-grekas)\n\n - bug #27141 [Process] Suppress warnings when open_basedir\n is non-empty (cbj4074)\n\n - bug #27250 [Session] limiting :key for GET_LOCK to 64\n chars (oleg-andreyev)\n\n - bug #27237 [Debug] Fix populating error_get_last() for\n handled silent errors (nicolas-grekas)\n\n - bug #27232 [Cache][Lock] Fix usages of error_get_last()\n (nicolas-grekas)\n\n - bug #27236 [Filesystem] Fix usages of error_get_last()\n (nicolas-grekas)\n\n - bug #27191 [DI] Display previous error messages when\n throwing unused bindings (nicolas-grekas)\n\n - bug #27231 [FrameworkBundle] Fix cache:clear on vagrant\n (nicolas-grekas)\n\n - bug #27222 [WebProfilerBundle][Cache] Fix misses\n calculation when calling getItems (fsevestre)\n\n - bug #27227 [HttpKernel] Handle NoConfigurationException\n 'onKernelException()' (nicolas-grekas)\n\n - bug #27152 [HttpFoundation] use brace-style regex\n delimiters (xabbuh)\n\n - bug #27158 [Cache] fix logic for fetching tag versions\n on TagAwareAdapter (dmaicher)\n\n - bug #27143 [Console] By default hide the short exception\n trace line from exception messages in Symfony's commands\n (yceruto)\n\n - bug #27133 [Doctrine Bridge] fix priority for doctrine\n event listeners (dmaicher)\n\n - bug #27135 [FrameworkBundle] Use the correct service id\n for CachePoolPruneCommand in its compiler pass\n (DemonTPx)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-ba0b683c10\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php-symfony3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-symfony3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"php-symfony3-3.4.11-1.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php-symfony3\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:19:49", "description": "**Version 4.0.11** (2018-05-25)\n\n - bug #27364 [DI] Fix bad exception on uninitialized\n references to non-shared services (nicolas-grekas)\n\n - bug #27359 [HttpFoundation] Fix perf issue during\n MimeTypeGuesser intialization (nicolas-grekas)\n\n - security #cve-2018-11408 [SecurityBundle] Fail if\n security.http_utils cannot be configured\n\n - security #cve-2018-11406 clear CSRF tokens when the user\n is logged out\n\n - security #cve-2018-11385 migrating session for\n UsernamePasswordJsonAuthenticationListener\n\n - security #cve-2018-11385 Adding session authentication\n strategy to Guard to avoid session fixation\n\n - security #cve-2018-11385 Adding session strategy to ALL\n listeners to avoid *any* possible fixation\n\n - security #cve-2018-11386 [HttpFoundation] Break infinite\n loop in PdoSessionHandler when MySQL is in loose mode\n\n - bug #27341 [WebProfilerBundle] Fixed validator/dump\n trace CSS (yceruto)\n\n - bug #27337 [FrameworkBundle] fix typo in\n CacheClearCommand (emilielorenzo)\n\n----\n\n**Version 4.0.10** (2018-05-21)\n\n - bug #27264 [Validator] Use strict type in URL validator\n (mimol91)\n\n - bug #27267 [DependencyInjection] resolve array env vars\n (jamesthomasonjr)\n\n - bug #26781 [Form] Fix precision of\n MoneyToLocalizedStringTransformer's divisions on\n transform() (syastrebov)\n\n - bug #27286 [Translation] Add Occitan plural rule\n (kylekatarnls)\n\n - bug #27271 [DI] Allow defining bindings on\n ChildDefinition (nicolas-grekas)\n\n - bug #27246 Disallow invalid characters in session.name\n (ostrolucky)\n\n - bug #27287 [PropertyInfo] fix resolving parent|self type\n hints (nicolas-grekas)\n\n - bug #27281 [HttpKernel] Fix dealing with self/parent in\n ArgumentMetadataFactory (fabpot)\n\n - bug #24805 [Security] Fix logout (MatTheCat)\n\n - bug #27265 [DI] Shared services should not be inlined in\n non-shared ones (nicolas-grekas)\n\n - bug #27141 [Process] Suppress warnings when open_basedir\n is non-empty (cbj4074)\n\n - bug #27250 [Session] limiting :key for GET_LOCK to 64\n chars (oleg-andreyev)\n\n - bug #27237 [Debug] Fix populating error_get_last() for\n handled silent errors (nicolas-grekas)\n\n - bug #27232 [Cache][Lock] Fix usages of error_get_last()\n (nicolas-grekas)\n\n - bug #27236 [Filesystem] Fix usages of error_get_last()\n (nicolas-grekas)\n\n - bug #27191 [DI] Display previous error messages when\n throwing unused bindings (nicolas-grekas)\n\n - bug #27231 [FrameworkBundle] Fix cache:clear on vagrant\n (nicolas-grekas)\n\n - bug #27222 [WebProfilerBundle][Cache] Fix misses\n calculation when calling getItems (fsevestre)\n\n - bug #27227 [HttpKernel] Handle NoConfigurationException\n 'onKernelException()' (nicolas-grekas)\n\n - bug #27152 [HttpFoundation] use brace-style regex\n delimiters (xabbuh)\n\n - bug #27158 [Cache] fix logic for fetching tag versions\n on TagAwareAdapter (dmaicher)\n\n - bug #27143 [Console] By default hide the short exception\n trace line from exception messages in Symfony's commands\n (yceruto)\n\n - bug #27133 [Doctrine Bridge] fix priority for doctrine\n event listeners (dmaicher)\n\n - bug #27135 [FrameworkBundle] Use the correct service id\n for CachePoolPruneCommand in its compiler pass\n (DemonTPx)\n\n - feature #24896 Add CODE_OF_CONDUCT.md (egircys)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 12, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-01-03T00:00:00", "title": "Fedora 28 : php-symfony4 (2018-96d770ddc9)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11406", "CVE-2018-11386", "CVE-2018-11385", "CVE-2018-11408"], "modified": "2019-01-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php-symfony4", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-96D770DDC9.NASL", "href": "https://www.tenable.com/plugins/nessus/120636", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-96d770ddc9.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120636);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-11385\", \"CVE-2018-11386\", \"CVE-2018-11406\", \"CVE-2018-11408\");\n script_xref(name:\"FEDORA\", value:\"2018-96d770ddc9\");\n\n script_name(english:\"Fedora 28 : php-symfony4 (2018-96d770ddc9)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"**Version 4.0.11** (2018-05-25)\n\n - bug #27364 [DI] Fix bad exception on uninitialized\n references to non-shared services (nicolas-grekas)\n\n - bug #27359 [HttpFoundation] Fix perf issue during\n MimeTypeGuesser intialization (nicolas-grekas)\n\n - security #cve-2018-11408 [SecurityBundle] Fail if\n security.http_utils cannot be configured\n\n - security #cve-2018-11406 clear CSRF tokens when the user\n is logged out\n\n - security #cve-2018-11385 migrating session for\n UsernamePasswordJsonAuthenticationListener\n\n - security #cve-2018-11385 Adding session authentication\n strategy to Guard to avoid session fixation\n\n - security #cve-2018-11385 Adding session strategy to ALL\n listeners to avoid *any* possible fixation\n\n - security #cve-2018-11386 [HttpFoundation] Break infinite\n loop in PdoSessionHandler when MySQL is in loose mode\n\n - bug #27341 [WebProfilerBundle] Fixed validator/dump\n trace CSS (yceruto)\n\n - bug #27337 [FrameworkBundle] fix typo in\n CacheClearCommand (emilielorenzo)\n\n----\n\n**Version 4.0.10** (2018-05-21)\n\n - bug #27264 [Validator] Use strict type in URL validator\n (mimol91)\n\n - bug #27267 [DependencyInjection] resolve array env vars\n (jamesthomasonjr)\n\n - bug #26781 [Form] Fix precision of\n MoneyToLocalizedStringTransformer's divisions on\n transform() (syastrebov)\n\n - bug #27286 [Translation] Add Occitan plural rule\n (kylekatarnls)\n\n - bug #27271 [DI] Allow defining bindings on\n ChildDefinition (nicolas-grekas)\n\n - bug #27246 Disallow invalid characters in session.name\n (ostrolucky)\n\n - bug #27287 [PropertyInfo] fix resolving parent|self type\n hints (nicolas-grekas)\n\n - bug #27281 [HttpKernel] Fix dealing with self/parent in\n ArgumentMetadataFactory (fabpot)\n\n - bug #24805 [Security] Fix logout (MatTheCat)\n\n - bug #27265 [DI] Shared services should not be inlined in\n non-shared ones (nicolas-grekas)\n\n - bug #27141 [Process] Suppress warnings when open_basedir\n is non-empty (cbj4074)\n\n - bug #27250 [Session] limiting :key for GET_LOCK to 64\n chars (oleg-andreyev)\n\n - bug #27237 [Debug] Fix populating error_get_last() for\n handled silent errors (nicolas-grekas)\n\n - bug #27232 [Cache][Lock] Fix usages of error_get_last()\n (nicolas-grekas)\n\n - bug #27236 [Filesystem] Fix usages of error_get_last()\n (nicolas-grekas)\n\n - bug #27191 [DI] Display previous error messages when\n throwing unused bindings (nicolas-grekas)\n\n - bug #27231 [FrameworkBundle] Fix cache:clear on vagrant\n (nicolas-grekas)\n\n - bug #27222 [WebProfilerBundle][Cache] Fix misses\n calculation when calling getItems (fsevestre)\n\n - bug #27227 [HttpKernel] Handle NoConfigurationException\n 'onKernelException()' (nicolas-grekas)\n\n - bug #27152 [HttpFoundation] use brace-style regex\n delimiters (xabbuh)\n\n - bug #27158 [Cache] fix logic for fetching tag versions\n on TagAwareAdapter (dmaicher)\n\n - bug #27143 [Console] By default hide the short exception\n trace line from exception messages in Symfony's commands\n (yceruto)\n\n - bug #27133 [Doctrine Bridge] fix priority for doctrine\n event listeners (dmaicher)\n\n - bug #27135 [FrameworkBundle] Use the correct service id\n for CachePoolPruneCommand in its compiler pass\n (DemonTPx)\n\n - feature #24896 Add CODE_OF_CONDUCT.md (egircys)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-96d770ddc9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php-symfony4 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-symfony4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"php-symfony4-4.0.11-1.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php-symfony4\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:22:09", "description": "**Version 2.8.41** (2018-05-25)\n\n - bug #27359 [HttpFoundation] Fix perf issue during\n MimeTypeGuesser intialization (nicolas-grekas)\n\n - security #cve-2018-11408 [SecurityBundle] Fail if\n security.http_utils cannot be configured\n\n - security #cve-2018-11406 clear CSRF tokens when the user\n is logged out\n\n - security #cve-2018-11385 Adding session authentication\n strategy to Guard to avoid session fixation\n\n - security #cve-2018-11385 Adding session strategy to ALL\n listeners to avoid *any* possible fixation\n\n - security #cve-2018-11386 [HttpFoundation] Break infinite\n loop in PdoSessionHandler when MySQL is in loose mode\n\n----\n\n**Version 2.8.40** (2018-05-21)\n\n - bug #26781 [Form] Fix precision of\n MoneyToLocalizedStringTransformer's divisions on\n transform() (syastrebov)\n\n - bug #27286 [Translation] Add Occitan plural rule\n (kylekatarnls)\n\n - bug #27246 Disallow invalid characters in session.name\n (ostrolucky)\n\n - bug #24805 [Security] Fix logout (MatTheCat)\n\n - bug #27141 [Process] Suppress warnings when open_basedir\n is non-empty (cbj4074)\n\n - bug #27250 [Session] limiting :key for GET_LOCK to 64\n chars (oleg-andreyev)\n\n - bug #27237 [Debug] Fix populating error_get_last() for\n handled silent errors (nicolas-grekas)\n\n - bug #27236 [Filesystem] Fix usages of error_get_last()\n (nicolas-grekas)\n\n - bug #27152 [HttpFoundation] use brace-style regex\n delimiters (xabbuh)\n\n - feature #24896 Add CODE_OF_CONDUCT.md (egircys)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 12, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-01-03T00:00:00", "title": "Fedora 28 : php-symfony (2018-eba0006df2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11406", "CVE-2018-11386", "CVE-2018-11385", "CVE-2018-11408"], "modified": "2019-01-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php-symfony", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-EBA0006DF2.NASL", "href": "https://www.tenable.com/plugins/nessus/120881", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-eba0006df2.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120881);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-11385\", \"CVE-2018-11386\", \"CVE-2018-11406\", \"CVE-2018-11408\");\n script_xref(name:\"FEDORA\", value:\"2018-eba0006df2\");\n\n script_name(english:\"Fedora 28 : php-symfony (2018-eba0006df2)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"**Version 2.8.41** (2018-05-25)\n\n - bug #27359 [HttpFoundation] Fix perf issue during\n MimeTypeGuesser intialization (nicolas-grekas)\n\n - security #cve-2018-11408 [SecurityBundle] Fail if\n security.http_utils cannot be configured\n\n - security #cve-2018-11406 clear CSRF tokens when the user\n is logged out\n\n - security #cve-2018-11385 Adding session authentication\n strategy to Guard to avoid session fixation\n\n - security #cve-2018-11385 Adding session strategy to ALL\n listeners to avoid *any* possible fixation\n\n - security #cve-2018-11386 [HttpFoundation] Break infinite\n loop in PdoSessionHandler when MySQL is in loose mode\n\n----\n\n**Version 2.8.40** (2018-05-21)\n\n - bug #26781 [Form] Fix precision of\n MoneyToLocalizedStringTransformer's divisions on\n transform() (syastrebov)\n\n - bug #27286 [Translation] Add Occitan plural rule\n (kylekatarnls)\n\n - bug #27246 Disallow invalid characters in session.name\n (ostrolucky)\n\n - bug #24805 [Security] Fix logout (MatTheCat)\n\n - bug #27141 [Process] Suppress warnings when open_basedir\n is non-empty (cbj4074)\n\n - bug #27250 [Session] limiting :key for GET_LOCK to 64\n chars (oleg-andreyev)\n\n - bug #27237 [Debug] Fix populating error_get_last() for\n handled silent errors (nicolas-grekas)\n\n - bug #27236 [Filesystem] Fix usages of error_get_last()\n (nicolas-grekas)\n\n - bug #27152 [HttpFoundation] use brace-style regex\n delimiters (xabbuh)\n\n - feature #24896 Add CODE_OF_CONDUCT.md (egircys)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-eba0006df2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php-symfony package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-symfony\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"php-symfony-2.8.41-1.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php-symfony\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:16:42", "description": "## 2.8.42 (2018-06-25)\n\n - bug #27669 [Filesystem] fix file lock on SunOS (fritzmg)\n\n - bug #27309 Fix surrogate not using original request\n (Toflar)\n\n - bug #27630 [Validator][Form] Remove BOM in some xlf\n files (gautierderuette)\n\n - bug #27591 [VarDumper] Fix dumping ArrayObject and\n ArrayIterator instances (nicolas-grekas)\n\n - bug #27581 Fix bad method call with guard authentication\n + session migration (weaverryan)\n\n - bug #27452 Avoid migration on stateless firewalls\n (weaverryan)\n\n - bug #27514 [Debug] Pass previous exception to\n FatalErrorException (pmontoya)\n\n - bug #26973 [HttpKernel] Set first trusted proxy as\n REMOTE_ADDR in InlineFragmentRenderer. (kmadejski)\n\n - bug #27303 [Process] Consider 'executable' suffixes\n first on Windows (sanmai)\n\n - bug #27297 Triggering RememberMe's loginFail() when\n token cannot be created (weaverryan)\n\n - bug #27366 [DI] never inline lazy services\n (nicolas-grekas)\n\n## 2.8.41 (2018-05-25)\n\n - bug #27359 [HttpFoundation] Fix perf issue during\n MimeTypeGuesser intialization (nicolas-grekas)\n\n - security #cve-2018-11408 [SecurityBundle] Fail if\n security.http_utils cannot be configured\n\n - security #cve-2018-11406 clear CSRF tokens when the user\n is logged out\n\n - security #cve-2018-11385 Adding session authentication\n strategy to Guard to avoid session fixation\n\n - security #cve-2018-11385 Adding session strategy to ALL\n listeners to avoid *any* possible fixation\n\n - security #cve-2018-11386 [HttpFoundation] Break infinite\n loop in PdoSessionHandler when MySQL is in loose mode\n\n## 2.8.40 (2018-05-21)\n\n - bug #26781 [Form] Fix precision of\n MoneyToLocalizedStringTransformer's divisions on\n transform() (syastrebov)\n\n - bug #27286 [Translation] Add Occitan plural rule\n (kylekatarnls)\n\n - bug #27246 Disallow invalid characters in session.name\n (ostrolucky)\n\n - bug #24805 [Security] Fix logout (MatTheCat)\n\n - bug #27141 [Process] Suppress warnings when open_basedir\n is non-empty (cbj4074)\n\n - bug #27250 [Session] limiting :key for GET_LOCK to 64\n chars (oleg-andreyev)\n\n - bug #27237 [Debug] Fix populating error_get_last() for\n handled silent errors (nicolas-grekas)\n\n - bug #27236 [Filesystem] Fix usages of error_get_last()\n (nicolas-grekas)\n\n - bug #27152 [HttpFoundation] use brace-style regex\n delimiters (xabbuh)\n\n - feature #24896 Add CODE_OF_CONDUCT.md (egircys)\n\n## 2.8.39 (2018-04-30)\n\n - bug #27067 [HttpFoundation] Fix setting session-related\n ini settings (e-moe)\n\n - bug #27016 [Security][Guard]\n GuardAuthenticationProvider::authenticate cannot return\n null (biomedia-thomas)\n\n - bug #26831 [Bridge/Doctrine] count(): Parameter must be\n an array or an object that implements Countable\n (gpenverne)\n\n - bug #27044 [Security] Skip user checks if not\n implementing UserInterface (chalasr)\n\n - bug #26014 [Security] Fixed being logged out on failed\n attempt in guard (iltar)\n\n - bug #26910 Use new PHP7.2 functions in hasColorSupport\n (johnstevenson)\n\n - bug #26999 [VarDumper] Fix dumping of SplObjectStorage\n (corphi)\n\n - bug #25841 [DoctrineBridge] Fix bug when indexBy is meta\n key in PropertyInfo\\DoctrineExtractor (insekticid)\n\n - bug #26886 Don't assume that file binary exists on *nix\n OS (teohhanhui)\n\n - bug #26643 Fix that ESI/SSI processing can turn a\n 'private' response 'public' (mpdude)\n\n - bug #26932 [Form] Fixed trimming choice values\n (HeahDude)\n\n - bug #26875 [Console] Don't go past exact matches when\n autocompleting (nicolas-grekas)\n\n - bug #26823 [Validator] Fix LazyLoadingMetadataFactory\n with PSR6Cache for non classname if tested values isn't\n existing class (Pascal Montoya, pmontoya)\n\n - bug #26834 [Yaml] Throw parse error on unfinished inline\n map (nicolas-grekas)\n\n## 2.8.38 (2018-04-06)\n\n - bug #26788 [Security] Load the user before pre/post auth\n checks when needed (chalasr)\n\n - bug #26774 [SecurityBundle] Add missing argument to\n security.authentication.provider.simple (i3or1s,\n chalasr)\n\n - bug #26763 [Finder] Remove duplicate slashes in\n filenames (helhum)\n\n - bug #26749 Add PHPDbg support to HTTP components\n (hkdobrev)\n\n - bug #26609 [Console] Fix check of color support on\n Windows (mlocati)\n\n## 2.8.37 (2018-04-02)\n\n - bug #26727 [HttpCache] Unlink tmp file on error\n (Chansig)\n\n - bug #26675 [HttpKernel] DumpDataCollector: do not flush\n when a dumper is provided (ogizanagi)\n\n - bug #26663 [TwigBridge] Fix rendering of currency by\n MoneyType (ro0NL)\n\n - bug #26677 Support phpdbg SAPI in Debug::enable()\n (hkdobrev)\n\n - bug #26589 [Ldap] cast to string when checking empty\n passwords (ismail1432)\n\n - bug #26621 [Form] no type errors with invalid submitted\n data types (xabbuh)\n\n - bug #26337 [Finder] Fixed leading/trailing / in filename\n (lyrixx)\n\n - bug #26584 [TwigBridge] allow html5 compatible rendering\n of forms with null names (systemist)\n\n - bug #24401 [Form] Change datetime to datetime-local for\n HTML5 datetime input (pierredup)\n\n - bug #26370 [Security] added userChecker to\n SimpleAuthenticationProvider (i3or1s)\n\n - bug #26569 [BrowserKit] Fix cookie path handling when\n $domain is null (dunglas)\n\n - bug #26598 Fixes #26563 (open_basedir restriction in\n effect) (temperatur)\n\n - bug #26568 [Debug] Reset previous exception handler\n earlier to prevent infinite loop (nicolas-grekas)\n\n - bug #26567 [DoctrineBridge] Don't rely on\n ClassMetadataInfo->hasField in DoctrineOrmTypeGuesser\n anymore (fancyweb)\n\n - bug #26356 [FrameworkBundle] HttpCache is not longer\n abstract (lyrixx)\n\n - bug #26548 [DomCrawler] Change bad wording in\n ChoiceFormField::untick (dunglas)\n\n - bug #26433 [DomCrawler] extract(): fix a bug when the\n attribute list is empty (dunglas)\n\n - bug #26452 [Intl] Load locale aliases to support alias\n fallbacks (jakzal)\n\n - bug #26450 [CssSelector] Fix CSS identifiers parsing -\n they can start with dash (jakubkulhan)\n\n## 2.8.36 (2018-03-05)\n\n - bug #26368 [WebProfilerBundle] Fix Debug toolbar breaks\n app (xkobal)\n\n## 2.8.35 (2018-03-01)\n\n - bug #26338 [Debug] Keep previous errors of Error\n instances (Philipp91)\n\n - bug #26312 [Routing] Don't throw 405 when scheme\n requirement doesn't match (nicolas-grekas)\n\n - bug #26298 Fix ArrayInput::toString() for\n InputArgument::IS_ARRAY args (maximium)\n\n - bug #26236 [PropertyInfo] ReflectionExtractor: give a\n chance to other extractors if no properties (dunglas)\n\n - bug #25557 [WebProfilerBundle] add a way to limit ajax\n request (Simperfit)\n\n - bug #26228 [HttpFoundation] Fix missing 'throw' in\n JsonResponse (nicolas-grekas)\n\n - bug #26211 [Console] Suppress warning from\n sapi_windows_vt100_support (adawolfa)\n\n - bug #26156 Fixes #26136: Avoid emitting warning in\n hasParameterOption() (greg-1-anderson)\n\n - bug #26183 [DI] Add null check for removeChild\n (changmin.keum)\n\n - bug #26173 [Security] fix accessing request values\n (xabbuh)\n\n - bug #26159 created validator.tl.xlf for\n Form/Translations (ergiegonzaga)\n\n - bug #26100 [Routing] Throw 405 instead of 404 when\n redirect is not possible (nicolas-grekas)\n\n - bug #26040 [Process] Check PHP_BINDIR before $PATH in\n PhpExecutableFinder (nicolas-grekas)\n\n - bug #26012 Exit as late as possible (greg0ire)\n\n - bug #26111 [Security] fix merge of 2.7 into 2.8 + add\n test case (dmaicher)\n\n - bug #25893 [Console] Fix hasParameterOption /\n getParameterOption when used with multiple flags\n (greg-1-anderson)\n\n - bug #25940 [Form] keep the context when validating forms\n (xabbuh)\n\n - bug #25373 Use the PCRE_DOLLAR_ENDONLY modifier in route\n regexes (mpdude)\n\n - bug #26010 [CssSelector] For AND operator, the left\n operand should have parentheses, not only right operand\n (Arnaud CHASSEUX)\n\n - bug #25971 [Debug] Fix bad registration of exception\n handler, leading to mem leak (nicolas-grekas)\n\n - bug #25962 [Routing] Fix trailing slash redirection for\n non-safe verbs (nicolas-grekas)\n\n - bug #25948 [Form] Fixed empty data on expanded\n ChoiceType and FileType (HeahDude)\n\n - bug #25972 support sapi_windows_vt100_support for php\n 7.2+ (jhdxr)\n\n - bug #25744 [TwigBridge] Allow label translation to be\n safe (MatTheCat)\n\n## 2.8.34 (2018-01-29)\n\n - bug #25922 [HttpFoundation] Use the correct syntax for\n session gc based on Pdo driver (tanasecosminromeo)\n\n - bug #25933 Disable CSP header on exception pages only in\n debug (ostrolucky)\n\n - bug #25926 [Form] Fixed Button::setParent() when already\n submitted (HeahDude)\n\n - bug #25927 [Form] Fixed submitting disabled buttons\n (HeahDude)\n\n - bug #25891 [DependencyInjection] allow null values for\n root nodes in YAML configs (xabbuh)\n\n - bug #25848 [Validator] add missing parent isset and add\n test (Simperfit)\n\n - bug #25861 do not conflict with egulias/email-validator\n 2.0+ (xabbuh)\n\n - bug #25851 [Validator] Conflict with\n egulias/email-validator 2.0 (emodric)\n\n - bug #25837 [SecurityBundle] Don't register in memory\n users as services (chalasr)\n\n - bug #25835 [HttpKernel] DebugHandlersListener should\n always replace the existing exception handler\n (nicolas-grekas)\n\n - bug #25829 [Debug] Always decorate existing exception\n handlers to deal with fatal errors (nicolas-grekas)\n\n - bug #25824 Fixing a bug where the dump() function\n depended on bundle ordering (weaverryan)\n\n - bug #25789 Enableable ArrayNodeDefinition is disabled\n for empty configuration (kejwmen)\n\n - bug #25816 Problem in phar see mergerequest #25579\n (betzholz)\n\n - bug #25781 [Form] Disallow transform dates beyond the\n year 9999 (curry684)\n\n - bug #25812 Copied NO language files to the new NB locale\n (derrabus)\n\n - bug #25801 [Router] Skip anonymous classes when loading\n annotated routes (pierredup)\n\n - bug #25657 [Security] Fix fatal error on non string\n username (chalasr)\n\n - bug #25799 Fixed Request::__toString ignoring cookies\n (Toflar)\n\n - bug #25755 [Debug] prevent infinite loop with faulty\n exception handlers (nicolas-grekas)\n\n - bug #25771 [Validator] 19 digits VISA card numbers are\n valid (xabbuh)\n\n - bug #25751 [FrameworkBundle] Add the missing `enabled`\n session attribute (sroze)\n\n - bug #25750 [HttpKernel] Turn bad hosts into 400 instead\n of 500 (nicolas-grekas)\n\n - bug #25490 [Serializer] Fixed throwing exception with\n option JSON_PARTIAL_OUTPUT_ON_ERROR (diversantvlz)\n\n - bug #25709 Tweaked some styles in the profiler tables\n (javiereguiluz)\n\n - feature #25669 [Security] Fail gracefully if the\n security token cannot be unserialized from the session\n (thewilkybarkid)\n\n## 2.8.33 (2018-01-05)\n\n - bug #25532 [HttpKernel] Disable CSP header on exception\n pages (ostrolucky)\n\n - bug #25491 [Routing] Use the default host even if\n context is empty (sroze)\n\n - bug #25662 Dumper shouldn't use html format for phpdbg /\n cli-server (jhoff)\n\n - bug #25529 [Validator] Fix access to root object when\n using composite constraint (ostrolucky)\n\n - bug #25430 Fixes for Oracle in PdoSessionHandler\n (elislenio)\n\n - bug #25599 Add application/ld+json format associated to\n json (vincentchalamon)\n\n - bug #25407 [Console] Commands with an alias should not\n be recognized as ambiguous (Simperfit)\n\n - bug #25521 [Console] fix a bug when you are passing a\n default value and passing -n would output the index\n (Simperfit)\n\n - bug #25489 [FrameworkBundle] remove esi/ssi renderers if\n inactive (dmaicher)\n\n - bug #25427 Preserve percent-encoding in URLs when\n performing redirects in the UrlMatcher (mpdude)\n\n - bug #25480 [FrameworkBundle] add missing validation\n options to XSD file (xabbuh)\n\n - bug #25487 [Console] Fix a bug when passing a letter\n that could be an alias (Simperfit)\n\n - bug #25233 [TwigBridge][Form] Fix hidden currency\n element with Bootstrap 3 theme (julienfalque)\n\n - bug #25408 [Debug] Fix catching fatal errors in case of\n nested error handlers (nicolas-grekas)\n\n - bug #25330 [HttpFoundation] Support 0 bit netmask in\n IPv6 (`::/0`) (stephank)\n\n - bug #25410 [HttpKernel] Fix logging of post-terminate\n errors/exceptions (nicolas-grekas)\n\n - bug #25323 [ExpressionLanguage] throw an SyntaxError\n instead of an undefined index notice (Simperfit)\n\n## 2.8.32 (2017-12-04)\n\n - bug #25278 Fix for missing whitespace control modifier\n in form layout (kubawerlos)\n\n - bug #25236 [Form][TwigBridge] Fix collision between view\n properties and form fields (yceruto)\n\n - bug #25258 [link] Prevent warnings when running link\n with 2.7 (dunglas)\n\n - bug #24750 [Validator] ExpressionValidator should use\n OBJECT_TO_STRING (Simperfit)\n\n - bug #25182 [HttpFoundation] AutExpireFlashBag should not\n clear new flashes (Simperfit, sroze)\n\n - bug #25152 [Form] Don't rely on\n `Symfony\\Component\\HttpFoundation\\File\\File` if\n http-foundation isn't in FileType (issei-m)\n\n - bug #24987 [Console] Fix global console flag when used\n in chain (Simperfit)\n\n - bug #25043 [Yaml] added ability for substitute aliases\n when mapping is on single line (Micha&#x142; Strzelecki,\n xabbuh)\n\n - bug #25102 [Form] Fixed ContextErrorException in\n FileType (chihiro-adachi)\n\n - bug #25130 [DI] Fix handling of inlined definitions by\n ContainerBuilder (nicolas-grekas)\n\n - bug #25072 [Bridge/PhpUnit] Remove trailing ' ' from\n ClockMock::microtime(false) (joky)\n\n - bug #24956 Fix ambiguous pattern (weltling)\n\n## 2.8.31 (2017-11-16)\n\n - security #24995 Validate redirect targets using the\n session cookie domain (nicolas-grekas)\n\n - security #24994 Prevent bundle readers from breaking out\n of paths (xabbuh)\n\n - security #24993 Ensure that submitted data are uploaded\n files (xabbuh)\n\n - security #24992 Namespace generated CSRF tokens\n depending of the current scheme (dunglas)\n\n## 2.8.30 (2017-11-13)\n\n - bug #24952 [HttpFoundation] Fix session-related BC break\n (nicolas-grekas, sroze)\n\n - bug #24929 [Console] Fix traversable autocomplete values\n (ro0NL)\n\n## 2.8.29 (2017-11-10)\n\n - bug #24888 [FrameworkBundle] Specifically inject the\n debug dispatcher in the collector (ogizanagi)\n\n - bug #24909 [Intl] Update ICU data to 60.1 (jakzal)\n\n - bug #24906 [Bridge/ProxyManager] Remove direct reference\n to value holder property (nicolas-grekas)\n\n - bug #24900 [Validator] Fix Costa Rica IBAN format\n (Bozhidar Hristov)\n\n - bug #24904 [Validator] Add Belarus IBAN format (Bozhidar\n Hristov)\n\n - bug #24531 [HttpFoundation] Fix forward-compat of\n NativeSessionStorage with PHP 7.2 (sroze)\n\n - bug #24665 Fix dump panel hidden when closing a dump\n (julienfalque)\n\n - bug #24814 [Intl] Make intl-data tests pass and save\n language aliases again (jakzal)\n\n - bug #24764 [HttpFoundation] add Early Hints to Reponse\n to fix test (Simperfit)\n\n - bug #24605 [FrameworkBundle] Do not load\n property_access.xml if the component isn't installed\n (ogizanagi)\n\n - bug #24606 [HttpFoundation] Fix FileBag issue with\n associative arrays (enumag)\n\n - bug #24660 Escape trailing \\ in QuestionHelper\n autocompletion (kamazee)\n\n - bug #24644 [Security] Fixed auth provider authenticate()\n cannot return void (glye)\n\n - bug #24642 [Routing] Fix resource miss (dunglas)\n\n - bug #24608 Adding the Form default theme files to be\n warmed up in Twig's cache (weaverryan)\n\n - bug #24626 streamed response should return $this (DQNEO)\n\n - bug #24589 Username and password in basic auth are\n allowed to contain '.' (Richard Quadling)\n\n - bug #24566 Fixed unsetting from loosely equal keys\n OrderedHashMap (maryo)\n\n - bug #24570 [Debug] Fix same vendor detection in class\n loader (Jean-Beru)\n\n - bug #24563 [Serializer] ObjectNormalizer: throw if\n PropertyAccess isn't installed (dunglas)\n\n - bug #24571 [PropertyInfo] Add support for the iterable\n type (dunglas)\n\n - bug #24579 pdo session fix (mxp100)\n\n - bug #24536 [Security] Reject remember-me token if\n UserCheckerInterface::checkPostAuth() fails (kbond)\n\n - bug #24519 [Validator] [Twig] added magic method\n __isset() to File Constraint class (loru88)\n\n - bug #24532 [DI] Fix possible incorrect php-code when\n dumped strings contains newlines (Strate)\n\n - bug #24502 [HttpFoundation] never match invalid IP\n addresses (xabbuh)\n\n - bug #24460 [Form] fix parsing invalid floating point\n numbers (xabbuh)\n\n - bug #24490 [HttpFoundation] Combine Cache-Control\n headers (c960657)\n\n - bug #23711 Fix support for PHP 7.2 (Simperfit,\n nicolas-grekas)\n\n - bug #24494 [HttpFoundation] Add missing\n session.lazy_write config option (nicolas-grekas)\n\n - bug #24434 [Form] Use for=ID on radio/checkbox label.\n (Nyholm)\n\n - bug #24455 [Console] Escape command usage (sroze)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 19, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2018-07-09T00:00:00", "title": "Fedora 27 : php-symfony (2018-2bdfc9dc67)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11406", "CVE-2017-16652", "CVE-2018-11386", "CVE-2018-11385", "CVE-2018-11408"], "modified": "2018-07-09T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php-symfony", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-2BDFC9DC67.NASL", "href": "https://www.tenable.com/plugins/nessus/110949", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-2bdfc9dc67.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110949);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-16652\");\n script_xref(name:\"FEDORA\", value:\"2018-2bdfc9dc67\");\n\n script_name(english:\"Fedora 27 : php-symfony (2018-2bdfc9dc67)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"## 2.8.42 (2018-06-25)\n\n - bug #27669 [Filesystem] fix file lock on SunOS (fritzmg)\n\n - bug #27309 Fix surrogate not using original request\n (Toflar)\n\n - bug #27630 [Validator][Form] Remove BOM in some xlf\n files (gautierderuette)\n\n - bug #27591 [VarDumper] Fix dumping ArrayObject and\n ArrayIterator instances (nicolas-grekas)\n\n - bug #27581 Fix bad method call with guard authentication\n + session migration (weaverryan)\n\n - bug #27452 Avoid migration on stateless firewalls\n (weaverryan)\n\n - bug #27514 [Debug] Pass previous exception to\n FatalErrorException (pmontoya)\n\n - bug #26973 [HttpKernel] Set first trusted proxy as\n REMOTE_ADDR in InlineFragmentRenderer. (kmadejski)\n\n - bug #27303 [Process] Consider 'executable' suffixes\n first on Windows (sanmai)\n\n - bug #27297 Triggering RememberMe's loginFail() when\n token cannot be created (weaverryan)\n\n - bug #27366 [DI] never inline lazy services\n (nicolas-grekas)\n\n## 2.8.41 (2018-05-25)\n\n - bug #27359 [HttpFoundation] Fix perf issue during\n MimeTypeGuesser intialization (nicolas-grekas)\n\n - security #cve-2018-11408 [SecurityBundle] Fail if\n security.http_utils cannot be configured\n\n - security #cve-2018-11406 clear CSRF tokens when the user\n is logged out\n\n - security #cve-2018-11385 Adding session authentication\n strategy to Guard to avoid session fixation\n\n - security #cve-2018-11385 Adding session strategy to ALL\n listeners to avoid *any* possible fixation\n\n - security #cve-2018-11386 [HttpFoundation] Break infinite\n loop in PdoSessionHandler when MySQL is in loose mode\n\n## 2.8.40 (2018-05-21)\n\n - bug #26781 [Form] Fix precision of\n MoneyToLocalizedStringTransformer's divisions on\n transform() (syastrebov)\n\n - bug #27286 [Translation] Add Occitan plural rule\n (kylekatarnls)\n\n - bug #27246 Disallow invalid characters in session.name\n (ostrolucky)\n\n - bug #24805 [Security] Fix logout (MatTheCat)\n\n - bug #27141 [Process] Suppress warnings when open_basedir\n is non-empty (cbj4074)\n\n - bug #27250 [Session] limiting :key for GET_LOCK to 64\n chars (oleg-andreyev)\n\n - bug #27237 [Debug] Fix populating error_get_last() for\n handled silent errors (nicolas-grekas)\n\n - bug #27236 [Filesystem] Fix usages of error_get_last()\n (nicolas-grekas)\n\n - bug #27152 [HttpFoundation] use brace-style regex\n delimiters (xabbuh)\n\n - feature #24896 Add CODE_OF_CONDUCT.md (egircys)\n\n## 2.8.39 (2018-04-30)\n\n - bug #27067 [HttpFoundation] Fix setting session-related\n ini settings (e-moe)\n\n - bug #27016 [Security][Guard]\n GuardAuthenticationProvider::authenticate cannot return\n null (biomedia-thomas)\n\n - bug #26831 [Bridge/Doctrine] count(): Parameter must be\n an array or an object that implements Countable\n (gpenverne)\n\n - bug #27044 [Security] Skip user checks if not\n implementing UserInterface (chalasr)\n\n - bug #26014 [Security] Fixed being logged out on failed\n attempt in guard (iltar)\n\n - bug #26910 Use new PHP7.2 functions in hasColorSupport\n (johnstevenson)\n\n - bug #26999 [VarDumper] Fix dumping of SplObjectStorage\n (corphi)\n\n - bug #25841 [DoctrineBridge] Fix bug when indexBy is meta\n key in PropertyInfo\\DoctrineExtractor (insekticid)\n\n - bug #26886 Don't assume that file binary exists on *nix\n OS (teohhanhui)\n\n - bug #26643 Fix that ESI/SSI processing can turn a\n 'private' response 'public' (mpdude)\n\n - bug #26932 [Form] Fixed trimming choice values\n (HeahDude)\n\n - bug #26875 [Console] Don't go past exact matches when\n autocompleting (nicolas-grekas)\n\n - bug #26823 [Validator] Fix LazyLoadingMetadataFactory\n with PSR6Cache for non classname if tested values isn't\n existing class (Pascal Montoya, pmontoya)\n\n - bug #26834 [Yaml] Throw parse error on unfinished inline\n map (nicolas-grekas)\n\n## 2.8.38 (2018-04-06)\n\n - bug #26788 [Security] Load the user before pre/post auth\n checks when needed (chalasr)\n\n - bug #26774 [SecurityBundle] Add missing argument to\n security.authentication.provider.simple (i3or1s,\n chalasr)\n\n - bug #26763 [Finder] Remove duplicate slashes in\n filenames (helhum)\n\n - bug #26749 Add PHPDbg support to HTTP components\n (hkdobrev)\n\n - bug #26609 [Console] Fix check of color support on\n Windows (mlocati)\n\n## 2.8.37 (2018-04-02)\n\n - bug #26727 [HttpCache] Unlink tmp file on error\n (Chansig)\n\n - bug #26675 [HttpKernel] DumpDataCollector: do not flush\n when a dumper is provided (ogizanagi)\n\n - bug #26663 [TwigBridge] Fix rendering of currency by\n MoneyType (ro0NL)\n\n - bug #26677 Support phpdbg SAPI in Debug::enable()\n (hkdobrev)\n\n - bug #26589 [Ldap] cast to string when checking empty\n passwords (ismail1432)\n\n - bug #26621 [Form] no type errors with invalid submitted\n data types (xabbuh)\n\n - bug #26337 [Finder] Fixed leading/trailing / in filename\n (lyrixx)\n\n - bug #26584 [TwigBridge] allow html5 compatible rendering\n of forms with null names (systemist)\n\n - bug #24401 [Form] Change datetime to datetime-local for\n HTML5 datetime input (pierredup)\n\n - bug #26370 [Security] added userChecker to\n SimpleAuthenticationProvider (i3or1s)\n\n - bug #26569 [BrowserKit] Fix cookie path handling when\n $domain is null (dunglas)\n\n - bug #26598 Fixes #26563 (open_basedir restriction in\n effect) (temperatur)\n\n - bug #26568 [Debug] Reset previous exception handler\n earlier to prevent infinite loop (nicolas-grekas)\n\n - bug #26567 [DoctrineBridge] Don't rely on\n ClassMetadataInfo->hasField in DoctrineOrmTypeGuesser\n anymore (fancyweb)\n\n - bug #26356 [FrameworkBundle] HttpCache is not longer\n abstract (lyrixx)\n\n - bug #26548 [DomCrawler] Change bad wording in\n ChoiceFormField::untick (dunglas)\n\n - bug #26433 [DomCrawler] extract(): fix a bug when the\n attribute list is empty (dunglas)\n\n - bug #26452 [Intl] Load locale aliases to support alias\n fallbacks (jakzal)\n\n - bug #26450 [CssSelector] Fix CSS identifiers parsing -\n they can start with dash (jakubkulhan)\n\n## 2.8.36 (2018-03-05)\n\n - bug #26368 [WebProfilerBundle] Fix Debug toolbar breaks\n app (xkobal)\n\n## 2.8.35 (2018-03-01)\n\n - bug #26338 [Debug] Keep previous errors of Error\n instances (Philipp91)\n\n - bug #26312 [Routing] Don't throw 405 when scheme\n requirement doesn't match (nicolas-grekas)\n\n - bug #26298 Fix ArrayInput::toString() for\n InputArgument::IS_ARRAY args (maximium)\n\n - bug #26236 [PropertyInfo] ReflectionExtractor: give a\n chance to other extractors if no properties (dunglas)\n\n - bug #25557 [WebProfilerBundle] add a way to limit ajax\n request (Simperfit)\n\n - bug #26228 [HttpFoundation] Fix missing 'throw' in\n JsonResponse (nicolas-grekas)\n\n - bug #26211 [Console] Suppress warning from\n sapi_windows_vt100_support (adawolfa)\n\n - bug #26156 Fixes #26136: Avoid emitting warning in\n hasParameterOption() (greg-1-anderson)\n\n - bug #26183 [DI] Add null check for removeChild\n (changmin.keum)\n\n - bug #26173 [Security] fix accessing request values\n (xabbuh)\n\n - bug #26159 created validator.tl.xlf for\n Form/Translations (ergiegonzaga)\n\n - bug #26100 [Routing] Throw 405 instead of 404 when\n redirect is not possible (nicolas-grekas)\n\n - bug #26040 [Process] Check PHP_BINDIR before $PATH in\n PhpExecutableFinder (nicolas-grekas)\n\n - bug #26012 Exit as late as possible (greg0ire)\n\n - bug #26111 [Security] fix merge of 2.7 into 2.8 + add\n test case (dmaicher)\n\n - bug #25893 [Console] Fix hasParameterOption /\n getParameterOption when used with multiple flags\n (greg-1-anderson)\n\n - bug #25940 [Form] keep the context when validating forms\n (xabbuh)\n\n - bug #25373 Use the PCRE_DOLLAR_ENDONLY modifier in route\n regexes (mpdude)\n\n - bug #26010 [CssSelector] For AND operator, the left\n operand should have parentheses, not only right operand\n (Arnaud CHASSEUX)\n\n - bug #25971 [Debug] Fix bad registration of exception\n handler, leading to mem leak (nicolas-grekas)\n\n - bug #25962 [Routing] Fix trailing slash redirection for\n non-safe verbs (nicolas-grekas)\n\n - bug #25948 [Form] Fixed empty data on expanded\n ChoiceType and FileType (HeahDude)\n\n - bug #25972 support sapi_windows_vt100_support for php\n 7.2+ (jhdxr)\n\n - bug #25744 [TwigBridge] Allow label translation to be\n safe (MatTheCat)\n\n## 2.8.34 (2018-01-29)\n\n - bug #25922 [HttpFoundation] Use the correct syntax for\n session gc based on Pdo driver (tanasecosminromeo)\n\n - bug #25933 Disable CSP header on exception pages only in\n debug (ostrolucky)\n\n - bug #25926 [Form] Fixed Button::setParent() when already\n submitted (HeahDude)\n\n - bug #25927 [Form] Fixed submitting disabled buttons\n (HeahDude)\n\n - bug #25891 [DependencyInjection] allow null values for\n root nodes in YAML configs (xabbuh)\n\n - bug #25848 [Validator] add missing parent isset and add\n test (Simperfit)\n\n - bug #25861 do not conflict with egulias/email-validator\n 2.0+ (xabbuh)\n\n - bug #25851 [Validator] Conflict with\n egulias/email-validator 2.0 (emodric)\n\n - bug #25837 [SecurityBundle] Don't register in memory\n users as services (chalasr)\n\n - bug #25835 [HttpKernel] DebugHandlersListener should\n always replace the existing exception handler\n (nicolas-grekas)\n\n - bug #25829 [Debug] Always decorate existing exception\n handlers to deal with fatal errors (nicolas-grekas)\n\n - bug #25824 Fixing a bug where the dump() function\n depended on bundle ordering (weaverryan)\n\n - bug #25789 Enableable ArrayNodeDefinition is disabled\n for empty configuration (kejwmen)\n\n - bug #25816 Problem in phar see mergerequest #25579\n (betzholz)\n\n - bug #25781 [Form] Disallow transform dates beyond the\n year 9999 (curry684)\n\n - bug #25812 Copied NO language files to the new NB locale\n (derrabus)\n\n - bug #25801 [Router] Skip anonymous classes when loading\n annotated routes (pierredup)\n\n - bug #25657 [Security] Fix fatal error on non string\n username (chalasr)\n\n - bug #25799 Fixed Request::__toString ignoring cookies\n (Toflar)\n\n - bug #25755 [Debug] prevent infinite loop with faulty\n exception handlers (nicolas-grekas)\n\n - bug #25771 [Validator] 19 digits VISA card numbers are\n valid (xabbuh)\n\n - bug #25751 [FrameworkBundle] Add the missing `enabled`\n session attribute (sroze)\n\n - bug #25750 [HttpKernel] Turn bad hosts into 400 instead\n of 500 (nicolas-grekas)\n\n - bug #25490 [Serializer] Fixed throwing exception with\n option JSON_PARTIAL_OUTPUT_ON_ERROR (diversantvlz)\n\n - bug #25709 Tweaked some styles in the profiler tables\n (javiereguiluz)\n\n - feature #25669 [Security] Fail gracefully if the\n security token cannot be unserialized from the session\n (thewilkybarkid)\n\n## 2.8.33 (2018-01-05)\n\n - bug #25532 [HttpKernel] Disable CSP header on exception\n pages (ostrolucky)\n\n - bug #25491 [Routing] Use the default host even if\n context is empty (sroze)\n\n - bug #25662 Dumper shouldn't use html format for phpdbg /\n cli-server (jhoff)\n\n - bug #25529 [Validator] Fix access to root object when\n using composite constraint (ostrolucky)\n\n - bug #25430 Fixes for Oracle in PdoSessionHandler\n (elislenio)\n\n - bug #25599 Add application/ld+json format associated to\n json (vincentchalamon)\n\n - bug #25407 [Console] Commands with an alias should not\n be recognized as ambiguous (Simperfit)\n\n - bug #25521 [Console] fix a bug when you are passing a\n default value and passing -n would output the index\n (Simperfit)\n\n - bug #25489 [FrameworkBundle] remove esi/ssi renderers if\n inactive (dmaicher)\n\n - bug #25427 Preserve percent-encoding in URLs when\n performing redirects in the UrlMatcher (mpdude)\n\n - bug #25480 [FrameworkBundle] add missing validation\n options to XSD file (xabbuh)\n\n - bug #25487 [Console] Fix a bug when passing a letter\n that could be an alias (Simperfit)\n\n - bug #25233 [TwigBridge][Form] Fix hidden currency\n element with Bootstrap 3 theme (julienfalque)\n\n - bug #25408 [Debug] Fix catching fatal errors in case of\n nested error handlers (nicolas-grekas)\n\n - bug #25330 [HttpFoundation] Support 0 bit netmask in\n IPv6 (`::/0`) (stephank)\n\n - bug #25410 [HttpKernel] Fix logging of post-terminate\n errors/exceptions (nicolas-grekas)\n\n - bug #25323 [ExpressionLanguage] throw an SyntaxError\n instead of an undefined index notice (Simperfit)\n\n## 2.8.32 (2017-12-04)\n\n - bug #25278 Fix for missing whitespace control modifier\n in form layout (kubawerlos)\n\n - bug #25236 [Form][TwigBridge] Fix collision between view\n properties and form fields (yceruto)\n\n - bug #25258 [link] Prevent warnings when running link\n with 2.7 (dunglas)\n\n - bug #24750 [Validator] ExpressionValidator should use\n OBJECT_TO_STRING (Simperfit)\n\n - bug #25182 [HttpFoundation] AutExpireFlashBag should not\n clear new flashes (Simperfit, sroze)\n\n - bug #25152 [Form] Don't rely on\n `Symfony\\Component\\HttpFoundation\\File\\File` if\n http-foundation isn't in FileType (issei-m)\n\n - bug #24987 [Console] Fix global console flag when used\n in chain (Simperfit)\n\n - bug #25043 [Yaml] added ability for substitute aliases\n when mapping is on single line (Micha&#x142; Strzelecki,\n xabbuh)\n\n - bug #25102 [Form] Fixed ContextErrorException in\n FileType (chihiro-adachi)\n\n - bug #25130 [DI] Fix handling of inlined definitions by\n ContainerBuilder (nicolas-grekas)\n\n - bug #25072 [Bridge/PhpUnit] Remove trailing ' ' from\n ClockMock::microtime(false) (joky)\n\n - bug #24956 Fix ambiguous pattern (weltling)\n\n## 2.8.31 (2017-11-16)\n\n - security #24995 Validate redirect targets using the\n session cookie domain (nicolas-grekas)\n\n - security #24994 Prevent bundle readers from breaking out\n of paths (xabbuh)\n\n - security #24993 Ensure that submitted data are uploaded\n files (xabbuh)\n\n - security #24992 Namespace generated CSRF tokens\n depending of the current scheme (dunglas)\n\n## 2.8.30 (2017-11-13)\n\n - bug #24952 [HttpFoundation] Fix session-related BC break\n (nicolas-grekas, sroze)\n\n - bug #24929 [Console] Fix traversable autocomplete values\n (ro0NL)\n\n## 2.8.29 (2017-11-10)\n\n - bug #24888 [FrameworkBundle] Specifically inject the\n debug dispatcher in the collector (ogizanagi)\n\n - bug #24909 [Intl] Update ICU data to 60.1 (jakzal)\n\n - bug #24906 [Bridge/ProxyManager] Remove direct reference\n to value holder property (nicolas-grekas)\n\n - bug #24900 [Validator] Fix Costa Rica IBAN format\n (Bozhidar Hristov)\n\n - bug #24904 [Validator] Add Belarus IBAN format (Bozhidar\n Hristov)\n\n - bug #24531 [HttpFoundation] Fix forward-compat of\n NativeSessionStorage with PHP 7.2 (sroze)\n\n - bug #24665 Fix dump panel hidden when closing a dump\n (julienfalque)\n\n - bug #24814 [Intl] Make intl-data tests pass and save\n language aliases again (jakzal)\n\n - bug #24764 [HttpFoundation] add Early Hints to Reponse\n to fix test (Simperfit)\n\n - bug #24605 [FrameworkBundle] Do not load\n property_access.xml if the component isn't installed\n (ogizanagi)\n\n - bug #24606 [HttpFoundation] Fix FileBag issue with\n associative arrays (enumag)\n\n - bug #24660 Escape trailing \\ in QuestionHelper\n autocompletion (kamazee)\n\n - bug #24644 [Security] Fixed auth provider authenticate()\n cannot return void (glye)\n\n - bug #24642 [Routing] Fix resource miss (dunglas)\n\n - bug #24608 Adding the Form default theme files to be\n warmed up in Twig's cache (weaverryan)\n\n - bug #24626 streamed response should return $this (DQNEO)\n\n - bug #24589 Username and password in basic auth are\n allowed to contain '.' (Richard Quadling)\n\n - bug #24566 Fixed unsetting from loosely equal keys\n OrderedHashMap (maryo)\n\n - bug #24570 [Debug] Fix same vendor detection in class\n loader (Jean-Beru)\n\n - bug #24563 [Serializer] ObjectNormalizer: throw if\n PropertyAccess isn't installed (dunglas)\n\n - bug #24571 [PropertyInfo] Add support for the iterable\n type (dunglas)\n\n - bug #24579 pdo session fix (mxp100)\n\n - bug #24536 [Security] Reject remember-me token if\n UserCheckerInterface::checkPostAuth() fails (kbond)\n\n - bug #24519 [Validator] [Twig] added magic method\n __isset() to File Constraint class (loru88)\n\n - bug #24532 [DI] Fix possible incorrect php-code when\n dumped strings contains newlines (Strate)\n\n - bug #24502 [HttpFoundation] never match invalid IP\n addresses (xabbuh)\n\n - bug #24460 [Form] fix parsing invalid floating point\n numbers (xabbuh)\n\n - bug #24490 [HttpFoundation] Combine Cache-Control\n headers (c960657)\n\n - bug #23711 Fix support for PHP 7.2 (Simperfit,\n nicolas-grekas)\n\n - bug #24494 [HttpFoundation] Add missing\n session.lazy_write config option (nicolas-grekas)\n\n - bug #24434 [Form] Use for=ID on radio/checkbox label.\n (Nyholm)\n\n - bug #24455 [Console] Escape command usage (sroze)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-2bdfc9dc67\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php-symfony package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-symfony\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"php-symfony-2.8.42-1.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php-symfony\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-07T10:21:35", "description": "## 3.3.17 (2018-05-25)\n\n - security #cve-2018-11407 [Ldap] cast to string when\n checking empty passwords\n\n - security #cve-2018-11408 [SecurityBundle] Fail if\n security.http_utils cannot be configured\n\n - security #cve-2018-11406 clear CSRF tokens when the user\n is logged out\n\n - security #cve-2018-11385 migrating session for\n UsernamePasswordJsonAuthenticationListener\n\n - security #cve-2018-11386 [HttpFoundation] Break infinite\n loop in PdoSessionHandler when MySQL is in loose mode\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 18, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2018-07-09T00:00:00", "title": "Fedora 27 : php-symfony3 (2018-c8ddc44bbb)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11406", "CVE-2018-11407", "CVE-2017-16652", "CVE-2018-11386", "CVE-2018-11385", "CVE-2018-11408"], "modified": "2018-07-09T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:27", "p-cpe:/a:fedoraproject:fedora:php-symfony3"], "id": "FEDORA_2018-C8DDC44BBB.NASL", "href": "https://www.tenable.com/plugins/nessus/110952", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-c8ddc44bbb.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110952);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-16652\");\n script_xref(name:\"FEDORA\", value:\"2018-c8ddc44bbb\");\n\n script_name(english:\"Fedora 27 : php-symfony3 (2018-c8ddc44bbb)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"## 3.3.17 (2018-05-25)\n\n - security #cve-2018-11407 [Ldap] cast to string when\n checking empty passwords\n\n - security #cve-2018-11408 [SecurityBundle] Fail if\n security.http_utils cannot be configured\n\n - security #cve-2018-11406 clear CSRF tokens when the user\n is logged out\n\n - security #cve-2018-11385 migrating session for\n UsernamePasswordJsonAuthenticationListener\n\n - security #cve-2018-11386 [HttpFoundation] Break infinite\n loop in PdoSessionHandler when MySQL is in loose mode\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-c8ddc44bbb\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php-symfony3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-symfony3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"php-symfony3-3.3.17-1.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php-symfony3\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-12T09:40:26", "description": "Several security vulnerabilities have been discovered in symfony, a\nPHP web application framework. Numerous symfony components are\naffected: Security, bundle readers, session handling, SecurityBundle,\nHttpFoundation, Form, and Security\\Http.\n\nThe corresponding upstream advisories contain further details :\n\n[CVE-2017-16652]\nhttps://symfony.com/blog/cve-2017-16652-open-redirect-vulnerability-on\n-security-handlers\n\n[CVE-2017-16654]\nhttps://symfony.com/blog/cve-2017-16654-intl-bundle-readers-breaking-o\nut-of-paths\n\n[CVE-2018-11385]\nhttps://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-gua\nrd-authentication\n\n[CVE-2018-11408]\nhttps://symfony.com/blog/cve-2018-11408-open-redirect-vulnerability-on\n-security-handlers\n\n[CVE-2018-14773]\nhttps://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-\nrisky-http-headers\n\n[CVE-2018-19789]\nhttps://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-f\null-path\n\n[CVE-2018-19790]\nhttps://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-wh\nen-using-security-http\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n2.3.21+dfsg-4+deb8u4.\n\nWe recommend that you upgrade your symfony packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 16, "cvss3": {"score": 8.1, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-03-11T00:00:00", "title": "Debian DLA-1707-1 : symfony security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-16652", "CVE-2018-19790", "CVE-2018-14773", "CVE-2018-11385", "CVE-2017-16654", "CVE-2018-19789", "CVE-2018-11408"], "modified": "2019-03-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:php-symfony-validator", "p-cpe:/a:debian:debian_linux:php-symfony-propel1-bridge", "p-cpe:/a:debian:debian_linux:php-symfony-property-access", "p-cpe:/a:debian:debian_linux:php-symfony-twig-bundle", "p-cpe:/a:debian:debian_linux:php-symfony-finder", "p-cpe:/a:debian:debian_linux:php-symfony-filesystem", "p-cpe:/a:debian:debian_linux:php-symfony-security", "p-cpe:/a:debian:debian_linux:php-symfony-swiftmailer-bridge", "cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:php-symfony-monolog-bridge", "p-cpe:/a:debian:debian_linux:php-symfony-proxy-manager-bridge", "p-cpe:/a:debian:debian_linux:php-symfony-templating", "p-cpe:/a:debian:debian_linux:php-symfony-serializer", "p-cpe:/a:debian:debian_linux:php-symfony-doctrine-bridge", "p-cpe:/a:debian:debian_linux:php-symfony-class-loader", "p-cpe:/a:debian:debian_linux:php-symfony-event-dispatcher", "p-cpe:/a:debian:debian_linux:php-symfony-css-selector", "p-cpe:/a:debian:debian_linux:php-symfony-form", "p-cpe:/a:debian:debian_linux:php-symfony-web-profiler-bundle", "p-cpe:/a:debian:debian_linux:php-symfony-dependency-injection", "p-cpe:/a:debian:debian_linux:php-symfony-console", "p-cpe:/a:debian:debian_linux:php-symfony-eventdispatcher", "p-cpe:/a:debian:debian_linux:php-symfony-yaml", "p-cpe:/a:debian:debian_linux:php-symfony-config", "p-cpe:/a:debian:debian_linux:php-symfony-http-foundation", "p-cpe:/a:debian:debian_linux:php-symfony-options-resolver", "p-cpe:/a:debian:debian_linux:php-symfony-process", "p-cpe:/a:debian:debian_linux:php-symfony-http-kernel", "p-cpe:/a:debian:debian_linux:php-symfony-classloader", "p-cpe:/a:debian:debian_linux:php-symfony-dom-crawler", "p-cpe:/a:debian:debian_linux:php-symfony-stopwatch", "p-cpe:/a:debian:debian_linux:php-symfony-browser-kit", "p-cpe:/a:debian:debian_linux:php-symfony-twig-bridge", "p-cpe:/a:debian:debian_linux:php-symfony-translation", "p-cpe:/a:debian:debian_linux:php-symfony-security-bundle", "p-cpe:/a:debian:debian_linux:php-symfony-locale", "p-cpe:/a:debian:debian_linux:php-symfony-routing", "p-cpe:/a:debian:debian_linux:php-symfony-debug", "p-cpe:/a:debian:debian_linux:php-symfony-intl", "p-cpe:/a:debian:debian_linux:php-symfony-framework-bundle"], "id": "DEBIAN_DLA-1707.NASL", "href": "https://www.tenable.com/plugins/nessus/122721", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1707-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122721);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-16652\", \"CVE-2017-16654\", \"CVE-2018-11385\", \"CVE-2018-11408\", \"CVE-2018-14773\", \"CVE-2018-19789\", \"CVE-2018-19790\");\n\n script_name(english:\"Debian DLA-1707-1 : symfony security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several security vulnerabilities have been discovered in symfony, a\nPHP web application framework. Numerous symfony components are\naffected: Security, bundle readers, session handling, SecurityBundle,\nHttpFoundation, Form, and Security\\Http.\n\nThe corresponding upstream advisories contain further details :\n\n[CVE-2017-16652]\nhttps://symfony.com/blog/cve-2017-16652-open-redirect-vulnerability-on\n-security-handlers\n\n[CVE-2017-16654]\nhttps://symfony.com/blog/cve-2017-16654-intl-bundle-readers-breaking-o\nut-of-paths\n\n[CVE-2018-11385]\nhttps://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-gua\nrd-authentication\n\n[CVE-2018-11408]\nhttps://symfony.com/blog/cve-2018-11408-open-redirect-vulnerability-on\n-security-handlers\n\n[CVE-2018-14773]\nhttps://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-\nrisky-http-headers\n\n[CVE-2018-19789]\nhttps://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-f\null-path\n\n[CVE-2018-19790]\nhttps://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-wh\nen-using-security-http\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n2.3.21+dfsg-4+deb8u4.\n\nWe recommend that you upgrade your symfony packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/symfony\"\n );\n # https://symfony.com/blog/cve-2017-16652-open-redirect-vulnerability-on-security-handlers\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0f99409b\"\n );\n # https://symfony.com/blog/cve-2017-16654-intl-bundle-readers-breaking-out-of-paths\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c7dce206\"\n );\n # https://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-guard-authentication\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5a195ddf\"\n );\n # https://symfony.com/blog/cve-2018-11408-open-redirect-vulnerability-on-security-handlers\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?39450434\"\n );\n # https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?391e80f4\"\n );\n # https://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-full-path\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?df081f61\"\n );\n # https://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8a01aecd\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-browser-kit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-class-loader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-classloader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-css-selector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-dependency-injection\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-doctrine-bridge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-dom-crawler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-event-dispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-eventdispatcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-finder\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-form\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-framework-bundle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-http-foundation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-http-kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-locale\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-monolog-bridge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-options-resolver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-propel1-bridge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-property-access\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-proxy-manager-bridge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-routing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-security\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-security-bundle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-serializer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-stopwatch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-swiftmailer-bridge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-templating\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-translation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-twig-bridge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-twig-bundle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-validator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-web-profiler-bundle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-symfony-yaml\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-browser-kit\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-class-loader\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-classloader\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-config\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-console\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-css-selector\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-debug\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-dependency-injection\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-doctrine-bridge\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-dom-crawler\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-event-dispatcher\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-eventdispatcher\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-filesystem\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-finder\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-form\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-framework-bundle\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-http-foundation\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-http-kernel\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-intl\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-locale\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-monolog-bridge\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-options-resolver\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-process\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-propel1-bridge\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-property-access\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-proxy-manager-bridge\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-routing\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-security\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-security-bundle\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-serializer\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-stopwatch\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-swiftmailer-bridge\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-templating\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-translation\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-twig-bridge\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-twig-bundle\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-validator\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-web-profiler-bundle\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-symfony-yaml\", reference:\"2.3.21+dfsg-4+deb8u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-02-01T01:53:12", "description": "Multiple vulnerabilities have been found in the Symfony PHP framework\nwhich could lead to open redirects, cross-site request forgery,\ninformation disclosure, session fixation or denial of service.", "edition": 24, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-08-06T00:00:00", "title": "Debian DSA-4262-1 : symfony - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11406", "CVE-2017-16790", "CVE-2016-2403", "CVE-2017-16653", "CVE-2018-11386", "CVE-2018-11385", "CVE-2017-16654", "CVE-2017-1665"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:symfony", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4262.NASL", "href": "https://www.tenable.com/plugins/nessus/111535", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4262. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111535);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/13 12:30:47\");\n\n script_cve_id(\"CVE-2016-2403\", \"CVE-2017-1665\", \"CVE-2017-16653\", \"CVE-2017-16654\", \"CVE-2017-16790\", \"CVE-2018-11385\", \"CVE-2018-11386\", \"CVE-2018-11406\");\n script_xref(name:\"DSA\", value:\"4262\");\n\n script_name(english:\"Debian DSA-4262-1 : symfony - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities have been found in the Symfony PHP framework\nwhich could lead to open redirects, cross-site request forgery,\ninformation disclosure, session fixation or denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/symfony\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/symfony\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4262\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the symfony packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 2.8.7+dfsg-1.3+deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:symfony\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-asset\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-browser-kit\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-class-loader\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-config\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-console\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-css-selector\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-debug\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-debug-bundle\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-dependency-injection\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-doctrine-bridge\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-dom-crawler\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-event-dispatcher\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-expression-language\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-filesystem\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-finder\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-form\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-framework-bundle\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-http-foundation\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-http-kernel\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-intl\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-ldap\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-locale\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-monolog-bridge\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-options-resolver\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-phpunit-bridge\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-process\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-property-access\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-property-info\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-proxy-manager-bridge\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-routing\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-security\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-security-bundle\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-security-core\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-security-csrf\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-security-guard\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-security-http\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-serializer\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-stopwatch\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-swiftmailer-bridge\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-templating\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-translation\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-twig-bridge\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-twig-bundle\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-validator\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-var-dumper\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-web-profiler-bundle\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php-symfony-yaml\", reference:\"2.8.7+dfsg-1.3+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-06-10T12:44:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11406", "CVE-2017-16652", "CVE-2018-11386", "CVE-2018-11385", "CVE-2018-11408"], "description": "This host runs Symfony and is prone to multiple vulnerabilities.", "modified": "2019-06-07T00:00:00", "published": "2018-11-20T00:00:00", "id": "OPENVAS:1361412562310112433", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310112433", "type": "openvas", "title": "Sensiolabs Symfony 2.7.x < 2.7.48, 2.8.x < 2.8.41, 3.3.x < 3.3.17, 3.4.x < 3.4.11, and 4.0.x < 4.0.11 Multiple Vulnerabilities", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Sensiolabs Symfony 2.7.x < 2.7.48, 2.8.x < 2.8.41, 3.3.x < 3.3.17, 3.4.x < 3.4.11, and 4.0.x < 4.0.11 Multiple Vulnerabilities\n#\n# Authors:\n# Adrian Steins <adrian.steins@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, https://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif( description )\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.112433\");\n script_version(\"2019-06-07T10:18:19+0000\");\n script_tag(name:\"last_modification\", value:\"2019-06-07 10:18:19 +0000 (Fri, 07 Jun 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-11-20 14:53:12 +0100 (Tue, 20 Nov 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_cve_id(\"CVE-2018-11385\", \"CVE-2018-11386\", \"CVE-2018-11406\", \"CVE-2018-11408\");\n\n script_name(\"Sensiolabs Symfony 2.7.x < 2.7.48, 2.8.x < 2.8.41, 3.3.x < 3.3.17, 3.4.x < 3.4.11, and 4.0.x < 4.0.11 Multiple Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_symfony_consolidation.nasl\");\n script_mandatory_keys(\"symfony/detected\");\n\n script_tag(name:\"summary\", value:\"This host runs Symfony and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The following vulnerabilities exist:\n\n - A session fixation vulnerability within the 'Guard' login feature may allow an attacker to impersonate\n a victim towards the web application if the session id value was previously known to the attacker. (CVE-2018-11385)\n\n - The PDOSessionHandler class allows storing sessions on a PDO connection. Under some configurations\n and with a well-crafted payload, it was possible to do a denial of service on a Symfony application without too much resources.\n (CVE-2018-11386)\n\n - By default, a user's session is invalidated when the user is logged out. This behavior can be disabled\n through the invalidate_session option. In this case, CSRF tokens were not erased during logout which allowed for CSRF token fixation.\n (CVE-2018-11406)\n\n - The security handlers in the Security component in Symfony have an Open redirect vulnerability\n when security.http_utils is inlined by a container. NOTE: this issue exists because of an incomplete fix for CVE-2017-16652.\n (CVE-2018-11408)\");\n\n script_tag(name:\"affected\", value:\"Symfony versions 2.7.0 to 2.7.47, 2.8.0 to 2.8.40, 3.3.0 to 3.3.16, 3.4.0 to 3.4.10 and 4.0.0 to 4.0.10.\");\n\n script_tag(name:\"solution\", value:\"The issue has been fixed in Symfony 2.7.48, 2.8.41, 3.3.17, 3.4.11 and 4.0.11.\n\n NOTE: No fixes are provided for Symfony 3.0, 3.1, and 3.2 as they are not maintained anymore.\n It is recommended to upgrade to a supported version.\");\n\n script_xref(name:\"URL\", value:\"https://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-guard-authentication\");\n script_xref(name:\"URL\", value:\"https://symfony.com/blog/cve-2018-11386-denial-of-service-when-using-pdosessionhandler\");\n script_xref(name:\"URL\", value:\"https://symfony.com/blog/cve-2018-11406-csrf-token-fixation\");\n script_xref(name:\"URL\", value:\"https://symfony.com/blog/cve-2018-11408-open-redirect-vulnerability-on-security-handlers\");\n\n exit(0);\n}\n\nCPE = \"cpe:/a:sensiolabs:symfony\";\n\ninclude( \"host_details.inc\" );\ninclude( \"version_func.inc\" );\n\nif( isnull( port = get_app_port( cpe: CPE ) ) ) exit( 0 );\nif( ! infos = get_app_version_and_location( cpe: CPE, port: port, exit_no_version: TRUE) ) exit( 0 );\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif( version_in_range( version: version, test_version: \"2.7.0\", test_version2: \"2.7.47\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"2.7.48\", install_path: location );\n security_message( data: report, port: port );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"2.8.0\", test_version2: \"2.8.40\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"2.8.41\", install_path: location);\n security_message( data: report, port: port );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"3.0.0\", test_version2: \"3.3.16\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"3.3.17\", install_path: location );\n security_message( data: report, port: port );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"3.4.0\", test_version2: \"3.4.10\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"3.4.11\", install_path: location );\n security_message( data: report, port: port );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"4.0.0\", test_version2: \"4.0.10\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"4.0.11\", install_path: location );\n security_message( data: report, port: port );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11406", "CVE-2018-11407", "CVE-2017-16652", "CVE-2018-11386", "CVE-2018-11385", "CVE-2018-11408"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-07-08T00:00:00", "id": "OPENVAS:1361412562310874781", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874781", "type": "openvas", "title": "Fedora Update for php-symfony3 FEDORA-2018-c8ddc44bbb", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_c8ddc44bbb_php-symfony3_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for php-symfony3 FEDORA-2018-c8ddc44bbb\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874781\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-07-08 06:05:21 +0200 (Sun, 08 Jul 2018)\");\n script_cve_id(\"CVE-2018-11407\", \"CVE-2018-11408\", \"CVE-2018-11406\", \"CVE-2018-11385\",\n \"CVE-2018-11386\", \"CVE-2017-16652\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php-symfony3 FEDORA-2018-c8ddc44bbb\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-symfony3'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"php-symfony3 on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-c8ddc44bbb\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZXBF7ZKEJK6CXMRI5JWG2VHKQRMKE6Q\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-symfony3\", rpm:\"php-symfony3~3.3.17~1.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11406", "CVE-2018-11407", "CVE-2017-16652", "CVE-2018-11386", "CVE-2018-11385", "CVE-2018-11408"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-07-08T00:00:00", "id": "OPENVAS:1361412562310874782", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874782", "type": "openvas", "title": "Fedora Update for php-symfony FEDORA-2018-2bdfc9dc67", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_2bdfc9dc67_php-symfony_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for php-symfony FEDORA-2018-2bdfc9dc67\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874782\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-07-08 06:05:44 +0200 (Sun, 08 Jul 2018)\");\n script_cve_id(\"CVE-2017-16652\", \"CVE-2018-11385\", \"CVE-2018-11386\", \"CVE-2018-11406\",\n \"CVE-2018-11407\", \"CVE-2018-11408\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php-symfony FEDORA-2018-2bdfc9dc67\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-symfony'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"php-symfony on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-2bdfc9dc67\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZ3EMFATZORKWAJJPIBTEN56NNCCJXBQ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-symfony\", rpm:\"php-symfony~2.8.42~1.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T19:27:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-16652", "CVE-2018-19790", "CVE-2018-14773", "CVE-2018-11385", "CVE-2017-16654", "CVE-2018-19789", "CVE-2018-11408"], "description": "Several security vulnerabilities have been discovered in symfony, a PHP\nweb application framework. Numerous symfony components are affected:\nSecurity, bundle readers, session handling, SecurityBundle,\nHttpFoundation, Form, and Security\\Http.\n\nThe referenced upstream advisories contain further details.", "modified": "2020-01-29T00:00:00", "published": "2019-03-11T00:00:00", "id": "OPENVAS:1361412562310891707", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891707", "type": "openvas", "title": "Debian LTS: Security Advisory for symfony (DLA-1707-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891707\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2017-16652\", \"CVE-2017-16654\", \"CVE-2018-11385\", \"CVE-2018-11408\", \"CVE-2018-14773\",\n \"CVE-2018-19789\", \"CVE-2018-19790\");\n script_name(\"Debian LTS: Security Advisory for symfony (DLA-1707-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-03-11 00:00:00 +0100 (Mon, 11 Mar 2019)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html\");\n script_xref(name:\"URL\", value:\"https://symfony.com/blog/cve-2017-16652-open-redirect-vulnerability-on-security-handlers\");\n script_xref(name:\"URL\", value:\"https://symfony.com/blog/cve-2017-16654-intl-bundle-readers-breaking-out-of-paths\");\n script_xref(name:\"URL\", value:\"https://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-guard-authentication\");\n script_xref(name:\"URL\", value:\"https://symfony.com/blog/cve-2018-11408-open-redirect-vulnerability-on-security-handlers\");\n script_xref(name:\"URL\", value:\"https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers\");\n script_xref(name:\"URL\", value:\"https://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-full-path\");\n script_xref(name:\"URL\", value:\"https://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"symfony on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n2.3.21+dfsg-4+deb8u4.\n\nWe recommend that you upgrade your symfony packages.\");\n\n script_tag(name:\"summary\", value:\"Several security vulnerabilities have been discovered in symfony, a PHP\nweb application framework. Numerous symfony components are affected:\nSecurity, bundle readers, session handling, SecurityBundle,\nHttpFoundation, Form, and Security\\Http.\n\nThe referenced upstream advisories contain further details.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-browser-kit\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-class-loader\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-classloader\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-config\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-console\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-css-selector\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-debug\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-dependency-injection\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-doctrine-bridge\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-dom-crawler\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-event-dispatcher\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-eventdispatcher\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-filesystem\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-finder\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-form\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-framework-bundle\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-http-foundation\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-http-kernel\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-intl\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-locale\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-monolog-bridge\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-options-resolver\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-process\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-propel1-bridge\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-property-access\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-proxy-manager-bridge\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-routing\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-security\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-security-bundle\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-serializer\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-stopwatch\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-swiftmailer-bridge\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-templating\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-translation\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-twig-bridge\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-twig-bundle\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-validator\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-web-profiler-bundle\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-yaml\", ver:\"2.3.21+dfsg-4+deb8u4\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11406", "CVE-2018-11407", "CVE-2018-14774", "CVE-2018-14773", "CVE-2018-11386", "CVE-2018-11385", "CVE-2018-11408"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-08-15T00:00:00", "id": "OPENVAS:1361412562310874951", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874951", "type": "openvas", "title": "Fedora Update for php-symfony3 FEDORA-2018-6f3ceeb7cb", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_6f3ceeb7cb_php-symfony3_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for php-symfony3 FEDORA-2018-6f3ceeb7cb\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874951\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-15 06:37:18 +0200 (Wed, 15 Aug 2018)\");\n script_cve_id(\"CVE-2018-14773\", \"CVE-2018-14774\", \"CVE-2018-11407\", \"CVE-2018-11408\",\n \"CVE-2018-11406\", \"CVE-2018-11385\", \"CVE-2018-11386\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for php-symfony3 FEDORA-2018-6f3ceeb7cb\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-symfony3'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"php-symfony3 on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-6f3ceeb7cb\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYJO6FI4ZZDXA5WEHNAPHKC55OMNF5Z3\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-symfony3\", rpm:\"php-symfony3~3.3.18~1.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-04T18:55:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11406", "CVE-2017-16790", "CVE-2016-2403", "CVE-2017-16653", "CVE-2018-11386", "CVE-2018-11385", "CVE-2017-16654", "CVE-2017-1665"], "description": "Multiple vulnerabilities have been found in the Symfony PHP framework\nwhich could lead to open redirects, cross-site request forgery,\ninformation disclosure, session fixation or denial of service.", "modified": "2019-07-04T00:00:00", "published": "2018-08-03T00:00:00", "id": "OPENVAS:1361412562310704262", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704262", "type": "openvas", "title": "Debian Security Advisory DSA 4262-1 (symfony - security update)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4262-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704262\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2016-2403\", \"CVE-2017-1665\", \"CVE-2017-16653\", \"CVE-2017-16654\", \"CVE-2017-16790\",\n \"CVE-2018-11385\", \"CVE-2018-11386\", \"CVE-2018-11406\");\n script_name(\"Debian Security Advisory DSA 4262-1 (symfony - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-08-03 00:00:00 +0200 (Fri, 03 Aug 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4262.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"symfony on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 2.8.7+dfsg-1.3+deb9u1.\n\nWe recommend that you upgrade your symfony packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/symfony\");\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities have been found in the Symfony PHP framework\nwhich could lead to open redirects, cross-site request forgery,\ninformation disclosure, session fixation or denial of service.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-asset\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-browser-kit\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-class-loader\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-config\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-console\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-css-selector\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-debug\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-debug-bundle\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-dependency-injection\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-doctrine-bridge\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-dom-crawler\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-event-dispatcher\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-expression-language\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-filesystem\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-finder\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-form\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-framework-bundle\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-http-foundation\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-http-kernel\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-intl\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-ldap\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-locale\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-monolog-bridge\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-options-resolver\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-phpunit-bridge\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-process\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-property-access\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-property-info\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-proxy-manager-bridge\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-routing\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-security\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-security-bundle\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-security-core\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-security-csrf\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-security-guard\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-security-http\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-serializer\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-stopwatch\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-swiftmailer-bridge\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-templating\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-translation\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-twig-bridge\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-twig-bundle\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-validator\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-var-dumper\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-web-profiler-bundle\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"php-symfony-yaml\", ver:\"2.8.7+dfsg-1.3+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-08-12T00:47:19", "bulletinFamily": "unix", "cvelist": ["CVE-2017-16652", "CVE-2018-19790", "CVE-2018-14773", "CVE-2018-11385", "CVE-2017-16654", "CVE-2018-19789", "CVE-2018-11408"], "description": "Package : symfony\nVersion : 2.3.21+dfsg-4+deb8u4\nCVE ID : CVE-2017-16652 CVE-2017-16654 CVE-2018-11385 CVE-2018-11408 \n CVE-2018-14773 CVE-2018-19789 CVE-2018-19790\n\n\nSeveral security vulnerabilities have been discovered in symfony, a PHP\nweb application framework. Numerous symfony components are affected:\nSecurity, bundle readers, session handling, SecurityBundle,\nHttpFoundation, Form, and Security\\Http.\n\nThe corresponding upstream advisories contain further details:\n\n[CVE-2017-16652]\nhttps://symfony.com/blog/cve-2017-16652-open-redirect-vulnerability-on-security-handlers\n\n[CVE-2017-16654]\nhttps://symfony.com/blog/cve-2017-16654-intl-bundle-readers-breaking-out-of-paths\n\n[CVE-2018-11385]\nhttps://symfony.com/blog/cve-2018-11385-session-fixation-issue-for-guard-authentication\n\n[CVE-2018-11408]\nhttps://symfony.com/blog/cve-2018-11408-open-redirect-vulnerability-on-security-handlers\n\n[CVE-2018-14773]\nhttps://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers\n\n[CVE-2018-19789]\nhttps://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-full-path\n\n[CVE-2018-19790]\nhttps://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n2.3.21+dfsg-4+deb8u4.\n\nWe recommend that you upgrade your symfony packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 6, "modified": "2019-03-10T01:19:42", "published": "2019-03-10T01:19:42", "id": "DEBIAN:DLA-1707-1:A69DA", "href": "https://lists.debian.org/debian-lts-announce/2019/debian-lts-announce-201903/msg00009.html", "title": "[SECURITY] [DLA 1707-1] symfony security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T00:51:59", "bulletinFamily": "unix", "cvelist": ["CVE-2018-11406", "CVE-2017-16790", "CVE-2016-2403", "CVE-2017-16653", "CVE-2018-11386", "CVE-2018-11385", "CVE-2017-16654", "CVE-2017-1665"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4262-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nAugust 03, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : symfony\nCVE ID : CVE-2016-2403 CVE-2017-1665 CVE-2017-16653\n CVE-2017-16654 CVE-2017-16790 CVE-2018-11385\n\t\t CVE-2018-11386 CVE-2018-11406\n\nMultiple vulnerabilities have been found in the Symfony PHP framework\nwhich could lead to open redirects, cross-site request forgery,\ninformation disclosure, session fixation or denial of service.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2.8.7+dfsg-1.3+deb9u1.\n\nWe recommend that you upgrade your symfony packages.\n\nFor the detailed security status of symfony please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/symfony\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 8, "modified": "2018-08-03T16:33:24", "published": "2018-08-03T16:33:24", "id": "DEBIAN:DSA-4262-1:A308E", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00191.html", "title": "[SECURITY] [DSA 4262-1] symfony security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}