DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2019-11043", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2019-11043", "description": "In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.", "published": "2019-10-28T15:15:00", "modified": "2021-07-22T18:15:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11043", "reporter": "security@php.net", "references": ["https://github.com/neex/phuip-fpizdam", "https://bugs.php.net/bug.php?id=78599", "https://usn.ubuntu.com/4166-1/", "https://usn.ubuntu.com/4166-2/", "https://www.debian.org/security/2019/dsa-4553", "https://www.debian.org/security/2019/dsa-4552", "https://support.f5.com/csp/article/K75408500?utm_source=f5support&utm_medium=RSS", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/", "https://security.netapp.com/advisory/ntap-20191031-0003/", "https://access.redhat.com/errata/RHSA-2019:3287", "https://access.redhat.com/errata/RHSA-2019:3286", "https://access.redhat.com/errata/RHSA-2019:3299", "https://access.redhat.com/errata/RHSA-2019:3300", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/", "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html", "https://access.redhat.com/errata/RHSA-2019:3724", "https://access.redhat.com/errata/RHSA-2019:3735", "https://access.redhat.com/errata/RHSA-2019:3736", "https://www.synology.com/security/advisory/Synology_SA_19_36", "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html", "https://support.apple.com/kb/HT210919", "https://seclists.org/bugtraq/2020/Jan/44", "http://seclists.org/fulldisclosure/2020/Jan/40", "https://access.redhat.com/errata/RHSA-2020:0322", "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html", "https://www.tenable.com/security/tns-2021-14"], "cvelist": ["CVE-2019-11043"], "immutableFields": [], "lastseen": "2023-02-09T14:27:04", "viewCount": 3157, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2019:3735", "ALSA-2019:3736"]}, {"type": "amazon", "idList": ["ALAS-2019-1315", "ALAS2-2019-1344"]}, {"type": "apple", "idList": ["APPLE:57687011D0766424B56EB268957F8A8B", "APPLE:HT210919"]}, {"type": "archlinux", "idList": ["ASA-201910-14"]}, {"type": "attackerkb", "idList": ["AKB:1A028E9F-233B-47D8-8C85-FD179A3627EC"]}, {"type": "centos", "idList": ["CESA-2019:3286", "CESA-2019:3287"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-1453"]}, {"type": "cisa_kev", "idList": ["CISA-KEV-CVE-2019-11043"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1970-1:E007F", "DEBIAN:DSA-4552-1:9E828", "DEBIAN:DSA-4553-1:8D47C"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-11043"]}, {"type": "exploitdb", "idList": ["EDB-ID:47553"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:9F633F41C64CB6F19F95C80592ADA235"]}, {"type": "f5", "idList": ["F5:K75408500"]}, {"type": "fedora", "idList": ["FEDORA:314A160963EE", "FEDORA:E3A496077836", "FEDORA:E83286076F61"]}, {"type": "freebsd", "idList": ["6A7C2AB0-00DD-11EA-83CE-705A0F828759"]}, {"type": "gentoo", "idList": ["GLSA-201910-01"]}, {"type": "githubexploit", "idList": ["37252618-7152-5162-BF75-250EE342CB49", "391F4CAB-3936-5680-ABC7-E2BAC6F388E1", "4CD5443F-B7DE-59CB-A1DB-A86A9195A110", "552AB4A5-9474-5375-9A1E-7A4EFC3238D2", "6472B526-9541-56D3-B098-8199F554937C", "6E11EB2E-EFDA-5C6C-B822-245A4F08AFAA", "731BC7EF-75BA-5918-AA70-493EB4F15C1A", "89603B6A-F23E-5950-B12D-D7D3AEF329CA", "89BF594C-672A-50D6-B92C-9813C1361242", "919729FB-143D-5088-981B-D27AD2B3F5D2", "927524F4-E84C-5F1F-B3F9-E65CE2A1FD21", "999BE14F-35F1-56A6-925F-BAAB2E141BE1", "DD9F5BE6-AA7E-55A9-9099-8CDE03A2ADEE", "DFB00902-0D20-56C6-8EF8-0D8351E62151", "E54F0CA1-3DDF-5A07-9863-1DDF42E4BFFB", "F7412832-C589-52D7-B910-DE4B7233DBD5"]}, {"type": "hackerone", "idList": ["H1:720306", "H1:722327"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:70B3C77A2DC5965EB28755E5F9FD9BFD", "IMPERVABLOG:A30E92D9B177CCFF9F5476DD34E25F51"]}, {"type": "mageia", "idList": ["MGASA-2019-0307"]}, {"type": "nessus", "idList": ["701235.PRM", "AL2_ALAS-2019-1344.NASL", "ALA_ALAS-2019-1315.NASL", "CENTOS8_RHSA-2019-3735.NASL", "CENTOS8_RHSA-2019-3736.NASL", "CENTOS_RHSA-2019-3286.NASL", "CENTOS_RHSA-2019-3287.NASL", "DEBIAN_DLA-1970.NASL", "DEBIAN_DSA-4552.NASL", "DEBIAN_DSA-4553.NASL", "EULEROS_SA-2019-2295.NASL", "EULEROS_SA-2019-2438.NASL", "EULEROS_SA-2019-2546.NASL", "EULEROS_SA-2019-2649.NASL", "EULEROS_SA-2020-1058.NASL", "EULEROS_SA-2020-1747.NASL", "FEDORA_2019-187AE3128D.NASL", "FEDORA_2019-4ADC49A476.NASL", "FEDORA_2019-7BB07C3B02.NASL", "FREEBSD_PKG_6A7C2AB000DD11EA83CE705A0F828759.NASL", "GENTOO_GLSA-201910-01.NASL", "MACOS_HT210919.NASL", "NEWSTART_CGSL_NS-SA-2019-0214_PHP.NASL", "NEWSTART_CGSL_NS-SA-2020-0001_PHP.NASL", "NEWSTART_CGSL_NS-SA-2020-0018_PHP.NASL", "OPENSUSE-2019-2441.NASL", "OPENSUSE-2019-2457.NASL", "OPENSUSE-2021-1130.NASL", "OPENSUSE-2021-2575.NASL", "OPENSUSE-2021-2637.NASL", "OPENSUSE-2021-2795.NASL", "ORACLELINUX_ELSA-2019-3286.NASL", "ORACLELINUX_ELSA-2019-3287.NASL", "ORACLELINUX_ELSA-2019-3735.NASL", "ORACLELINUX_ELSA-2019-3736.NASL", "PHP_7_3_11.NASL", "PHP_7_4_0.NASL", "PHP_RCE_CVE_2019_11043.NBIN", "REDHAT-RHSA-2019-3286.NASL", "REDHAT-RHSA-2019-3287.NASL", "REDHAT-RHSA-2019-3735.NASL", "REDHAT-RHSA-2019-3736.NASL", "REDHAT-RHSA-2020-0322.NASL", "REDHAT-RHSA-2020-2835.NASL", "SECURITYCENTER_5_19_0_TNS_2021_08.NASL", "SECURITYCENTER_5_19_0_TNS_2021_14.NASL", "SL_20191031_PHP_ON_SL6_X.NASL", "SL_20191031_PHP_ON_SL7_X.NASL", "SUSE_SU-2019-2809-1.NASL", "SUSE_SU-2019-2819-1.NASL", "SUSE_SU-2019-2909-1.NASL", "SUSE_SU-2020-0522-1.NASL", "SUSE_SU-2021-2564-1.NASL", "SUSE_SU-2021-2636-1.NASL", "SUSE_SU-2021-2637-1.NASL", "SUSE_SU-2021-2638-1.NASL", "SUSE_SU-2021-2795-1.NASL", "SUSE_SU-2022-4067-1.NASL", "UBUNTU_USN-4166-1.NASL", "VIRTUOZZO_VZLSA-2019-3286.NASL", "VIRTUOZZO_VZLSA-2019-3287.NASL", "WEB_APPLICATION_SCANNING_98766", "WEB_APPLICATION_SCANNING_98767", "WEB_APPLICATION_SCANNING_98768"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108692", "OPENVAS:1361412562310704552", "OPENVAS:1361412562310704553", "OPENVAS:1361412562310816617", "OPENVAS:1361412562310844212", "OPENVAS:1361412562310852763", "OPENVAS:1361412562310852842", "OPENVAS:1361412562310876958", "OPENVAS:1361412562310876962", "OPENVAS:1361412562310877110", "OPENVAS:1361412562310883127", "OPENVAS:1361412562310883128", "OPENVAS:1361412562310891970", "OPENVAS:1361412562311220192295", "OPENVAS:1361412562311220192438", "OPENVAS:1361412562311220192546", "OPENVAS:1361412562311220192649", "OPENVAS:1361412562311220201058", "OPENVAS:1361412562311220201747"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-3286", "ELSA-2019-3287", "ELSA-2019-3735", "ELSA-2019-3736", "ELSA-2020-1112"]}, {"type": "osv", "idList": ["OSV:DLA-1970-1", "OSV:DSA-4552-1", "OSV:DSA-4553-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:156642"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:FAA1D7335127516FFE0506E88A2CC6C6"]}, {"type": "redhat", "idList": ["RHSA-2019:3286", "RHSA-2019:3287", "RHSA-2019:3299", "RHSA-2019:3300", "RHSA-2019:3724", "RHSA-2019:3735", "RHSA-2019:3736", "RHSA-2020:0322", "RHSA-2020:2835"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-11043"]}, {"type": "rocky", "idList": ["RLSA-2019:3735", "RLSA-2019:3736"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2441-1", "OPENSUSE-SU-2019:2457-1"]}, {"type": "symantec", "idList": ["SMNTC-110608"]}, {"type": "thn", "idList": ["THN:33406DFBF4BACB74D00B9F929C1F4890", "THN:B9AD1A8C118DBF486256A5AD0D9ECBE6"]}, {"type": "threatpost", "idList": ["THREATPOST:23F7B700004D9E49820C4F500FFBF14C", "THREATPOST:A45826A8CDA7058392C4901D6AAD15F1", "THREATPOST:B3BA1E2BDAE404AB09829F90C4A42D56", "THREATPOST:DBA639CBD82839FDE8E9F4AE1031AAF7", "THREATPOST:DDB6E2767CFC8FF972505D4C12E6AB6B"]}, {"type": "ubuntu", "idList": ["USN-4166-1", "USN-4166-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-11043"]}, {"type": "veracode", "idList": ["VERACODE:25361"]}, {"type": "zdt", "idList": ["1337DAY-ID-33426", "1337DAY-ID-34058"]}]}, "score": {"value": 4.1, "vector": "NONE"}, "twitter": {"counter": 9, "tweets": [{"link": "https://twitter.com/VulmonFeeds/status/1339773209458204672", "text": "CVE-2019-11043\n\nIn PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certai...\n\nhttps://t.co/bZQvN3PzTs?amp=1\n\nIntegrate vulnerability intelligence into your vulnerability management process: https://t.co/9ueQ6QreqH?amp=1"}, {"link": "https://twitter.com/housu_jp/status/1403269474749349891", "text": "PHP-FPM RCE(CVE-2019-11043)\u306e\u653b\u6483\u3092AWS WAF\u3067\u30d6\u30ed\u30c3\u30af - \u307e\u3063\u305f\u308a\u6280\u8853\u30d6\u30ed\u30b0"}, {"link": "https://twitter.com/housu_jp/status/1400649464675590146", "text": "\u3010\u691c\u8a3c\u3011PHP\u306e\u30b3\u30de\u30f3\u30c9\u5b9f\u884c\u306e\u8106\u5f31\u6027\u3092\u60aa\u7528\u3059\u308b\u653b\u6483\u901a\u4fe1\u306e\u691c\u77e5 (CVE-2019-11043)"}, {"link": "https://twitter.com/_vinny_92/status/1419399392579055616", "text": "New security test: CVE-2019-11043 PHP-FPM & NGINX RCE /hashtag/reminders?src=hashtag_click"}, {"link": "https://twitter.com/LinInfoSec/status/1418310165464485890", "text": "Php - CVE-2019-11043:"}, {"link": "https://twitter.com/VulmonFeeds/status/1388232434085400582", "text": "CVE-2019-11043\n\nIn PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space...\n\nhttps://t.co/bZQvN3PzTs?amp=1"}, {"link": "https://twitter.com/housu_jp/status/1400649869237231617", "text": "PHP-FPM Remote Command Execution (CVE-2019-11043)\nhttps://t.co/rg587jWji3?amp=1"}, {"link": "https://twitter.com/housu_jp/status/1400650474529779723", "text": "CVE-2019-11043\uff1aPHP-FPM\u306b\u304a\u3051\u308b\u8106\u5f31\u6027\u306b\u3088\u308a\u3001nginx\u3067\u30ea\u30e2\u30fc\u30c8\u304b\u3089\u4efb\u610f\u306e\u30b3\u30fc\u30c9\u304c\u5b9f\u884c\u3055\u308c\u308b\u53ef\u80fd\u6027\u3042\u308a"}, {"link": "https://twitter.com/Anonymous__1947/status/1536504442320740353", "text": "Used: CVE-2019-11043\n\nuseful info is Apache web server version 2.2.15 CentOS distro.", "author": "Anonymous__1947", "author_photo": "https://pbs.twimg.com/profile_images/1497196535074983942/qksMev7R_400x400.jpg"}]}, "backreferences": {"references": [{"type": "almalinux", "idList": ["ALSA-2019:3735", "ALSA-2019:3736"]}, {"type": "amazon", "idList": ["ALAS-2019-1315", "ALAS2-2019-1344"]}, {"type": "apple", "idList": ["APPLE:57687011D0766424B56EB268957F8A8B", "APPLE:HT210919"]}, {"type": "archlinux", "idList": ["ASA-201910-14"]}, {"type": "attackerkb", "idList": ["AKB:1A028E9F-233B-47D8-8C85-FD179A3627EC"]}, {"type": "centos", "idList": ["CESA-2019:3286", "CESA-2019:3287"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-1453"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1970-1:E007F", "DEBIAN:DSA-4552-1:9E828", "DEBIAN:DSA-4553-1:8D47C"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-11043"]}, {"type": "exploitdb", "idList": ["EDB-ID:47553"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:9F633F41C64CB6F19F95C80592ADA235"]}, {"type": "f5", "idList": ["F5:K75408500"]}, {"type": "fedora", "idList": ["FEDORA:314A160963EE", "FEDORA:E3A496077836", "FEDORA:E83286076F61"]}, {"type": "freebsd", "idList": ["6A7C2AB0-00DD-11EA-83CE-705A0F828759"]}, {"type": "gentoo", "idList": ["GLSA-201910-01"]}, {"type": "githubexploit", "idList": ["37252618-7152-5162-BF75-250EE342CB49", "391F4CAB-3936-5680-ABC7-E2BAC6F388E1", "4CD5443F-B7DE-59CB-A1DB-A86A9195A110", "552AB4A5-9474-5375-9A1E-7A4EFC3238D2", "6472B526-9541-56D3-B098-8199F554937C", "6E11EB2E-EFDA-5C6C-B822-245A4F08AFAA", "731BC7EF-75BA-5918-AA70-493EB4F15C1A", "89603B6A-F23E-5950-B12D-D7D3AEF329CA", "89BF594C-672A-50D6-B92C-9813C1361242", "919729FB-143D-5088-981B-D27AD2B3F5D2", "927524F4-E84C-5F1F-B3F9-E65CE2A1FD21", "999BE14F-35F1-56A6-925F-BAAB2E141BE1", "DD9F5BE6-AA7E-55A9-9099-8CDE03A2ADEE", "DFB00902-0D20-56C6-8EF8-0D8351E62151", "E54F0CA1-3DDF-5A07-9863-1DDF42E4BFFB", "F7412832-C589-52D7-B910-DE4B7233DBD5"]}, {"type": "hackerone", "idList": ["H1:720306"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:70B3C77A2DC5965EB28755E5F9FD9BFD"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/MULTI/HTTP/PHP_FPM_RCE"]}, {"type": "nessus", "idList": ["AL2_ALAS-2019-1344.NASL", "ALA_ALAS-2019-1315.NASL", "CENTOS_RHSA-2019-3286.NASL", "CENTOS_RHSA-2019-3287.NASL", "DEBIAN_DLA-1970.NASL", "DEBIAN_DSA-4552.NASL", "DEBIAN_DSA-4553.NASL", "EULEROS_SA-2019-2295.NASL", "EULEROS_SA-2019-2438.NASL", "EULEROS_SA-2019-2546.NASL", "EULEROS_SA-2019-2649.NASL", "FEDORA_2019-187AE3128D.NASL", "FEDORA_2019-4ADC49A476.NASL", "FEDORA_2019-7BB07C3B02.NASL", "GENTOO_GLSA-201910-01.NASL", "NEWSTART_CGSL_NS-SA-2019-0214_PHP.NASL", "NEWSTART_CGSL_NS-SA-2020-0018_PHP.NASL", "ORACLELINUX_ELSA-2019-3286.NASL", "ORACLELINUX_ELSA-2019-3287.NASL", "PHP_7_3_11.NASL", "PHP_7_4_0.NASL", "REDHAT-RHSA-2019-3286.NASL", "REDHAT-RHSA-2019-3287.NASL", "SL_20191031_PHP_ON_SL6_X.NASL", "SL_20191031_PHP_ON_SL7_X.NASL", "SUSE_SU-2019-2809-1.NASL", "SUSE_SU-2019-2819-1.NASL", "SUSE_SU-2020-0522-1.NASL", "UBUNTU_USN-4166-1.NASL", "VIRTUOZZO_VZLSA-2019-3287.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108692", "OPENVAS:1361412562310704552", "OPENVAS:1361412562310704553", "OPENVAS:1361412562310844212", "OPENVAS:1361412562310876958", "OPENVAS:1361412562310876962", "OPENVAS:1361412562310883127", "OPENVAS:1361412562310883128", "OPENVAS:1361412562310891970"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-3286", "ELSA-2019-3287"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:156642"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:FAA1D7335127516FFE0506E88A2CC6C6"]}, {"type": "redhat", "idList": ["RHSA-2019:3300", "RHSA-2019:3735", "RHSA-2019:3736"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-11043"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2441-1"]}, {"type": "symantec", "idList": ["SMNTC-110608"]}, {"type": "thn", "idList": ["THN:B9AD1A8C118DBF486256A5AD0D9ECBE6"]}, {"type": "threatpost", "idList": ["THREATPOST:23F7B700004D9E49820C4F500FFBF14C", "THREATPOST:DBA639CBD82839FDE8E9F4AE1031AAF7"]}, {"type": "ubuntu", "idList": ["USN-4166-1", "USN-4166-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-11043"]}, {"type": "zdt", "idList": ["1337DAY-ID-33426", "1337DAY-ID-34058"]}]}, "exploitation": {"wildExploited": true, "wildExploitedSources": [{"type": "cisa_kev", "idList": ["CISA-KEV-CVE-2019-11043"]}]}, "affected_software": {"major_version": [{"name": "php", "version": 7}, {"name": "php", "version": 7}, {"name": "php", "version": 7}, {"name": "canonical ubuntu linux", "version": 12}, {"name": "canonical ubuntu linux", "version": 14}, {"name": "canonical ubuntu linux", "version": 16}, {"name": "canonical ubuntu linux", "version": 18}, {"name": "canonical ubuntu linux", "version": 19}, {"name": "canonical ubuntu linux", "version": 19}, {"name": "debian debian linux", "version": 9}, {"name": "debian debian linux", "version": 10}]}, "epss": [{"cve": "CVE-2019-11043", "epss": "0.973750000", "percentile": "0.998010000", "modified": "2023-03-14"}], "vulnersScore": 4.1}, "_state": {"dependencies": 1675957601, "score": 1675958347, "twitter": 0, "cisa_kev_wildexploited": 1675958985, "affected_software_major_version": 1677283284, "epss": 1678887117}, "_internal": {"score_hash": "609248cd4044f5c4880a2121963050b9"}, "cna_cvss": {"cna": "PHP Group", "cvss": {"3": {"vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "score": 8.7}}}, "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:canonical:ubuntu_linux:19.04", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:canonical:ubuntu_linux:19.10", "cpe:/o:canonical:ubuntu_linux:18.04"], "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"], "cwe": ["CWE-787"], "affectedSoftware": [{"cpeName": "php:php", "version": "7.1.33", "operator": "lt", "name": "php"}, {"cpeName": "php:php", "version": "7.2.24", "operator": "lt", "name": "php"}, {"cpeName": "php:php", "version": "7.3.11", "operator": "lt", "name": "php"}, {"cpeName": "canonical:ubuntu_linux", "version": "16.04", "operator": "eq", "name": "canonical ubuntu linux"}, {"cpeName": "canonical:ubuntu_linux", "version": "12.04", "operator": "eq", "name": "canonical ubuntu linux"}, {"cpeName": "canonical:ubuntu_linux", "version": "18.04", "operator": "eq", "name": "canonical ubuntu linux"}, {"cpeName": "canonical:ubuntu_linux", "version": "19.04", "operator": "eq", "name": "canonical ubuntu linux"}, {"cpeName": "canonical:ubuntu_linux", "version": "14.04", "operator": "eq", "name": "canonical ubuntu linux"}, {"cpeName": "canonical:ubuntu_linux", "version": "19.10", "operator": "eq", "name": "canonical ubuntu linux"}, {"cpeName": "debian:debian_linux", "version": "9.0", "operator": "eq", "name": "debian debian linux"}, {"cpeName": "debian:debian_linux", "version": "10.0", "operator": "eq", "name": "debian debian linux"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:7.1.33:*:*:*:*:*:*:*", "versionStartIncluding": "7.1.0", "versionEndExcluding": "7.1.33", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:7.2.24:*:*:*:*:*:*:*", "versionStartIncluding": "7.2.0", "versionEndExcluding": "7.2.24", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:php:php:7.3.11:*:*:*:*:*:*:*", "versionStartIncluding": "7.3.0", "versionEndExcluding": "7.3.11", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://github.com/neex/phuip-fpizdam", "name": "https://github.com/neex/phuip-fpizdam", "refsource": "MISC", "tags": ["Exploit", "Third Party Advisory"]}, {"url": "https://bugs.php.net/bug.php?id=78599", "name": "https://bugs.php.net/bug.php?id=78599", "refsource": "CONFIRM", "tags": ["Exploit", "Issue Tracking", "Patch", "Vendor Advisory"]}, {"url": "https://usn.ubuntu.com/4166-1/", "name": "USN-4166-1", "refsource": "UBUNTU", "tags": ["Third Party Advisory"]}, {"url": "https://usn.ubuntu.com/4166-2/", "name": "USN-4166-2", "refsource": "UBUNTU", "tags": ["Third Party Advisory"]}, {"url": "https://www.debian.org/security/2019/dsa-4553", "name": "DSA-4553", "refsource": "DEBIAN", "tags": ["Third Party Advisory"]}, {"url": "https://www.debian.org/security/2019/dsa-4552", "name": "DSA-4552", "refsource": "DEBIAN", "tags": ["Third Party Advisory"]}, {"url": "https://support.f5.com/csp/article/K75408500?utm_source=f5support&utm_medium=RSS", "name": "https://support.f5.com/csp/article/K75408500?utm_source=f5support&utm_medium=RSS", "refsource": "CONFIRM", "tags": []}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/", "name": "FEDORA-2019-4adc49a476", "refsource": "FEDORA", "tags": []}, {"url": "https://security.netapp.com/advisory/ntap-20191031-0003/", "name": "https://security.netapp.com/advisory/ntap-20191031-0003/", "refsource": "CONFIRM", "tags": []}, {"url": "https://access.redhat.com/errata/RHSA-2019:3287", "name": "RHSA-2019:3287", "refsource": "REDHAT", "tags": []}, {"url": "https://access.redhat.com/errata/RHSA-2019:3286", "name": "RHSA-2019:3286", "refsource": "REDHAT", "tags": []}, {"url": "https://access.redhat.com/errata/RHSA-2019:3299", "name": "RHSA-2019:3299", "refsource": "REDHAT", "tags": []}, {"url": "https://access.redhat.com/errata/RHSA-2019:3300", "name": "RHSA-2019:3300", "refsource": "REDHAT", "tags": []}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/", "name": "FEDORA-2019-187ae3128d", "refsource": "FEDORA", "tags": []}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/", "name": "FEDORA-2019-7bb07c3b02", "refsource": "FEDORA", "tags": []}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html", "name": "openSUSE-SU-2019:2441", "refsource": "SUSE", "tags": []}, {"url": "https://access.redhat.com/errata/RHSA-2019:3724", "name": "RHSA-2019:3724", "refsource": "REDHAT", "tags": []}, {"url": "https://access.redhat.com/errata/RHSA-2019:3735", "name": "RHSA-2019:3735", "refsource": "REDHAT", "tags": []}, {"url": "https://access.redhat.com/errata/RHSA-2019:3736", "name": "RHSA-2019:3736", "refsource": "REDHAT", "tags": []}, {"url": "https://www.synology.com/security/advisory/Synology_SA_19_36", "name": "https://www.synology.com/security/advisory/Synology_SA_19_36", "refsource": "CONFIRM", "tags": []}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html", "name": "openSUSE-SU-2019:2457", "refsource": "SUSE", "tags": []}, {"url": "https://support.apple.com/kb/HT210919", "name": "https://support.apple.com/kb/HT210919", "refsource": "CONFIRM", "tags": []}, {"url": "https://seclists.org/bugtraq/2020/Jan/44", "name": "20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra", "refsource": "BUGTRAQ", "tags": []}, {"url": "http://seclists.org/fulldisclosure/2020/Jan/40", "name": "20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra", "refsource": "FULLDISC", "tags": []}, {"url": "https://access.redhat.com/errata/RHSA-2020:0322", "name": "RHSA-2020:0322", "refsource": "REDHAT", "tags": []}, {"url": "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html", "name": "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html", "refsource": "MISC", "tags": []}, {"url": "https://www.tenable.com/security/tns-2021-14", "name": "https://www.tenable.com/security/tns-2021-14", "refsource": "CONFIRM", "tags": []}], "product_info": [{"vendor": "PHP", "product": "PHP"}]}

{"nessus": [{"lastseen": "2023-01-11T15:31:47", "description": "In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.(CVE-2019-11043)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-04T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : php (ALAS-2019-1344)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php", "p-cpe:/a:amazon:linux:php-bcmath", "p-cpe:/a:amazon:linux:php-cli", "p-cpe:/a:amazon:linux:php-common", "p-cpe:/a:amazon:linux:php-dba", "p-cpe:/a:amazon:linux:php-debuginfo", "p-cpe:/a:amazon:linux:php-devel", "p-cpe:/a:amazon:linux:php-embedded", "p-cpe:/a:amazon:linux:php-enchant", "p-cpe:/a:amazon:linux:php-fpm", "p-cpe:/a:amazon:linux:php-gd", "p-cpe:/a:amazon:linux:php-intl", "p-cpe:/a:amazon:linux:php-ldap", "p-cpe:/a:amazon:linux:php-mbstring", "p-cpe:/a:amazon:linux:php-mysqlnd", "p-cpe:/a:amazon:linux:php-odbc", "p-cpe:/a:amazon:linux:php-pdo", "p-cpe:/a:amazon:linux:php-pgsql", "p-cpe:/a:amazon:linux:php-process", "p-cpe:/a:amazon:linux:php-pspell", "p-cpe:/a:amazon:linux:php-recode", "p-cpe:/a:amazon:linux:php-snmp", "p-cpe:/a:amazon:linux:php-soap", "p-cpe:/a:amazon:linux:php-xml", "p-cpe:/a:amazon:linux:php-xmlrpc", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2019-1344.NASL", "href": "https://www.tenable.com/plugins/nessus/130470", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1344.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130470);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"ALAS\", value:\"2019-1344\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"Amazon Linux 2 : php (ALAS-2019-1344)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below\n7.3.11 in certain configurations of FPM setup it is possible to cause\nFPM module to write past allocated buffers into the space reserved for\nFCGI protocol data, thus opening the possibility of remote code\nexecution.(CVE-2019-11043)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2019-1344.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update php' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"php-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-bcmath-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-cli-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-common-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-dba-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-debuginfo-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-devel-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-embedded-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-enchant-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-fpm-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-gd-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-intl-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-ldap-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-mbstring-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-mysqlnd-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-odbc-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-pdo-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-pgsql-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-process-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-pspell-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-recode-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-snmp-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-soap-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-xml-5.4.16-46.amzn2.0.2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"php-xmlrpc-5.4.16-46.amzn2.0.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-10T15:40:48", "description": "The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:3736 advisory.\n\n - php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-29T00:00:00", "type": "nessus", "title": "CentOS 8 : php:7.3 (CESA-2019:3736)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2023-02-08T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:apcu-panel", "p-cpe:/a:centos:centos:libzip", "p-cpe:/a:centos:centos:libzip-devel", "p-cpe:/a:centos:centos:libzip-tools", "p-cpe:/a:centos:centos:php-pear", "p-cpe:/a:centos:centos:php-pecl-apcu", "p-cpe:/a:centos:centos:php-pecl-apcu-devel", "p-cpe:/a:centos:centos:php-pecl-zip"], "id": "CENTOS8_RHSA-2019-3736.NASL", "href": "https://www.tenable.com/plugins/nessus/145689", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2019:3736. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145689);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"RHSA\", value:\"2019:3736\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"CentOS 8 : php:7.3 (CESA-2019:3736)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nCESA-2019:3736 advisory.\n\n - php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3736\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apcu-panel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libzip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libzip-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libzip-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pecl-apcu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pecl-apcu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pecl-zip\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< os_release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/php');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module php:7.3');\nif ('7.3' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module php:' + module_ver);\n\nvar appstreams = {\n 'php:7.3': [\n {'reference':'apcu-panel-5.1.17-1.module_el8.1.0+252+0d4e049c', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apcu-panel-5.1.17-1.module_el8.1.0+252+0d4e049c', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libzip-1.5.2-1.module_el8.1.0+252+0d4e049c', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libzip-1.5.2-1.module_el8.1.0+252+0d4e049c', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libzip-devel-1.5.2-1.module_el8.1.0+252+0d4e049c', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libzip-devel-1.5.2-1.module_el8.1.0+252+0d4e049c', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libzip-tools-1.5.2-1.module_el8.1.0+252+0d4e049c', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libzip-tools-1.5.2-1.module_el8.1.0+252+0d4e049c', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pear-1.10.9-1.module_el8.1.0+252+0d4e049c', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pear-1.10.9-1.module_el8.1.0+252+0d4e049c', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pecl-apcu-5.1.17-1.module_el8.1.0+252+0d4e049c', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pecl-apcu-5.1.17-1.module_el8.1.0+252+0d4e049c', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pecl-apcu-devel-5.1.17-1.module_el8.1.0+252+0d4e049c', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pecl-apcu-devel-5.1.17-1.module_el8.1.0+252+0d4e049c', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pecl-zip-1.15.4-1.module_el8.1.0+252+0d4e049c', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pecl-zip-1.15.4-1.module_el8.1.0+252+0d4e049c', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module php:7.3');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apcu-panel / libzip / libzip-devel / libzip-tools / php-pear / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-10T14:55:19", "description": "An update for php is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nNote that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-22T00:00:00", "type": "nessus", "title": "Virtuozzo 6 : php / php-bcmath / php-cli / php-common / php-dba / etc (VZLSA-2019-3287)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:php", "p-cpe:/a:virtuozzo:virtuozzo:php-bcmath", "p-cpe:/a:virtuozzo:virtuozzo:php-cli", "p-cpe:/a:virtuozzo:virtuozzo:php-common", "p-cpe:/a:virtuozzo:virtuozzo:php-dba", "p-cpe:/a:virtuozzo:virtuozzo:php-devel", "p-cpe:/a:virtuozzo:virtuozzo:php-embedded", "p-cpe:/a:virtuozzo:virtuozzo:php-enchant", "p-cpe:/a:virtuozzo:virtuozzo:php-fpm", "p-cpe:/a:virtuozzo:virtuozzo:php-gd", "p-cpe:/a:virtuozzo:virtuozzo:php-imap", "p-cpe:/a:virtuozzo:virtuozzo:php-intl", "p-cpe:/a:virtuozzo:virtuozzo:php-ldap", "p-cpe:/a:virtuozzo:virtuozzo:php-mbstring", "p-cpe:/a:virtuozzo:virtuozzo:php-mysql", "p-cpe:/a:virtuozzo:virtuozzo:php-odbc", "p-cpe:/a:virtuozzo:virtuozzo:php-pdo", "p-cpe:/a:virtuozzo:virtuozzo:php-pgsql", "p-cpe:/a:virtuozzo:virtuozzo:php-process", "p-cpe:/a:virtuozzo:virtuozzo:php-pspell", "p-cpe:/a:virtuozzo:virtuozzo:php-recode", "p-cpe:/a:virtuozzo:virtuozzo:php-snmp", "p-cpe:/a:virtuozzo:virtuozzo:php-soap", "p-cpe:/a:virtuozzo:virtuozzo:php-tidy", "p-cpe:/a:virtuozzo:virtuozzo:php-xml", "p-cpe:/a:virtuozzo:virtuozzo:php-xmlrpc", "p-cpe:/a:virtuozzo:virtuozzo:php-zts", "cpe:/o:virtuozzo:virtuozzo:6"], "id": "VIRTUOZZO_VZLSA-2019-3287.NASL", "href": "https://www.tenable.com/plugins/nessus/144531", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144531);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"Virtuozzo 6 : php / php-bcmath / php-cli / php-common / php-dba / etc (VZLSA-2019-3287)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for php is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.\");\n # http://repo.virtuozzo.com/vzlinux/announcements/json/VZLSA-2019-3287.json\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9be91a71\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3287\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected php / php-bcmath / php-cli / php-common / php-dba / etc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-zts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 6.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"php-5.3.3-50.vl6\",\n \"php-bcmath-5.3.3-50.vl6\",\n \"php-cli-5.3.3-50.vl6\",\n \"php-common-5.3.3-50.vl6\",\n \"php-dba-5.3.3-50.vl6\",\n \"php-devel-5.3.3-50.vl6\",\n \"php-embedded-5.3.3-50.vl6\",\n \"php-enchant-5.3.3-50.vl6\",\n \"php-fpm-5.3.3-50.vl6\",\n \"php-gd-5.3.3-50.vl6\",\n \"php-imap-5.3.3-50.vl6\",\n \"php-intl-5.3.3-50.vl6\",\n \"php-ldap-5.3.3-50.vl6\",\n \"php-mbstring-5.3.3-50.vl6\",\n \"php-mysql-5.3.3-50.vl6\",\n \"php-odbc-5.3.3-50.vl6\",\n \"php-pdo-5.3.3-50.vl6\",\n \"php-pgsql-5.3.3-50.vl6\",\n \"php-process-5.3.3-50.vl6\",\n \"php-pspell-5.3.3-50.vl6\",\n \"php-recode-5.3.3-50.vl6\",\n \"php-snmp-5.3.3-50.vl6\",\n \"php-soap-5.3.3-50.vl6\",\n \"php-tidy-5.3.3-50.vl6\",\n \"php-xml-5.3.3-50.vl6\",\n \"php-xmlrpc-5.3.3-50.vl6\",\n \"php-zts-5.3.3-50.vl6\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-6\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:32:43", "description": "An update for the php:7.2 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "RHEL 8 : php:7.2 (RHSA-2019:3735)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apcu-panel", "p-cpe:/a:redhat:enterprise_linux:libzip", "p-cpe:/a:redhat:enterprise_linux:libzip-debugsource", "p-cpe:/a:redhat:enterprise_linux:libzip-devel", "p-cpe:/a:redhat:enterprise_linux:libzip-tools", "p-cpe:/a:redhat:enterprise_linux:php", "p-cpe:/a:redhat:enterprise_linux:php-bcmath", "p-cpe:/a:redhat:enterprise_linux:php-cli", "p-cpe:/a:redhat:enterprise_linux:php-common", "p-cpe:/a:redhat:enterprise_linux:php-dba", "p-cpe:/a:redhat:enterprise_linux:php-dbg", "p-cpe:/a:redhat:enterprise_linux:php-debugsource", "p-cpe:/a:redhat:enterprise_linux:php-devel", "p-cpe:/a:redhat:enterprise_linux:php-embedded", "p-cpe:/a:redhat:enterprise_linux:php-enchant", "p-cpe:/a:redhat:enterprise_linux:php-fpm", "p-cpe:/a:redhat:enterprise_linux:php-gd", "p-cpe:/a:redhat:enterprise_linux:php-gmp", "p-cpe:/a:redhat:enterprise_linux:php-intl", "p-cpe:/a:redhat:enterprise_linux:php-json", "p-cpe:/a:redhat:enterprise_linux:php-ldap", "p-cpe:/a:redhat:enterprise_linux:php-mbstring", "p-cpe:/a:redhat:enterprise_linux:php-mysqlnd", "p-cpe:/a:redhat:enterprise_linux:php-odbc", "p-cpe:/a:redhat:enterprise_linux:php-opcache", "p-cpe:/a:redhat:enterprise_linux:php-pdo", "p-cpe:/a:redhat:enterprise_linux:php-pear", "p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu", "p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu-debugsource", "p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu-devel", "p-cpe:/a:redhat:enterprise_linux:php-pecl-zip", "p-cpe:/a:redhat:enterprise_linux:php-pecl-zip-debugsource", "p-cpe:/a:redhat:enterprise_linux:php-pgsql", "p-cpe:/a:redhat:enterprise_linux:php-process", "p-cpe:/a:redhat:enterprise_linux:php-recode", "p-cpe:/a:redhat:enterprise_linux:php-snmp", "p-cpe:/a:redhat:enterprise_linux:php-soap", "p-cpe:/a:redhat:enterprise_linux:php-xml", "p-cpe:/a:redhat:enterprise_linux:php-xmlrpc", "cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:enterprise_linux:8.1"], "id": "REDHAT-RHSA-2019-3735.NASL", "href": "https://www.tenable.com/plugins/nessus/130738", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:3735. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130738);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"RHSA\", value:\"2019:3735\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"RHEL 8 : php:7.2 (RHSA-2019:3735)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for the php:7.2 module is now available for Red Hat\nEnterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-11043\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apcu-panel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libzip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libzip-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libzip-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libzip-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pecl-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pecl-zip-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/php');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module php:7.2');\nif ('7.2' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module php:' + module_ver);\n\nappstreams = {\n 'php:7.2': [\n {'reference':'apcu-panel-5.1.12-2.module+el8.1.0+3202+af5476b9', 'release':'8'},\n {'reference':'libzip-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'aarch64', 'release':'8'},\n {'reference':'libzip-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'s390x', 'release':'8'},\n {'reference':'libzip-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'x86_64', 'release':'8'},\n {'reference':'libzip-debugsource-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'aarch64', 'release':'8'},\n {'reference':'libzip-debugsource-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'s390x', 'release':'8'},\n {'reference':'libzip-debugsource-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'x86_64', 'release':'8'},\n {'reference':'libzip-devel-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'aarch64', 'release':'8'},\n {'reference':'libzip-devel-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'s390x', 'release':'8'},\n {'reference':'libzip-devel-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'x86_64', 'release':'8'},\n {'reference':'libzip-tools-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'aarch64', 'release':'8'},\n {'reference':'libzip-tools-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'s390x', 'release':'8'},\n {'reference':'libzip-tools-1.5.1-2.module+el8.1.0+3202+af5476b9', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-bcmath-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-bcmath-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-bcmath-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-cli-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-cli-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-cli-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-common-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-common-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-common-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-dba-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-dba-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-dba-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-dbg-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-dbg-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-dbg-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-debugsource-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-debugsource-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-debugsource-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-devel-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-devel-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-devel-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-embedded-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-embedded-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-embedded-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-enchant-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-enchant-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-enchant-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-fpm-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-fpm-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-fpm-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-gd-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-gd-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-gd-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-gmp-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-gmp-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-gmp-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-intl-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-intl-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-intl-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-json-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-json-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-json-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-ldap-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-ldap-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-ldap-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-mbstring-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-mbstring-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-mbstring-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-mysqlnd-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-mysqlnd-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-mysqlnd-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-odbc-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-odbc-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-odbc-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-opcache-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-opcache-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-opcache-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-pdo-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-pdo-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-pdo-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-pear-1.10.5-9.module+el8.1.0+3202+af5476b9', 'release':'8', 'epoch':'1'},\n {'reference':'php-pecl-apcu-5.1.12-2.module+el8.1.0+3202+af5476b9', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-pecl-apcu-5.1.12-2.module+el8.1.0+3202+af5476b9', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-pecl-apcu-5.1.12-2.module+el8.1.0+3202+af5476b9', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-pecl-apcu-debugsource-5.1.12-2.module+el8.1.0+3202+af5476b9', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-pecl-apcu-debugsource-5.1.12-2.module+el8.1.0+3202+af5476b9', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-pecl-apcu-debugsource-5.1.12-2.module+el8.1.0+3202+af5476b9', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-pecl-apcu-devel-5.1.12-2.module+el8.1.0+3202+af5476b9', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-pecl-apcu-devel-5.1.12-2.module+el8.1.0+3202+af5476b9', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-pecl-apcu-devel-5.1.12-2.module+el8.1.0+3202+af5476b9', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-pecl-zip-1.15.3-1.module+el8.1.0+3186+20164e6f', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-pecl-zip-1.15.3-1.module+el8.1.0+3186+20164e6f', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-pecl-zip-1.15.3-1.module+el8.1.0+3186+20164e6f', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-pecl-zip-debugsource-1.15.3-1.module+el8.1.0+3186+20164e6f', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-pecl-zip-debugsource-1.15.3-1.module+el8.1.0+3186+20164e6f', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-pecl-zip-debugsource-1.15.3-1.module+el8.1.0+3186+20164e6f', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-pgsql-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-pgsql-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-pgsql-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-process-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-process-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-process-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-recode-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-recode-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-recode-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-snmp-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-snmp-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-snmp-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-soap-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-soap-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-soap-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-xml-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-xml-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-xml-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-xmlrpc-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-xmlrpc-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-xmlrpc-7.2.11-4.module+el8.1.0+4555+f5cb8e18', 'cpu':'x86_64', 'release':'8'}\n ],\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module php:7.2');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apcu-panel / libzip / libzip-debugsource / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:28:07", "description": "According to its banner, the version of PHP running on the remote web server is prior to 7.1.33, 7.2.x prior to 7.2.24, or 7.3.x prior to 7.3.11. It is, therefore, affected by a remote code execution vulnerability due to insufficient validation of user input. An unauthenticated, remote attacker can exploit this, by sending a specially crafted request, to cause the execution of arbitrary code by breaking the fastcgi_split_path_info directive.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-30T00:00:00", "type": "nessus", "title": "PHP 7.3.x < 7.3.11 Remote Code Execution Vulnerability", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-10-26T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98766", "href": "https://www.tenable.com/plugins/was/98766", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-17T23:48:09", "description": "According to its banner, the version of PHP running on the remote web server is prior to 7.1.33, 7.2.x prior to 7.2.24, or 7.3.x prior to 7.3.11. It is, therefore, affected by a remote code execution vulnerability due to insufficient validation of user input. An unauthenticated, remote attacker can exploit this, by sending a specially crafted request, to cause the execution of arbitrary code by breaking the fastcgi_split_path_info directive.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "PHP < 7.1.33 / 7.2.x < 7.2.24 / 7.3.x < 7.3.11 Remote Code Execution", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2019-11-12T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "701235.PRM", "href": "https://www.tenable.com/plugins/nnm/701235", "sourceData": "Binary data 701235.prm", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-09T15:06:08", "description": "The version of PHP installed on the remote web server is affected by a remote code execution vulnerability in env_path_info in fpm_main.c due to insufficient validation of user input. An unauthenticated, remote attacker can exploit this, via a specially crafted request to execute arbitrary code.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-05-21T00:00:00", "type": "nessus", "title": "PHP Remote Code Execution Vulnerability (CVE-2019-11043).", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2023-03-08T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_RCE_CVE_2019_11043.NBIN", "href": "https://www.tenable.com/plugins/nessus/136744", "sourceData": "Binary data php_rce_cve_2019_11043.nbin", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:31:03", "description": "An update for php is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-01T00:00:00", "type": "nessus", "title": "RHEL 7 : php (RHSA-2019:3286)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:php", "p-cpe:/a:redhat:enterprise_linux:php-bcmath", "p-cpe:/a:redhat:enterprise_linux:php-cli", "p-cpe:/a:redhat:enterprise_linux:php-common", "p-cpe:/a:redhat:enterprise_linux:php-dba", "p-cpe:/a:redhat:enterprise_linux:php-debuginfo", "p-cpe:/a:redhat:enterprise_linux:php-devel", "p-cpe:/a:redhat:enterprise_linux:php-embedded", "p-cpe:/a:redhat:enterprise_linux:php-enchant", "p-cpe:/a:redhat:enterprise_linux:php-fpm", "p-cpe:/a:redhat:enterprise_linux:php-gd", "p-cpe:/a:redhat:enterprise_linux:php-intl", "p-cpe:/a:redhat:enterprise_linux:php-ldap", "p-cpe:/a:redhat:enterprise_linux:php-mbstring", "p-cpe:/a:redhat:enterprise_linux:php-mysql", "p-cpe:/a:redhat:enterprise_linux:php-mysqlnd", "p-cpe:/a:redhat:enterprise_linux:php-odbc", "p-cpe:/a:redhat:enterprise_linux:php-pdo", "p-cpe:/a:redhat:enterprise_linux:php-pgsql", "p-cpe:/a:redhat:enterprise_linux:php-process", "p-cpe:/a:redhat:enterprise_linux:php-pspell", "p-cpe:/a:redhat:enterprise_linux:php-recode", "p-cpe:/a:redhat:enterprise_linux:php-snmp", "p-cpe:/a:redhat:enterprise_linux:php-soap", "p-cpe:/a:redhat:enterprise_linux:php-xml", "p-cpe:/a:redhat:enterprise_linux:php-xmlrpc", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2019-3286.NASL", "href": "https://www.tenable.com/plugins/nessus/130445", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3286. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130445);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"RHSA\", value:\"2019:3286\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"RHEL 7 : php (RHSA-2019:3286)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for php is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3286\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-11043\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3286\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-bcmath-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-bcmath-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-cli-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-cli-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-common-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-common-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-dba-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-dba-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-debuginfo-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-debuginfo-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-devel-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-devel-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-embedded-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-embedded-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-enchant-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-enchant-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-fpm-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-fpm-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-gd-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-gd-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-intl-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-intl-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-ldap-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-ldap-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-mbstring-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-mbstring-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-mysql-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-mysql-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-mysqlnd-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-mysqlnd-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-odbc-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-odbc-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-pdo-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-pdo-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-pgsql-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-pgsql-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-process-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-process-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-pspell-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-pspell-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-recode-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-recode-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-snmp-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-snmp-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-soap-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-soap-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-xml-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-xml-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-xmlrpc-5.4.16-46.1.el7_7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.4.16-46.1.el7_7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:33:37", "description": "The PHP project reports :\n\nThe PHP development team announces the immediate availability of PHP 7.3.11. This is a security release which also contains several bug fixes.\n\nThe PHP development team announces the immediate availability of PHP 7.2.24. This is a security release which also contains several bug fixes.\n\nThe PHP development team announces the immediate availability of PHP 7.1.33. This is a security release which also contains several bug fixes.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-07T00:00:00", "type": "nessus", "title": "FreeBSD : php -- env_path_info underflow in fpm_main.c can lead to RCE (6a7c2ab0-00dd-11ea-83ce-705a0f828759)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:php71", "p-cpe:/a:freebsd:freebsd:php72", "p-cpe:/a:freebsd:freebsd:php73", "p-cpe:/a:freebsd:freebsd:php74", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_6A7C2AB000DD11EA83CE705A0F828759.NASL", "href": "https://www.tenable.com/plugins/nessus/130617", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2022 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130617);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"FreeBSD : php -- env_path_info underflow in fpm_main.c can lead to RCE (6a7c2ab0-00dd-11ea-83ce-705a0f828759)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The PHP project reports :\n\nThe PHP development team announces the immediate availability of PHP\n7.3.11. This is a security release which also contains several bug\nfixes.\n\nThe PHP development team announces the immediate availability of PHP\n7.2.24. This is a security release which also contains several bug\nfixes.\n\nThe PHP development team announces the immediate availability of PHP\n7.1.33. This is a security release which also contains several bug\nfixes.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.php.net/archive/2019.php#2019-10-24-1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.php.net/archive/2019.php#2019-10-24-2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.php.net/archive/2019.php#2019-10-24-3\"\n );\n # https://vuxml.freebsd.org/freebsd/6a7c2ab0-00dd-11ea-83ce-705a0f828759.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9836f8cc\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php71\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php72\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php73\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php74\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"php71<7.1.33\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php72<7.2.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php73<7.3.11\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php74<7.4.0.rc5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:33:11", "description": "This update for php7 fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-06T00:00:00", "type": "nessus", "title": "openSUSE Security Update : php7 (openSUSE-2019-2441)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_php7", "p-cpe:/a:novell:opensuse:apache2-mod_php7-debuginfo", "p-cpe:/a:novell:opensuse:php7", "p-cpe:/a:novell:opensuse:php7-bcmath", "p-cpe:/a:novell:opensuse:php7-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php7-bz2", "p-cpe:/a:novell:opensuse:php7-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php7-calendar", "p-cpe:/a:novell:opensuse:php7-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php7-ctype", "p-cpe:/a:novell:opensuse:php7-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php7-curl", "p-cpe:/a:novell:opensuse:php7-curl-debuginfo", "p-cpe:/a:novell:opensuse:php7-dba", "p-cpe:/a:novell:opensuse:php7-dba-debuginfo", "p-cpe:/a:novell:opensuse:php7-debuginfo", "p-cpe:/a:novell:opensuse:php7-debugsource", "p-cpe:/a:novell:opensuse:php7-devel", "p-cpe:/a:novell:opensuse:php7-dom", "p-cpe:/a:novell:opensuse:php7-dom-debuginfo", "p-cpe:/a:novell:opensuse:php7-embed", "p-cpe:/a:novell:opensuse:php7-embed-debuginfo", "p-cpe:/a:novell:opensuse:php7-enchant", "p-cpe:/a:novell:opensuse:php7-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php7-exif", "p-cpe:/a:novell:opensuse:php7-exif-debuginfo", "p-cpe:/a:novell:opensuse:php7-fastcgi", "p-cpe:/a:novell:opensuse:php7-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php7-fileinfo", "p-cpe:/a:novell:opensuse:php7-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php7-firebird", "p-cpe:/a:novell:opensuse:php7-firebird-debuginfo", "p-cpe:/a:novell:opensuse:php7-fpm", "p-cpe:/a:novell:opensuse:php7-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php7-ftp", "p-cpe:/a:novell:opensuse:php7-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php7-gd", "p-cpe:/a:novell:opensuse:php7-gd-debuginfo", "p-cpe:/a:novell:opensuse:php7-gettext", "p-cpe:/a:novell:opensuse:php7-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php7-gmp", "p-cpe:/a:novell:opensuse:php7-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php7-iconv", "p-cpe:/a:novell:opensuse:php7-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php7-intl", "p-cpe:/a:novell:opensuse:php7-intl-debuginfo", "p-cpe:/a:novell:opensuse:php7-json", "p-cpe:/a:novell:opensuse:php7-json-debuginfo", "p-cpe:/a:novell:opensuse:php7-ldap", "p-cpe:/a:novell:opensuse:php7-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php7-mbstring", "p-cpe:/a:novell:opensuse:php7-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php7-mysql", "p-cpe:/a:novell:opensuse:php7-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php7-odbc", "p-cpe:/a:novell:opensuse:php7-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php7-opcache", "p-cpe:/a:novell:opensuse:php7-opcache-debuginfo", "p-cpe:/a:novell:opensuse:php7-openssl", "p-cpe:/a:novell:opensuse:php7-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php7-pcntl", "p-cpe:/a:novell:opensuse:php7-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php7-pdo", "p-cpe:/a:novell:opensuse:php7-pdo-debuginfo", "p-cpe:/a:novell:opensuse:php7-pear", "p-cpe:/a:novell:opensuse:php7-pear-Archive_Tar", "p-cpe:/a:novell:opensuse:php7-pgsql", "p-cpe:/a:novell:opensuse:php7-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php7-phar", "p-cpe:/a:novell:opensuse:php7-phar-debuginfo", "p-cpe:/a:novell:opensuse:php7-posix", "p-cpe:/a:novell:opensuse:php7-posix-debuginfo", "p-cpe:/a:novell:opensuse:php7-readline", "p-cpe:/a:novell:opensuse:php7-readline-debuginfo", "p-cpe:/a:novell:opensuse:php7-shmop", "p-cpe:/a:novell:opensuse:php7-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php7-snmp", "p-cpe:/a:novell:opensuse:php7-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php7-soap", "p-cpe:/a:novell:opensuse:php7-soap-debuginfo", "p-cpe:/a:novell:opensuse:php7-sockets", "p-cpe:/a:novell:opensuse:php7-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php7-sodium", "p-cpe:/a:novell:opensuse:php7-sodium-debuginfo", "p-cpe:/a:novell:opensuse:php7-sqlite", "p-cpe:/a:novell:opensuse:php7-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php7-sysvmsg", "p-cpe:/a:novell:opensuse:php7-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php7-sysvsem", "p-cpe:/a:novell:opensuse:php7-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php7-sysvshm", "p-cpe:/a:novell:opensuse:php7-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php7-test", "p-cpe:/a:novell:opensuse:php7-tidy", "p-cpe:/a:novell:opensuse:php7-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php7-tokenizer", "p-cpe:/a:novell:opensuse:php7-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php7-wddx", "p-cpe:/a:novell:opensuse:php7-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php7-xmlreader", "p-cpe:/a:novell:opensuse:php7-xmlreader-debuginfo", "p-cpe:/a:novell:opensuse:php7-xmlrpc", "p-cpe:/a:novell:opensuse:php7-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php7-xmlwriter", "p-cpe:/a:novell:opensuse:php7-xmlwriter-debuginfo", "p-cpe:/a:novell:opensuse:php7-xsl", "p-cpe:/a:novell:opensuse:php7-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php7-zip", "p-cpe:/a:novell:opensuse:php7-zip-debuginfo", "p-cpe:/a:novell:opensuse:php7-zlib", "p-cpe:/a:novell:opensuse:php7-zlib-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2441.NASL", "href": "https://www.tenable.com/plugins/nessus/130580", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2441.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130580);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"openSUSE Security Update : php7 (openSUSE-2019-2441)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for php7 fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2019-11043: Fixed possible remote code execution via\n env_path_info underflow in fpm_main.c (bsc#1154999).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154999\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected php7 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-embed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-embed-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-firebird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-opcache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-pear-Archive_Tar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sodium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sodium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"apache2-mod_php7-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"apache2-mod_php7-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-bcmath-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-bcmath-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-bz2-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-bz2-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-calendar-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-calendar-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-ctype-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-ctype-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-curl-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-curl-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-dba-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-dba-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-debugsource-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-devel-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-dom-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-dom-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-embed-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-embed-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-enchant-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-enchant-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-exif-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-exif-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-fastcgi-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-fastcgi-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-fileinfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-fileinfo-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-firebird-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-firebird-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-fpm-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-fpm-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-ftp-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-ftp-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-gd-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-gd-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-gettext-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-gettext-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-gmp-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-gmp-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-iconv-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-iconv-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-intl-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-intl-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-json-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-json-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-ldap-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-ldap-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-mbstring-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-mbstring-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-mysql-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-mysql-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-odbc-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-odbc-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-opcache-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-opcache-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-openssl-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-openssl-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-pcntl-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-pcntl-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-pdo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-pdo-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-pear-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-pear-Archive_Tar-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-pgsql-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-pgsql-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-phar-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-phar-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-posix-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-posix-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-readline-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-readline-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-shmop-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-shmop-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-snmp-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-snmp-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-soap-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-soap-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-sockets-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-sockets-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-sodium-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-sodium-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-sqlite-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-sqlite-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-sysvmsg-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-sysvmsg-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-sysvsem-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-sysvsem-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-sysvshm-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-sysvshm-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-test-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-tidy-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-tidy-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-tokenizer-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-tokenizer-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-wddx-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-wddx-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-xmlreader-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-xmlreader-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-xmlrpc-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-xmlrpc-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-xmlwriter-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-xmlwriter-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-xsl-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-xsl-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-zip-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-zip-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-zlib-7.2.5-lp151.6.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"php7-zlib-debuginfo-7.2.5-lp151.6.13.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php7 / apache2-mod_php7-debuginfo / php7 / php7-bcmath / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:33:39", "description": "From Red Hat Security Advisory 2019:3736 :\n\nAn update for the php:7.3 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-25T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : php:7.3 (ELSA-2019-3736)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:php", "p-cpe:/a:oracle:linux:php-bcmath", "p-cpe:/a:oracle:linux:php-cli", "p-cpe:/a:oracle:linux:php-common", "p-cpe:/a:oracle:linux:php-dba", "p-cpe:/a:oracle:linux:php-dbg", "p-cpe:/a:oracle:linux:php-devel", "p-cpe:/a:oracle:linux:php-embedded", "p-cpe:/a:oracle:linux:php-enchant", "p-cpe:/a:oracle:linux:php-fpm", "p-cpe:/a:oracle:linux:php-gd", "p-cpe:/a:oracle:linux:php-gmp", "p-cpe:/a:oracle:linux:php-intl", "p-cpe:/a:oracle:linux:php-json", "p-cpe:/a:oracle:linux:php-ldap", "p-cpe:/a:oracle:linux:php-mbstring", "p-cpe:/a:oracle:linux:php-mysqlnd", "p-cpe:/a:oracle:linux:php-odbc", "p-cpe:/a:oracle:linux:php-opcache", "p-cpe:/a:oracle:linux:php-pdo", "p-cpe:/a:oracle:linux:php-pgsql", "p-cpe:/a:oracle:linux:php-process", "p-cpe:/a:oracle:linux:php-recode", "p-cpe:/a:oracle:linux:php-snmp", "p-cpe:/a:oracle:linux:php-soap", "p-cpe:/a:oracle:linux:php-xml", "p-cpe:/a:oracle:linux:php-xmlrpc", "cpe:/o:oracle:linux:8"], "id": "ORACLELINUX_ELSA-2019-3736.NASL", "href": "https://www.tenable.com/plugins/nessus/131271", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:3736 and \n# Oracle Linux Security Advisory ELSA-2019-3736 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131271);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"RHSA\", value:\"2019:3736\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"Oracle Linux 8 : php:7.3 (ELSA-2019-3736)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"From Red Hat Security Advisory 2019:3736 :\n\nAn update for the php:7.3 module is now available for Red Hat\nEnterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2019-November/009384.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected php:7.3 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 8\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL8\", rpm:\"php-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-bcmath-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-bcmath-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-cli-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-cli-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-common-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-common-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-dba-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-dba-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-dbg-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-dbg-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-devel-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-devel-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-embedded-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-embedded-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-enchant-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-enchant-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-fpm-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-fpm-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-gd-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-gd-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-gmp-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-gmp-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-intl-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-intl-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-json-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-json-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-ldap-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-ldap-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-mbstring-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-mbstring-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-mysqlnd-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-mysqlnd-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-odbc-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-odbc-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-opcache-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-opcache-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-pdo-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-pdo-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-pgsql-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-pgsql-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-process-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-process-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-recode-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-recode-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-snmp-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-snmp-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-soap-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-soap-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-xml-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-xml-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"php-xmlrpc-7.3\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-xmlrpc-7.3.5-5.module+el8.1.0+5441+020cccf5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-dbg / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:33:11", "description": "From Red Hat Security Advisory 2019:3735 :\n\nAn update for the php:7.2 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-25T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : php:7.2 (ELSA-2019-3735)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:apcu-panel", "p-cpe:/a:oracle:linux:libzip", "p-cpe:/a:oracle:linux:libzip-devel", "p-cpe:/a:oracle:linux:libzip-tools", "p-cpe:/a:oracle:linux:php", "p-cpe:/a:oracle:linux:php-bcmath", "p-cpe:/a:oracle:linux:php-cli", "p-cpe:/a:oracle:linux:php-common", "p-cpe:/a:oracle:linux:php-dba", "p-cpe:/a:oracle:linux:php-dbg", "p-cpe:/a:oracle:linux:php-devel", "p-cpe:/a:oracle:linux:php-embedded", "p-cpe:/a:oracle:linux:php-enchant", "p-cpe:/a:oracle:linux:php-fpm", "p-cpe:/a:oracle:linux:php-gd", "p-cpe:/a:oracle:linux:php-gmp", "p-cpe:/a:oracle:linux:php-intl", "p-cpe:/a:oracle:linux:php-json", "p-cpe:/a:oracle:linux:php-ldap", "p-cpe:/a:oracle:linux:php-mbstring", "p-cpe:/a:oracle:linux:php-mysqlnd", "p-cpe:/a:oracle:linux:php-odbc", "p-cpe:/a:oracle:linux:php-opcache", "p-cpe:/a:oracle:linux:php-pdo", "p-cpe:/a:oracle:linux:php-pear", "p-cpe:/a:oracle:linux:php-pecl-apcu", "p-cpe:/a:oracle:linux:php-pecl-apcu-devel", "p-cpe:/a:oracle:linux:php-pecl-zip", "p-cpe:/a:oracle:linux:php-pgsql", "p-cpe:/a:oracle:linux:php-process", "p-cpe:/a:oracle:linux:php-recode", "p-cpe:/a:oracle:linux:php-snmp", "p-cpe:/a:oracle:linux:php-soap", "p-cpe:/a:oracle:linux:php-xml", "p-cpe:/a:oracle:linux:php-xmlrpc", "cpe:/o:oracle:linux:8"], "id": "ORACLELINUX_ELSA-2019-3735.NASL", "href": "https://www.tenable.com/plugins/nessus/131270", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:3735 and \n# Oracle Linux Security Advisory ELSA-2019-3735 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131270);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"RHSA\", value:\"2019:3735\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"Oracle Linux 8 : php:7.2 (ELSA-2019-3735)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"From Red Hat Security Advisory 2019:3735 :\n\nAn update for the php:7.2 module is now available for Red Hat\nEnterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2019-November/009383.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected php:7.2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apcu-panel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libzip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libzip-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libzip-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pecl-apcu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pecl-apcu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pecl-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 8\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"apcu-panel-5.1.12-2.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"libzip-1.5.1-2.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"libzip-devel-1.5.1-2.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"libzip-tools-1.5.1-2.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-bcmath-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-cli-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-common-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-dba-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-dbg-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-devel-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-embedded-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-enchant-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-fpm-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-gd-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-gmp-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-intl-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-json-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-ldap-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-mbstring-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-mysqlnd-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-odbc-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-opcache-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-pdo-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-pear-1.10.5-9.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-pecl-apcu-5.1.12-2.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-pecl-apcu-devel-5.1.12-2.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-pecl-zip-1.15.3-1.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-pgsql-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-process-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-recode-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-snmp-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-soap-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-xml-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"php-xmlrpc-7.2.11-4.module+el8.1.0+5443+bc1aeb77\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apcu-panel / libzip / libzip-devel / libzip-tools / php / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:30:00", "description": "Emil Lerner, beched and d90pwn found a buffer underflow in php5-fpm, a Fast Process Manager for the PHP language, which can lead to remote code execution.\n\nInstances are vulnerable depending on the web server configuration, in particular PATH_INFO handling. For a full list of preconditions, check: https://github.com/neex/phuip-fpizdam\n\nFor Debian 8 'Jessie', this problem has been fixed in version 5.6.40+dfsg-0+deb8u7.\n\nWe recommend that you upgrade your php5 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-28T00:00:00", "type": "nessus", "title": "Debian DLA-1970-1 : php5 security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libapache2-mod-php5", "p-cpe:/a:debian:debian_linux:libapache2-mod-php5filter", "p-cpe:/a:debian:debian_linux:libphp5-embed", "p-cpe:/a:debian:debian_linux:php-pear", "p-cpe:/a:debian:debian_linux:php5", "p-cpe:/a:debian:debian_linux:php5-cgi", "p-cpe:/a:debian:debian_linux:php5-cli", "p-cpe:/a:debian:debian_linux:php5-common", "p-cpe:/a:debian:debian_linux:php5-curl", "p-cpe:/a:debian:debian_linux:php5-dbg", "p-cpe:/a:debian:debian_linux:php5-dev", "p-cpe:/a:debian:debian_linux:php5-enchant", "p-cpe:/a:debian:debian_linux:php5-fpm", "p-cpe:/a:debian:debian_linux:php5-gd", "p-cpe:/a:debian:debian_linux:php5-gmp", "p-cpe:/a:debian:debian_linux:php5-imap", "p-cpe:/a:debian:debian_linux:php5-interbase", "p-cpe:/a:debian:debian_linux:php5-intl", "p-cpe:/a:debian:debian_linux:php5-ldap", "p-cpe:/a:debian:debian_linux:php5-mcrypt", "p-cpe:/a:debian:debian_linux:php5-mysql", "p-cpe:/a:debian:debian_linux:php5-mysqlnd", "p-cpe:/a:debian:debian_linux:php5-odbc", "p-cpe:/a:debian:debian_linux:php5-pgsql", "p-cpe:/a:debian:debian_linux:php5-phpdbg", "p-cpe:/a:debian:debian_linux:php5-pspell", "p-cpe:/a:debian:debian_linux:php5-readline", "p-cpe:/a:debian:debian_linux:php5-recode", "p-cpe:/a:debian:debian_linux:php5-snmp", "p-cpe:/a:debian:debian_linux:php5-sqlite", "p-cpe:/a:debian:debian_linux:php5-sybase", "p-cpe:/a:debian:debian_linux:php5-tidy", "p-cpe:/a:debian:debian_linux:php5-xmlrpc", "p-cpe:/a:debian:debian_linux:php5-xsl", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1970.NASL", "href": "https://www.tenable.com/plugins/nessus/130283", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1970-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130283);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"IAVA\", value:\"2019-A-0399-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"Debian DLA-1970-1 : php5 security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Emil Lerner, beched and d90pwn found a buffer underflow in php5-fpm, a\nFast Process Manager for the PHP language, which can lead to remote\ncode execution.\n\nInstances are vulnerable depending on the web server configuration, in\nparticular PATH_INFO handling. For a full list of preconditions,\ncheck: https://github.com/neex/phuip-fpizdam\n\nFor Debian 8 'Jessie', this problem has been fixed in version\n5.6.40+dfsg-0+deb8u7.\n\nWe recommend that you upgrade your php5 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/neex/phuip-fpizdam\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.debian.org/debian-lts-announce/2019/10/msg00033.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/jessie/php5\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache2-mod-php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache2-mod-php5filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libphp5-embed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-interbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-phpdbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-sybase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libapache2-mod-php5\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libphp5-embed\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php-pear\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-cgi\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-cli\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-common\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-curl\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-dbg\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-dev\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-enchant\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-fpm\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-gd\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-gmp\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-imap\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-interbase\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-intl\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-ldap\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-mcrypt\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-mysql\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-mysqlnd\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-odbc\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-pgsql\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-phpdbg\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-pspell\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-readline\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-recode\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-snmp\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-sqlite\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-sybase\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-tidy\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-xmlrpc\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"php5-xsl\", reference:\"5.6.40+dfsg-0+deb8u7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:29:07", "description": "**PHP version 7.3.11** (24 Oct 2019)\n\n**Core:**\n\n - Fixed bug php#78535 (auto_detect_line_endings value not parsed as bool). (bugreportuser)\n\n - Fixed bug php#78620 (Out of memory error). (cmb, Nikita)\n\n**Exif :**\n\n - Fixed bug php#78442 ('Illegal component' on exif_read_data since PHP7) (Kalle)\n\n**FPM:**\n\n - Fixed bug php#78599 (env_path_info underflow in fpm_main.c can lead to RCE). (**CVE-2019-11043**) (Jakub Zelenka)\n\n - Fixed bug php#78413 (request_terminate_timeout does not take effect after fastcgi_finish_request). (Sergei Turchanov)\n\n**MBString:**\n\n - Fixed bug php#78579 (mb_decode_numericentity: args number inconsistency). (cmb)\n\n - Fixed bug php#78609 (mb_check_encoding() no longer supports stringable objects). (cmb)\n\n**MySQLi:**\n\n - Fixed bug php#76809 (SSL settings aren't respected when persistent connections are used). (fabiomsouto)\n\n**Mysqlnd:**\n\n - Fixed bug php#78525 (Memory leak in pdo when reusing native prepared statements). (Nikita)\n\n**PCRE:**\n\n - Fixed bug php#78272 (calling preg_match() before pcntl_fork() will freeze child process). (Nikita)\n\n**PDO_MySQL:**\n\n - Fixed bug php#78623 (Regression caused by 'SP call yields additional empty result set'). (cmb)\n\n**Session:**\n\n - Fixed bug php#78624 (session_gc return value for user defined session handlers). (bshaffer)\n\n**Standard:**\n\n - Fixed bug php#76342 (file_get_contents waits twice specified timeout). (Thomas Calvet)\n\n - Fixed bug php#78612 (strtr leaks memory when integer keys are used and the subject string shorter). (Nikita)\n\n - Fixed bug php#76859 (stream_get_line skips data if used with data-generating filter). (kkopachev)\n\n**Zip:**\n\n - Fixed bug php#78641 (addGlob can modify given remove_path value). (cmb)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-31T00:00:00", "type": "nessus", "title": "Fedora 31 : php (2019-4adc49a476)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2019-4ADC49A476.NASL", "href": "https://www.tenable.com/plugins/nessus/130411", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-4adc49a476.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130411);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"FEDORA\", value:\"2019-4adc49a476\");\n script_xref(name:\"IAVA\", value:\"2019-A-0399-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"Fedora 31 : php (2019-4adc49a476)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"**PHP version 7.3.11** (24 Oct 2019)\n\n**Core:**\n\n - Fixed bug php#78535 (auto_detect_line_endings value not\n parsed as bool). (bugreportuser)\n\n - Fixed bug php#78620 (Out of memory error). (cmb, Nikita)\n\n**Exif :**\n\n - Fixed bug php#78442 ('Illegal component' on\n exif_read_data since PHP7) (Kalle)\n\n**FPM:**\n\n - Fixed bug php#78599 (env_path_info underflow in\n fpm_main.c can lead to RCE). (**CVE-2019-11043**) (Jakub\n Zelenka)\n\n - Fixed bug php#78413 (request_terminate_timeout does not\n take effect after fastcgi_finish_request). (Sergei\n Turchanov)\n\n**MBString:**\n\n - Fixed bug php#78579 (mb_decode_numericentity: args\n number inconsistency). (cmb)\n\n - Fixed bug php#78609 (mb_check_encoding() no longer\n supports stringable objects). (cmb)\n\n**MySQLi:**\n\n - Fixed bug php#76809 (SSL settings aren't respected when\n persistent connections are used). (fabiomsouto)\n\n**Mysqlnd:**\n\n - Fixed bug php#78525 (Memory leak in pdo when reusing\n native prepared statements). (Nikita)\n\n**PCRE:**\n\n - Fixed bug php#78272 (calling preg_match() before\n pcntl_fork() will freeze child process). (Nikita)\n\n**PDO_MySQL:**\n\n - Fixed bug php#78623 (Regression caused by 'SP call\n yields additional empty result set'). (cmb)\n\n**Session:**\n\n - Fixed bug php#78624 (session_gc return value for user\n defined session handlers). (bshaffer)\n\n**Standard:**\n\n - Fixed bug php#76342 (file_get_contents waits twice\n specified timeout). (Thomas Calvet)\n\n - Fixed bug php#78612 (strtr leaks memory when integer\n keys are used and the subject string shorter). (Nikita)\n\n - Fixed bug php#76859 (stream_get_line skips data if used\n with data-generating filter). (kkopachev)\n\n**Zip:**\n\n - Fixed bug php#78641 (addGlob can modify given\n remove_path value). (cmb)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-4adc49a476\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"php-7.3.11-1.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:29:31", "description": "From Red Hat Security Advisory 2019:3286 :\n\nAn update for php is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-01T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : php (ELSA-2019-3286)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:php", "p-cpe:/a:oracle:linux:php-bcmath", "p-cpe:/a:oracle:linux:php-cli", "p-cpe:/a:oracle:linux:php-common", "p-cpe:/a:oracle:linux:php-dba", "p-cpe:/a:oracle:linux:php-devel", "p-cpe:/a:oracle:linux:php-embedded", "p-cpe:/a:oracle:linux:php-enchant", "p-cpe:/a:oracle:linux:php-fpm", "p-cpe:/a:oracle:linux:php-gd", "p-cpe:/a:oracle:linux:php-intl", "p-cpe:/a:oracle:linux:php-ldap", "p-cpe:/a:oracle:linux:php-mbstring", "p-cpe:/a:oracle:linux:php-mysql", "p-cpe:/a:oracle:linux:php-mysqlnd", "p-cpe:/a:oracle:linux:php-odbc", "p-cpe:/a:oracle:linux:php-pdo", "p-cpe:/a:oracle:linux:php-pgsql", "p-cpe:/a:oracle:linux:php-process", "p-cpe:/a:oracle:linux:php-pspell", "p-cpe:/a:oracle:linux:php-recode", "p-cpe:/a:oracle:linux:php-snmp", "p-cpe:/a:oracle:linux:php-soap", "p-cpe:/a:oracle:linux:php-xml", "p-cpe:/a:oracle:linux:php-xmlrpc", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2019-3286.NASL", "href": "https://www.tenable.com/plugins/nessus/130442", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:3286 and \n# Oracle Linux Security Advisory ELSA-2019-3286 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130442);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"RHSA\", value:\"2019:3286\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"Oracle Linux 7 : php (ELSA-2019-3286)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"From Red Hat Security Advisory 2019:3286 :\n\nAn update for php is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2019-October/009313.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-bcmath-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-cli-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-common-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-dba-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-devel-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-embedded-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-enchant-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-fpm-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-gd-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-intl-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-ldap-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-mbstring-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-mysql-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-mysqlnd-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-odbc-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-pdo-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-pgsql-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-process-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-pspell-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-recode-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-snmp-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-soap-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-xml-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.4.16-46.1.el7_7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:29:07", "description": "An update for php is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-01T00:00:00", "type": "nessus", "title": "RHEL 6 : php (RHSA-2019:3287)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:php", "p-cpe:/a:redhat:enterprise_linux:php-bcmath", "p-cpe:/a:redhat:enterprise_linux:php-cli", "p-cpe:/a:redhat:enterprise_linux:php-common", "p-cpe:/a:redhat:enterprise_linux:php-dba", "p-cpe:/a:redhat:enterprise_linux:php-debuginfo", "p-cpe:/a:redhat:enterprise_linux:php-devel", "p-cpe:/a:redhat:enterprise_linux:php-embedded", "p-cpe:/a:redhat:enterprise_linux:php-enchant", "p-cpe:/a:redhat:enterprise_linux:php-fpm", "p-cpe:/a:redhat:enterprise_linux:php-gd", "p-cpe:/a:redhat:enterprise_linux:php-imap", "p-cpe:/a:redhat:enterprise_linux:php-intl", "p-cpe:/a:redhat:enterprise_linux:php-ldap", "p-cpe:/a:redhat:enterprise_linux:php-mbstring", "p-cpe:/a:redhat:enterprise_linux:php-mysql", "p-cpe:/a:redhat:enterprise_linux:php-odbc", "p-cpe:/a:redhat:enterprise_linux:php-pdo", "p-cpe:/a:redhat:enterprise_linux:php-pgsql", "p-cpe:/a:redhat:enterprise_linux:php-process", "p-cpe:/a:redhat:enterprise_linux:php-pspell", "p-cpe:/a:redhat:enterprise_linux:php-recode", "p-cpe:/a:redhat:enterprise_linux:php-snmp", "p-cpe:/a:redhat:enterprise_linux:php-soap", "p-cpe:/a:redhat:enterprise_linux:php-tidy", "p-cpe:/a:redhat:enterprise_linux:php-xml", "p-cpe:/a:redhat:enterprise_linux:php-xmlrpc", "p-cpe:/a:redhat:enterprise_linux:php-zts", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2019-3287.NASL", "href": "https://www.tenable.com/plugins/nessus/130446", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3287. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130446);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"RHSA\", value:\"2019:3287\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"RHEL 6 : php (RHSA-2019:3287)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for php is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3287\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-11043\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-zts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3287\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-bcmath-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-bcmath-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-bcmath-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-cli-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-cli-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-cli-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-common-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-common-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-common-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-dba-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-dba-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-dba-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-debuginfo-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-debuginfo-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-debuginfo-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-devel-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-devel-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-devel-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-embedded-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-embedded-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-embedded-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-enchant-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-enchant-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-enchant-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-fpm-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-fpm-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-fpm-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-gd-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-gd-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-gd-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-imap-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-imap-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-imap-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-intl-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-intl-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-intl-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-ldap-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-ldap-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-ldap-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-mbstring-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-mbstring-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-mbstring-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-mysql-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-mysql-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-mysql-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-odbc-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-odbc-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-odbc-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-pdo-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-pdo-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-pdo-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-pgsql-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-pgsql-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-pgsql-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-process-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-process-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-process-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-pspell-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-pspell-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-pspell-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-recode-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-recode-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-recode-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-snmp-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-snmp-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-snmp-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-soap-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-soap-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-soap-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-tidy-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-tidy-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-tidy-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-xml-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-xml-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-xml-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-xmlrpc-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-xmlrpc-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-zts-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-zts-5.3.3-50.el6_10\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-zts-5.3.3-50.el6_10\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:30:33", "description": "This update for php7 fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-31T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : php7 (SUSE-SU-2019:2819-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_php7", "p-cpe:/a:novell:suse_linux:apache2-mod_php7-debuginfo", "p-cpe:/a:novell:suse_linux:php7", "p-cpe:/a:novell:suse_linux:php7-bcmath", "p-cpe:/a:novell:suse_linux:php7-bcmath-debuginfo", "p-cpe:/a:novell:suse_linux:php7-bz2", "p-cpe:/a:novell:suse_linux:php7-bz2-debuginfo", "p-cpe:/a:novell:suse_linux:php7-calendar", "p-cpe:/a:novell:suse_linux:php7-calendar-debuginfo", "p-cpe:/a:novell:suse_linux:php7-ctype", "p-cpe:/a:novell:suse_linux:php7-ctype-debuginfo", "p-cpe:/a:novell:suse_linux:php7-curl", "p-cpe:/a:novell:suse_linux:php7-curl-debuginfo", "p-cpe:/a:novell:suse_linux:php7-dba", "p-cpe:/a:novell:suse_linux:php7-dba-debuginfo", "p-cpe:/a:novell:suse_linux:php7-debuginfo", "p-cpe:/a:novell:suse_linux:php7-debugsource", "p-cpe:/a:novell:suse_linux:php7-devel", "p-cpe:/a:novell:suse_linux:php7-dom", "p-cpe:/a:novell:suse_linux:php7-dom-debuginfo", "p-cpe:/a:novell:suse_linux:php7-embed", "p-cpe:/a:novell:suse_linux:php7-embed-debuginfo", "p-cpe:/a:novell:suse_linux:php7-enchant", "p-cpe:/a:novell:suse_linux:php7-enchant-debuginfo", "p-cpe:/a:novell:suse_linux:php7-exif", "p-cpe:/a:novell:suse_linux:php7-exif-debuginfo", "p-cpe:/a:novell:suse_linux:php7-fastcgi", "p-cpe:/a:novell:suse_linux:php7-fastcgi-debuginfo", "p-cpe:/a:novell:suse_linux:php7-fileinfo", "p-cpe:/a:novell:suse_linux:php7-fileinfo-debuginfo", "p-cpe:/a:novell:suse_linux:php7-fpm", "p-cpe:/a:novell:suse_linux:php7-fpm-debuginfo", "p-cpe:/a:novell:suse_linux:php7-ftp", "p-cpe:/a:novell:suse_linux:php7-ftp-debuginfo", "p-cpe:/a:novell:suse_linux:php7-gd", "p-cpe:/a:novell:suse_linux:php7-gd-debuginfo", "p-cpe:/a:novell:suse_linux:php7-gettext", "p-cpe:/a:novell:suse_linux:php7-gettext-debuginfo", "p-cpe:/a:novell:suse_linux:php7-gmp", "p-cpe:/a:novell:suse_linux:php7-gmp-debuginfo", "p-cpe:/a:novell:suse_linux:php7-iconv", "p-cpe:/a:novell:suse_linux:php7-iconv-debuginfo", "p-cpe:/a:novell:suse_linux:php7-intl", "p-cpe:/a:novell:suse_linux:php7-intl-debuginfo", "p-cpe:/a:novell:suse_linux:php7-json", "p-cpe:/a:novell:suse_linux:php7-json-debuginfo", "p-cpe:/a:novell:suse_linux:php7-ldap", "p-cpe:/a:novell:suse_linux:php7-ldap-debuginfo", "p-cpe:/a:novell:suse_linux:php7-mbstring", "p-cpe:/a:novell:suse_linux:php7-mbstring-debuginfo", "p-cpe:/a:novell:suse_linux:php7-mysql", "p-cpe:/a:novell:suse_linux:php7-mysql-debuginfo", "p-cpe:/a:novell:suse_linux:php7-odbc", "p-cpe:/a:novell:suse_linux:php7-odbc-debuginfo", "p-cpe:/a:novell:suse_linux:php7-opcache", "p-cpe:/a:novell:suse_linux:php7-opcache-debuginfo", "p-cpe:/a:novell:suse_linux:php7-openssl", "p-cpe:/a:novell:suse_linux:php7-openssl-debuginfo", "p-cpe:/a:novell:suse_linux:php7-pcntl", "p-cpe:/a:novell:suse_linux:php7-pcntl-debuginfo", "p-cpe:/a:novell:suse_linux:php7-pdo", "p-cpe:/a:novell:suse_linux:php7-pdo-debuginfo", "p-cpe:/a:novell:suse_linux:php7-pgsql", "p-cpe:/a:novell:suse_linux:php7-pgsql-debuginfo", "p-cpe:/a:novell:suse_linux:php7-phar", "p-cpe:/a:novell:suse_linux:php7-phar-debuginfo", "p-cpe:/a:novell:suse_linux:php7-posix", "p-cpe:/a:novell:suse_linux:php7-posix-debuginfo", "p-cpe:/a:novell:suse_linux:php7-readline", "p-cpe:/a:novell:suse_linux:php7-readline-debuginfo", "p-cpe:/a:novell:suse_linux:php7-shmop", "p-cpe:/a:novell:suse_linux:php7-shmop-debuginfo", "p-cpe:/a:novell:suse_linux:php7-snmp", "p-cpe:/a:novell:suse_linux:php7-snmp-debuginfo", "p-cpe:/a:novell:suse_linux:php7-soap", "p-cpe:/a:novell:suse_linux:php7-soap-debuginfo", "p-cpe:/a:novell:suse_linux:php7-sockets", "p-cpe:/a:novell:suse_linux:php7-sockets-debuginfo", "p-cpe:/a:novell:suse_linux:php7-sodium", "p-cpe:/a:novell:suse_linux:php7-sodium-debuginfo", "p-cpe:/a:novell:suse_linux:php7-sqlite", "p-cpe:/a:novell:suse_linux:php7-sqlite-debuginfo", "p-cpe:/a:novell:suse_linux:php7-sysvmsg", "p-cpe:/a:novell:suse_linux:php7-sysvmsg-debuginfo", "p-cpe:/a:novell:suse_linux:php7-sysvsem", "p-cpe:/a:novell:suse_linux:php7-sysvsem-debuginfo", "p-cpe:/a:novell:suse_linux:php7-sysvshm", "p-cpe:/a:novell:suse_linux:php7-sysvshm-debuginfo", "p-cpe:/a:novell:suse_linux:php7-tidy", "p-cpe:/a:novell:suse_linux:php7-tidy-debuginfo", "p-cpe:/a:novell:suse_linux:php7-tokenizer", "p-cpe:/a:novell:suse_linux:php7-tokenizer-debuginfo", "p-cpe:/a:novell:suse_linux:php7-wddx", "p-cpe:/a:novell:suse_linux:php7-wddx-debuginfo", "p-cpe:/a:novell:suse_linux:php7-xmlreader", "p-cpe:/a:novell:suse_linux:php7-xmlreader-debuginfo", "p-cpe:/a:novell:suse_linux:php7-xmlrpc", "p-cpe:/a:novell:suse_linux:php7-xmlrpc-debuginfo", "p-cpe:/a:novell:suse_linux:php7-xmlwriter", "p-cpe:/a:novell:suse_linux:php7-xmlwriter-debuginfo", "p-cpe:/a:novell:suse_linux:php7-xsl", "p-cpe:/a:novell:suse_linux:php7-xsl-debuginfo", "p-cpe:/a:novell:suse_linux:php7-zip", "p-cpe:/a:novell:suse_linux:php7-zip-debuginfo", "p-cpe:/a:novell:suse_linux:php7-zlib", "p-cpe:/a:novell:suse_linux:php7-zlib-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-2819-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130421", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2819-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130421);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"IAVA\", value:\"2019-A-0399-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : php7 (SUSE-SU-2019:2819-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for php7 fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-11043: Fixed possible remote code execution via env_path_info\nunderflow in fpm_main.c (bsc#1154999).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154999\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-11043/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192819-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8234baae\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Web Scripting 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Web-Scripting-15-SP1-2019-2819=1\n\nSUSE Linux Enterprise Module for Web Scripting 15:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-15-2019-2819=1\n\nSUSE Linux Enterprise Module for Packagehub Subpackages 15:zypper in\n-t patch SUSE-SLE-Module-Packagehub-Subpackages-15-2019-2819=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2819=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-2819=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-embed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-embed-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-opcache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sodium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sodium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"apache2-mod_php7-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"apache2-mod_php7-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-bcmath-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-bcmath-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-bz2-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-bz2-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-calendar-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-calendar-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-ctype-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-ctype-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-curl-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-curl-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-dba-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-dba-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-debugsource-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-devel-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-dom-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-dom-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-embed-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-embed-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-enchant-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-enchant-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-exif-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-exif-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-fastcgi-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-fastcgi-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-fileinfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-fileinfo-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-fpm-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-fpm-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-ftp-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-ftp-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-gd-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-gd-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-gettext-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-gettext-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-gmp-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-gmp-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-iconv-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-iconv-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-intl-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-intl-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-json-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-json-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-ldap-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-ldap-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-mbstring-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-mbstring-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-mysql-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-mysql-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-odbc-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-odbc-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-opcache-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-opcache-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-openssl-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-openssl-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-pcntl-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-pcntl-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-pdo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-pdo-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-pgsql-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-pgsql-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-phar-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-phar-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-posix-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-posix-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-readline-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-readline-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-shmop-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-shmop-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-snmp-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-snmp-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-soap-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-soap-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-sockets-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-sockets-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-sodium-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-sodium-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-sqlite-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-sqlite-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-sysvmsg-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-sysvmsg-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-sysvsem-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-sysvsem-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-sysvshm-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-sysvshm-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-tidy-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-tidy-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-tokenizer-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-tokenizer-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-wddx-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-wddx-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-xmlreader-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-xmlreader-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-xmlrpc-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-xmlrpc-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-xmlwriter-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-xmlwriter-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-xsl-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-xsl-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-zip-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-zip-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-zlib-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"php7-zlib-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"apache2-mod_php7-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"apache2-mod_php7-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-bcmath-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-bcmath-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-bz2-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-bz2-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-calendar-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-calendar-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-ctype-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-ctype-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-curl-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-curl-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-dba-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-dba-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-debugsource-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-devel-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-dom-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-dom-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-embed-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-embed-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-enchant-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-enchant-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-exif-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-exif-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-fastcgi-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-fastcgi-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-fileinfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-fileinfo-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-fpm-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-fpm-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-ftp-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-ftp-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-gd-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-gd-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-gettext-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-gettext-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-gmp-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-gmp-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-iconv-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-iconv-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-intl-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-intl-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-json-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-json-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-ldap-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-ldap-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-mbstring-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-mbstring-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-mysql-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-mysql-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-odbc-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-odbc-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-opcache-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-opcache-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-openssl-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-openssl-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-pcntl-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-pcntl-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-pdo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-pdo-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-pgsql-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-pgsql-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-phar-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-phar-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-posix-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-posix-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-readline-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-readline-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-shmop-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-shmop-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-snmp-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-snmp-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-soap-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-soap-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-sockets-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-sockets-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-sodium-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-sodium-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-sqlite-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-sqlite-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-sysvmsg-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-sysvmsg-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-sysvsem-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-sysvsem-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-sysvshm-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-sysvshm-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-tidy-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-tidy-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-tokenizer-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-tokenizer-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-wddx-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-wddx-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-xmlreader-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-xmlreader-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-xmlrpc-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-xmlrpc-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-xmlwriter-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-xmlwriter-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-xsl-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-xsl-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-zip-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-zip-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-zlib-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"php7-zlib-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"php7-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"php7-debugsource-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"php7-embed-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"php7-embed-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"php7-readline-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"php7-readline-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"php7-sodium-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"php7-sodium-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"php7-tidy-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"php7-tidy-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"php7-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"php7-debugsource-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"php7-embed-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"php7-embed-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"php7-readline-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"php7-readline-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"php7-sodium-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"php7-sodium-debuginfo-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"php7-tidy-7.2.5-4.46.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"php7-tidy-debuginfo-7.2.5-4.46.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php7\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:29:31", "description": "The remote host is affected by the vulnerability described in GLSA-201910-01 (PHP: Arbitrary code execution)\n\n A underflow in env_path_info in PHP-FPM under certain configurations can be exploited to gain remote code execution.\n Impact :\n\n A remote attacker, by sending special crafted HTTP requests, could possibly execute arbitrary code with the privileges of the process, or cause a Denial of Service condition.\n Workaround :\n\n If patching is not feasible, the suggested workaround is to include checks to verify whether or not a file exists before passing to PHP.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-28T00:00:00", "type": "nessus", "title": "GLSA-201910-01 : PHP: Arbitrary code execution", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:php", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201910-01.NASL", "href": "https://www.tenable.com/plugins/nessus/130329", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201910-01.\n#\n# The advisory text is Copyright (C) 2001-2022 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130329);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"GLSA\", value:\"201910-01\");\n script_xref(name:\"IAVA\", value:\"2019-A-0399-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"GLSA-201910-01 : PHP: Arbitrary code execution\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-201910-01\n(PHP: Arbitrary code execution)\n\n A underflow in env_path_info in PHP-FPM under certain configurations can\n be exploited to gain remote code execution.\n \nImpact :\n\n A remote attacker, by sending special crafted HTTP requests, could\n possibly execute arbitrary code with the privileges of the process, or\n cause a Denial of Service condition.\n \nWorkaround :\n\n If patching is not feasible, the suggested workaround is to include\n checks to verify whether or not a file exists before passing to PHP.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201910-01\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All PHP 5.6 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.6.40-r7'\n All PHP 7.1 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-7.1.33'\n All PHP 7.2 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-7.2.24'\n All PHP 7.3 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-7.3.11'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-lang/php\", unaffected:make_list(\"ge 7.1.33\", \"ge 7.2.24\", \"ge 7.3.11\", \"ge 5.6.40-r7\"), vulnerable:make_list(\"lt 7.1.33\", \"lt 7.2.24\", \"lt 7.3.11\", \"lt 5.6.40-r7\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"PHP\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:29:07", "description": "Emil Lerner and Andrew Danau discovered that insufficient validation in the path handling code of PHP FPM could result in the execution of arbitrary code in some setups.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-29T00:00:00", "type": "nessus", "title": "Debian DSA-4552-1 : php7.0 - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:php7.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4552.NASL", "href": "https://www.tenable.com/plugins/nessus/130349", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4552. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130349);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"DSA\", value:\"4552\");\n script_xref(name:\"IAVA\", value:\"2019-A-0399-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"Debian DSA-4552-1 : php7.0 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Emil Lerner and Andrew Danau discovered that insufficient validation\nin the path handling code of PHP FPM could result in the execution of\narbitrary code in some setups.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/php7.0\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/php7.0\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4552\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the php7.0 packages.\n\nFor the oldstable distribution (stretch), this problem has been fixed\nin version 7.0.33-0+deb9u6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libapache2-mod-php7.0\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libphp7.0-embed\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-bcmath\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-bz2\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-cgi\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-cli\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-common\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-curl\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-dba\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-dev\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-enchant\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-fpm\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-gd\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-gmp\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-imap\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-interbase\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-intl\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-json\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-ldap\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-mbstring\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-mcrypt\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-mysql\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-odbc\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-opcache\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-pgsql\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-phpdbg\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-pspell\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-readline\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-recode\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-snmp\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-soap\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-sqlite3\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-sybase\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-tidy\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-xml\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-xmlrpc\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-xsl\", reference:\"7.0.33-0+deb9u6\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"php7.0-zip\", reference:\"7.0.33-0+deb9u6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:29:06", "description": "Emil Lerner and Andrew Danau discovered that insufficient validation in the path handling code of PHP FPM could result in the execution of arbitrary code in some setups.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-29T00:00:00", "type": "nessus", "title": "Debian DSA-4553-1 : php7.3 - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:php7.3", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4553.NASL", "href": "https://www.tenable.com/plugins/nessus/130350", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4553. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130350);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"DSA\", value:\"4553\");\n script_xref(name:\"IAVA\", value:\"2019-A-0399-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"Debian DSA-4553-1 : php7.3 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Emil Lerner and Andrew Danau discovered that insufficient validation\nin the path handling code of PHP FPM could result in the execution of\narbitrary code in some setups.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/php7.3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/php7.3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4553\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the php7.3 packages.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 7.3.11-1~deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"libapache2-mod-php7.3\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libphp7.3-embed\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-bcmath\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-bz2\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-cgi\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-cli\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-common\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-curl\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-dba\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-dev\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-enchant\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-fpm\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-gd\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-gmp\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-imap\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-interbase\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-intl\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-json\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-ldap\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-mbstring\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-mysql\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-odbc\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-opcache\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-pgsql\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-phpdbg\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-pspell\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-readline\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-recode\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-snmp\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-soap\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-sqlite3\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-sybase\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-tidy\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-xml\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-xmlrpc\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-xsl\", reference:\"7.3.11-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"php7.3-zip\", reference:\"7.3.11-1~deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-14T15:21:33", "description": "It was discovered that PHP incorrectly handled certain paths when being used in FastCGI configurations. A remote attacker could possibly use this issue to execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-29T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : PHP vulnerability (USN-4166-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.0", "p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.2", "p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.3", "p-cpe:/a:canonical:ubuntu_linux:php7.0-cgi", "p-cpe:/a:canonical:ubuntu_linux:php7.0-cli", "p-cpe:/a:canonical:ubuntu_linux:php7.0-fpm", "p-cpe:/a:canonical:ubuntu_linux:php7.2-cgi", "p-cpe:/a:canonical:ubuntu_linux:php7.2-cli", "p-cpe:/a:canonical:ubuntu_linux:php7.2-fpm", "p-cpe:/a:canonical:ubuntu_linux:php7.3-cgi", "p-cpe:/a:canonical:ubuntu_linux:php7.3-cli", "p-cpe:/a:canonical:ubuntu_linux:php7.3-fpm", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.04", "cpe:/o:canonical:ubuntu_linux:19.10"], "id": "UBUNTU_USN-4166-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130362", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4166-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130362);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"USN\", value:\"4166-1\");\n script_xref(name:\"IAVA\", value:\"2019-A-0399-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : PHP vulnerability (USN-4166-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that PHP incorrectly handled certain paths when\nbeing used in FastCGI configurations. A remote attacker could possibly\nuse this issue to execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4166-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php7.0-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php7.0-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php7.0-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php7.2-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php7.2-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php7.2-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php7.3-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php7.3-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php7.3-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|19\\.04|19\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 19.04 / 19.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libapache2-mod-php7.0\", pkgver:\"7.0.33-0ubuntu0.16.04.7\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"php7.0-cgi\", pkgver:\"7.0.33-0ubuntu0.16.04.7\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"php7.0-cli\", pkgver:\"7.0.33-0ubuntu0.16.04.7\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"php7.0-fpm\", pkgver:\"7.0.33-0ubuntu0.16.04.7\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libapache2-mod-php7.2\", pkgver:\"7.2.24-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"php7.2-cgi\", pkgver:\"7.2.24-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"php7.2-cli\", pkgver:\"7.2.24-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"php7.2-fpm\", pkgver:\"7.2.24-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"libapache2-mod-php7.2\", pkgver:\"7.2.24-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"php7.2-cgi\", pkgver:\"7.2.24-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"php7.2-cli\", pkgver:\"7.2.24-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"php7.2-fpm\", pkgver:\"7.2.24-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"libapache2-mod-php7.3\", pkgver:\"7.3.11-0ubuntu0.19.10.1\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"php7.3-cgi\", pkgver:\"7.3.11-0ubuntu0.19.10.1\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"php7.3-cli\", pkgver:\"7.3.11-0ubuntu0.19.10.1\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"php7.3-fpm\", pkgver:\"7.3.11-0ubuntu0.19.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapache2-mod-php7.0 / libapache2-mod-php7.2 / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:30:00", "description": "This update for php7 fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-30T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : php7 (SUSE-SU-2019:2809-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_php7", "p-cpe:/a:novell:suse_linux:apache2-mod_php7-debuginfo", "p-cpe:/a:novell:suse_linux:php7", "p-cpe:/a:novell:suse_linux:php7-bcmath", "p-cpe:/a:novell:suse_linux:php7-bcmath-debuginfo", "p-cpe:/a:novell:suse_linux:php7-bz2", "p-cpe:/a:novell:suse_linux:php7-bz2-debuginfo", "p-cpe:/a:novell:suse_linux:php7-calendar", "p-cpe:/a:novell:suse_linux:php7-calendar-debuginfo", "p-cpe:/a:novell:suse_linux:php7-ctype", "p-cpe:/a:novell:suse_linux:php7-ctype-debuginfo", "p-cpe:/a:novell:suse_linux:php7-curl", "p-cpe:/a:novell:suse_linux:php7-curl-debuginfo", "p-cpe:/a:novell:suse_linux:php7-dba", "p-cpe:/a:novell:suse_linux:php7-dba-debuginfo", "p-cpe:/a:novell:suse_linux:php7-debuginfo", "p-cpe:/a:novell:suse_linux:php7-debugsource", "p-cpe:/a:novell:suse_linux:php7-dom", "p-cpe:/a:novell:suse_linux:php7-dom-debuginfo", "p-cpe:/a:novell:suse_linux:php7-enchant", "p-cpe:/a:novell:suse_linux:php7-enchant-debuginfo", "p-cpe:/a:novell:suse_linux:php7-exif", "p-cpe:/a:novell:suse_linux:php7-exif-debuginfo", "p-cpe:/a:novell:suse_linux:php7-fastcgi", "p-cpe:/a:novell:suse_linux:php7-fastcgi-debuginfo", "p-cpe:/a:novell:suse_linux:php7-fileinfo", "p-cpe:/a:novell:suse_linux:php7-fileinfo-debuginfo", "p-cpe:/a:novell:suse_linux:php7-fpm", "p-cpe:/a:novell:suse_linux:php7-fpm-debuginfo", "p-cpe:/a:novell:suse_linux:php7-ftp", "p-cpe:/a:novell:suse_linux:php7-ftp-debuginfo", "p-cpe:/a:novell:suse_linux:php7-gd", "p-cpe:/a:novell:suse_linux:php7-gd-debuginfo", "p-cpe:/a:novell:suse_linux:php7-gettext", "p-cpe:/a:novell:suse_linux:php7-gettext-debuginfo", "p-cpe:/a:novell:suse_linux:php7-gmp", "p-cpe:/a:novell:suse_linux:php7-gmp-debuginfo", "p-cpe:/a:novell:suse_linux:php7-iconv", "p-cpe:/a:novell:suse_linux:php7-iconv-debuginfo", "p-cpe:/a:novell:suse_linux:php7-imap", "p-cpe:/a:novell:suse_linux:php7-imap-debuginfo", "p-cpe:/a:novell:suse_linux:php7-intl", "p-cpe:/a:novell:suse_linux:php7-intl-debuginfo", "p-cpe:/a:novell:suse_linux:php7-json", "p-cpe:/a:novell:suse_linux:php7-json-debuginfo", "p-cpe:/a:novell:suse_linux:php7-ldap", "p-cpe:/a:novell:suse_linux:php7-ldap-debuginfo", "p-cpe:/a:novell:suse_linux:php7-mbstring", "p-cpe:/a:novell:suse_linux:php7-mbstring-debuginfo", "p-cpe:/a:novell:suse_linux:php7-mcrypt", "p-cpe:/a:novell:suse_linux:php7-mcrypt-debuginfo", "p-cpe:/a:novell:suse_linux:php7-mysql", "p-cpe:/a:novell:suse_linux:php7-mysql-debuginfo", "p-cpe:/a:novell:suse_linux:php7-odbc", "p-cpe:/a:novell:suse_linux:php7-odbc-debuginfo", "p-cpe:/a:novell:suse_linux:php7-opcache", "p-cpe:/a:novell:suse_linux:php7-opcache-debuginfo", "p-cpe:/a:novell:suse_linux:php7-openssl", "p-cpe:/a:novell:suse_linux:php7-openssl-debuginfo", "p-cpe:/a:novell:suse_linux:php7-pcntl", "p-cpe:/a:novell:suse_linux:php7-pcntl-debuginfo", "p-cpe:/a:novell:suse_linux:php7-pdo", "p-cpe:/a:novell:suse_linux:php7-pdo-debuginfo", "p-cpe:/a:novell:suse_linux:php7-pgsql", "p-cpe:/a:novell:suse_linux:php7-pgsql-debuginfo", "p-cpe:/a:novell:suse_linux:php7-phar", "p-cpe:/a:novell:suse_linux:php7-phar-debuginfo", "p-cpe:/a:novell:suse_linux:php7-posix", "p-cpe:/a:novell:suse_linux:php7-posix-debuginfo", "p-cpe:/a:novell:suse_linux:php7-pspell", "p-cpe:/a:novell:suse_linux:php7-pspell-debuginfo", "p-cpe:/a:novell:suse_linux:php7-shmop", "p-cpe:/a:novell:suse_linux:php7-shmop-debuginfo", "p-cpe:/a:novell:suse_linux:php7-snmp", "p-cpe:/a:novell:suse_linux:php7-snmp-debuginfo", "p-cpe:/a:novell:suse_linux:php7-soap", "p-cpe:/a:novell:suse_linux:php7-soap-debuginfo", "p-cpe:/a:novell:suse_linux:php7-sockets", "p-cpe:/a:novell:suse_linux:php7-sockets-debuginfo", "p-cpe:/a:novell:suse_linux:php7-sqlite", "p-cpe:/a:novell:suse_linux:php7-sqlite-debuginfo", "p-cpe:/a:novell:suse_linux:php7-sysvmsg", "p-cpe:/a:novell:suse_linux:php7-sysvmsg-debuginfo", "p-cpe:/a:novell:suse_linux:php7-sysvsem", "p-cpe:/a:novell:suse_linux:php7-sysvsem-debuginfo", "p-cpe:/a:novell:suse_linux:php7-sysvshm", "p-cpe:/a:novell:suse_linux:php7-sysvshm-debuginfo", "p-cpe:/a:novell:suse_linux:php7-tokenizer", "p-cpe:/a:novell:suse_linux:php7-tokenizer-debuginfo", "p-cpe:/a:novell:suse_linux:php7-wddx", "p-cpe:/a:novell:suse_linux:php7-wddx-debuginfo", "p-cpe:/a:novell:suse_linux:php7-xmlreader", "p-cpe:/a:novell:suse_linux:php7-xmlreader-debuginfo", "p-cpe:/a:novell:suse_linux:php7-xmlrpc", "p-cpe:/a:novell:suse_linux:php7-xmlrpc-debuginfo", "p-cpe:/a:novell:suse_linux:php7-xmlwriter", "p-cpe:/a:novell:suse_linux:php7-xmlwriter-debuginfo", "p-cpe:/a:novell:suse_linux:php7-xsl", "p-cpe:/a:novell:suse_linux:php7-xsl-debuginfo", "p-cpe:/a:novell:suse_linux:php7-zip", "p-cpe:/a:novell:suse_linux:php7-zip-debuginfo", "p-cpe:/a:novell:suse_linux:php7-zlib", "p-cpe:/a:novell:suse_linux:php7-zlib-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-2809-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130390", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2809-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130390);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"IAVA\", value:\"2019-A-0399-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"SUSE SLES12 Security Update : php7 (SUSE-SU-2019:2809-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for php7 fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-11043: Fixed possible remote code execution via env_path_info\nunderflow in fpm_main.c (bsc#1154999).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154999\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-11043/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192809-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9478dbce\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP5:zypper in -t\npatch SUSE-SLE-SDK-12-SP5-2019-2809=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-2809=1\n\nSUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-12-2019-2809=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-opcache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php7-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"apache2-mod_php7-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"apache2-mod_php7-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-bcmath-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-bcmath-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-bz2-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-bz2-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-calendar-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-calendar-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-ctype-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-ctype-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-curl-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-curl-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-dba-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-dba-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-debugsource-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-dom-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-dom-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-enchant-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-enchant-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-exif-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-exif-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-fastcgi-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-fastcgi-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-fileinfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-fileinfo-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-fpm-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-fpm-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-ftp-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-ftp-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-gd-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-gd-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-gettext-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-gettext-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-gmp-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-gmp-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-iconv-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-iconv-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-imap-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-imap-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-intl-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-intl-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-json-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-json-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-ldap-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-ldap-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-mbstring-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-mbstring-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-mcrypt-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-mcrypt-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-mysql-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-mysql-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-odbc-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-odbc-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-opcache-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-opcache-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-openssl-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-openssl-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-pcntl-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-pcntl-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-pdo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-pdo-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-pgsql-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-pgsql-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-phar-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-phar-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-posix-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-posix-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-pspell-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-pspell-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-shmop-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-shmop-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-snmp-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-snmp-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-soap-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-soap-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sockets-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sockets-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sqlite-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sqlite-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sysvmsg-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sysvmsg-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sysvsem-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sysvsem-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sysvshm-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-sysvshm-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-tokenizer-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-tokenizer-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-wddx-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-wddx-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-xmlreader-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-xmlreader-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-xmlrpc-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-xmlrpc-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-xmlwriter-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-xmlwriter-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-xsl-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-xsl-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-zip-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-zip-debuginfo-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-zlib-7.0.7-50.88.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php7-zlib-debuginfo-7.0.7-50.88.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php7\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:32:13", "description": "In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.(CVE-2019-11043)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : php71 / php72, php73, php56 (ALAS-2019-1315)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php56", "p-cpe:/a:amazon:linux:php56-bcmath", "p-cpe:/a:amazon:linux:php56-cli", "p-cpe:/a:amazon:linux:php56-common", "p-cpe:/a:amazon:linux:php56-dba", "p-cpe:/a:amazon:linux:php56-dbg", "p-cpe:/a:amazon:linux:php56-debuginfo", "p-cpe:/a:amazon:linux:php56-devel", "p-cpe:/a:amazon:linux:php56-embedded", "p-cpe:/a:amazon:linux:php56-enchant", "p-cpe:/a:amazon:linux:php56-fpm", "p-cpe:/a:amazon:linux:php56-gd", "p-cpe:/a:amazon:linux:php56-gmp", "p-cpe:/a:amazon:linux:php56-imap", "p-cpe:/a:amazon:linux:php56-intl", "p-cpe:/a:amazon:linux:php56-ldap", "p-cpe:/a:amazon:linux:php56-mbstring", "p-cpe:/a:amazon:linux:php56-mcrypt", "p-cpe:/a:amazon:linux:php56-mssql", "p-cpe:/a:amazon:linux:php56-mysqlnd", "p-cpe:/a:amazon:linux:php56-odbc", "p-cpe:/a:amazon:linux:php56-opcache", "p-cpe:/a:amazon:linux:php56-pdo", "p-cpe:/a:amazon:linux:php56-pgsql", "p-cpe:/a:amazon:linux:php56-process", "p-cpe:/a:amazon:linux:php56-pspell", "p-cpe:/a:amazon:linux:php56-recode", "p-cpe:/a:amazon:linux:php56-snmp", "p-cpe:/a:amazon:linux:php56-soap", "p-cpe:/a:amazon:linux:php56-tidy", "p-cpe:/a:amazon:linux:php56-xml", "p-cpe:/a:amazon:linux:php56-xmlrpc", "p-cpe:/a:amazon:linux:php71", "p-cpe:/a:amazon:linux:php71-bcmath", "p-cpe:/a:amazon:linux:php71-cli", "p-cpe:/a:amazon:linux:php71-common", "p-cpe:/a:amazon:linux:php71-dba", "p-cpe:/a:amazon:linux:php71-dbg", "p-cpe:/a:amazon:linux:php71-debuginfo", "p-cpe:/a:amazon:linux:php71-devel", "p-cpe:/a:amazon:linux:php71-embedded", "p-cpe:/a:amazon:linux:php71-enchant", "p-cpe:/a:amazon:linux:php71-fpm", "p-cpe:/a:amazon:linux:php71-gd", "p-cpe:/a:amazon:linux:php71-gmp", "p-cpe:/a:amazon:linux:php71-imap", "p-cpe:/a:amazon:linux:php71-intl", "p-cpe:/a:amazon:linux:php71-json", "p-cpe:/a:amazon:linux:php71-ldap", "p-cpe:/a:amazon:linux:php71-mbstring", "p-cpe:/a:amazon:linux:php71-mcrypt", "p-cpe:/a:amazon:linux:php71-mysqlnd", "p-cpe:/a:amazon:linux:php71-odbc", "p-cpe:/a:amazon:linux:php71-opcache", "p-cpe:/a:amazon:linux:php71-pdo", "p-cpe:/a:amazon:linux:php71-pdo-dblib", "p-cpe:/a:amazon:linux:php71-pgsql", "p-cpe:/a:amazon:linux:php71-process", "p-cpe:/a:amazon:linux:php71-pspell", "p-cpe:/a:amazon:linux:php71-recode", "p-cpe:/a:amazon:linux:php71-snmp", "p-cpe:/a:amazon:linux:php71-soap", "p-cpe:/a:amazon:linux:php71-tidy", "p-cpe:/a:amazon:linux:php71-xml", "p-cpe:/a:amazon:linux:php71-xmlrpc", "p-cpe:/a:amazon:linux:php72", "p-cpe:/a:amazon:linux:php72-bcmath", "p-cpe:/a:amazon:linux:php72-cli", "p-cpe:/a:amazon:linux:php72-common", "p-cpe:/a:amazon:linux:php72-dba", "p-cpe:/a:amazon:linux:php72-dbg", "p-cpe:/a:amazon:linux:php72-debuginfo", "p-cpe:/a:amazon:linux:php72-devel", "p-cpe:/a:amazon:linux:php72-embedded", "p-cpe:/a:amazon:linux:php72-enchant", "p-cpe:/a:amazon:linux:php72-fpm", "p-cpe:/a:amazon:linux:php72-gd", "p-cpe:/a:amazon:linux:php72-gmp", "p-cpe:/a:amazon:linux:php72-imap", "p-cpe:/a:amazon:linux:php72-intl", "p-cpe:/a:amazon:linux:php72-json", "p-cpe:/a:amazon:linux:php72-ldap", "p-cpe:/a:amazon:linux:php72-mbstring", "p-cpe:/a:amazon:linux:php72-mysqlnd", "p-cpe:/a:amazon:linux:php72-odbc", "p-cpe:/a:amazon:linux:php72-opcache", "p-cpe:/a:amazon:linux:php72-pdo", "p-cpe:/a:amazon:linux:php72-pdo-dblib", "p-cpe:/a:amazon:linux:php72-pgsql", "p-cpe:/a:amazon:linux:php72-process", "p-cpe:/a:amazon:linux:php72-pspell", "p-cpe:/a:amazon:linux:php72-recode", "p-cpe:/a:amazon:linux:php72-snmp", "p-cpe:/a:amazon:linux:php72-soap", "p-cpe:/a:amazon:linux:php72-tidy", "p-cpe:/a:amazon:linux:php72-xml", "p-cpe:/a:amazon:linux:php72-xmlrpc", "p-cpe:/a:amazon:linux:php73", "p-cpe:/a:amazon:linux:php73-bcmath", "p-cpe:/a:amazon:linux:php73-cli", "p-cpe:/a:amazon:linux:php73-common", "p-cpe:/a:amazon:linux:php73-dba", "p-cpe:/a:amazon:linux:php73-dbg", "p-cpe:/a:amazon:linux:php73-debuginfo", "p-cpe:/a:amazon:linux:php73-devel", "p-cpe:/a:amazon:linux:php73-embedded", "p-cpe:/a:amazon:linux:php73-enchant", "p-cpe:/a:amazon:linux:php73-fpm", "p-cpe:/a:amazon:linux:php73-gd", "p-cpe:/a:amazon:linux:php73-gmp", "p-cpe:/a:amazon:linux:php73-imap", "p-cpe:/a:amazon:linux:php73-intl", "p-cpe:/a:amazon:linux:php73-json", "p-cpe:/a:amazon:linux:php73-ldap", "p-cpe:/a:amazon:linux:php73-mbstring", "p-cpe:/a:amazon:linux:php73-mysqlnd", "p-cpe:/a:amazon:linux:php73-odbc", "p-cpe:/a:amazon:linux:php73-opcache", "p-cpe:/a:amazon:linux:php73-pdo", "p-cpe:/a:amazon:linux:php73-pdo-dblib", "p-cpe:/a:amazon:linux:php73-pgsql", "p-cpe:/a:amazon:linux:php73-process", "p-cpe:/a:amazon:linux:php73-pspell", "p-cpe:/a:amazon:linux:php73-recode", "p-cpe:/a:amazon:linux:php73-snmp", "p-cpe:/a:amazon:linux:php73-soap", "p-cpe:/a:amazon:linux:php73-tidy", "p-cpe:/a:amazon:linux:php73-xml", "p-cpe:/a:amazon:linux:php73-xmlrpc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1315.NASL", "href": "https://www.tenable.com/plugins/nessus/130471", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1315.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130471);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"ALAS\", value:\"2019-1315\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"Amazon Linux AMI : php71 / php72, php73, php56 (ALAS-2019-1315)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below\n7.3.11 in certain configurations of FPM setup it is possible to cause\nFPM module to write past allocated buffers into the space reserved for\nFCGI protocol data, thus opening the possibility of remote code\nexecution.(CVE-2019-11043)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1315.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Run 'yum update php71' to update your system.\n\nRun 'yum update php72' to update your system.\n\nRun 'yum update php73' to update your system.\n\nRun 'yum update php56' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php56-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-pdo-dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php71-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-pdo-dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php72-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-pdo-dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php73-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php56-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-bcmath-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-cli-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-common-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-dba-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-dbg-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-debuginfo-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-devel-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-embedded-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-enchant-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-fpm-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-gd-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-gmp-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-imap-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-intl-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-ldap-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mbstring-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mcrypt-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mssql-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-mysqlnd-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-odbc-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-opcache-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pdo-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pgsql-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-process-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-pspell-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-recode-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-snmp-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-soap-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-tidy-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-xml-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php56-xmlrpc-5.6.40-1.143.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-bcmath-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-cli-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-common-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-dba-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-dbg-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-debuginfo-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-devel-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-embedded-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-enchant-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-fpm-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-gd-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-gmp-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-imap-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-intl-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-json-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-ldap-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-mbstring-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-mcrypt-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-mysqlnd-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-odbc-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-opcache-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-pdo-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-pdo-dblib-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-pgsql-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-process-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-pspell-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-recode-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-snmp-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-soap-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-tidy-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-xml-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php71-xmlrpc-7.1.33-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-bcmath-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-cli-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-common-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-dba-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-dbg-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-debuginfo-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-devel-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-embedded-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-enchant-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-fpm-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-gd-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-gmp-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-imap-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-intl-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-json-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-ldap-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-mbstring-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-mysqlnd-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-odbc-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-opcache-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-pdo-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-pdo-dblib-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-pgsql-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-process-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-pspell-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-recode-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-snmp-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-soap-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-tidy-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-xml-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php72-xmlrpc-7.2.24-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-bcmath-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-cli-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-common-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-dba-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-dbg-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-debuginfo-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-devel-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-embedded-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-enchant-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-fpm-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-gd-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-gmp-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-imap-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-intl-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-json-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-ldap-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-mbstring-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-mysqlnd-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-odbc-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-opcache-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-pdo-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-pdo-dblib-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-pgsql-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-process-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-pspell-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-recode-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-snmp-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-soap-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-tidy-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-xml-7.3.11-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php73-xmlrpc-7.3.11-1.21.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php56 / php56-bcmath / php56-cli / php56-common / php56-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:33:13", "description": "An update for php is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-04T00:00:00", "type": "nessus", "title": "CentOS 7 : php (CESA-2019:3286)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:centos:centos:php", "p-cpe:/a:centos:centos:php-bcmath", "p-cpe:/a:centos:centos:php-cli", "p-cpe:/a:centos:centos:php-common", "p-cpe:/a:centos:centos:php-dba", "p-cpe:/a:centos:centos:php-devel", "p-cpe:/a:centos:centos:php-embedded", "p-cpe:/a:centos:centos:php-enchant", "p-cpe:/a:centos:centos:php-fpm", "p-cpe:/a:centos:centos:php-gd", "p-cpe:/a:centos:centos:php-intl", "p-cpe:/a:centos:centos:php-ldap", "p-cpe:/a:centos:centos:php-mbstring", "p-cpe:/a:centos:centos:php-mysql", "p-cpe:/a:centos:centos:php-mysqlnd", "p-cpe:/a:centos:centos:php-odbc", "p-cpe:/a:centos:centos:php-pdo", "p-cpe:/a:centos:centos:php-pgsql", "p-cpe:/a:centos:centos:php-process", "p-cpe:/a:centos:centos:php-pspell", "p-cpe:/a:centos:centos:php-recode", "p-cpe:/a:centos:centos:php-snmp", "p-cpe:/a:centos:centos:php-soap", "p-cpe:/a:centos:centos:php-xml", "p-cpe:/a:centos:centos:php-xmlrpc", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2019-3286.NASL", "href": "https://www.tenable.com/plugins/nessus/130473", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3286 and \n# CentOS Errata and Security Advisory 2019:3286 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130473);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"RHSA\", value:\"2019:3286\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"CentOS 7 : php (CESA-2019:3286)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for php is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n # https://lists.centos.org/pipermail/centos-announce/2019-November/023500.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fe8efbc4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-bcmath-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-cli-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-common-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-dba-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-devel-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-embedded-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-enchant-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-fpm-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-gd-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-intl-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-ldap-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-mbstring-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-mysql-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-mysqlnd-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-odbc-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-pdo-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-pgsql-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-process-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-pspell-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-recode-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-snmp-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-soap-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-xml-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.4.16-46.1.el7_7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:33:39", "description": "An update for php is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-04T00:00:00", "type": "nessus", "title": "CentOS 6 : php (CESA-2019:3287)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:centos:centos:php", "p-cpe:/a:centos:centos:php-bcmath", "p-cpe:/a:centos:centos:php-cli", "p-cpe:/a:centos:centos:php-common", "p-cpe:/a:centos:centos:php-dba", "p-cpe:/a:centos:centos:php-devel", "p-cpe:/a:centos:centos:php-embedded", "p-cpe:/a:centos:centos:php-enchant", "p-cpe:/a:centos:centos:php-fpm", "p-cpe:/a:centos:centos:php-gd", "p-cpe:/a:centos:centos:php-imap", "p-cpe:/a:centos:centos:php-intl", "p-cpe:/a:centos:centos:php-ldap", "p-cpe:/a:centos:centos:php-mbstring", "p-cpe:/a:centos:centos:php-mysql", "p-cpe:/a:centos:centos:php-odbc", "p-cpe:/a:centos:centos:php-pdo", "p-cpe:/a:centos:centos:php-pgsql", "p-cpe:/a:centos:centos:php-process", "p-cpe:/a:centos:centos:php-pspell", "p-cpe:/a:centos:centos:php-recode", "p-cpe:/a:centos:centos:php-snmp", "p-cpe:/a:centos:centos:php-soap", "p-cpe:/a:centos:centos:php-tidy", "p-cpe:/a:centos:centos:php-xml", "p-cpe:/a:centos:centos:php-xmlrpc", "p-cpe:/a:centos:centos:php-zts", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2019-3287.NASL", "href": "https://www.tenable.com/plugins/nessus/130474", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3287 and \n# CentOS Errata and Security Advisory 2019:3287 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130474);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"RHSA\", value:\"2019:3287\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"CentOS 6 : php (CESA-2019:3287)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for php is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n # https://lists.centos.org/pipermail/centos-announce/2019-November/023506.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0c1a076a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-zts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-bcmath-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-cli-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-common-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-dba-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-devel-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-embedded-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-enchant-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-fpm-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-gd-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-imap-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-intl-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-ldap-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-mbstring-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-mysql-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-odbc-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-pdo-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-pgsql-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-process-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-pspell-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-recode-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-snmp-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-soap-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-tidy-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-xml-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-xmlrpc-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-zts-5.3.3-50.el6_10\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:32:43", "description": "**PHP version 7.2.24** (24 Oct 2019)\n\n**Core:**\n\n - Fixed bug php#78535 (auto_detect_line_endings value not parsed as bool). (bugreportuser)\n\n - Fixed bug php#78620 (Out of memory error). (cmb, Nikita)\n\n**Exif:**\n\n - Fixed bug php#78442 ('Illegal component' on exif_read_data since PHP7) (Kalle)\n\n**FPM:**\n\n - Fixed bug php#78599 (env_path_info underflow in fpm_main.c can lead to RCE). (**CVE-2019-11043**) (Jakub Zelenka)\n\n**MBString:**\n\n - Fixed bug php#78579 (mb_decode_numericentity: args number inconsistency). (cmb)\n\n - Fixed bug php#78609 (mb_check_encoding() no longer supports stringable objects). (cmb)\n\n**MySQLi:**\n\n - Fixed bug php#76809 (SSL settings aren't respected when persistent connections are used). (fabiomsouto)\n\n**PDO_MySQL:**\n\n - Fixed bug php#78623 (Regression caused by 'SP call yields additional empty result set'). (cmb)\n\n**Session:**\n\n - Fixed bug php#78624 (session_gc return value for user defined session handlers). (bshaffer)\n\n**Standard:**\n\n - Fixed bug php#76342 (file_get_contents waits twice specified timeout). (Thomas Calvet)\n\n - Fixed bug php#78612 (strtr leaks memory when integer keys are used and the subject string shorter). (Nikita)\n\n - Fixed bug php#76859 (stream_get_line skips data if used with data-generating filter). (kkopachev)\n\n**Zip:**\n\n - Fixed bug php#78641 (addGlob can modify given remove_path value). (cmb)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-04T00:00:00", "type": "nessus", "title": "Fedora 29 : php (2019-187ae3128d)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-187AE3128D.NASL", "href": "https://www.tenable.com/plugins/nessus/130476", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-187ae3128d.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130476);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"FEDORA\", value:\"2019-187ae3128d\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"Fedora 29 : php (2019-187ae3128d)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"**PHP version 7.2.24** (24 Oct 2019)\n\n**Core:**\n\n - Fixed bug php#78535 (auto_detect_line_endings value not\n parsed as bool). (bugreportuser)\n\n - Fixed bug php#78620 (Out of memory error). (cmb, Nikita)\n\n**Exif:**\n\n - Fixed bug php#78442 ('Illegal component' on\n exif_read_data since PHP7) (Kalle)\n\n**FPM:**\n\n - Fixed bug php#78599 (env_path_info underflow in\n fpm_main.c can lead to RCE). (**CVE-2019-11043**) (Jakub\n Zelenka)\n\n**MBString:**\n\n - Fixed bug php#78579 (mb_decode_numericentity: args\n number inconsistency). (cmb)\n\n - Fixed bug php#78609 (mb_check_encoding() no longer\n supports stringable objects). (cmb)\n\n**MySQLi:**\n\n - Fixed bug php#76809 (SSL settings aren't respected when\n persistent connections are used). (fabiomsouto)\n\n**PDO_MySQL:**\n\n - Fixed bug php#78623 (Regression caused by 'SP call\n yields additional empty result set'). (cmb)\n\n**Session:**\n\n - Fixed bug php#78624 (session_gc return value for user\n defined session handlers). (bshaffer)\n\n**Standard:**\n\n - Fixed bug php#76342 (file_get_contents waits twice\n specified timeout). (Thomas Calvet)\n\n - Fixed bug php#78612 (strtr leaks memory when integer\n keys are used and the subject string shorter). (Nikita)\n\n - Fixed bug php#76859 (stream_get_line skips data if used\n with data-generating filter). (kkopachev)\n\n**Zip:**\n\n - Fixed bug php#78641 (addGlob can modify given\n remove_path value). (cmb)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-187ae3128d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"php-7.2.24-1.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:31:47", "description": "**PHP version 7.3.11** (24 Oct 2019)\n\n**Core:**\n\n - Fixed bug php#78535 (auto_detect_line_endings value not parsed as bool). (bugreportuser)\n\n - Fixed bug php#78620 (Out of memory error). (cmb, Nikita)\n\n**Exif :**\n\n - Fixed bug php#78442 ('Illegal component' on exif_read_data since PHP7) (Kalle)\n\n**FPM:**\n\n - Fixed bug php#78599 (env_path_info underflow in fpm_main.c can lead to RCE). (**CVE-2019-11043**) (Jakub Zelenka)\n\n - Fixed bug php#78413 (request_terminate_timeout does not take effect after fastcgi_finish_request). (Sergei Turchanov)\n\n**MBString:**\n\n - Fixed bug php#78579 (mb_decode_numericentity: args number inconsistency). (cmb)\n\n - Fixed bug php#78609 (mb_check_encoding() no longer supports stringable objects). (cmb)\n\n**MySQLi:**\n\n - Fixed bug php#76809 (SSL settings aren't respected when persistent connections are used). (fabiomsouto)\n\n**Mysqlnd:**\n\n - Fixed bug php#78525 (Memory leak in pdo when reusing native prepared statements). (Nikita)\n\n**PCRE:**\n\n - Fixed bug php#78272 (calling preg_match() before pcntl_fork() will freeze child process). (Nikita)\n\n**PDO_MySQL:**\n\n - Fixed bug php#78623 (Regression caused by 'SP call yields additional empty result set'). (cmb)\n\n**Session:**\n\n - Fixed bug php#78624 (session_gc return value for user defined session handlers). (bshaffer)\n\n**Standard:**\n\n - Fixed bug php#76342 (file_get_contents waits twice specified timeout). (Thomas Calvet)\n\n - Fixed bug php#78612 (strtr leaks memory when integer keys are used and the subject string shorter). (Nikita)\n\n - Fixed bug php#76859 (stream_get_line skips data if used with data-generating filter). (kkopachev)\n\n**Zip:**\n\n - Fixed bug php#78641 (addGlob can modify given remove_path value). (cmb)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-04T00:00:00", "type": "nessus", "title": "Fedora 30 : php (2019-7bb07c3b02)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-7BB07C3B02.NASL", "href": "https://www.tenable.com/plugins/nessus/130482", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-7bb07c3b02.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130482);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"FEDORA\", value:\"2019-7bb07c3b02\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"Fedora 30 : php (2019-7bb07c3b02)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"**PHP version 7.3.11** (24 Oct 2019)\n\n**Core:**\n\n - Fixed bug php#78535 (auto_detect_line_endings value not\n parsed as bool). (bugreportuser)\n\n - Fixed bug php#78620 (Out of memory error). (cmb, Nikita)\n\n**Exif :**\n\n - Fixed bug php#78442 ('Illegal component' on\n exif_read_data since PHP7) (Kalle)\n\n**FPM:**\n\n - Fixed bug php#78599 (env_path_info underflow in\n fpm_main.c can lead to RCE). (**CVE-2019-11043**) (Jakub\n Zelenka)\n\n - Fixed bug php#78413 (request_terminate_timeout does not\n take effect after fastcgi_finish_request). (Sergei\n Turchanov)\n\n**MBString:**\n\n - Fixed bug php#78579 (mb_decode_numericentity: args\n number inconsistency). (cmb)\n\n - Fixed bug php#78609 (mb_check_encoding() no longer\n supports stringable objects). (cmb)\n\n**MySQLi:**\n\n - Fixed bug php#76809 (SSL settings aren't respected when\n persistent connections are used). (fabiomsouto)\n\n**Mysqlnd:**\n\n - Fixed bug php#78525 (Memory leak in pdo when reusing\n native prepared statements). (Nikita)\n\n**PCRE:**\n\n - Fixed bug php#78272 (calling preg_match() before\n pcntl_fork() will freeze child process). (Nikita)\n\n**PDO_MySQL:**\n\n - Fixed bug php#78623 (Regression caused by 'SP call\n yields additional empty result set'). (cmb)\n\n**Session:**\n\n - Fixed bug php#78624 (session_gc return value for user\n defined session handlers). (bshaffer)\n\n**Standard:**\n\n - Fixed bug php#76342 (file_get_contents waits twice\n specified timeout). (Thomas Calvet)\n\n - Fixed bug php#78612 (strtr leaks memory when integer\n keys are used and the subject string shorter). (Nikita)\n\n - Fixed bug php#76859 (stream_get_line skips data if used\n with data-generating filter). (kkopachev)\n\n**Zip:**\n\n - Fixed bug php#78641 (addGlob can modify given\n remove_path value). (cmb)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-7bb07c3b02\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"php-7.3.11-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:32:13", "description": "From Red Hat Security Advisory 2019:3287 :\n\nAn update for php is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-04T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : php (ELSA-2019-3287)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:php", "p-cpe:/a:oracle:linux:php-bcmath", "p-cpe:/a:oracle:linux:php-cli", "p-cpe:/a:oracle:linux:php-common", "p-cpe:/a:oracle:linux:php-dba", "p-cpe:/a:oracle:linux:php-devel", "p-cpe:/a:oracle:linux:php-embedded", "p-cpe:/a:oracle:linux:php-enchant", "p-cpe:/a:oracle:linux:php-fpm", "p-cpe:/a:oracle:linux:php-gd", "p-cpe:/a:oracle:linux:php-imap", "p-cpe:/a:oracle:linux:php-intl", "p-cpe:/a:oracle:linux:php-ldap", "p-cpe:/a:oracle:linux:php-mbstring", "p-cpe:/a:oracle:linux:php-mysql", "p-cpe:/a:oracle:linux:php-odbc", "p-cpe:/a:oracle:linux:php-pdo", "p-cpe:/a:oracle:linux:php-pgsql", "p-cpe:/a:oracle:linux:php-process", "p-cpe:/a:oracle:linux:php-pspell", "p-cpe:/a:oracle:linux:php-recode", "p-cpe:/a:oracle:linux:php-snmp", "p-cpe:/a:oracle:linux:php-soap", "p-cpe:/a:oracle:linux:php-tidy", "p-cpe:/a:oracle:linux:php-xml", "p-cpe:/a:oracle:linux:php-xmlrpc", "p-cpe:/a:oracle:linux:php-zts", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2019-3287.NASL", "href": "https://www.tenable.com/plugins/nessus/130497", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:3287 and \n# Oracle Linux Security Advisory ELSA-2019-3287 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130497);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"RHSA\", value:\"2019:3287\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"Oracle Linux 6 : php (ELSA-2019-3287)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"From Red Hat Security Advisory 2019:3287 :\n\nAn update for php is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2019-November/009315.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-zts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"php-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-bcmath-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-cli-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-common-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-dba-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-devel-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-embedded-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-enchant-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-fpm-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-gd-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-imap-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-intl-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-ldap-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-mbstring-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-mysql-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-odbc-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-pdo-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-pgsql-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-process-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-pspell-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-recode-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-snmp-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-soap-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-tidy-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-xml-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-xmlrpc-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-zts-5.3.3-50.el6_10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:32:43", "description": "Security Fix(es) :\n\n - php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-04T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : php on SL6.x i386/x86_64 (20191031)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:php", "p-cpe:/a:fermilab:scientific_linux:php-bcmath", "p-cpe:/a:fermilab:scientific_linux:php-cli", "p-cpe:/a:fermilab:scientific_linux:php-common", "p-cpe:/a:fermilab:scientific_linux:php-dba", "p-cpe:/a:fermilab:scientific_linux:php-debuginfo", "p-cpe:/a:fermilab:scientific_linux:php-devel", "p-cpe:/a:fermilab:scientific_linux:php-embedded", "p-cpe:/a:fermilab:scientific_linux:php-enchant", "p-cpe:/a:fermilab:scientific_linux:php-fpm", "p-cpe:/a:fermilab:scientific_linux:php-gd", "p-cpe:/a:fermilab:scientific_linux:php-imap", "p-cpe:/a:fermilab:scientific_linux:php-intl", "p-cpe:/a:fermilab:scientific_linux:php-ldap", "p-cpe:/a:fermilab:scientific_linux:php-mbstring", "p-cpe:/a:fermilab:scientific_linux:php-mysql", "p-cpe:/a:fermilab:scientific_linux:php-odbc", "p-cpe:/a:fermilab:scientific_linux:php-pdo", "p-cpe:/a:fermilab:scientific_linux:php-pgsql", "p-cpe:/a:fermilab:scientific_linux:php-process", "p-cpe:/a:fermilab:scientific_linux:php-pspell", "p-cpe:/a:fermilab:scientific_linux:php-recode", "p-cpe:/a:fermilab:scientific_linux:php-snmp", "p-cpe:/a:fermilab:scientific_linux:php-soap", "p-cpe:/a:fermilab:scientific_linux:php-tidy", "p-cpe:/a:fermilab:scientific_linux:php-xml", "p-cpe:/a:fermilab:scientific_linux:php-xmlrpc", "p-cpe:/a:fermilab:scientific_linux:php-zts", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20191031_PHP_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/130499", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130499);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"Scientific Linux Security Update : php on SL6.x i386/x86_64 (20191031)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Security Fix(es) :\n\n - php: underflow in env_path_info in fpm_main.c\n (CVE-2019-11043)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1911&L=SCIENTIFIC-LINUX-ERRATA&P=79\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f1e27d3d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-zts\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"php-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-bcmath-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-cli-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-common-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-dba-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-debuginfo-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-devel-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-embedded-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-enchant-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-fpm-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-gd-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-imap-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-intl-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-ldap-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-mbstring-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-mysql-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-odbc-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-pdo-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-pgsql-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-process-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-pspell-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-recode-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-snmp-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-soap-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-tidy-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-xml-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-xmlrpc-5.3.3-50.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-zts-5.3.3-50.el6_10\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:31:47", "description": "According to the version of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.(CVE-2019-11043)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-27T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : php (EulerOS-SA-2019-2295)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:php", "p-cpe:/a:huawei:euleros:php-cli", "p-cpe:/a:huawei:euleros:php-common", "p-cpe:/a:huawei:euleros:php-fpm", "p-cpe:/a:huawei:euleros:php-gd", "p-cpe:/a:huawei:euleros:php-ldap", "p-cpe:/a:huawei:euleros:php-odbc", "p-cpe:/a:huawei:euleros:php-pdo", "p-cpe:/a:huawei:euleros:php-process", "p-cpe:/a:huawei:euleros:php-recode", "p-cpe:/a:huawei:euleros:php-soap", "p-cpe:/a:huawei:euleros:php-xml", "p-cpe:/a:huawei:euleros:php-xmlrpc", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2295.NASL", "href": "https://www.tenable.com/plugins/nessus/131361", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131361);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"EulerOS 2.0 SP8 : php (EulerOS-SA-2019-2295)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the php packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24\n and 7.3.x below 7.3.11 in certain configurations of FPM\n setup it is possible to cause FPM module to write past\n allocated buffers into the space reserved for FCGI\n protocol data, thus opening the possibility of remote\n code execution.(CVE-2019-11043)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2295\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fe0fa928\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"php-7.2.10-1.h7.eulerosv2r8\",\n \"php-cli-7.2.10-1.h7.eulerosv2r8\",\n \"php-common-7.2.10-1.h7.eulerosv2r8\",\n \"php-fpm-7.2.10-1.h7.eulerosv2r8\",\n \"php-gd-7.2.10-1.h7.eulerosv2r8\",\n \"php-ldap-7.2.10-1.h7.eulerosv2r8\",\n \"php-odbc-7.2.10-1.h7.eulerosv2r8\",\n \"php-pdo-7.2.10-1.h7.eulerosv2r8\",\n \"php-process-7.2.10-1.h7.eulerosv2r8\",\n \"php-recode-7.2.10-1.h7.eulerosv2r8\",\n \"php-soap-7.2.10-1.h7.eulerosv2r8\",\n \"php-xml-7.2.10-1.h7.eulerosv2r8\",\n \"php-xmlrpc-7.2.10-1.h7.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:33:11", "description": "An update for the php:7.3 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "RHEL 8 : php:7.3 (RHSA-2019:3736)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apcu-panel", "p-cpe:/a:redhat:enterprise_linux:libzip", "p-cpe:/a:redhat:enterprise_linux:libzip-debugsource", "p-cpe:/a:redhat:enterprise_linux:libzip-devel", "p-cpe:/a:redhat:enterprise_linux:libzip-tools", "p-cpe:/a:redhat:enterprise_linux:php", "p-cpe:/a:redhat:enterprise_linux:php-bcmath", "p-cpe:/a:redhat:enterprise_linux:php-cli", "p-cpe:/a:redhat:enterprise_linux:php-common", "p-cpe:/a:redhat:enterprise_linux:php-dba", "p-cpe:/a:redhat:enterprise_linux:php-dbg", "p-cpe:/a:redhat:enterprise_linux:php-debugsource", "p-cpe:/a:redhat:enterprise_linux:php-devel", "p-cpe:/a:redhat:enterprise_linux:php-embedded", "p-cpe:/a:redhat:enterprise_linux:php-enchant", "p-cpe:/a:redhat:enterprise_linux:php-fpm", "p-cpe:/a:redhat:enterprise_linux:php-gd", "p-cpe:/a:redhat:enterprise_linux:php-gmp", "p-cpe:/a:redhat:enterprise_linux:php-intl", "p-cpe:/a:redhat:enterprise_linux:php-json", "p-cpe:/a:redhat:enterprise_linux:php-ldap", "p-cpe:/a:redhat:enterprise_linux:php-mbstring", "p-cpe:/a:redhat:enterprise_linux:php-mysqlnd", "p-cpe:/a:redhat:enterprise_linux:php-odbc", "p-cpe:/a:redhat:enterprise_linux:php-opcache", "p-cpe:/a:redhat:enterprise_linux:php-pdo", "p-cpe:/a:redhat:enterprise_linux:php-pear", "p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu", "p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu-debugsource", "p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu-devel", "p-cpe:/a:redhat:enterprise_linux:php-pecl-zip", "p-cpe:/a:redhat:enterprise_linux:php-pecl-zip-debugsource", "p-cpe:/a:redhat:enterprise_linux:php-pgsql", "p-cpe:/a:redhat:enterprise_linux:php-process", "p-cpe:/a:redhat:enterprise_linux:php-recode", "p-cpe:/a:redhat:enterprise_linux:php-snmp", "p-cpe:/a:redhat:enterprise_linux:php-soap", "p-cpe:/a:redhat:enterprise_linux:php-xml", "p-cpe:/a:redhat:enterprise_linux:php-xmlrpc", "cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:enterprise_linux:8.1"], "id": "REDHAT-RHSA-2019-3736.NASL", "href": "https://www.tenable.com/plugins/nessus/130739", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:3736. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130739);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"RHSA\", value:\"2019:3736\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"RHEL 8 : php:7.3 (RHSA-2019:3736)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for the php:7.3 module is now available for Red Hat\nEnterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3736\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-11043\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apcu-panel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libzip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libzip-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libzip-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libzip-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pecl-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pecl-zip-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/php');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module php:7.3');\nif ('7.3' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module php:' + module_ver);\n\nappstreams = {\n 'php:7.3': [\n {'reference':'apcu-panel-5.1.17-1.module+el8.1.0+3189+a1bff096', 'release':'8'},\n {'reference':'libzip-1.5.2-1.module+el8.1.0+3189+a1bff096', 'cpu':'aarch64', 'release':'8'},\n {'reference':'libzip-1.5.2-1.module+el8.1.0+3189+a1bff096', 'cpu':'s390x', 'release':'8'},\n {'reference':'libzip-1.5.2-1.module+el8.1.0+3189+a1bff096', 'cpu':'x86_64', 'release':'8'},\n {'reference':'libzip-debugsource-1.5.2-1.module+el8.1.0+3189+a1bff096', 'cpu':'aarch64', 'release':'8'},\n {'reference':'libzip-debugsource-1.5.2-1.module+el8.1.0+3189+a1bff096', 'cpu':'s390x', 'release':'8'},\n {'reference':'libzip-debugsource-1.5.2-1.module+el8.1.0+3189+a1bff096', 'cpu':'x86_64', 'release':'8'},\n {'reference':'libzip-devel-1.5.2-1.module+el8.1.0+3189+a1bff096', 'cpu':'aarch64', 'release':'8'},\n {'reference':'libzip-devel-1.5.2-1.module+el8.1.0+3189+a1bff096', 'cpu':'s390x', 'release':'8'},\n {'reference':'libzip-devel-1.5.2-1.module+el8.1.0+3189+a1bff096', 'cpu':'x86_64', 'release':'8'},\n {'reference':'libzip-tools-1.5.2-1.module+el8.1.0+3189+a1bff096', 'cpu':'aarch64', 'release':'8'},\n {'reference':'libzip-tools-1.5.2-1.module+el8.1.0+3189+a1bff096', 'cpu':'s390x', 'release':'8'},\n {'reference':'libzip-tools-1.5.2-1.module+el8.1.0+3189+a1bff096', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-bcmath-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-bcmath-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-bcmath-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-cli-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-cli-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-cli-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-common-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-common-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-common-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-dba-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-dba-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-dba-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-dbg-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-dbg-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-dbg-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-debugsource-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-debugsource-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-debugsource-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-devel-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-devel-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-devel-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-embedded-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-embedded-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-embedded-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-enchant-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-enchant-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-enchant-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-fpm-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-fpm-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-fpm-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-gd-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-gd-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-gd-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-gmp-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-gmp-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-gmp-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-intl-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-intl-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-intl-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-json-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-json-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-json-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-ldap-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-ldap-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-ldap-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-mbstring-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-mbstring-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-mbstring-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-mysqlnd-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-mysqlnd-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-mysqlnd-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-odbc-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-odbc-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-odbc-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-opcache-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-opcache-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-opcache-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-pdo-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-pdo-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-pdo-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-pear-1.10.9-1.module+el8.1.0+3189+a1bff096', 'release':'8', 'epoch':'1'},\n {'reference':'php-pecl-apcu-5.1.17-1.module+el8.1.0+3189+a1bff096', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-pecl-apcu-5.1.17-1.module+el8.1.0+3189+a1bff096', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-pecl-apcu-5.1.17-1.module+el8.1.0+3189+a1bff096', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-pecl-apcu-debugsource-5.1.17-1.module+el8.1.0+3189+a1bff096', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-pecl-apcu-debugsource-5.1.17-1.module+el8.1.0+3189+a1bff096', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-pecl-apcu-debugsource-5.1.17-1.module+el8.1.0+3189+a1bff096', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-pecl-apcu-devel-5.1.17-1.module+el8.1.0+3189+a1bff096', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-pecl-apcu-devel-5.1.17-1.module+el8.1.0+3189+a1bff096', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-pecl-apcu-devel-5.1.17-1.module+el8.1.0+3189+a1bff096', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-pecl-zip-1.15.4-1.module+el8.1.0+3189+a1bff096', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-pecl-zip-1.15.4-1.module+el8.1.0+3189+a1bff096', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-pecl-zip-1.15.4-1.module+el8.1.0+3189+a1bff096', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-pecl-zip-debugsource-1.15.4-1.module+el8.1.0+3189+a1bff096', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-pecl-zip-debugsource-1.15.4-1.module+el8.1.0+3189+a1bff096', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-pecl-zip-debugsource-1.15.4-1.module+el8.1.0+3189+a1bff096', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-pgsql-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-pgsql-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-pgsql-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-process-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-process-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-process-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-recode-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-recode-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-recode-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-snmp-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-snmp-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-snmp-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-soap-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-soap-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-soap-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-xml-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-xml-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-xml-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'},\n {'reference':'php-xmlrpc-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'aarch64', 'release':'8'},\n {'reference':'php-xmlrpc-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'s390x', 'release':'8'},\n {'reference':'php-xmlrpc-7.3.5-5.module+el8.1.0+4560+e0eee7d6', 'cpu':'x86_64', 'release':'8'}\n ],\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module php:7.3');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apcu-panel / libzip / libzip-debugsource / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:31:47", "description": "This update for php7 fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "openSUSE Security Update : php7 (openSUSE-2019-2457)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_php7", "p-cpe:/a:novell:opensuse:apache2-mod_php7-debuginfo", "p-cpe:/a:novell:opensuse:php7", "p-cpe:/a:novell:opensuse:php7-bcmath", "p-cpe:/a:novell:opensuse:php7-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php7-bz2", "p-cpe:/a:novell:opensuse:php7-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php7-calendar", "p-cpe:/a:novell:opensuse:php7-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php7-ctype", "p-cpe:/a:novell:opensuse:php7-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php7-curl", "p-cpe:/a:novell:opensuse:php7-curl-debuginfo", "p-cpe:/a:novell:opensuse:php7-dba", "p-cpe:/a:novell:opensuse:php7-dba-debuginfo", "p-cpe:/a:novell:opensuse:php7-debuginfo", "p-cpe:/a:novell:opensuse:php7-debugsource", "p-cpe:/a:novell:opensuse:php7-devel", "p-cpe:/a:novell:opensuse:php7-dom", "p-cpe:/a:novell:opensuse:php7-dom-debuginfo", "p-cpe:/a:novell:opensuse:php7-embed", "p-cpe:/a:novell:opensuse:php7-embed-debuginfo", "p-cpe:/a:novell:opensuse:php7-enchant", "p-cpe:/a:novell:opensuse:php7-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php7-exif", "p-cpe:/a:novell:opensuse:php7-exif-debuginfo", "p-cpe:/a:novell:opensuse:php7-fastcgi", "p-cpe:/a:novell:opensuse:php7-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php7-fileinfo", "p-cpe:/a:novell:opensuse:php7-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php7-firebird", "p-cpe:/a:novell:opensuse:php7-firebird-debuginfo", "p-cpe:/a:novell:opensuse:php7-fpm", "p-cpe:/a:novell:opensuse:php7-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php7-ftp", "p-cpe:/a:novell:opensuse:php7-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php7-gd", "p-cpe:/a:novell:opensuse:php7-gd-debuginfo", "p-cpe:/a:novell:opensuse:php7-gettext", "p-cpe:/a:novell:opensuse:php7-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php7-gmp", "p-cpe:/a:novell:opensuse:php7-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php7-iconv", "p-cpe:/a:novell:opensuse:php7-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php7-intl", "p-cpe:/a:novell:opensuse:php7-intl-debuginfo", "p-cpe:/a:novell:opensuse:php7-json", "p-cpe:/a:novell:opensuse:php7-json-debuginfo", "p-cpe:/a:novell:opensuse:php7-ldap", "p-cpe:/a:novell:opensuse:php7-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php7-mbstring", "p-cpe:/a:novell:opensuse:php7-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php7-mysql", "p-cpe:/a:novell:opensuse:php7-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php7-odbc", "p-cpe:/a:novell:opensuse:php7-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php7-opcache", "p-cpe:/a:novell:opensuse:php7-opcache-debuginfo", "p-cpe:/a:novell:opensuse:php7-openssl", "p-cpe:/a:novell:opensuse:php7-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php7-pcntl", "p-cpe:/a:novell:opensuse:php7-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php7-pdo", "p-cpe:/a:novell:opensuse:php7-pdo-debuginfo", "p-cpe:/a:novell:opensuse:php7-pear", "p-cpe:/a:novell:opensuse:php7-pear-Archive_Tar", "p-cpe:/a:novell:opensuse:php7-pgsql", "p-cpe:/a:novell:opensuse:php7-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php7-phar", "p-cpe:/a:novell:opensuse:php7-phar-debuginfo", "p-cpe:/a:novell:opensuse:php7-posix", "p-cpe:/a:novell:opensuse:php7-posix-debuginfo", "p-cpe:/a:novell:opensuse:php7-readline", "p-cpe:/a:novell:opensuse:php7-readline-debuginfo", "p-cpe:/a:novell:opensuse:php7-shmop", "p-cpe:/a:novell:opensuse:php7-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php7-snmp", "p-cpe:/a:novell:opensuse:php7-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php7-soap", "p-cpe:/a:novell:opensuse:php7-soap-debuginfo", "p-cpe:/a:novell:opensuse:php7-sockets", "p-cpe:/a:novell:opensuse:php7-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php7-sodium", "p-cpe:/a:novell:opensuse:php7-sodium-debuginfo", "p-cpe:/a:novell:opensuse:php7-sqlite", "p-cpe:/a:novell:opensuse:php7-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php7-sysvmsg", "p-cpe:/a:novell:opensuse:php7-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php7-sysvsem", "p-cpe:/a:novell:opensuse:php7-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php7-sysvshm", "p-cpe:/a:novell:opensuse:php7-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php7-test", "p-cpe:/a:novell:opensuse:php7-tidy", "p-cpe:/a:novell:opensuse:php7-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php7-tokenizer", "p-cpe:/a:novell:opensuse:php7-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php7-wddx", "p-cpe:/a:novell:opensuse:php7-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php7-xmlreader", "p-cpe:/a:novell:opensuse:php7-xmlreader-debuginfo", "p-cpe:/a:novell:opensuse:php7-xmlrpc", "p-cpe:/a:novell:opensuse:php7-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php7-xmlwriter", "p-cpe:/a:novell:opensuse:php7-xmlwriter-debuginfo", "p-cpe:/a:novell:opensuse:php7-xsl", "p-cpe:/a:novell:opensuse:php7-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php7-zip", "p-cpe:/a:novell:opensuse:php7-zip-debuginfo", "p-cpe:/a:novell:opensuse:php7-zlib", "p-cpe:/a:novell:opensuse:php7-zlib-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-2457.NASL", "href": "https://www.tenable.com/plugins/nessus/130888", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2457.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130888);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"openSUSE Security Update : php7 (openSUSE-2019-2457)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for php7 fixes the following issues :\n\nSecurity issue fixed :\n\n - CVE-2019-11043: Fixed possible remote code execution via\n env_path_info underflow in fpm_main.c (bsc#1154999).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154999\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected php7 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-embed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-embed-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-firebird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-opcache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-pear-Archive_Tar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sodium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sodium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php7-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"apache2-mod_php7-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"apache2-mod_php7-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-bcmath-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-bcmath-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-bz2-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-bz2-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-calendar-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-calendar-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-ctype-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-ctype-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-curl-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-curl-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-dba-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-dba-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-debugsource-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-devel-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-dom-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-dom-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-embed-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-embed-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-enchant-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-enchant-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-exif-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-exif-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-fastcgi-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-fastcgi-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-fileinfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-fileinfo-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-firebird-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-firebird-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-fpm-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-fpm-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-ftp-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-ftp-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-gd-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-gd-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-gettext-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-gettext-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-gmp-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-gmp-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-iconv-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-iconv-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-intl-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-intl-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-json-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-json-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-ldap-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-ldap-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-mbstring-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-mbstring-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-mysql-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-mysql-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-odbc-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-odbc-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-opcache-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-opcache-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-openssl-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-openssl-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-pcntl-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-pcntl-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-pdo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-pdo-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-pear-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-pear-Archive_Tar-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-pgsql-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-pgsql-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-phar-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-phar-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-posix-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-posix-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-readline-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-readline-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-shmop-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-shmop-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-snmp-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-snmp-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-soap-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-soap-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-sockets-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-sockets-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-sodium-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-sodium-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-sqlite-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-sqlite-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-sysvmsg-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-sysvmsg-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-sysvsem-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-sysvsem-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-sysvshm-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-sysvshm-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-test-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-tidy-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-tidy-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-tokenizer-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-tokenizer-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-wddx-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-wddx-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-xmlreader-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-xmlreader-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-xmlrpc-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-xmlrpc-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-xmlwriter-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-xmlwriter-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-xsl-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-xsl-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-zip-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-zip-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-zlib-7.2.5-lp150.2.29.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"php7-zlib-debuginfo-7.2.5-lp150.2.29.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php7 / apache2-mod_php7-debuginfo / php7 / php7-bcmath / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:32:13", "description": "This update for php72 fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-07T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : php72 (SUSE-SU-2019:2909-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_php72", "p-cpe:/a:novell:suse_linux:apache2-mod_php72-debuginfo", "p-cpe:/a:novell:suse_linux:php72", "p-cpe:/a:novell:suse_linux:php72-bcmath", "p-cpe:/a:novell:suse_linux:php72-bcmath-debuginfo", "p-cpe:/a:novell:suse_linux:php72-bz2", "p-cpe:/a:novell:suse_linux:php72-bz2-debuginfo", "p-cpe:/a:novell:suse_linux:php72-calendar", "p-cpe:/a:novell:suse_linux:php72-calendar-debuginfo", "p-cpe:/a:novell:suse_linux:php72-ctype", "p-cpe:/a:novell:suse_linux:php72-ctype-debuginfo", "p-cpe:/a:novell:suse_linux:php72-curl", "p-cpe:/a:novell:suse_linux:php72-curl-debuginfo", "p-cpe:/a:novell:suse_linux:php72-dba", "p-cpe:/a:novell:suse_linux:php72-dba-debuginfo", "p-cpe:/a:novell:suse_linux:php72-debuginfo", "p-cpe:/a:novell:suse_linux:php72-debugsource", "p-cpe:/a:novell:suse_linux:php72-dom", "p-cpe:/a:novell:suse_linux:php72-dom-debuginfo", "p-cpe:/a:novell:suse_linux:php72-enchant", "p-cpe:/a:novell:suse_linux:php72-enchant-debuginfo", "p-cpe:/a:novell:suse_linux:php72-exif", "p-cpe:/a:novell:suse_linux:php72-exif-debuginfo", "p-cpe:/a:novell:suse_linux:php72-fastcgi", "p-cpe:/a:novell:suse_linux:php72-fastcgi-debuginfo", "p-cpe:/a:novell:suse_linux:php72-fileinfo", "p-cpe:/a:novell:suse_linux:php72-fileinfo-debuginfo", "p-cpe:/a:novell:suse_linux:php72-fpm", "p-cpe:/a:novell:suse_linux:php72-fpm-debuginfo", "p-cpe:/a:novell:suse_linux:php72-ftp", "p-cpe:/a:novell:suse_linux:php72-ftp-debuginfo", "p-cpe:/a:novell:suse_linux:php72-gd", "p-cpe:/a:novell:suse_linux:php72-gd-debuginfo", "p-cpe:/a:novell:suse_linux:php72-gettext", "p-cpe:/a:novell:suse_linux:php72-gettext-debuginfo", "p-cpe:/a:novell:suse_linux:php72-gmp", "p-cpe:/a:novell:suse_linux:php72-gmp-debuginfo", "p-cpe:/a:novell:suse_linux:php72-iconv", "p-cpe:/a:novell:suse_linux:php72-iconv-debuginfo", "p-cpe:/a:novell:suse_linux:php72-imap", "p-cpe:/a:novell:suse_linux:php72-imap-debuginfo", "p-cpe:/a:novell:suse_linux:php72-intl", "p-cpe:/a:novell:suse_linux:php72-intl-debuginfo", "p-cpe:/a:novell:suse_linux:php72-json", "p-cpe:/a:novell:suse_linux:php72-json-debuginfo", "p-cpe:/a:novell:suse_linux:php72-ldap", "p-cpe:/a:novell:suse_linux:php72-ldap-debuginfo", "p-cpe:/a:novell:suse_linux:php72-mbstring", "p-cpe:/a:novell:suse_linux:php72-mbstring-debuginfo", "p-cpe:/a:novell:suse_linux:php72-mysql", "p-cpe:/a:novell:suse_linux:php72-mysql-debuginfo", "p-cpe:/a:novell:suse_linux:php72-odbc", "p-cpe:/a:novell:suse_linux:php72-odbc-debuginfo", "p-cpe:/a:novell:suse_linux:php72-opcache", "p-cpe:/a:novell:suse_linux:php72-opcache-debuginfo", "p-cpe:/a:novell:suse_linux:php72-openssl", "p-cpe:/a:novell:suse_linux:php72-openssl-debuginfo", "p-cpe:/a:novell:suse_linux:php72-pcntl", "p-cpe:/a:novell:suse_linux:php72-pcntl-debuginfo", "p-cpe:/a:novell:suse_linux:php72-pdo", "p-cpe:/a:novell:suse_linux:php72-pdo-debuginfo", "p-cpe:/a:novell:suse_linux:php72-pgsql", "p-cpe:/a:novell:suse_linux:php72-pgsql-debuginfo", "p-cpe:/a:novell:suse_linux:php72-phar", "p-cpe:/a:novell:suse_linux:php72-phar-debuginfo", "p-cpe:/a:novell:suse_linux:php72-posix", "p-cpe:/a:novell:suse_linux:php72-posix-debuginfo", "p-cpe:/a:novell:suse_linux:php72-pspell", "p-cpe:/a:novell:suse_linux:php72-pspell-debuginfo", "p-cpe:/a:novell:suse_linux:php72-readline", "p-cpe:/a:novell:suse_linux:php72-readline-debuginfo", "p-cpe:/a:novell:suse_linux:php72-shmop", "p-cpe:/a:novell:suse_linux:php72-shmop-debuginfo", "p-cpe:/a:novell:suse_linux:php72-snmp", "p-cpe:/a:novell:suse_linux:php72-snmp-debuginfo", "p-cpe:/a:novell:suse_linux:php72-soap", "p-cpe:/a:novell:suse_linux:php72-soap-debuginfo", "p-cpe:/a:novell:suse_linux:php72-sockets", "p-cpe:/a:novell:suse_linux:php72-sockets-debuginfo", "p-cpe:/a:novell:suse_linux:php72-sodium", "p-cpe:/a:novell:suse_linux:php72-sodium-debuginfo", "p-cpe:/a:novell:suse_linux:php72-sqlite", "p-cpe:/a:novell:suse_linux:php72-sqlite-debuginfo", "p-cpe:/a:novell:suse_linux:php72-sysvmsg", "p-cpe:/a:novell:suse_linux:php72-sysvmsg-debuginfo", "p-cpe:/a:novell:suse_linux:php72-sysvsem", "p-cpe:/a:novell:suse_linux:php72-sysvsem-debuginfo", "p-cpe:/a:novell:suse_linux:php72-sysvshm", "p-cpe:/a:novell:suse_linux:php72-sysvshm-debuginfo", "p-cpe:/a:novell:suse_linux:php72-tidy", "p-cpe:/a:novell:suse_linux:php72-tidy-debuginfo", "p-cpe:/a:novell:suse_linux:php72-tokenizer", "p-cpe:/a:novell:suse_linux:php72-tokenizer-debuginfo", "p-cpe:/a:novell:suse_linux:php72-wddx", "p-cpe:/a:novell:suse_linux:php72-wddx-debuginfo", "p-cpe:/a:novell:suse_linux:php72-xmlreader", "p-cpe:/a:novell:suse_linux:php72-xmlreader-debuginfo", "p-cpe:/a:novell:suse_linux:php72-xmlrpc", "p-cpe:/a:novell:suse_linux:php72-xmlrpc-debuginfo", "p-cpe:/a:novell:suse_linux:php72-xmlwriter", "p-cpe:/a:novell:suse_linux:php72-xmlwriter-debuginfo", "p-cpe:/a:novell:suse_linux:php72-xsl", "p-cpe:/a:novell:suse_linux:php72-xsl-debuginfo", "p-cpe:/a:novell:suse_linux:php72-zip", "p-cpe:/a:novell:suse_linux:php72-zip-debuginfo", "p-cpe:/a:novell:suse_linux:php72-zlib", "p-cpe:/a:novell:suse_linux:php72-zlib-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-2909-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130621", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2909-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130621);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"SUSE SLES12 Security Update : php72 (SUSE-SU-2019:2909-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for php72 fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-11043: Fixed possible remote code execution via env_path_info\nunderflow in fpm_main.c (bsc#1154999).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154999\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-11043/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192909-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f718d572\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP5:zypper in -t\npatch SUSE-SLE-SDK-12-SP5-2019-2909=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-2909=1\n\nSUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-12-2019-2909=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php72\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php72-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-opcache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-sodium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-sodium-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php72-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"apache2-mod_php72-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"apache2-mod_php72-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-bcmath-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-bcmath-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-bz2-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-bz2-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-calendar-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-calendar-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-ctype-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-ctype-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-curl-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-curl-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-dba-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-dba-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-debugsource-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-dom-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-dom-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-enchant-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-enchant-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-exif-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-exif-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-fastcgi-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-fastcgi-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-fileinfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-fileinfo-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-fpm-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-fpm-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-ftp-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-ftp-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-gd-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-gd-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-gettext-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-gettext-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-gmp-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-gmp-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-iconv-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-iconv-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-imap-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-imap-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-intl-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-intl-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-json-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-json-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-ldap-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-ldap-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-mbstring-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-mbstring-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-mysql-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-mysql-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-odbc-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-odbc-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-opcache-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-opcache-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-openssl-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-openssl-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-pcntl-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-pcntl-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-pdo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-pdo-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-pgsql-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-pgsql-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-phar-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-phar-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-posix-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-posix-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-pspell-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-pspell-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-readline-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-readline-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-shmop-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-shmop-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-snmp-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-snmp-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-soap-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-soap-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-sockets-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-sockets-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-sodium-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-sodium-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-sqlite-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-sqlite-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-sysvmsg-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-sysvmsg-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-sysvsem-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-sysvsem-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-sysvshm-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-sysvshm-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-tidy-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-tidy-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-tokenizer-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-tokenizer-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-wddx-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-wddx-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-xmlreader-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-xmlreader-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-xmlrpc-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-xmlrpc-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-xmlwriter-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-xmlwriter-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-xsl-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-xsl-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-zip-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-zip-debuginfo-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-zlib-7.2.5-1.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php72-zlib-debuginfo-7.2.5-1.29.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php72\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:32:43", "description": "An update for php is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nNote that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "Virtuozzo 7 : php / php-bcmath / php-cli / php-common / php-dba / etc (VZLSA-2019-3286)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:php", "p-cpe:/a:virtuozzo:virtuozzo:php-bcmath", "p-cpe:/a:virtuozzo:virtuozzo:php-cli", "p-cpe:/a:virtuozzo:virtuozzo:php-common", "p-cpe:/a:virtuozzo:virtuozzo:php-dba", "p-cpe:/a:virtuozzo:virtuozzo:php-devel", "p-cpe:/a:virtuozzo:virtuozzo:php-embedded", "p-cpe:/a:virtuozzo:virtuozzo:php-enchant", "p-cpe:/a:virtuozzo:virtuozzo:php-fpm", "p-cpe:/a:virtuozzo:virtuozzo:php-gd", "p-cpe:/a:virtuozzo:virtuozzo:php-intl", "p-cpe:/a:virtuozzo:virtuozzo:php-ldap", "p-cpe:/a:virtuozzo:virtuozzo:php-mbstring", "p-cpe:/a:virtuozzo:virtuozzo:php-mysql", "p-cpe:/a:virtuozzo:virtuozzo:php-mysqlnd", "p-cpe:/a:virtuozzo:virtuozzo:php-odbc", "p-cpe:/a:virtuozzo:virtuozzo:php-pdo", "p-cpe:/a:virtuozzo:virtuozzo:php-pgsql", "p-cpe:/a:virtuozzo:virtuozzo:php-process", "p-cpe:/a:virtuozzo:virtuozzo:php-pspell", "p-cpe:/a:virtuozzo:virtuozzo:php-recode", "p-cpe:/a:virtuozzo:virtuozzo:php-snmp", "p-cpe:/a:virtuozzo:virtuozzo:php-soap", "p-cpe:/a:virtuozzo:virtuozzo:php-xml", "p-cpe:/a:virtuozzo:virtuozzo:php-xmlrpc", "cpe:/o:virtuozzo:virtuozzo:7"], "id": "VIRTUOZZO_VZLSA-2019-3286.NASL", "href": "https://www.tenable.com/plugins/nessus/130758", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130758);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"Virtuozzo 7 : php / php-bcmath / php-cli / php-common / php-dba / etc (VZLSA-2019-3286)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for php is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nSecurity Fix(es) :\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.\");\n # http://repo.virtuozzo.com/vzlinux/announcements/json/VZLSA-2019-3286.json\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?edecc789\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3286\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected php / php-bcmath / php-cli / php-common / php-dba / etc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"php-5.4.16-46.1.vl7\",\n \"php-bcmath-5.4.16-46.1.vl7\",\n \"php-cli-5.4.16-46.1.vl7\",\n \"php-common-5.4.16-46.1.vl7\",\n \"php-dba-5.4.16-46.1.vl7\",\n \"php-devel-5.4.16-46.1.vl7\",\n \"php-embedded-5.4.16-46.1.vl7\",\n \"php-enchant-5.4.16-46.1.vl7\",\n \"php-fpm-5.4.16-46.1.vl7\",\n \"php-gd-5.4.16-46.1.vl7\",\n \"php-intl-5.4.16-46.1.vl7\",\n \"php-ldap-5.4.16-46.1.vl7\",\n \"php-mbstring-5.4.16-46.1.vl7\",\n \"php-mysql-5.4.16-46.1.vl7\",\n \"php-mysqlnd-5.4.16-46.1.vl7\",\n \"php-odbc-5.4.16-46.1.vl7\",\n \"php-pdo-5.4.16-46.1.vl7\",\n \"php-pgsql-5.4.16-46.1.vl7\",\n \"php-process-5.4.16-46.1.vl7\",\n \"php-pspell-5.4.16-46.1.vl7\",\n \"php-recode-5.4.16-46.1.vl7\",\n \"php-snmp-5.4.16-46.1.vl7\",\n \"php-soap-5.4.16-46.1.vl7\",\n \"php-xml-5.4.16-46.1.vl7\",\n \"php-xmlrpc-5.4.16-46.1.vl7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-7\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:09:30", "description": "The remote NewStart CGSL host, running version MAIN 4.05, has php packages installed that are affected by a vulnerability:\n\n - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution. (CVE-2019-11043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-03-08T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 4.05 : php Vulnerability (NS-SA-2020-0018)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-06T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0018_PHP.NASL", "href": "https://www.tenable.com/plugins/nessus/134323", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0018. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134323);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"NewStart CGSL MAIN 4.05 : php Vulnerability (NS-SA-2020-0018)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 4.05, has php packages installed that are affected by a\nvulnerability:\n\n - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24\n and 7.3.x below 7.3.11 in certain configurations of FPM\n setup it is possible to cause FPM module to write past\n allocated buffers into the space reserved for FCGI\n protocol data, thus opening the possibility of remote\n code execution. (CVE-2019-11043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0018\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL php packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL MAIN 4.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 4.05');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL MAIN 4.05\": [\n \"php-5.3.3-50.el6_10\",\n \"php-bcmath-5.3.3-50.el6_10\",\n \"php-cli-5.3.3-50.el6_10\",\n \"php-common-5.3.3-50.el6_10\",\n \"php-dba-5.3.3-50.el6_10\",\n \"php-debuginfo-5.3.3-50.el6_10\",\n \"php-devel-5.3.3-50.el6_10\",\n \"php-embedded-5.3.3-50.el6_10\",\n \"php-enchant-5.3.3-50.el6_10\",\n \"php-fpm-5.3.3-50.el6_10\",\n \"php-gd-5.3.3-50.el6_10\",\n \"php-imap-5.3.3-50.el6_10\",\n \"php-intl-5.3.3-50.el6_10\",\n \"php-ldap-5.3.3-50.el6_10\",\n \"php-mbstring-5.3.3-50.el6_10\",\n \"php-mysql-5.3.3-50.el6_10\",\n \"php-odbc-5.3.3-50.el6_10\",\n \"php-pdo-5.3.3-50.el6_10\",\n \"php-pgsql-5.3.3-50.el6_10\",\n \"php-process-5.3.3-50.el6_10\",\n \"php-pspell-5.3.3-50.el6_10\",\n \"php-recode-5.3.3-50.el6_10\",\n \"php-snmp-5.3.3-50.el6_10\",\n \"php-soap-5.3.3-50.el6_10\",\n \"php-tidy-5.3.3-50.el6_10\",\n \"php-xml-5.3.3-50.el6_10\",\n \"php-xmlrpc-5.3.3-50.el6_10\",\n \"php-zts-5.3.3-50.el6_10\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-12T15:32:16", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has php packages installed that are affected by a vulnerability:\n\n - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution. (CVE-2019-11043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-02T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : php Vulnerability (NS-SA-2019-0214)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0214_PHP.NASL", "href": "https://www.tenable.com/plugins/nessus/131418", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0214. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131418);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : php Vulnerability (NS-SA-2019-0214)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has php packages installed that are affected by a\nvulnerability:\n\n - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24\n and 7.3.x below 7.3.11 in certain configurations of FPM\n setup it is possible to cause FPM module to write past\n allocated buffers into the space reserved for FCGI\n protocol data, thus opening the possibility of remote\n code execution. (CVE-2019-11043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0214\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL php packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"php-5.4.16-46.1.el7_7\",\n \"php-bcmath-5.4.16-46.1.el7_7\",\n \"php-cli-5.4.16-46.1.el7_7\",\n \"php-common-5.4.16-46.1.el7_7\",\n \"php-dba-5.4.16-46.1.el7_7\",\n \"php-debuginfo-5.4.16-46.1.el7_7\",\n \"php-devel-5.4.16-46.1.el7_7\",\n \"php-embedded-5.4.16-46.1.el7_7\",\n \"php-enchant-5.4.16-46.1.el7_7\",\n \"php-fpm-5.4.16-46.1.el7_7\",\n \"php-gd-5.4.16-46.1.el7_7\",\n \"php-intl-5.4.16-46.1.el7_7\",\n \"php-ldap-5.4.16-46.1.el7_7\",\n \"php-mbstring-5.4.16-46.1.el7_7\",\n \"php-mysql-5.4.16-46.1.el7_7\",\n \"php-mysqlnd-5.4.16-46.1.el7_7\",\n \"php-odbc-5.4.16-46.1.el7_7\",\n \"php-pdo-5.4.16-46.1.el7_7\",\n \"php-pgsql-5.4.16-46.1.el7_7\",\n \"php-process-5.4.16-46.1.el7_7\",\n \"php-pspell-5.4.16-46.1.el7_7\",\n \"php-recode-5.4.16-46.1.el7_7\",\n \"php-snmp-5.4.16-46.1.el7_7\",\n \"php-soap-5.4.16-46.1.el7_7\",\n \"php-xml-5.4.16-46.1.el7_7\",\n \"php-xmlrpc-5.4.16-46.1.el7_7\"\n ],\n \"CGSL MAIN 5.04\": [\n \"php-5.4.16-46.1.el7_7\",\n \"php-bcmath-5.4.16-46.1.el7_7\",\n \"php-cli-5.4.16-46.1.el7_7\",\n \"php-common-5.4.16-46.1.el7_7\",\n \"php-dba-5.4.16-46.1.el7_7\",\n \"php-debuginfo-5.4.16-46.1.el7_7\",\n \"php-devel-5.4.16-46.1.el7_7\",\n \"php-embedded-5.4.16-46.1.el7_7\",\n \"php-enchant-5.4.16-46.1.el7_7\",\n \"php-fpm-5.4.16-46.1.el7_7\",\n \"php-gd-5.4.16-46.1.el7_7\",\n \"php-intl-5.4.16-46.1.el7_7\",\n \"php-ldap-5.4.16-46.1.el7_7\",\n \"php-mbstring-5.4.16-46.1.el7_7\",\n \"php-mysql-5.4.16-46.1.el7_7\",\n \"php-mysqlnd-5.4.16-46.1.el7_7\",\n \"php-odbc-5.4.16-46.1.el7_7\",\n \"php-pdo-5.4.16-46.1.el7_7\",\n \"php-pgsql-5.4.16-46.1.el7_7\",\n \"php-process-5.4.16-46.1.el7_7\",\n \"php-pspell-5.4.16-46.1.el7_7\",\n \"php-recode-5.4.16-46.1.el7_7\",\n \"php-snmp-5.4.16-46.1.el7_7\",\n \"php-soap-5.4.16-46.1.el7_7\",\n \"php-xml-5.4.16-46.1.el7_7\",\n \"php-xmlrpc-5.4.16-46.1.el7_7\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:04:55", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has php packages installed that are affected by a vulnerability:\n\n - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution. (CVE-2019-11043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-20T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : php Vulnerability (NS-SA-2020-0001)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0001_PHP.NASL", "href": "https://www.tenable.com/plugins/nessus/133087", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0001. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133087);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : php Vulnerability (NS-SA-2020-0001)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has php packages installed that are affected by a\nvulnerability:\n\n - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24\n and 7.3.x below 7.3.11 in certain configurations of FPM\n setup it is possible to cause FPM module to write past\n allocated buffers into the space reserved for FCGI\n protocol data, thus opening the possibility of remote\n code execution. (CVE-2019-11043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0001\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL php packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.05\": [\n \"php-5.4.16-46.1.el7_7\",\n \"php-bcmath-5.4.16-46.1.el7_7\",\n \"php-cli-5.4.16-46.1.el7_7\",\n \"php-common-5.4.16-46.1.el7_7\",\n \"php-dba-5.4.16-46.1.el7_7\",\n \"php-debuginfo-5.4.16-46.1.el7_7\",\n \"php-devel-5.4.16-46.1.el7_7\",\n \"php-embedded-5.4.16-46.1.el7_7\",\n \"php-enchant-5.4.16-46.1.el7_7\",\n \"php-fpm-5.4.16-46.1.el7_7\",\n \"php-gd-5.4.16-46.1.el7_7\",\n \"php-intl-5.4.16-46.1.el7_7\",\n \"php-ldap-5.4.16-46.1.el7_7\",\n \"php-mbstring-5.4.16-46.1.el7_7\",\n \"php-mysql-5.4.16-46.1.el7_7\",\n \"php-mysqlnd-5.4.16-46.1.el7_7\",\n \"php-odbc-5.4.16-46.1.el7_7\",\n \"php-pdo-5.4.16-46.1.el7_7\",\n \"php-pgsql-5.4.16-46.1.el7_7\",\n \"php-process-5.4.16-46.1.el7_7\",\n \"php-pspell-5.4.16-46.1.el7_7\",\n \"php-recode-5.4.16-46.1.el7_7\",\n \"php-snmp-5.4.16-46.1.el7_7\",\n \"php-soap-5.4.16-46.1.el7_7\",\n \"php-xml-5.4.16-46.1.el7_7\",\n \"php-xmlrpc-5.4.16-46.1.el7_7\"\n ],\n \"CGSL MAIN 5.05\": [\n \"php-5.4.16-46.1.el7_7\",\n \"php-bcmath-5.4.16-46.1.el7_7\",\n \"php-cli-5.4.16-46.1.el7_7\",\n \"php-common-5.4.16-46.1.el7_7\",\n \"php-dba-5.4.16-46.1.el7_7\",\n \"php-debuginfo-5.4.16-46.1.el7_7\",\n \"php-devel-5.4.16-46.1.el7_7\",\n \"php-embedded-5.4.16-46.1.el7_7\",\n \"php-enchant-5.4.16-46.1.el7_7\",\n \"php-fpm-5.4.16-46.1.el7_7\",\n \"php-gd-5.4.16-46.1.el7_7\",\n \"php-intl-5.4.16-46.1.el7_7\",\n \"php-ldap-5.4.16-46.1.el7_7\",\n \"php-mbstring-5.4.16-46.1.el7_7\",\n \"php-mysql-5.4.16-46.1.el7_7\",\n \"php-mysqlnd-5.4.16-46.1.el7_7\",\n \"php-odbc-5.4.16-46.1.el7_7\",\n \"php-pdo-5.4.16-46.1.el7_7\",\n \"php-pgsql-5.4.16-46.1.el7_7\",\n \"php-process-5.4.16-46.1.el7_7\",\n \"php-pspell-5.4.16-46.1.el7_7\",\n \"php-recode-5.4.16-46.1.el7_7\",\n \"php-snmp-5.4.16-46.1.el7_7\",\n \"php-soap-5.4.16-46.1.el7_7\",\n \"php-xml-5.4.16-46.1.el7_7\",\n \"php-xmlrpc-5.4.16-46.1.el7_7\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-24T14:15:16", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0322 advisory.\n\n - php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-04T00:00:00", "type": "nessus", "title": "RHEL 8 : php:7.2 (RHSA-2020:0322)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:8.0", "p-cpe:/a:redhat:enterprise_linux:apcu-panel", "p-cpe:/a:redhat:enterprise_linux:libzip", "p-cpe:/a:redhat:enterprise_linux:libzip-devel", "p-cpe:/a:redhat:enterprise_linux:libzip-tools", "p-cpe:/a:redhat:enterprise_linux:php", "p-cpe:/a:redhat:enterprise_linux:php-bcmath", "p-cpe:/a:redhat:enterprise_linux:php-cli", "p-cpe:/a:redhat:enterprise_linux:php-common", "p-cpe:/a:redhat:enterprise_linux:php-dba", "p-cpe:/a:redhat:enterprise_linux:php-dbg", "p-cpe:/a:redhat:enterprise_linux:php-devel", "p-cpe:/a:redhat:enterprise_linux:php-embedded", "p-cpe:/a:redhat:enterprise_linux:php-enchant", "p-cpe:/a:redhat:enterprise_linux:php-fpm", "p-cpe:/a:redhat:enterprise_linux:php-gd", "p-cpe:/a:redhat:enterprise_linux:php-gmp", "p-cpe:/a:redhat:enterprise_linux:php-intl", "p-cpe:/a:redhat:enterprise_linux:php-json", "p-cpe:/a:redhat:enterprise_linux:php-ldap", "p-cpe:/a:redhat:enterprise_linux:php-mbstring", "p-cpe:/a:redhat:enterprise_linux:php-mysqlnd", "p-cpe:/a:redhat:enterprise_linux:php-odbc", "p-cpe:/a:redhat:enterprise_linux:php-opcache", "p-cpe:/a:redhat:enterprise_linux:php-pdo", "p-cpe:/a:redhat:enterprise_linux:php-pear", "p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu", "p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu-devel", "p-cpe:/a:redhat:enterprise_linux:php-pecl-zip", "p-cpe:/a:redhat:enterprise_linux:php-pgsql", "p-cpe:/a:redhat:enterprise_linux:php-process", "p-cpe:/a:redhat:enterprise_linux:php-recode", "p-cpe:/a:redhat:enterprise_linux:php-snmp", "p-cpe:/a:redhat:enterprise_linux:php-soap", "p-cpe:/a:redhat:enterprise_linux:php-xml", "p-cpe:/a:redhat:enterprise_linux:php-xmlrpc"], "id": "REDHAT-RHSA-2020-0322.NASL", "href": "https://www.tenable.com/plugins/nessus/133446", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:0322. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133446);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"RHSA\", value:\"2020:0322\");\n script_xref(name:\"IAVA\", value:\"2019-A-0399-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0437-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"RHEL 8 : php:7.2 (RHSA-2020:0322)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:0322 advisory.\n\n - php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-11043\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:0322\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1766378\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(20, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apcu-panel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libzip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libzip-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libzip-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pecl-apcu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pecl-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.0')) audit(AUDIT_OS_NOT, 'Red Hat 8.0', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar appstreams = {\n 'php:7.2': [\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel8/8.0/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.0/x86_64/appstream/os',\n 'content/e4s/rhel8/8.0/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.0/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.0/x86_64/baseos/os',\n 'content/e4s/rhel8/8.0/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.0/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.0/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.0/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.0/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.0/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.0/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.0/x86_64/sap/debug',\n 'content/e4s/rhel8/8.0/x86_64/sap/os',\n 'content/e4s/rhel8/8.0/x86_64/sap/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'apcu-panel-5.1.12-1.module+el8+2561+1aca3413', 'sp':'0', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libzip-1.5.1-1.module+el8+2561+1aca3413', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libzip-devel-1.5.1-1.module+el8+2561+1aca3413', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libzip-tools-1.5.1-1.module+el8+2561+1aca3413', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-bcmath-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-cli-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-common-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-dba-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-dbg-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-devel-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-embedded-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-enchant-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-fpm-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-gd-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-gmp-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-intl-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-json-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-ldap-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-mbstring-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-mysqlnd-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-odbc-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-opcache-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pdo-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pear-1.10.5-8.module+el8+2561+1aca3413', 'sp':'0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'php-pecl-apcu-5.1.12-1.module+el8+2561+1aca3413', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pecl-apcu-devel-5.1.12-1.module+el8+2561+1aca3413', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pecl-zip-1.15.3-1.module+el8+2561+1aca3413', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pgsql-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-process-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-recode-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-snmp-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-soap-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-xml-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-xmlrpc-7.2.11-1.1.module+el8.0.0+4664+17bd8d65', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n ]\n};\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:appstreams, appstreams:TRUE);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/php');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module php:7.2');\nif ('7.2' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module php:' + module_ver);\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach var module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach var module_array ( appstreams[module] ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(module_array['repo_relative_urls'])) repo_relative_urls = module_array['repo_relative_urls'];\n foreach var package_array ( module_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module php:7.2');\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Update Services for SAP Solutions repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apcu-panel / libzip / libzip-devel / libzip-tools / php / php-bcmath / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-09T14:36:17", "description": "The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:3735 advisory.\n\n - php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-29T00:00:00", "type": "nessus", "title": "CentOS 8 : php:7.2 (CESA-2019:3735)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2023-02-08T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:apcu-panel", "p-cpe:/a:centos:centos:libzip", "p-cpe:/a:centos:centos:libzip-devel", "p-cpe:/a:centos:centos:libzip-tools", "p-cpe:/a:centos:centos:php-pear", "p-cpe:/a:centos:centos:php-pecl-apcu", "p-cpe:/a:centos:centos:php-pecl-apcu-devel", "p-cpe:/a:centos:centos:php-pecl-zip"], "id": "CENTOS8_RHSA-2019-3735.NASL", "href": "https://www.tenable.com/plugins/nessus/145659", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2019:3735. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145659);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"RHSA\", value:\"2019:3735\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"CentOS 8 : php:7.2 (CESA-2019:3735)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nCESA-2019:3735 advisory.\n\n - php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3735\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apcu-panel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libzip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libzip-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libzip-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pecl-apcu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pecl-apcu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pecl-zip\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< os_release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar module_ver = get_kb_item('Host/RedHat/appstream/php');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module php:7.2');\nif ('7.2' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module php:' + module_ver);\n\nvar appstreams = {\n 'php:7.2': [\n {'reference':'apcu-panel-5.1.12-2.module_el8.1.0+209+03b9a8ff', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'apcu-panel-5.1.12-2.module_el8.1.0+209+03b9a8ff', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libzip-1.5.1-2.module_el8.1.0+209+03b9a8ff', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libzip-1.5.1-2.module_el8.1.0+209+03b9a8ff', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libzip-devel-1.5.1-2.module_el8.1.0+209+03b9a8ff', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libzip-devel-1.5.1-2.module_el8.1.0+209+03b9a8ff', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libzip-tools-1.5.1-2.module_el8.1.0+209+03b9a8ff', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libzip-tools-1.5.1-2.module_el8.1.0+209+03b9a8ff', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pear-1.10.5-9.module_el8.1.0+209+03b9a8ff', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pear-1.10.5-9.module_el8.1.0+209+03b9a8ff', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pecl-apcu-5.1.12-2.module_el8.1.0+209+03b9a8ff', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pecl-apcu-5.1.12-2.module_el8.1.0+209+03b9a8ff', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pecl-apcu-devel-5.1.12-2.module_el8.1.0+209+03b9a8ff', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pecl-apcu-devel-5.1.12-2.module_el8.1.0+209+03b9a8ff', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pecl-zip-1.15.3-1.module_el8.1.0+209+03b9a8ff', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pecl-zip-1.15.3-1.module_el8.1.0+209+03b9a8ff', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nvar flag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module php:7.2');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apcu-panel / libzip / libzip-devel / libzip-tools / php-pear / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-24T14:25:36", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2835 advisory.\n\n - php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-07-07T00:00:00", "type": "nessus", "title": "RHEL 7 : php (RHSA-2020:2835)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.6", "cpe:/o:redhat:rhel_e4s:7.6", "cpe:/o:redhat:rhel_eus:7.6", "cpe:/o:redhat:rhel_tus:7.6", "p-cpe:/a:redhat:enterprise_linux:php", "p-cpe:/a:redhat:enterprise_linux:php-bcmath", "p-cpe:/a:redhat:enterprise_linux:php-cli", "p-cpe:/a:redhat:enterprise_linux:php-common", "p-cpe:/a:redhat:enterprise_linux:php-dba", "p-cpe:/a:redhat:enterprise_linux:php-devel", "p-cpe:/a:redhat:enterprise_linux:php-embedded", "p-cpe:/a:redhat:enterprise_linux:php-enchant", "p-cpe:/a:redhat:enterprise_linux:php-fpm", "p-cpe:/a:redhat:enterprise_linux:php-gd", "p-cpe:/a:redhat:enterprise_linux:php-intl", "p-cpe:/a:redhat:enterprise_linux:php-ldap", "p-cpe:/a:redhat:enterprise_linux:php-mbstring", "p-cpe:/a:redhat:enterprise_linux:php-mysql", "p-cpe:/a:redhat:enterprise_linux:php-mysqlnd", "p-cpe:/a:redhat:enterprise_linux:php-odbc", "p-cpe:/a:redhat:enterprise_linux:php-pdo", "p-cpe:/a:redhat:enterprise_linux:php-pgsql", "p-cpe:/a:redhat:enterprise_linux:php-process", "p-cpe:/a:redhat:enterprise_linux:php-pspell", "p-cpe:/a:redhat:enterprise_linux:php-recode", "p-cpe:/a:redhat:enterprise_linux:php-snmp", "p-cpe:/a:redhat:enterprise_linux:php-soap", "p-cpe:/a:redhat:enterprise_linux:php-xml", "p-cpe:/a:redhat:enterprise_linux:php-xmlrpc"], "id": "REDHAT-RHSA-2020-2835.NASL", "href": "https://www.tenable.com/plugins/nessus/138155", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2835. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138155);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"RHSA\", value:\"2020:2835\");\n script_xref(name:\"IAVA\", value:\"2019-A-0437-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0399-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"RHEL 7 : php (RHSA-2020:2835)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:2835 advisory.\n\n - php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-11043\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2835\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1766378\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(20, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.6')) audit(AUDIT_OS_NOT, 'Red Hat 7.6', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.6/x86_64/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.6/x86_64/os',\n 'content/aus/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/eus/rhel/computenode/7/7.6/x86_64/debug',\n 'content/eus/rhel/computenode/7/7.6/x86_64/optional/debug',\n 'content/eus/rhel/computenode/7/7.6/x86_64/optional/os',\n 'content/eus/rhel/computenode/7/7.6/x86_64/optional/source/SRPMS',\n 'content/eus/rhel/computenode/7/7.6/x86_64/os',\n 'content/eus/rhel/computenode/7/7.6/x86_64/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/eus/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/eus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/os',\n 'content/eus/rhel/server/7/7.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/resilientstorage/os',\n 'content/eus/rhel/server/7/7.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/sap-hana/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/sap-hana/os',\n 'content/eus/rhel/server/7/7.6/x86_64/sap-hana/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/sap/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/sap/os',\n 'content/eus/rhel/server/7/7.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/eus/rhel/system-z/7/7.6/s390x/debug',\n 'content/eus/rhel/system-z/7/7.6/s390x/optional/debug',\n 'content/eus/rhel/system-z/7/7.6/s390x/optional/os',\n 'content/eus/rhel/system-z/7/7.6/s390x/optional/source/SRPMS',\n 'content/eus/rhel/system-z/7/7.6/s390x/os',\n 'content/eus/rhel/system-z/7/7.6/s390x/sap/debug',\n 'content/eus/rhel/system-z/7/7.6/s390x/sap/os',\n 'content/eus/rhel/system-z/7/7.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel/system-z/7/7.6/s390x/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/os',\n 'content/tus/rhel/server/7/7.6/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'php-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-bcmath-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-bcmath-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-cli-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-cli-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-common-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-common-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-dba-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-dba-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-devel-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-devel-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-embedded-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-embedded-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-enchant-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-enchant-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-fpm-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-fpm-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-gd-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-gd-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-intl-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-intl-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-ldap-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-ldap-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-mbstring-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-mbstring-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-mysql-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-mysql-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-mysqlnd-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-mysqlnd-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-odbc-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-odbc-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pdo-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pdo-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pgsql-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pgsql-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-process-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-process-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pspell-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-pspell-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-recode-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-recode-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-snmp-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-snmp-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-soap-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-soap-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-xml-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-xml-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-xmlrpc-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'php-xmlrpc-5.4.16-46.1.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:29:06", "description": "Security Fix(es) :\n\n - php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : php on SL7.x x86_64 (20191031)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:php", "p-cpe:/a:fermilab:scientific_linux:php-bcmath", "p-cpe:/a:fermilab:scientific_linux:php-cli", "p-cpe:/a:fermilab:scientific_linux:php-common", "p-cpe:/a:fermilab:scientific_linux:php-dba", "p-cpe:/a:fermilab:scientific_linux:php-debuginfo", "p-cpe:/a:fermilab:scientific_linux:php-devel", "p-cpe:/a:fermilab:scientific_linux:php-embedded", "p-cpe:/a:fermilab:scientific_linux:php-enchant", "p-cpe:/a:fermilab:scientific_linux:php-fpm", "p-cpe:/a:fermilab:scientific_linux:php-gd", "p-cpe:/a:fermilab:scientific_linux:php-intl", "p-cpe:/a:fermilab:scientific_linux:php-ldap", "p-cpe:/a:fermilab:scientific_linux:php-mbstring", "p-cpe:/a:fermilab:scientific_linux:php-mysql", "p-cpe:/a:fermilab:scientific_linux:php-mysqlnd", "p-cpe:/a:fermilab:scientific_linux:php-odbc", "p-cpe:/a:fermilab:scientific_linux:php-pdo", "p-cpe:/a:fermilab:scientific_linux:php-pgsql", "p-cpe:/a:fermilab:scientific_linux:php-process", "p-cpe:/a:fermilab:scientific_linux:php-pspell", "p-cpe:/a:fermilab:scientific_linux:php-recode", "p-cpe:/a:fermilab:scientific_linux:php-snmp", "p-cpe:/a:fermilab:scientific_linux:php-soap", "p-cpe:/a:fermilab:scientific_linux:php-xml", "p-cpe:/a:fermilab:scientific_linux:php-xmlrpc", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20191031_PHP_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/130447", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130447);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"Scientific Linux Security Update : php on SL7.x x86_64 (20191031)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Security Fix(es) :\n\n - php: underflow in env_path_info in fpm_main.c\n (CVE-2019-11043)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1910&L=SCIENTIFIC-LINUX-ERRATA&P=11252\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e1a6b691\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-bcmath-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-cli-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-common-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-dba-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-debuginfo-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-devel-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-embedded-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-enchant-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-fpm-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-gd-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-intl-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-ldap-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-mbstring-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-mysql-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-mysqlnd-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-odbc-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-pdo-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-pgsql-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-process-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-pspell-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-recode-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-snmp-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-soap-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-xml-5.4.16-46.1.el7_7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.4.16-46.1.el7_7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:28:08", "description": "According to its banner, the version of PHP running on the remote web server is prior to 7.1.33, 7.2.x prior to 7.2.24, or 7.3.x prior to 7.3.11. It is, therefore, affected by a remote code execution vulnerability due to insufficient validation of user input. An unauthenticated, remote attacker can exploit this, by sending a specially crafted request, to cause the execution of arbitrary code by breaking the fastcgi_split_path_info directive.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-30T00:00:00", "type": "nessus", "title": "PHP 7.2.x < 7.2.24 Remote Code Execution Vulnerability", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-10-26T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98767", "href": "https://www.tenable.com/plugins/was/98767", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:31:04", "description": "According to its banner, the version of PHP running on the remote web server is prior to 7.1.33, 7.2.x prior to 7.2.24, or 7.3.x prior to 7.3.11. It is, therefore, affected by a remote code execution vulnerability due to insufficient validation of user input. An unauthenticated, remote attacker can exploit this, by sending a specially crafted request, to cause the execution of arbitrary code by breaking the fastcgi_split_path_info directive.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-25T00:00:00", "type": "nessus", "title": "PHP < 7.1.33 / 7.2.x < 7.2.24 / 7.3.x < 7.3.11 Remote Code Execution Vulnerability.", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_7_3_11.NASL", "href": "https://www.tenable.com/plugins/nessus/130276", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130276);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11043\");\n script_xref(name:\"IAVA\", value:\"2019-A-0399-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"PHP < 7.1.33 / 7.2.x < 7.2.24 / 7.3.x < 7.3.11 Remote Code Execution Vulnerability.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by a remote code execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP running on the remote web server is \nprior to 7.1.33, 7.2.x prior to 7.2.24, or 7.3.x prior to 7.3.11. It is, \ntherefore, affected by a remote code execution vulnerability due to insufficient \nvalidation of user input. An unauthenticated, remote attacker can exploit this, by sending a specially crafted request,\nto cause the execution of arbitrary code by breaking the fastcgi_split_path_info directive.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.php.net/ChangeLog-7.php#7.3.11\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.php.net/ChangeLog-7.php#7.2.24\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.php.net/ChangeLog-7.php#7.1.33\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=78599\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 7.3.11 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\", \"installed_sw/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude('http.inc');\ninclude('vcf.inc');\ninclude('audit.inc');\n\nport = get_http_port(default:80, php:TRUE);\napp_info = vcf::get_app_info(app:'PHP', port:port, webapp:TRUE);\n\nbackported = get_kb_item('www/php/' + port + '/' + app_info.version + '/backported');\n\nif ((report_paranoia < 2) && backported) audit(AUDIT_BACKPORT_SERVICE, port, 'PHP ' + app_info.version + ' install');\n\nconstraints = [\n {'min_version':'5.6.0alpha1', 'fixed_version':'7.1.33'},\n {'min_version':'7.2.0alpha1', 'fixed_version':'7.2.24'},\n {'min_version':'7.3.0alpha1', 'fixed_version':'7.3.11'}\n ];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:28:13", "description": "According to its banner, the version of PHP running on the remote web server is prior to 7.1.33, 7.2.x prior to 7.2.24, or 7.3.x prior to 7.3.11. It is, therefore, affected by a remote code execution vulnerability due to insufficient validation of user input. An unauthenticated, remote attacker can exploit this, by sending a specially crafted request, to cause the execution of arbitrary code by breaking the fastcgi_split_path_info directive.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-30T00:00:00", "type": "nessus", "title": "PHP 7.1.x < 7.1.33 Remote Code Execution Vulnerability", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11043"], "modified": "2022-10-26T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98768", "href": "https://www.tenable.com/plugins/was/98768", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:06:01", "description": "According to the versions of the php packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.(CVE-2019-11043)\n\n - ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function.(CVE-2018-19935)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-13T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.5.0 : php (EulerOS-SA-2020-1058)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19935", "CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:php", "p-cpe:/a:huawei:euleros:php-cli", "p-cpe:/a:huawei:euleros:php-common", "cpe:/o:huawei:euleros:uvp:3.0.5.0"], "id": "EULEROS_SA-2020-1058.NASL", "href": "https://www.tenable.com/plugins/nessus/132812", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132812);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2018-19935\", \"CVE-2019-11043\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.5.0 : php (EulerOS-SA-2020-1058)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the php packages installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerabilities :\n\n - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24\n and 7.3.x below 7.3.11 in certain configurations of FPM\n setup it is possible to cause FPM module to write past\n allocated buffers into the space reserved for FCGI\n protocol data, thus opening the possibility of remote\n code execution.(CVE-2019-11043)\n\n - ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0\n allows remote attackers to cause a denial of service\n (NULL pointer dereference and application crash) via an\n empty string in the message argument to the imap_mail\n function.(CVE-2018-19935)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1058\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?29bd1c88\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.5.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.5.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.5.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"php-7.2.10-1.h8.eulerosv2r8\",\n \"php-cli-7.2.10-1.h8.eulerosv2r8\",\n \"php-common-7.2.10-1.h8.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-12T15:31:22", "description": "According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID.(CVE-2011-4718)\n\n - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.(CVE-2019-11043)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-09T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : php (EulerOS-SA-2019-2546)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4718", "CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:php", "p-cpe:/a:huawei:euleros:php-cli", "p-cpe:/a:huawei:euleros:php-common", "p-cpe:/a:huawei:euleros:php-gd", "p-cpe:/a:huawei:euleros:php-ldap", "p-cpe:/a:huawei:euleros:php-mysql", "p-cpe:/a:huawei:euleros:php-odbc", "p-cpe:/a:huawei:euleros:php-pdo", "p-cpe:/a:huawei:euleros:php-pgsql", "p-cpe:/a:huawei:euleros:php-process", "p-cpe:/a:huawei:euleros:php-recode", "p-cpe:/a:huawei:euleros:php-soap", "p-cpe:/a:huawei:euleros:php-xml", "p-cpe:/a:huawei:euleros:php-xmlrpc", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2546.NASL", "href": "https://www.tenable.com/plugins/nessus/131820", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131820);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-4718\", \"CVE-2019-11043\");\n script_bugtraq_id(61929);\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"EulerOS 2.0 SP5 : php (EulerOS-SA-2019-2546)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the php packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - Session fixation vulnerability in the Sessions\n subsystem in PHP before 5.5.2 allows remote attackers\n to hijack web sessions by specifying a session\n ID.(CVE-2011-4718)\n\n - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24\n and 7.3.x below 7.3.11 in certain configurations of FPM\n setup it is possible to cause FPM module to write past\n allocated buffers into the space reserved for FCGI\n protocol data, thus opening the possibility of remote\n code execution.(CVE-2019-11043)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2546\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?02bff10d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"php-5.4.16-45.h21.eulerosv2r7\",\n \"php-cli-5.4.16-45.h21.eulerosv2r7\",\n \"php-common-5.4.16-45.h21.eulerosv2r7\",\n \"php-gd-5.4.16-45.h21.eulerosv2r7\",\n \"php-ldap-5.4.16-45.h21.eulerosv2r7\",\n \"php-mysql-5.4.16-45.h21.eulerosv2r7\",\n \"php-odbc-5.4.16-45.h21.eulerosv2r7\",\n \"php-pdo-5.4.16-45.h21.eulerosv2r7\",\n \"php-pgsql-5.4.16-45.h21.eulerosv2r7\",\n \"php-process-5.4.16-45.h21.eulerosv2r7\",\n \"php-recode-5.4.16-45.h21.eulerosv2r7\",\n \"php-soap-5.4.16-45.h21.eulerosv2r7\",\n \"php-xml-5.4.16-45.h21.eulerosv2r7\",\n \"php-xmlrpc-5.4.16-45.h21.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-12T15:31:50", "description": "According to its banner, the version of PHP running on the remote web server is 7.4.x prior to 7.4.0. It is, therefore, affected by multiple vulnerabilities including a buffer overflow", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-12-06T00:00:00", "type": "nessus", "title": "PHP 7.4.x < 7.4.0 Multiple Vulnerabilities.", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11041", "CVE-2019-11042", "CVE-2019-11043"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_7_4_0.NASL", "href": "https://www.tenable.com/plugins/nessus/131732", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131732);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-11041\", \"CVE-2019-11042\", \"CVE-2019-11043\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0695\");\n\n script_name(english:\"PHP 7.4.x < 7.4.0 Multiple Vulnerabilities.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by multiple\n vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP running on the \n remote web server is 7.4.x prior to 7.4.0. It is, therefore, affected by multiple vulnerabilities including a buffer\n overflow\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.php.net/ChangeLog-7.php#7.4\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=72530\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 7.4.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11043\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP-FPM Underflow RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\", \"installed_sw/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('http.inc');\ninclude('vcf.inc');\n\nport = get_http_port(default:80, php:TRUE);\napp_info = vcf::get_app_info(app:'PHP', port:port, webapp:TRUE);\n\nbackported = get_kb_item('www/php/' + port + '/' + app_info.version + '/backported');\nif ((report_paranoia < 2) && backported)\n audit(AUDIT_BACKPORT_SERVICE, port, 'PHP ' + app_info.version + ' install');\n\nconstraints = [{'min_version':'7.4.0alpha1', 'fixed_version':'7.4.0'}];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:09:30", "description": "This update for php5 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-11041: Fixed heap buffer over-read in exif_scan_thumbnail() (bsc#1146360).\n\nCVE-2019-11042: Fixed heap buffer over-read in exif_process_user_comment() (bsc#1145095).\n\nCVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999).\n\nCVE-2019-11045: Fixed an issue with the PHP DirectoryIterator class that accepts filenames with embedded \\0 bytes (bsc#1159923).\n\nCVE-2019-11046: Fixed an out-of-bounds read in bc_shift_addsub (bsc#1159924).\n\nCVE-2019-11047: Fixed an information disclosure in exif_read_data (bsc#1159922).\n\nCVE-2019-11050: Fixed a buffer over-read in the EXIF extension (bsc#1159927).\n\nCVE-2020-7059: Fixed an out-of-bounds read in php_strip_tags_ex (bsc#1162629).\n\nCVE-2020-7060: Fixed a global buffer-overflow in mbfl_filt_conv_big5_wchar (bsc#1162632).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-03-02T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : php5 (SUSE-SU-2020:0522-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11041", "CVE-2019-11042", "CVE-2019-11043", "CVE-2019-11045", "CVE-2019-11046", "CVE-2019-11047", "CVE-2019-11050", "CVE-2020-7059", "CVE-2020-7060"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_php5", "p-cpe:/a:novell:suse_linux:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:suse_linux:php5", "p-cpe:/a:novell:suse_linux:php5-bcmath", "p-cpe:/a:novell:suse_linux:php5-bcmath-debuginfo", "p-cpe:/a:novell:suse_linux:php5-bz2", "p-cpe:/a:novell:suse_linux:php5-bz2-debuginfo", "p-cpe:/a:novell:suse_linux:php5-calendar", "p-cpe:/a:novell:suse_linux:php5-calendar-debuginfo", "p-cpe:/a:novell:suse_linux:php5-ctype", "p-cpe:/a:novell:suse_linux:php5-ctype-debuginfo", "p-cpe:/a:novell:suse_linux:php5-curl", "p-cpe:/a:novell:suse_linux:php5-curl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-dba", "p-cpe:/a:novell:suse_linux:php5-dba-debuginfo", "p-cpe:/a:novell:suse_linux:php5-debuginfo", "p-cpe:/a:novell:suse_linux:php5-debugsource", "p-cpe:/a:novell:suse_linux:php5-dom", "p-cpe:/a:novell:suse_linux:php5-dom-debuginfo", "p-cpe:/a:novell:suse_linux:php5-enchant", "p-cpe:/a:novell:suse_linux:php5-enchant-debuginfo", "p-cpe:/a:novell:suse_linux:php5-exif", "p-cpe:/a:novell:suse_linux:php5-exif-debuginfo", "p-cpe:/a:novell:suse_linux:php5-fastcgi", "p-cpe:/a:novell:suse_linux:php5-fastcgi-debuginfo", "p-cpe:/a:novell:suse_linux:php5-fileinfo", "p-cpe:/a:novell:suse_linux:php5-fileinfo-debuginfo", "p-cpe:/a:novell:suse_linux:php5-fpm", "p-cpe:/a:novell:suse_linux:php5-fpm-debuginfo", "p-cpe:/a:novell:suse_linux:php5-ftp", "p-cpe:/a:novell:suse_linux:php5-ftp-debuginfo", "p-cpe:/a:novell:suse_linux:php5-gd", "p-cpe:/a:novell:suse_linux:php5-gd-debuginfo", "p-cpe:/a:novell:suse_linux:php5-gettext", "p-cpe:/a:novell:suse_linux:php5-gettext-debuginfo", "p-cpe:/a:novell:suse_linux:php5-gmp", "p-cpe:/a:novell:suse_linux:php5-gmp-debuginfo", "p-cpe:/a:novell:suse_linux:php5-iconv", "p-cpe:/a:novell:suse_linux:php5-iconv-debuginfo", "p-cpe:/a:novell:suse_linux:php5-imap", "p-cpe:/a:novell:suse_linux:php5-imap-debuginfo", "p-cpe:/a:novell:suse_linux:php5-intl", "p-cpe:/a:novell:suse_linux:php5-intl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-json", "p-cpe:/a:novell:suse_linux:php5-json-debuginfo", "p-cpe:/a:novell:suse_linux:php5-ldap", "p-cpe:/a:novell:suse_linux:php5-ldap-debuginfo", "p-cpe:/a:novell:suse_linux:php5-mbstring", "p-cpe:/a:novell:suse_linux:php5-mbstring-debuginfo", "p-cpe:/a:novell:suse_linux:php5-mcrypt", "p-cpe:/a:novell:suse_linux:php5-mcrypt-debuginfo", "p-cpe:/a:novell:suse_linux:php5-mysql", "p-cpe:/a:novell:suse_linux:php5-mysql-debuginfo", "p-cpe:/a:novell:suse_linux:php5-odbc", "p-cpe:/a:novell:suse_linux:php5-odbc-debuginfo", "p-cpe:/a:novell:suse_linux:php5-opcache", "p-cpe:/a:novell:suse_linux:php5-opcache-debuginfo", "p-cpe:/a:novell:suse_linux:php5-openssl", "p-cpe:/a:novell:suse_linux:php5-openssl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pcntl", "p-cpe:/a:novell:suse_linux:php5-pcntl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pdo", "p-cpe:/a:novell:suse_linux:php5-pdo-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pgsql", "p-cpe:/a:novell:suse_linux:php5-pgsql-debuginfo", "p-cpe:/a:novell:suse_linux:php5-phar", "p-cpe:/a:novell:suse_linux:php5-phar-debuginfo", "p-cpe:/a:novell:suse_linux:php5-posix", "p-cpe:/a:novell:suse_linux:php5-posix-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pspell", "p-cpe:/a:novell:suse_linux:php5-pspell-debuginfo", "p-cpe:/a:novell:suse_linux:php5-shmop", "p-cpe:/a:novell:suse_linux:php5-shmop-debuginfo", "p-cpe:/a:novell:suse_linux:php5-snmp", "p-cpe:/a:novell:suse_linux:php5-snmp-debuginfo", "p-cpe:/a:novell:suse_linux:php5-soap", "p-cpe:/a:novell:suse_linux:php5-soap-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sockets", "p-cpe:/a:novell:suse_linux:php5-sockets-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sqlite", "p-cpe:/a:novell:suse_linux:php5-sqlite-debuginfo", "p-cpe:/a:novell:suse_linux:php5-suhosin", "p-cpe:/a:novell:suse_linux:php5-suhosin-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sysvmsg", "p-cpe:/a:novell:suse_linux:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sysvsem", "p-cpe:/a:novell:suse_linux:php5-sysvsem-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sysvshm", "p-cpe:/a:novell:suse_linux:php5-sysvshm-debuginfo", "p-cpe:/a:novell:suse_linux:php5-tokenizer", "p-cpe:/a:novell:suse_linux:php5-tokenizer-debuginfo", "p-cpe:/a:novell:suse_linux:php5-wddx", "p-cpe:/a:novell:suse_linux:php5-wddx-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xmlreader", "p-cpe:/a:novell:suse_linux:php5-xmlreader-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xmlrpc", "p-cpe:/a:novell:suse_linux:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xmlwriter", "p-cpe:/a:novell:suse_linux:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xsl", "p-cpe:/a:novell:suse_linux:php5-xsl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-zip", "p-cpe:/a:novell:suse_linux:php5-zip-debuginfo", "p-cpe:/a:novell:suse_linux:php5-zlib", "p-cpe:/a:novell:suse_linux:php5-zlib-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-0522-1.NASL", "href": "https://www.tenable.com/plugins/nessus/134199", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:0522-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134199);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\n \"CVE-2019-11041\",\n \"CVE-2019-11042\",\n \"CVE-2019-11043\",\n \"CVE-2019-11045\",\n \"CVE-2019-11046\",\n \"CVE-2019-11047\",\n \"CVE-2019-11050\",\n \"CVE-2020-7059\",\n \"CVE-2020-7060\"\n );\n script_xref(name:\"CISA-KNOWN