{"id": "DEBIAN:15E18346F4EC1799981CDE552EAD4BA6:72349", "bulletinFamily": "unix", "title": "php5 security update", "description": "Package : php5\nVersion : 5.3.3-7+squeeze20\nCVE ID : CVE-2014-4049\n\nIt was discovered that PHP, a general-purpose scripting\nlanguage commonly used for web application development, is\nvulnerable to a heap-based buffer overflow in the DNS TXT\nrecord parsing. A malicious server or man-in-the-middle\nattacker could possibly use this flaw to execute arbitrary\ncode as the PHP interpreter if a PHP application uses\ndns_get_record() to perform a DNS query.\n", "published": "2014-06-27T11:30:03", "modified": "2014-06-27T11:30:03", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}, "href": "https://lists.debian.org/debian-lts-announce/2014/debian-lts-announce-201406/msg00009.html", "reporter": "Debian", "references": [], "cvelist": ["CVE-2014-4049"], "type": "debian", "lastseen": "2019-05-30T02:21:38", "edition": 2, "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-4049"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310841875", "OPENVAS:702961", "OPENVAS:1361412562310850787", "OPENVAS:1361412562310851079", "OPENVAS:1361412562310851054", "OPENVAS:1361412562310809742", "OPENVAS:1361412562310703008", "OPENVAS:1361412562310841878", "OPENVAS:1361412562310702961", "OPENVAS:1361412562310809743"]}, {"type": "debian", "idList": ["DEBIAN:DLA-67-1:7F98B", "DEBIAN:DSA-2961-1:4C273", "DEBIAN:DSA-3008-2:2595B", "DEBIAN:DSA-3008-1:C990A"]}, {"type": "nessus", "idList": ["SUSE_11_APACHE2-MOD_PHP53-140627.NASL", "DEBIAN_DSA-3008.NASL", "SUSE_SU-2014-0868-1.NASL", "DEBIAN_DSA-2961.NASL", "OPENSUSE-2014-443.NASL", "SUSE_11_APACHE2-MOD_PHP53-140910.NASL", "OPENSUSE-2014-546.NASL", "UBUNTU_USN-2254-2.NASL", "UBUNTU_USN-2254-1.NASL", "DEBIAN_DLA-67.NASL"]}, {"type": "suse", "idList": ["SUSE-SU-2014:0869-1", "SUSE-SU-2016:1638-1", "SUSE-SU-2014:0873-1", "SUSE-SU-2014:0868-1", "SUSE-SU-2014:0873-2"]}, {"type": "ubuntu", "idList": ["USN-2254-1", "USN-2254-2"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13971", "SECURITYVULNS:VULN:13848", "SECURITYVULNS:DOC:31890", "SECURITYVULNS:DOC:31090", "SECURITYVULNS:VULN:14366"]}, {"type": "f5", "idList": ["SOL15498", "F5:K15761", "SOL15761"]}, {"type": "amazon", "idList": ["ALAS-2014-367", "ALAS-2014-372", "ALAS-2014-393"]}, {"type": "freebsd", "idList": ["D2A892B9-2605-11E4-9DA0-00A0986F28C4"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-1135", "ELSA-2014-1326", "ELSA-2014-1327", "ELSA-2014-1012", "ELSA-2014-1013"]}, {"type": "slackware", "idList": ["SSA-2014-192-01"]}, {"type": "redhat", "idList": ["RHSA-2014:1013", "RHSA-2014:1012", "RHSA-2014:1766", "RHSA-2014:1765"]}, {"type": "centos", "idList": ["CESA-2014:1012", "CESA-2014:1013"]}, {"type": "gentoo", "idList": ["GLSA-201408-11"]}], "modified": "2019-05-30T02:21:38", "rev": 2}, "score": {"value": 7.6, "vector": "NONE", "modified": "2019-05-30T02:21:38", "rev": 2}, "vulnersScore": 7.6}, "affectedPackage": [], "scheme": null}

{"cve": [{"lastseen": "2020-12-09T19:58:24", "description": "Heap-based buffer overflow in the php_parserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record, related to the dns_get_record function.", "edition": 5, "cvss3": {}, "published": "2014-06-18T19:55:00", "title": "CVE-2014-4049", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-4049"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/a:php:php:5.6.0", "cpe:/o:opensuse:opensuse:11.3"], "id": "CVE-2014-4049", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4049", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-05-29T18:35:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4049"], "description": "This host is installed with PHP and is prone\n to heap-based buffer overflow vulnerability.", "modified": "2018-11-12T00:00:00", "published": "2016-12-05T00:00:00", "id": "OPENVAS:1361412562310809743", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809743", "type": "openvas", "title": "PHP 'php_parserr' Heap Based Buffer Overflow Vulnerability (Linux)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_php_parserr_bof_vuln_lin.nasl 12313 2018-11-12 08:53:51Z asteins $\n#\n# PHP 'php_parserr' Heap Based Buffer Overflow Vulnerability (Linux)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809743\");\n script_version(\"$Revision: 12313 $\");\n script_cve_id(\"CVE-2014-4049\");\n script_bugtraq_id(68007);\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-12 09:53:51 +0100 (Mon, 12 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-05 17:24:03 +0530 (Mon, 05 Dec 2016)\");\n script_name(\"PHP 'php_parserr' Heap Based Buffer Overflow Vulnerability (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to heap-based buffer overflow vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to buffer overflow error\n in the 'php_parserr' function in ext/standard/dns.c script.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allows remote\n attackers to cause a denial of service (crash) and possibly execute arbitrary code\n on the affected system.\");\n\n script_tag(name:\"affected\", value:\"PHP versions 5.6.x alpha and beta releases\n before 5.6.0, 5.5.x before 5.5.14, 5.4.x before 5.4.30, 5.3.x before 5.3.29\n on Linux\");\n\n script_tag(name:\"solution\", value:\"Update to PHP version 5.6.0 or 5.5.14 or\n 5.4.30 or 5.3.29 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name:\"URL\", value:\"http://php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2014/06/13/4\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_unixoide\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\n\nif(!phpVer = get_app_version(cpe:CPE, port:phpPort)){\n exit(0);\n}\n\nif(phpVer =~ \"^5\\.\")\n{\n ## 5.6.0alpha1, 5.6.0alpha2, 5.6.0alpha3, 5.6.0alpha4, 5.6.0alpha5\n ## 5.6.0beta1, 5.6.0beta2, 5.6.0beta3, 5.6.0beta4\n if(phpVer =~ \"^5\\.6\\.0alpha\" || phpVer =~ \"^5\\.6\\.0beta\")\n {\n VULN = TRUE;\n fix = \"5.6.0\";\n }\n\n if(version_in_range(version:phpVer, test_version:\"5.3\",test_version2:\"5.3.28\"))\n {\n VULN = TRUE;\n fix = \"5.3.29\";\n }\n\n else if(version_in_range(version:phpVer, test_version:\"5.4\",test_version2:\"5.4.29\"))\n {\n VULN = TRUE;\n fix = \"5.4.30\";\n }\n\n else if(version_in_range(version:phpVer, test_version:\"5.5\",test_version2:\"5.5.13\"))\n {\n VULN = TRUE;\n fix = \"5.5.14\";\n }\n\n if(VULN)\n {\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message( data:report, port:phpPort );\n exit(0);\n }\n}\nexit( 99 );\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4049"], "description": "This host is installed with PHP and is prone\n to heap-based buffer overflow vulnerability.", "modified": "2018-11-12T00:00:00", "published": "2016-12-05T00:00:00", "id": "OPENVAS:1361412562310809742", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809742", "type": "openvas", "title": "PHP 'php_parserr' Heap Based Buffer Overflow Vulnerability (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_php_parserr_bof_vuln_win.nasl 12313 2018-11-12 08:53:51Z asteins $\n#\n# PHP 'php_parserr' Heap Based Buffer Overflow Vulnerability (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809742\");\n script_version(\"$Revision: 12313 $\");\n script_cve_id(\"CVE-2014-4049\");\n script_bugtraq_id(68007);\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-12 09:53:51 +0100 (Mon, 12 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-05 17:06:26 +0530 (Mon, 05 Dec 2016)\");\n script_name(\"PHP 'php_parserr' Heap Based Buffer Overflow Vulnerability (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is prone\n to heap-based buffer overflow vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to buffer overflow error\n in the 'php_parserr' function in ext/standard/dns.c script.\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allows remote\n attackers to cause a denial of service (crash) and possibly execute arbitrary code\n on the affected system.\");\n\n script_tag(name:\"affected\", value:\"PHP versions 5.6.x before 5.6.0, 5.5.x before\n 5.5.14, 5.4.x before 5.4.30, 5.3.x before 5.3.29 on Windows\");\n\n script_tag(name:\"solution\", value:\"Update to PHP version 5.6.0 or 5.5.14 or\n 5.4.30 or 5.3.29 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"http://php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2014/06/13/4\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_windows\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\n\nif(!phpVer = get_app_version(cpe:CPE, port:phpPort)){\n exit(0);\n}\n\nif(phpVer =~ \"^5\\.\")\n{\n ## 5.6.0alpha1, 5.6.0alpha2, 5.6.0alpha3, 5.6.0alpha4, 5.6.0alpha5\n ## 5.6.0beta1, 5.6.0beta2, 5.6.0beta3, 5.6.0beta4\n if(phpVer =~ \"^(5.6.0alpha)\" || phpVer =~ \"^(5.6.0beta)\")\n {\n VULN = TRUE;\n fix = \"5.6.0\";\n }\n\n if(version_in_range(version:phpVer, test_version:\"5.3\",test_version2:\"5.3.28\"))\n {\n VULN = TRUE;\n fix = \"5.3.29\";\n }\n\n else if(version_in_range(version:phpVer, test_version:\"5.4\",test_version2:\"5.4.29\"))\n {\n VULN = TRUE;\n fix = \"5.4.30\";\n }\n\n else if(version_in_range(version:phpVer, test_version:\"5.5\",test_version2:\"5.5.13\"))\n {\n VULN = TRUE;\n fix = \"5.5.14\";\n }\n\n if(VULN)\n {\n report = report_fixed_ver(installed_version:phpVer, fixed_version:fix);\n security_message( data:report, port:phpPort );\n exit(0);\n }\n}\nexit( 99 );\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4049"], "description": "It was discovered that PHP, a general-purpose scripting language\ncommonly used for web application development, is vulnerable to a\nheap-based buffer overflow in the DNS TXT record parsing. A malicious\nserver or man-in-the-middle attacker could possibly use this flaw to\nexecute arbitrary code as the PHP interpreter if a PHP application uses\ndns_get_record() to perform a DNS query.", "modified": "2019-03-19T00:00:00", "published": "2014-06-16T00:00:00", "id": "OPENVAS:1361412562310702961", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702961", "type": "openvas", "title": "Debian Security Advisory DSA 2961-1 (php5 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2961.nasl 14302 2019-03-19 08:28:48Z cfischer $\n# Auto-generated from advisory DSA 2961-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702961\");\n script_version(\"$Revision: 14302 $\");\n script_cve_id(\"CVE-2014-4049\");\n script_name(\"Debian Security Advisory DSA 2961-1 (php5 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 09:28:48 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-16 00:00:00 +0200 (Mon, 16 Jun 2014)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-2961.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"php5 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), this problem has been fixed in\nversion 5.4.4-14+deb7u11.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 5.6.0~beta4+dfsg-3.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 5.6.0~beta4+dfsg-3.\n\nWe recommend that you upgrade your php5 packages.\");\n script_tag(name:\"summary\", value:\"It was discovered that PHP, a general-purpose scripting language\ncommonly used for web application development, is vulnerable to a\nheap-based buffer overflow in the DNS TXT record parsing. A malicious\nserver or man-in-the-middle attacker could possibly use this flaw to\nexecute arbitrary code as the PHP interpreter if a PHP application uses\ndns_get_record() to perform a DNS query.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-27T10:48:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4049"], "description": "It was discovered that PHP, a general-purpose scripting language\ncommonly used for web application development, is vulnerable to a\nheap-based buffer overflow in the DNS TXT record parsing. A malicious\nserver or man-in-the-middle attacker could possibly use this flaw to\nexecute arbitrary code as the PHP interpreter if a PHP application uses\ndns_get_record() to perform a DNS query.", "modified": "2017-07-12T00:00:00", "published": "2014-06-16T00:00:00", "id": "OPENVAS:702961", "href": "http://plugins.openvas.org/nasl.php?oid=702961", "type": "openvas", "title": "Debian Security Advisory DSA 2961-1 (php5 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2961.nasl 6692 2017-07-12 09:57:43Z teissa $\n# Auto-generated from advisory DSA 2961-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"php5 on Debian Linux\";\ntag_insight = \"This package is a metapackage that, when installed, guarantees that you\nhave at least one of the four server-side versions of the PHP5 interpreter\ninstalled. Removing this package won't remove PHP5 from your system, however\nit may remove other packages that depend on this one.\";\ntag_solution = \"For the stable distribution (wheezy), this problem has been fixed in\nversion 5.4.4-14+deb7u11.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 5.6.0~beta4+dfsg-3.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 5.6.0~beta4+dfsg-3.\n\nWe recommend that you upgrade your php5 packages.\";\ntag_summary = \"It was discovered that PHP, a general-purpose scripting language\ncommonly used for web application development, is vulnerable to a\nheap-based buffer overflow in the DNS TXT record parsing. A malicious\nserver or man-in-the-middle attacker could possibly use this flaw to\nexecute arbitrary code as the PHP interpreter if a PHP application uses\ndns_get_record() to perform a DNS query.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702961);\n script_version(\"$Revision: 6692 $\");\n script_cve_id(\"CVE-2014-4049\");\n script_name(\"Debian Security Advisory DSA 2961-1 (php5 - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-12 11:57:43 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-06-16 00:00:00 +0200 (Mon, 16 Jun 2014)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2961.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.4-14+deb7u11\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-01-31T18:38:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4049", "CVE-2014-2497"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2015-10-16T00:00:00", "id": "OPENVAS:1361412562310851079", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851079", "type": "openvas", "title": "SUSE: Security Advisory for PHP5 (SUSE-SU-2014:0868-1)", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851079\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 19:38:19 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2014-2497\", \"CVE-2014-4049\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for PHP5 (SUSE-SU-2014:0868-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'PHP5'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"PHP5 has been updated to fix two security vulnerabilities:\n\n * Heap-based buffer overflow in DNS TXT record parsing (CVE-2014-4049)\n\n * NULL pointer dereference in GD XPM decoder (CVE-2014-2497)\");\n\n script_tag(name:\"affected\", value:\"PHP5 on SUSE Linux Enterprise Server 11 SP2 LTSS\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2014:0868-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP2\") {\n if(!isnull(res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-hash\", rpm:\"php5-hash~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:36:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4248", "CVE-2014-4049", "CVE-2013-6420", "CVE-2014-2497"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2015-10-16T00:00:00", "id": "OPENVAS:1361412562310851054", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851054", "type": "openvas", "title": "SUSE: Security Advisory for PHP5 (SUSE-SU-2014:0873-2)", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851054\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 19:01:52 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2013-4248\", \"CVE-2013-6420\", \"CVE-2014-2497\", \"CVE-2014-4049\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for PHP5 (SUSE-SU-2014:0873-2)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'PHP5'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"PHP5 has been updated to fix four security vulnerabilities:\n\n * Heap-based buffer overflow in DNS TXT record parsing (CVE-2014-4049)\n\n * Heap based buffer overflow in time handling in openssl_x509_parse\n (CVE-2013-6420)\n\n * Man in the Middle attack in the the openssl_x509_parse due to lack\n of \\0 handling (CVE-2013-4248)\n\n * NULL pointer dereference in GD XPM decoder (CVE-2014-2497)\");\n\n script_tag(name:\"affected\", value:\"PHP5 on SUSE Linux Enterprise Server 11 SP1 LTSS\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2014:0873-2\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP1\") {\n if(!isnull(res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-hash\", rpm:\"php5-hash~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.2.14~0.7.30.54.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0237", "CVE-2014-4049", "CVE-2014-0185", "CVE-2014-0238"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2014-07-01T00:00:00", "id": "OPENVAS:1361412562310841875", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841875", "type": "openvas", "title": "Ubuntu Update for php5 USN-2254-2", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2254_2.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for php5 USN-2254-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841875\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-01 22:22:18 +0530 (Tue, 01 Jul 2014)\");\n script_cve_id(\"CVE-2014-0185\", \"CVE-2014-0237\", \"CVE-2014-0238\", \"CVE-2014-4049\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for php5 USN-2254-2\");\n\n script_tag(name:\"affected\", value:\"php5 on Ubuntu 14.04 LTS,\n Ubuntu 13.10\");\n script_tag(name:\"insight\", value:\"USN-2254-1 fixed vulnerabilities in PHP. The fix for\nCVE-2014-0185 further restricted the permissions on the PHP FastCGI Process\nManager (FPM) UNIX socket. This update grants socket access to the www-data\nuser and group so installations and documentation relying on the previous\nsocket permissions will continue to function.\n\nOriginal advisory details:\n\nChristian Hoffmann discovered that the PHP FastCGI Process Manager (FPM)\nset incorrect permissions on the UNIX socket. A local attacker could use\nthis issue to possibly elevate their privileges. This issue only affected\nUbuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-0185)\nFrancisco Alonso discovered that the PHP Fileinfo component incorrectly\nhandled certain CDF documents. A remote attacker could use this issue to\ncause PHP to hang or crash, resulting in a denial of service.\n(CVE-2014-0237, CVE-2014-0238)\nStefan Esser discovered that PHP incorrectly handled DNS TXT records. A\nremote attacker could use this issue to cause PHP to crash, resulting in a\ndenial of service, or possibly execute arbitrary code. (CVE-2014-4049)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2254-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2254-2/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php5'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|13\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.5.9+dfsg-1ubuntu4.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.5.3+dfsg-1ubuntu2.5\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:38:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0237", "CVE-2014-4049", "CVE-2014-2497", "CVE-2014-0238"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2015-10-13T00:00:00", "id": "OPENVAS:1361412562310850787", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850787", "type": "openvas", "title": "SUSE: Security Advisory for php53 (SUSE-SU-2014:0869-1)", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850787\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-13 18:35:00 +0530 (Tue, 13 Oct 2015)\");\n script_cve_id(\"CVE-2014-0237\", \"CVE-2014-0238\", \"CVE-2014-2497\", \"CVE-2014-4049\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for php53 (SUSE-SU-2014:0869-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php53'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"php53 was updated to fix the following security vulnerabilities:\n\n * Heap-based buffer overflow in DNS TXT record parsing. (CVE-2014-4049)\n\n * Denial of service in Fileinfo component. (CVE-2014-0238)\n\n * Performance degradation by too many file_printf calls.\n (CVE-2014-0237)\n\n * NULL pointer dereference in GD XPM decoder. (CVE-2014-2497)\n\n Security Issues references:\n\n * CVE-2014-4049\n\n * CVE-2014-0238\n\n * CVE-2014-0237\n\n * CVE-2014-2497\");\n\n script_tag(name:\"affected\", value:\"php53 on SUSE Linux Enterprise Server 11 SP3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2014:0869-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP3\") {\n if(!isnull(res = isrpmvuln(pkg:\"apache2-mod_php53\", rpm:\"apache2-mod_php53~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-bz2\", rpm:\"php53-bz2~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-calendar\", rpm:\"php53-calendar~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-ctype\", rpm:\"php53-ctype~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-curl\", rpm:\"php53-curl~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-dom\", rpm:\"php53-dom~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-exif\", rpm:\"php53-exif~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-fastcgi\", rpm:\"php53-fastcgi~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-fileinfo\", rpm:\"php53-fileinfo~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-ftp\", rpm:\"php53-ftp~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-gettext\", rpm:\"php53-gettext~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-gmp\", rpm:\"php53-gmp~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-iconv\", rpm:\"php53-iconv~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-json\", rpm:\"php53-json~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-mcrypt\", rpm:\"php53-mcrypt~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-openssl\", rpm:\"php53-openssl~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-pcntl\", rpm:\"php53-pcntl~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-pear\", rpm:\"php53-pear~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-shmop\", rpm:\"php53-shmop~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-suhosin\", rpm:\"php53-suhosin~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-sysvmsg\", rpm:\"php53-sysvmsg~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-sysvsem\", rpm:\"php53-sysvsem~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-sysvshm\", rpm:\"php53-sysvshm~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-tokenizer\", rpm:\"php53-tokenizer~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-wddx\", rpm:\"php53-wddx~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-xmlreader\", rpm:\"php53-xmlreader~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-xmlwriter\", rpm:\"php53-xmlwriter~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-xsl\", rpm:\"php53-xsl~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-zip\", rpm:\"php53-zip~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php53-zlib\", rpm:\"php53-zlib~5.3.17~0.23.5\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0237", "CVE-2014-4049", "CVE-2014-0185", "CVE-2014-0238"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2014-07-01T00:00:00", "id": "OPENVAS:1361412562310841878", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841878", "type": "openvas", "title": "Ubuntu Update for php5 USN-2254-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2254_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for php5 USN-2254-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841878\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-01 22:39:43 +0530 (Tue, 01 Jul 2014)\");\n script_cve_id(\"CVE-2014-0185\", \"CVE-2014-0237\", \"CVE-2014-0238\", \"CVE-2014-4049\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for php5 USN-2254-1\");\n\n script_tag(name:\"affected\", value:\"php5 on Ubuntu 14.04 LTS,\n Ubuntu 13.10,\n Ubuntu 12.04 LTS,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"insight\", value:\"Christian Hoffmann discovered that the PHP FastCGI Process\nManager (FPM) set incorrect permissions on the UNIX socket. A local attacker\ncould use this issue to possibly elevate their privileges. This issue only\naffected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-0185)\n\nFrancisco Alonso discovered that the PHP Fileinfo component incorrectly\nhandled certain CDF documents. A remote attacker could use this issue to\ncause PHP to hang or crash, resulting in a denial of service.\n(CVE-2014-0237, CVE-2014-0238)\n\nStefan Esser discovered that PHP incorrectly handled DNS TXT records. A\nremote attacker could use this issue to cause PHP to crash, resulting in a\ndenial of service, or possibly execute arbitrary code. (CVE-2014-4049)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2254-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2254-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php5'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|10\\.04 LTS|13\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.5.9+dfsg-1ubuntu4.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.5.9+dfsg-1ubuntu4.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.5.9+dfsg-1ubuntu4.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.5.9+dfsg-1ubuntu4.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.10-1ubuntu3.12\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.10-1ubuntu3.12\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.10-1ubuntu3.12\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.3.10-1ubuntu3.12\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.2-1ubuntu4.25\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.2-1ubuntu4.25\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.2-1ubuntu4.25\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.5.3+dfsg-1ubuntu2.4\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.5.3+dfsg-1ubuntu2.4\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.5.3+dfsg-1ubuntu2.4\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.5.3+dfsg-1ubuntu2.4\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-7345", "CVE-2014-3587", "CVE-2014-4670", "CVE-2014-3538", "CVE-2014-3597", "CVE-2014-4049"], "description": "Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2014-3538It was discovered that the original fix for CVE-2013-7345\ndid not\nsufficiently address the problem. A remote attacker could still\ncause a denial of service (CPU consumption) via a specially-crafted\ninput file that triggers backtracking during processing of an awk\nregular expression rule.\n\nCVE-2014-3587\nIt was discovered that the CDF parser of the fileinfo module does\nnot properly process malformed files in the Composite Document File\n(CDF) format, leading to crashes.\n\nCVE-2014-3597It was discovered that the original fix for CVE-2014-4049\ndid not\ncompletely address the issue. A malicious server or\nman-in-the-middle attacker could cause a denial of service (crash)\nand possibly execute arbitrary code via a crafted DNS TXT record.\n\nCVE-2014-4670\nIt was discovered that PHP incorrectly handled certain SPL\nIterators. A local attacker could use this flaw to cause PHP to\ncrash, resulting in a denial of service.", "modified": "2019-03-19T00:00:00", "published": "2014-08-21T00:00:00", "id": "OPENVAS:1361412562310703008", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703008", "type": "openvas", "title": "Debian Security Advisory DSA 3008-1 (php5 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3008.nasl 14302 2019-03-19 08:28:48Z cfischer $\n# Auto-generated from advisory DSA 3008-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703008\");\n script_version(\"$Revision: 14302 $\");\n script_cve_id(\"CVE-2013-7345\", \"CVE-2014-3538\", \"CVE-2014-3587\", \"CVE-2014-3597\", \"CVE-2014-4049\", \"CVE-2014-4670\");\n script_name(\"Debian Security Advisory DSA 3008-1 (php5 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 09:28:48 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-21 00:00:00 +0200 (Thu, 21 Aug 2014)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-3008.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"php5 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), these problems have been fixed in\nversion 5.4.4-14+deb7u13. In addition, this update contains several\nbugfixes originally targeted for the upcoming Wheezy point release.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your php5 packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2014-3538It was discovered that the original fix for CVE-2013-7345\ndid not\nsufficiently address the problem. A remote attacker could still\ncause a denial of service (CPU consumption) via a specially-crafted\ninput file that triggers backtracking during processing of an awk\nregular expression rule.\n\nCVE-2014-3587\nIt was discovered that the CDF parser of the fileinfo module does\nnot properly process malformed files in the Composite Document File\n(CDF) format, leading to crashes.\n\nCVE-2014-3597It was discovered that the original fix for CVE-2014-4049\ndid not\ncompletely address the issue. A malicious server or\nman-in-the-middle attacker could cause a denial of service (crash)\nand possibly execute arbitrary code via a crafted DNS TXT record.\n\nCVE-2014-4670\nIt was discovered that PHP incorrectly handled certain SPL\nIterators. A local attacker could use this flaw to cause PHP to\ncrash, resulting in a denial of service.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.4-14+deb7u13\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-12T09:48:38", "description": "It was discovered that PHP, a general-purpose scripting language\ncommonly used for web application development, is vulnerable to a\nheap-based buffer overflow in the DNS TXT record parsing. A malicious\nserver or man-in-the-middle attacker could possibly use this flaw to\nexecute arbitrary code as the PHP interpreter if a PHP application\nuses dns_get_record() to perform a DNS query.", "edition": 15, "published": "2014-06-17T00:00:00", "title": "Debian DSA-2961-1 : php5 - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4049"], "modified": "2014-06-17T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:php5", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2961.NASL", "href": "https://www.tenable.com/plugins/nessus/76082", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2961. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76082);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-4049\");\n script_bugtraq_id(68007);\n script_xref(name:\"DSA\", value:\"2961\");\n\n script_name(english:\"Debian DSA-2961-1 : php5 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that PHP, a general-purpose scripting language\ncommonly used for web application development, is vulnerable to a\nheap-based buffer overflow in the DNS TXT record parsing. A malicious\nserver or man-in-the-middle attacker could possibly use this flaw to\nexecute arbitrary code as the PHP interpreter if a PHP application\nuses dns_get_record() to perform a DNS query.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751364\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/php5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-2961\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the php5 packages.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 5.4.4-14+deb7u11.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libapache2-mod-php5\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libphp5-embed\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php-pear\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-cgi\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-cli\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-common\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-curl\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-dbg\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-dev\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-enchant\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-fpm\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-gd\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-gmp\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-imap\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-interbase\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-intl\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-ldap\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-mcrypt\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-mysql\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-mysqlnd\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-odbc\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-pgsql\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-pspell\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-recode\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-snmp\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-sqlite\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-sybase\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-tidy\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-xmlrpc\", reference:\"5.4.4-14+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-xsl\", reference:\"5.4.4-14+deb7u11\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T12:27:45", "description": "php5 was updated to prevent insecure DNS TXT record parsing.\n\nThis security issue was fixed :\n\n - Heap-based buffer overflow in DNS TXT record parsing\n (CVE-2014-4049)", "edition": 18, "published": "2014-06-26T00:00:00", "title": "openSUSE Security Update : php5 (openSUSE-SU-2014:0841-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4049"], "modified": "2014-06-26T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo", "p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php5-json-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php5-mssql-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-mcrypt", "cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php5-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell-debuginfo", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php5-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:opensuse:php5-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php5-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib-debuginfo", "p-cpe:/a:novell:opensuse:php5-posix-debuginfo", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-intl-debuginfo", "p-cpe:/a:novell:opensuse:php5-dba-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-fpm", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-debugsource", "p-cpe:/a:novell:opensuse:php5-zip-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline-debuginfo", "p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib", "p-cpe:/a:novell:opensuse:php5-phar-debuginfo", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-dom-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-exif-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo", "p-cpe:/a:novell:opensuse:php5-firebird-debuginfo", "p-cpe:/a:novell:opensuse:php5-imap-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:php5-mssql", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-pdo-debuginfo", "p-cpe:/a:novell:opensuse:php5-gd-debuginfo", "p-cpe:/a:novell:opensuse:php5-firebird", "p-cpe:/a:novell:opensuse:php5-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-curl-debuginfo", "cpe:/o:novell:opensuse:13.1", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-ldap"], "id": "OPENSUSE-2014-443.NASL", "href": "https://www.tenable.com/plugins/nessus/76230", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-443.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76230);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-4049\");\n\n script_name(english:\"openSUSE Security Update : php5 (openSUSE-SU-2014:0841-1)\");\n script_summary(english:\"Check for the openSUSE-2014-443 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"php5 was updated to prevent insecure DNS TXT record parsing.\n\nThis security issue was fixed :\n\n - Heap-based buffer overflow in DNS TXT record parsing\n (CVE-2014-4049)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=882992\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-06/msg00051.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-mod_php5-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-mod_php5-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bcmath-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bcmath-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bz2-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bz2-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-calendar-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-calendar-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ctype-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ctype-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-curl-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-curl-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dba-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dba-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-debugsource-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-devel-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dom-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dom-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-enchant-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-enchant-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-exif-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-exif-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fastcgi-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fastcgi-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fileinfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fileinfo-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fpm-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fpm-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ftp-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ftp-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gd-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gd-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gettext-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gettext-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gmp-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gmp-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-iconv-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-iconv-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-imap-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-imap-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-intl-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-intl-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-json-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-json-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ldap-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ldap-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mbstring-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mbstring-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mcrypt-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mcrypt-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mssql-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mssql-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mysql-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mysql-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-odbc-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-odbc-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-openssl-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-openssl-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pcntl-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pcntl-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pdo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pdo-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pear-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pgsql-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pgsql-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-phar-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-phar-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-posix-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-posix-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pspell-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pspell-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-readline-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-readline-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-shmop-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-shmop-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-snmp-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-snmp-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-soap-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-soap-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sockets-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sockets-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sqlite-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sqlite-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-suhosin-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-suhosin-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvmsg-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvmsg-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvsem-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvsem-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvshm-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvshm-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tidy-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tidy-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tokenizer-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tokenizer-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-wddx-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-wddx-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlreader-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlreader-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlrpc-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlrpc-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlwriter-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlwriter-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xsl-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xsl-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zip-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zip-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zlib-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zlib-debuginfo-5.3.17-3.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"apache2-mod_php5-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"apache2-mod_php5-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bcmath-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bcmath-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bz2-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bz2-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-calendar-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-calendar-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ctype-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ctype-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-curl-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-curl-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dba-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dba-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-debugsource-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-devel-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dom-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dom-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-enchant-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-enchant-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-exif-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-exif-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fastcgi-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fastcgi-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fileinfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fileinfo-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-firebird-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-firebird-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fpm-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fpm-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ftp-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ftp-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gd-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gd-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gettext-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gettext-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gmp-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gmp-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-iconv-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-iconv-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-imap-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-imap-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-intl-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-intl-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-json-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-json-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ldap-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ldap-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mbstring-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mbstring-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mcrypt-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mcrypt-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mssql-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mssql-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mysql-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mysql-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-odbc-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-odbc-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-openssl-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-openssl-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pcntl-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pcntl-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pdo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pdo-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pear-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pgsql-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pgsql-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-phar-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-phar-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-posix-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-posix-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pspell-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pspell-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-readline-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-readline-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-shmop-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-shmop-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-snmp-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-snmp-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-soap-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-soap-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sockets-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sockets-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sqlite-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sqlite-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-suhosin-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-suhosin-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvmsg-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvmsg-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvsem-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvsem-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvshm-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvshm-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tidy-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tidy-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tokenizer-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tokenizer-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-wddx-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-wddx-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlreader-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlreader-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlrpc-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlrpc-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlwriter-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlwriter-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xsl-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xsl-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zip-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zip-debuginfo-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zlib-5.4.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zlib-debuginfo-5.4.20-12.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php5\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T14:43:39", "description": "PHP5 has been updated to fix two security vulnerabilities :\n\n - Heap-based buffer overflow in DNS TXT record parsing\n (CVE-2014-4049)\n\n - NULL pointer dereference in GD XPM decoder\n (CVE-2014-2497)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "published": "2015-05-20T00:00:00", "title": "SUSE SLES11 Security Update : PHP5 (SUSE-SU-2014:0868-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-4049", "CVE-2014-2497"], "modified": "2015-05-20T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:php5-tokenizer", "p-cpe:/a:novell:suse_linux:php5-bcmath", "p-cpe:/a:novell:suse_linux:php5-zip", "p-cpe:/a:novell:suse_linux:php5-xmlrpc", "p-cpe:/a:novell:suse_linux:php5-calendar", "p-cpe:/a:novell:suse_linux:php5-odbc", "p-cpe:/a:novell:suse_linux:php5-gettext", "p-cpe:/a:novell:suse_linux:php5-openssl", "p-cpe:/a:novell:suse_linux:php5-iconv", "p-cpe:/a:novell:suse_linux:php5-bz2", "p-cpe:/a:novell:suse_linux:php5-dbase", "p-cpe:/a:novell:suse_linux:php5-sysvmsg", "p-cpe:/a:novell:suse_linux:php5-suhosin", "p-cpe:/a:novell:suse_linux:php5-pgsql", "p-cpe:/a:novell:suse_linux:php5-mbstring", "p-cpe:/a:novell:suse_linux:apache2-mod_php5", "p-cpe:/a:novell:suse_linux:php5-ctype", "p-cpe:/a:novell:suse_linux:php5-pspell", "p-cpe:/a:novell:suse_linux:php5", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:php5-gd", "p-cpe:/a:novell:suse_linux:php5-mcrypt", "p-cpe:/a:novell:suse_linux:php5-sysvsem", "p-cpe:/a:novell:suse_linux:php5-soap", "p-cpe:/a:novell:suse_linux:php5-ldap", "p-cpe:/a:novell:suse_linux:php5-mysql", "p-cpe:/a:novell:suse_linux:php5-sysvshm", "p-cpe:/a:novell:suse_linux:php5-fastcgi", "p-cpe:/a:novell:suse_linux:php5-gmp", "p-cpe:/a:novell:suse_linux:php5-xmlwriter", "p-cpe:/a:novell:suse_linux:php5-wddx", "p-cpe:/a:novell:suse_linux:php5-exif", "p-cpe:/a:novell:suse_linux:php5-xmlreader", "p-cpe:/a:novell:suse_linux:php5-curl", "p-cpe:/a:novell:suse_linux:php5-dba", "p-cpe:/a:novell:suse_linux:php5-snmp", "p-cpe:/a:novell:suse_linux:php5-ftp", "p-cpe:/a:novell:suse_linux:php5-zlib", "p-cpe:/a:novell:suse_linux:php5-dom", "p-cpe:/a:novell:suse_linux:php5-xsl", "p-cpe:/a:novell:suse_linux:php5-hash", "p-cpe:/a:novell:suse_linux:php5-pdo", "p-cpe:/a:novell:suse_linux:php5-pear", "p-cpe:/a:novell:suse_linux:php5-pcntl", "p-cpe:/a:novell:suse_linux:php5-json", "p-cpe:/a:novell:suse_linux:php5-shmop"], "id": "SUSE_SU-2014-0868-1.NASL", "href": "https://www.tenable.com/plugins/nessus/83630", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2014:0868-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83630);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-2497\", \"CVE-2014-4049\");\n script_bugtraq_id(66233, 68007);\n\n script_name(english:\"SUSE SLES11 Security Update : PHP5 (SUSE-SU-2014:0868-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PHP5 has been updated to fix two security vulnerabilities :\n\n - Heap-based buffer overflow in DNS TXT record parsing\n (CVE-2014-4049)\n\n - NULL pointer dereference in GD XPM decoder\n (CVE-2014-2497)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://download.suse.com/patch/finder/?keywords=5a6e6d1523035a22186fef4bad38da0d\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dc8643d8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-2497.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-4049.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/868624\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/882992\"\n );\n # https://www.suse.com/support/update/announcement/2014/suse-su-20140868-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d6bd146b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11 SP2 LTSS :\n\nzypper in -t patch slessp2-apache2-mod_php5-9409\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! ereg(pattern:\"^2$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"apache2-mod_php5-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-bcmath-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-bz2-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-calendar-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-ctype-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-curl-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-dba-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-dbase-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-dom-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-exif-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-fastcgi-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-ftp-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-gd-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-gettext-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-gmp-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-hash-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-iconv-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-json-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-ldap-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-mbstring-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-mcrypt-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-mysql-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-odbc-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-openssl-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-pcntl-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-pdo-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-pear-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-pgsql-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-pspell-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-shmop-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-snmp-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-soap-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-suhosin-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-sysvmsg-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-sysvsem-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-sysvshm-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-tokenizer-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-wddx-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-xmlreader-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-xmlrpc-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-xmlwriter-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-xsl-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-zip-5.2.14-0.7.30.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php5-zlib-5.2.14-0.7.30.54.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"PHP5\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T14:37:37", "description": "This php53 update fixes the following security issues :\n\n - Insecure temporary file used for cache data was fixed by\n switching to a different root only directory\n /var/cache/php-pear. (CVE-2014-5459)\n\n - An incomplete fix for CVE-2014-4049. (CVE-2014-3597)", "edition": 17, "published": "2014-09-18T00:00:00", "title": "SuSE 11.3 Security Update : php53 (SAT Patch Number 9718)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3597", "CVE-2014-4049", "CVE-2014-5459"], "modified": "2014-09-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:php53-fileinfo", "p-cpe:/a:novell:suse_linux:11:php53-ftp", "p-cpe:/a:novell:suse_linux:11:php53-mysql", "p-cpe:/a:novell:suse_linux:11:php53-calendar", "p-cpe:/a:novell:suse_linux:11:php53-curl", "p-cpe:/a:novell:suse_linux:11:php53-zlib", "p-cpe:/a:novell:suse_linux:11:php53-soap", "p-cpe:/a:novell:suse_linux:11:php53-sysvshm", "p-cpe:/a:novell:suse_linux:11:php53-xmlwriter", "p-cpe:/a:novell:suse_linux:11:php53-bz2", "p-cpe:/a:novell:suse_linux:11:php53-wddx", "p-cpe:/a:novell:suse_linux:11:php53-suhosin", "p-cpe:/a:novell:suse_linux:11:php53-sysvmsg", "p-cpe:/a:novell:suse_linux:11:php53-odbc", "p-cpe:/a:novell:suse_linux:11:php53-ldap", "p-cpe:/a:novell:suse_linux:11:php53-gd", "p-cpe:/a:novell:suse_linux:11:php53-xsl", "p-cpe:/a:novell:suse_linux:11:php53-ctype", "p-cpe:/a:novell:suse_linux:11:php53-pear", "p-cpe:/a:novell:suse_linux:11:php53-bcmath", "p-cpe:/a:novell:suse_linux:11:php53-pcntl", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:php53-dom", "p-cpe:/a:novell:suse_linux:11:php53-openssl", "p-cpe:/a:novell:suse_linux:11:php53-mbstring", "p-cpe:/a:novell:suse_linux:11:php53-intl", "p-cpe:/a:novell:suse_linux:11:php53-xmlrpc", "p-cpe:/a:novell:suse_linux:11:php53-sysvsem", "p-cpe:/a:novell:suse_linux:11:php53-iconv", "p-cpe:/a:novell:suse_linux:11:php53-pspell", "p-cpe:/a:novell:suse_linux:11:php53-exif", "p-cpe:/a:novell:suse_linux:11:php53-pdo", "p-cpe:/a:novell:suse_linux:11:php53-tokenizer", "p-cpe:/a:novell:suse_linux:11:php53-zip", "p-cpe:/a:novell:suse_linux:11:php53-dba", "p-cpe:/a:novell:suse_linux:11:php53-fastcgi", "p-cpe:/a:novell:suse_linux:11:apache2-mod_php53", "p-cpe:/a:novell:suse_linux:11:php53-pgsql", "p-cpe:/a:novell:suse_linux:11:php53-xmlreader", "p-cpe:/a:novell:suse_linux:11:php53-gmp", "p-cpe:/a:novell:suse_linux:11:php53-mcrypt", "p-cpe:/a:novell:suse_linux:11:php53", "p-cpe:/a:novell:suse_linux:11:php53-json", "p-cpe:/a:novell:suse_linux:11:php53-shmop", "p-cpe:/a:novell:suse_linux:11:php53-gettext", "p-cpe:/a:novell:suse_linux:11:php53-snmp"], "id": "SUSE_11_APACHE2-MOD_PHP53-140910.NASL", "href": "https://www.tenable.com/plugins/nessus/77742", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77742);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3597\", \"CVE-2014-4049\", \"CVE-2014-5459\");\n\n script_name(english:\"SuSE 11.3 Security Update : php53 (SAT Patch Number 9718)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This php53 update fixes the following security issues :\n\n - Insecure temporary file used for cache data was fixed by\n switching to a different root only directory\n /var/cache/php-pear. (CVE-2014-5459)\n\n - An incomplete fix for CVE-2014-4049. (CVE-2014-3597)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=893849\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=893853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-3597.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-4049.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-5459.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 9718.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-mod_php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"apache2-mod_php53-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-bcmath-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-bz2-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-calendar-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-ctype-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-curl-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-dba-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-dom-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-exif-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-fastcgi-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-fileinfo-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-ftp-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-gd-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-gettext-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-gmp-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-iconv-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-intl-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-json-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-ldap-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-mbstring-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-mcrypt-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-mysql-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-odbc-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-openssl-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pcntl-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pdo-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pear-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pgsql-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pspell-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-shmop-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-snmp-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-soap-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-suhosin-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-sysvmsg-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-sysvsem-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-sysvshm-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-tokenizer-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-wddx-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xmlreader-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xmlrpc-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xmlwriter-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xsl-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-zip-5.3.17-0.29.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-zlib-5.3.17-0.29.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T12:27:56", "description": "php5 was updated to fix three security issues :\n\n - Insecure temporary file use for cache data was fixed by\n switching to a different root only directory\n /var/cache/php-pear (CVE-2014-5459)\n\n - An incomplete fix for CVE-2014-4049 (CVE-2014-3597) \n\n - gd extension: NUL byte injection in filenames passed to\n image handling functions was fixed (CVE-2014-5120)\n\nAlso a bug was fixed :\n\n - fixed suhosin crash if used with php\n session_set_save_handler() [bnc#895658]", "edition": 18, "published": "2014-09-17T00:00:00", "title": "openSUSE Security Update : php5 (openSUSE-SU-2014:1133-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5120", "CVE-2014-3597", "CVE-2014-4049", "CVE-2014-5459"], "modified": "2014-09-17T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo", "p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php5-json-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php5-mssql-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-mcrypt", "cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php5-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell-debuginfo", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php5-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:opensuse:php5-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php5-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib-debuginfo", "p-cpe:/a:novell:opensuse:php5-posix-debuginfo", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-intl-debuginfo", "p-cpe:/a:novell:opensuse:php5-dba-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-fpm", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-debugsource", "p-cpe:/a:novell:opensuse:php5-zip-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline-debuginfo", "p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib", "p-cpe:/a:novell:opensuse:php5-phar-debuginfo", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-dom-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-exif-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo", "p-cpe:/a:novell:opensuse:php5-firebird-debuginfo", "p-cpe:/a:novell:opensuse:php5-imap-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:php5-mssql", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-pdo-debuginfo", "p-cpe:/a:novell:opensuse:php5-gd-debuginfo", "p-cpe:/a:novell:opensuse:php5-firebird", "p-cpe:/a:novell:opensuse:php5-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-curl-debuginfo", "cpe:/o:novell:opensuse:13.1", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-ldap"], "id": "OPENSUSE-2014-546.NASL", "href": "https://www.tenable.com/plugins/nessus/77720", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-546.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77720);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3597\", \"CVE-2014-4049\", \"CVE-2014-5120\", \"CVE-2014-5459\");\n\n script_name(english:\"openSUSE Security Update : php5 (openSUSE-SU-2014:1133-1)\");\n script_summary(english:\"Check for the openSUSE-2014-546 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"php5 was updated to fix three security issues :\n\n - Insecure temporary file use for cache data was fixed by\n switching to a different root only directory\n /var/cache/php-pear (CVE-2014-5459)\n\n - An incomplete fix for CVE-2014-4049 (CVE-2014-3597) \n\n - gd extension: NUL byte injection in filenames passed to\n image handling functions was fixed (CVE-2014-5120)\n\nAlso a bug was fixed :\n\n - fixed suhosin crash if used with php\n session_set_save_handler() [bnc#895658]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=893849\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=893853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=893855\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=895658\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-09/msg00024.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-mod_php5-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-mod_php5-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bcmath-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bcmath-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bz2-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bz2-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-calendar-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-calendar-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ctype-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ctype-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-curl-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-curl-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dba-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dba-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-debugsource-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-devel-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dom-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dom-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-enchant-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-enchant-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-exif-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-exif-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fastcgi-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fastcgi-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fileinfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fileinfo-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fpm-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fpm-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ftp-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ftp-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gd-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gd-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gettext-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gettext-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gmp-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gmp-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-iconv-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-iconv-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-imap-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-imap-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-intl-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-intl-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-json-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-json-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ldap-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ldap-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mbstring-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mbstring-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mcrypt-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mcrypt-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mssql-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mssql-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mysql-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mysql-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-odbc-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-odbc-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-openssl-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-openssl-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pcntl-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pcntl-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pdo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pdo-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pear-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pgsql-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pgsql-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-phar-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-phar-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-posix-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-posix-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pspell-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pspell-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-readline-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-readline-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-shmop-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-shmop-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-snmp-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-snmp-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-soap-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-soap-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sockets-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sockets-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sqlite-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sqlite-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-suhosin-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-suhosin-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvmsg-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvmsg-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvsem-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvsem-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvshm-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvshm-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tidy-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tidy-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tokenizer-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tokenizer-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-wddx-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-wddx-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlreader-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlreader-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlrpc-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlrpc-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlwriter-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlwriter-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xsl-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xsl-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zip-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zip-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zlib-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zlib-debuginfo-5.3.17-3.34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"apache2-mod_php5-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"apache2-mod_php5-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bcmath-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bcmath-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bz2-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bz2-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-calendar-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-calendar-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ctype-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ctype-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-curl-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-curl-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dba-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dba-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-debugsource-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-devel-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dom-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dom-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-enchant-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-enchant-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-exif-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-exif-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fastcgi-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fastcgi-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fileinfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fileinfo-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-firebird-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-firebird-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fpm-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fpm-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ftp-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ftp-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gd-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gd-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gettext-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gettext-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gmp-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gmp-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-iconv-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-iconv-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-imap-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-imap-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-intl-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-intl-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-json-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-json-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ldap-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ldap-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mbstring-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mbstring-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mcrypt-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mcrypt-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mssql-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mssql-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mysql-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mysql-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-odbc-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-odbc-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-openssl-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-openssl-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pcntl-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pcntl-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pdo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pdo-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pear-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pgsql-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pgsql-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-phar-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-phar-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-posix-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-posix-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pspell-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pspell-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-readline-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-readline-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-shmop-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-shmop-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-snmp-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-snmp-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-soap-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-soap-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sockets-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sockets-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sqlite-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sqlite-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-suhosin-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-suhosin-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvmsg-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvmsg-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvsem-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvsem-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvshm-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvshm-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tidy-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tidy-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tokenizer-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tokenizer-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-wddx-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-wddx-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlreader-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlreader-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlrpc-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlrpc-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlwriter-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlwriter-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xsl-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xsl-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zip-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zip-debuginfo-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zlib-5.4.20-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zlib-debuginfo-5.4.20-30.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php5\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T15:27:24", "description": "Christian Hoffmann discovered that the PHP FastCGI Process Manager\n(FPM) set incorrect permissions on the UNIX socket. A local attacker\ncould use this issue to possibly elevate their privileges. This issue\nonly affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS.\n(CVE-2014-0185)\n\nFrancisco Alonso discovered that the PHP Fileinfo component\nincorrectly handled certain CDF documents. A remote attacker could use\nthis issue to cause PHP to hang or crash, resulting in a denial of\nservice. (CVE-2014-0237, CVE-2014-0238)\n\nStefan Esser discovered that PHP incorrectly handled DNS TXT records.\nA remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2014-4049).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 22, "published": "2014-06-24T00:00:00", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 13.10 / 14.04 LTS : php5 vulnerabilities (USN-2254-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0237", "CVE-2014-4049", "CVE-2014-0185", "CVE-2014-0238"], "modified": "2014-06-24T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5", "p-cpe:/a:canonical:ubuntu_linux:php5-cgi", "p-cpe:/a:canonical:ubuntu_linux:php5-cli", "cpe:/o:canonical:ubuntu_linux:13.10", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:php5-fpm", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2254-1.NASL", "href": "https://www.tenable.com/plugins/nessus/76201", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2254-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76201);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-0185\", \"CVE-2014-0237\", \"CVE-2014-0238\", \"CVE-2014-4049\");\n script_bugtraq_id(67118, 67759, 67765, 68007);\n script_xref(name:\"USN\", value:\"2254-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 13.10 / 14.04 LTS : php5 vulnerabilities (USN-2254-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Christian Hoffmann discovered that the PHP FastCGI Process Manager\n(FPM) set incorrect permissions on the UNIX socket. A local attacker\ncould use this issue to possibly elevate their privileges. This issue\nonly affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS.\n(CVE-2014-0185)\n\nFrancisco Alonso discovered that the PHP Fileinfo component\nincorrectly handled certain CDF documents. A remote attacker could use\nthis issue to cause PHP to hang or crash, resulting in a denial of\nservice. (CVE-2014-0237, CVE-2014-0238)\n\nStefan Esser discovered that PHP incorrectly handled DNS TXT records.\nA remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2014-4049).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2254-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|12\\.04|13\\.10|14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 13.10 / 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.3.2-1ubuntu4.25\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-cgi\", pkgver:\"5.3.2-1ubuntu4.25\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-cli\", pkgver:\"5.3.2-1ubuntu4.25\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.3.10-1ubuntu3.12\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-cgi\", pkgver:\"5.3.10-1ubuntu3.12\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-cli\", pkgver:\"5.3.10-1ubuntu3.12\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-fpm\", pkgver:\"5.3.10-1ubuntu3.12\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.5.3+dfsg-1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"php5-cgi\", pkgver:\"5.5.3+dfsg-1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"php5-cli\", pkgver:\"5.5.3+dfsg-1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"php5-fpm\", pkgver:\"5.5.3+dfsg-1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.5.9+dfsg-1ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-cgi\", pkgver:\"5.5.9+dfsg-1ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-cli\", pkgver:\"5.5.9+dfsg-1ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-fpm\", pkgver:\"5.5.9+dfsg-1ubuntu4.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapache2-mod-php5 / php5-cgi / php5-cli / php5-fpm\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T14:37:36", "description": "php53 was updated to fix the following security vulnerabilities :\n\n - Heap-based buffer overflow in DNS TXT record parsing.\n (CVE-2014-4049)\n\n - Denial of service in Fileinfo component. (CVE-2014-0238)\n\n - Performance degradation by too many file_printf calls.\n (CVE-2014-0237)\n\n - NULL pointer dereference in GD XPM decoder.\n (CVE-2014-2497)", "edition": 15, "published": "2014-07-04T00:00:00", "title": "SuSE 11.3 Security Update : php53 (SAT Patch Number 9450)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0237", "CVE-2014-4049", "CVE-2014-2497", "CVE-2014-0238"], "modified": "2014-07-04T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:php53-fileinfo", "p-cpe:/a:novell:suse_linux:11:php53-ftp", "p-cpe:/a:novell:suse_linux:11:php53-mysql", "p-cpe:/a:novell:suse_linux:11:php53-calendar", "p-cpe:/a:novell:suse_linux:11:php53-curl", "p-cpe:/a:novell:suse_linux:11:php53-zlib", "p-cpe:/a:novell:suse_linux:11:php53-soap", "p-cpe:/a:novell:suse_linux:11:php53-sysvshm", "p-cpe:/a:novell:suse_linux:11:php53-xmlwriter", "p-cpe:/a:novell:suse_linux:11:php53-bz2", "p-cpe:/a:novell:suse_linux:11:php53-wddx", "p-cpe:/a:novell:suse_linux:11:php53-suhosin", "p-cpe:/a:novell:suse_linux:11:php53-sysvmsg", "p-cpe:/a:novell:suse_linux:11:php53-odbc", "p-cpe:/a:novell:suse_linux:11:php53-ldap", "p-cpe:/a:novell:suse_linux:11:php53-gd", "p-cpe:/a:novell:suse_linux:11:php53-xsl", "p-cpe:/a:novell:suse_linux:11:php53-ctype", "p-cpe:/a:novell:suse_linux:11:php53-pear", "p-cpe:/a:novell:suse_linux:11:php53-bcmath", "p-cpe:/a:novell:suse_linux:11:php53-pcntl", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:php53-dom", "p-cpe:/a:novell:suse_linux:11:php53-openssl", "p-cpe:/a:novell:suse_linux:11:php53-mbstring", "p-cpe:/a:novell:suse_linux:11:php53-intl", "p-cpe:/a:novell:suse_linux:11:php53-xmlrpc", "p-cpe:/a:novell:suse_linux:11:php53-sysvsem", "p-cpe:/a:novell:suse_linux:11:php53-iconv", "p-cpe:/a:novell:suse_linux:11:php53-pspell", "p-cpe:/a:novell:suse_linux:11:php53-exif", "p-cpe:/a:novell:suse_linux:11:php53-pdo", "p-cpe:/a:novell:suse_linux:11:php53-tokenizer", "p-cpe:/a:novell:suse_linux:11:php53-zip", "p-cpe:/a:novell:suse_linux:11:php53-dba", "p-cpe:/a:novell:suse_linux:11:php53-fastcgi", "p-cpe:/a:novell:suse_linux:11:apache2-mod_php53", "p-cpe:/a:novell:suse_linux:11:php53-pgsql", "p-cpe:/a:novell:suse_linux:11:php53-xmlreader", "p-cpe:/a:novell:suse_linux:11:php53-gmp", "p-cpe:/a:novell:suse_linux:11:php53-mcrypt", "p-cpe:/a:novell:suse_linux:11:php53", "p-cpe:/a:novell:suse_linux:11:php53-json", "p-cpe:/a:novell:suse_linux:11:php53-shmop", "p-cpe:/a:novell:suse_linux:11:php53-gettext", "p-cpe:/a:novell:suse_linux:11:php53-snmp"], "id": "SUSE_11_APACHE2-MOD_PHP53-140627.NASL", "href": "https://www.tenable.com/plugins/nessus/76367", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76367);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-0237\", \"CVE-2014-0238\", \"CVE-2014-2497\", \"CVE-2014-4049\");\n\n script_name(english:\"SuSE 11.3 Security Update : php53 (SAT Patch Number 9450)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"php53 was updated to fix the following security vulnerabilities :\n\n - Heap-based buffer overflow in DNS TXT record parsing.\n (CVE-2014-4049)\n\n - Denial of service in Fileinfo component. (CVE-2014-0238)\n\n - Performance degradation by too many file_printf calls.\n (CVE-2014-0237)\n\n - NULL pointer dereference in GD XPM decoder.\n (CVE-2014-2497)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=868624\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=880904\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=880905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=882992\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-0237.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-0238.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-2497.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-4049.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 9450.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-mod_php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"apache2-mod_php53-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-bcmath-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-bz2-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-calendar-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-ctype-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-curl-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-dba-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-dom-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-exif-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-fastcgi-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-fileinfo-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-ftp-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-gd-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-gettext-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-gmp-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-iconv-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-intl-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-json-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-ldap-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-mbstring-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-mcrypt-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-mysql-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-odbc-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-openssl-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pcntl-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pdo-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pear-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pgsql-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pspell-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-shmop-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-snmp-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-soap-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-suhosin-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-sysvmsg-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-sysvsem-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-sysvshm-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-tokenizer-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-wddx-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xmlreader-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xmlrpc-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xmlwriter-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xsl-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-zip-5.3.17-0.23.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-zlib-5.3.17-0.23.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T15:27:24", "description": "USN-2254-1 fixed vulnerabilities in PHP. The fix for CVE-2014-0185\nfurther restricted the permissions on the PHP FastCGI Process Manager\n(FPM) UNIX socket. This update grants socket access to the www-data\nuser and group so installations and documentation relying on the\nprevious socket permissions will continue to function.\n\nChristian Hoffmann discovered that the PHP FastCGI Process Manager\n(FPM) set incorrect permissions on the UNIX socket. A local attacker\ncould use this issue to possibly elevate their privileges. This issue\nonly affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS.\n(CVE-2014-0185)\n\nFrancisco Alonso discovered that the PHP Fileinfo component\nincorrectly handled certain CDF documents. A remote attacker\ncould use this issue to cause PHP to hang or crash,\nresulting in a denial of service. (CVE-2014-0237,\nCVE-2014-0238)\n\nStefan Esser discovered that PHP incorrectly handled DNS TXT\nrecords. A remote attacker could use this issue to cause PHP\nto crash, resulting in a denial of service, or possibly\nexecute arbitrary code. (CVE-2014-4049).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 22, "published": "2014-06-26T00:00:00", "title": "Ubuntu 13.10 / 14.04 LTS : php5 updates (USN-2254-2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0237", "CVE-2014-4049", "CVE-2014-0185", "CVE-2014-0238"], "modified": "2014-06-26T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:13.10", "p-cpe:/a:canonical:ubuntu_linux:php5-fpm", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2254-2.NASL", "href": "https://www.tenable.com/plugins/nessus/76249", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2254-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76249);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-0185\", \"CVE-2014-0237\", \"CVE-2014-0238\", \"CVE-2014-4049\");\n script_bugtraq_id(67118, 67759, 67765, 68007);\n script_xref(name:\"USN\", value:\"2254-2\");\n\n script_name(english:\"Ubuntu 13.10 / 14.04 LTS : php5 updates (USN-2254-2)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-2254-1 fixed vulnerabilities in PHP. The fix for CVE-2014-0185\nfurther restricted the permissions on the PHP FastCGI Process Manager\n(FPM) UNIX socket. This update grants socket access to the www-data\nuser and group so installations and documentation relying on the\nprevious socket permissions will continue to function.\n\nChristian Hoffmann discovered that the PHP FastCGI Process Manager\n(FPM) set incorrect permissions on the UNIX socket. A local attacker\ncould use this issue to possibly elevate their privileges. This issue\nonly affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS.\n(CVE-2014-0185)\n\nFrancisco Alonso discovered that the PHP Fileinfo component\nincorrectly handled certain CDF documents. A remote attacker\ncould use this issue to cause PHP to hang or crash,\nresulting in a denial of service. (CVE-2014-0237,\nCVE-2014-0238)\n\nStefan Esser discovered that PHP incorrectly handled DNS TXT\nrecords. A remote attacker could use this issue to cause PHP\nto crash, resulting in a denial of service, or possibly\nexecute arbitrary code. (CVE-2014-4049).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2254-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php5-fpm package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/05/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(13\\.10|14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 13.10 / 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"13.10\", pkgname:\"php5-fpm\", pkgver:\"5.5.3+dfsg-1ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-fpm\", pkgver:\"5.5.9+dfsg-1ubuntu4.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php5-fpm\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T09:48:43", "description": "Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. The Common\nVulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2014-3538\n It was discovered that the original fix for\n CVE-2013-7345 did not sufficiently address the problem.\n A remote attacker could still cause a denial of service\n (CPU consumption) via a specially crafted input file\n that triggers backtracking during processing of an awk\n regular expression rule.\n\n - CVE-2014-3587\n It was discovered that the CDF parser of the fileinfo\n module does not properly process malformed files in the\n Composite Document File (CDF) format, leading to\n crashes.\n\n - CVE-2014-3597\n It was discovered that the original fix for\n CVE-2014-4049 did not completely address the issue. A\n malicious server or man-in-the-middle attacker could\n cause a denial of service (crash) and possibly execute\n arbitrary code via a crafted DNS TXT record.\n\n - CVE-2014-4670\n It was discovered that PHP incorrectly handled certain\n SPL Iterators. A local attacker could use this flaw to\n cause PHP to crash, resulting in a denial of service.", "edition": 15, "published": "2014-08-22T00:00:00", "title": "Debian DSA-3008-1 : php5 - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-7345", "CVE-2014-3587", "CVE-2014-4670", "CVE-2014-3538", "CVE-2014-3597", "CVE-2014-4049"], "modified": "2014-08-22T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:php5", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3008.NASL", "href": "https://www.tenable.com/plugins/nessus/77307", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3008. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77307);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3538\", \"CVE-2014-3587\", \"CVE-2014-3597\", \"CVE-2014-4670\");\n script_bugtraq_id(68348, 68513, 69325);\n script_xref(name:\"DSA\", value:\"3008\");\n\n script_name(english:\"Debian DSA-3008-1 : php5 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. The Common\nVulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2014-3538\n It was discovered that the original fix for\n CVE-2013-7345 did not sufficiently address the problem.\n A remote attacker could still cause a denial of service\n (CPU consumption) via a specially crafted input file\n that triggers backtracking during processing of an awk\n regular expression rule.\n\n - CVE-2014-3587\n It was discovered that the CDF parser of the fileinfo\n module does not properly process malformed files in the\n Composite Document File (CDF) format, leading to\n crashes.\n\n - CVE-2014-3597\n It was discovered that the original fix for\n CVE-2014-4049 did not completely address the issue. A\n malicious server or man-in-the-middle attacker could\n cause a denial of service (crash) and possibly execute\n arbitrary code via a crafted DNS TXT record.\n\n - CVE-2014-4670\n It was discovered that PHP incorrectly handled certain\n SPL Iterators. A local attacker could use this flaw to\n cause PHP to crash, resulting in a denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-3538\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-7345\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-3587\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-3597\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-4049\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-4670\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/php5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-3008\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the php5 packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 5.4.4-14+deb7u13. In addition, this update contains several\nbugfixes originally targeted for the upcoming Wheezy point release.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libapache2-mod-php5\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libphp5-embed\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php-pear\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-cgi\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-cli\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-common\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-curl\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-dbg\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-dev\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-enchant\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-fpm\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-gd\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-gmp\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-imap\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-interbase\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-intl\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-ldap\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-mcrypt\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-mysql\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-mysqlnd\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-odbc\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-pgsql\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-pspell\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-recode\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-snmp\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-sqlite\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-sybase\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-tidy\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-xmlrpc\", reference:\"5.4.4-14+deb7u13\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-xsl\", reference:\"5.4.4-14+deb7u13\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:44:01", "description": "CVE-2014-3538\n\nIt was discovered that the original fix for CVE-2013-7345 did not\nsufficiently address the problem. A remote attacker could still cause\na denial of service (CPU consumption) via a specially crafted input\nfile that triggers backtracking during processing of an awk regular\nexpression rule.\n\nCVE-2014-3587\n\nIt was discovered that the CDF parser of the fileinfo module does not\nproperly process malformed files in the Composite Document File (CDF)\nformat, leading to crashes.\n\nCVE-2014-3597\n\nIt was discovered that the original fix for CVE-2014-4049 did not\ncompletely address the issue. A malicious server or man-in-the-middle\nattacker could cause a denial of service (crash) and possibly execute\narbitrary code via a crafted DNS TXT record.\n\nCVE-2014-4670\n\nIt was discovered that PHP incorrectly handled certain SPL Iterators.\nA local attacker could use this flaw to cause PHP to crash, resulting\nin a denial of service.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 14, "published": "2015-03-26T00:00:00", "title": "Debian DLA-67-1 : php5 security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-7345", "CVE-2014-3587", "CVE-2014-4670", "CVE-2014-3538", "CVE-2014-3597", "CVE-2014-4049"], "modified": "2015-03-26T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:php5-pspell", "p-cpe:/a:debian:debian_linux:php-pear", "p-cpe:/a:debian:debian_linux:php5-xsl", "p-cpe:/a:debian:debian_linux:php5-mcrypt", "p-cpe:/a:debian:debian_linux:php5-gd", "p-cpe:/a:debian:debian_linux:php5-interbase", "p-cpe:/a:debian:debian_linux:php5-mysql", "p-cpe:/a:debian:debian_linux:libapache2-mod-php5filter", "p-cpe:/a:debian:debian_linux:php5-intl", "p-cpe:/a:debian:debian_linux:php5-dbg", "p-cpe:/a:debian:debian_linux:php5-xmlrpc", "p-cpe:/a:debian:debian_linux:php5-dev", "p-cpe:/a:debian:debian_linux:php5-sybase", "p-cpe:/a:debian:debian_linux:php5-enchant", "p-cpe:/a:debian:debian_linux:php5-recode", "p-cpe:/a:debian:debian_linux:php5-cli", "p-cpe:/a:debian:debian_linux:php5-cgi", "p-cpe:/a:debian:debian_linux:php5-pgsql", "p-cpe:/a:debian:debian_linux:php5-sqlite", "p-cpe:/a:debian:debian_linux:php5-odbc", "p-cpe:/a:debian:debian_linux:php5-common", "p-cpe:/a:debian:debian_linux:php5-gmp", "p-cpe:/a:debian:debian_linux:php5", "p-cpe:/a:debian:debian_linux:php5-curl", "p-cpe:/a:debian:debian_linux:php5-snmp", "p-cpe:/a:debian:debian_linux:php5-imap", "p-cpe:/a:debian:debian_linux:libapache2-mod-php5", "p-cpe:/a:debian:debian_linux:php5-tidy", "p-cpe:/a:debian:debian_linux:php5-ldap"], "id": "DEBIAN_DLA-67.NASL", "href": "https://www.tenable.com/plugins/nessus/82212", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-67-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82212);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3538\", \"CVE-2014-3587\", \"CVE-2014-3597\");\n script_bugtraq_id(68348, 69322, 69325);\n\n script_name(english:\"Debian DLA-67-1 : php5 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2014-3538\n\nIt was discovered that the original fix for CVE-2013-7345 did not\nsufficiently address the problem. A remote attacker could still cause\na denial of service (CPU consumption) via a specially crafted input\nfile that triggers backtracking during processing of an awk regular\nexpression rule.\n\nCVE-2014-3587\n\nIt was discovered that the CDF parser of the fileinfo module does not\nproperly process malformed files in the Composite Document File (CDF)\nformat, leading to crashes.\n\nCVE-2014-3597\n\nIt was discovered that the original fix for CVE-2014-4049 did not\ncompletely address the issue. A malicious server or man-in-the-middle\nattacker could cause a denial of service (crash) and possibly execute\narbitrary code via a crafted DNS TXT record.\n\nCVE-2014-4670\n\nIt was discovered that PHP incorrectly handled certain SPL Iterators.\nA local attacker could use this flaw to cause PHP to crash, resulting\nin a denial of service.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2014/09/msg00024.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/php5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache2-mod-php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache2-mod-php5filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-interbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-sybase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libapache2-mod-php5\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php-pear\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-cgi\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-cli\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-common\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-curl\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-dbg\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-dev\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-enchant\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-gd\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-gmp\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-imap\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-interbase\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-intl\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-ldap\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-mcrypt\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-mysql\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-odbc\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-pgsql\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-pspell\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-recode\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-snmp\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-sqlite\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-sybase\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-tidy\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-xmlrpc\", reference:\"5.3.3-7+squeeze22\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-xsl\", reference:\"5.3.3-7+squeeze22\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-08-12T01:06:43", "bulletinFamily": "unix", "cvelist": ["CVE-2014-4049"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2961-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nJune 16, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : php5\nCVE ID : CVE-2014-4049\nDebian Bug : 751364\n\nIt was discovered that PHP, a general-purpose scripting language\ncommonly used for web application development, is vulnerable to a\nheap-based buffer overflow in the DNS TXT record parsing. A malicious\nserver or man-in-the-middle attacker could possibly use this flaw to\nexecute arbitrary code as the PHP interpreter if a PHP application uses\ndns_get_record() to perform a DNS query.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 5.4.4-14+deb7u11.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 5.6.0~beta4+dfsg-3.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 5.6.0~beta4+dfsg-3.\n\nWe recommend that you upgrade your php5 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 7, "modified": "2014-06-16T19:30:32", "published": "2014-06-16T19:30:32", "id": "DEBIAN:DSA-2961-1:4C273", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00142.html", "title": "[SECURITY] [DSA 2961-1] php5 security update", "type": "debian", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-11T13:16:49", "bulletinFamily": "unix", "cvelist": ["CVE-2013-7345", "CVE-2014-3587", "CVE-2014-4670", "CVE-2014-3538", "CVE-2014-3597", "CVE-2014-4049"], "description": "Package : php5\nVersion : 5.3.3-7+squeeze22\nCVE ID : CVE-2014-3538 CVE-2014-3587 CVE-2014-3597\n\n\nCVE-2014-3538\n\n It was discovered that the original fix for CVE-2013-7345 did not\n sufficiently address the problem. A remote attacker could still\n cause a denial of service (CPU consumption) via a specially-crafted\n input file that triggers backtracking during processing of an awk\n regular expression rule.\n\nCVE-2014-3587\n\n It was discovered that the CDF parser of the fileinfo module does\n not properly process malformed files in the Composite Document File\n (CDF) format, leading to crashes.\n\nCVE-2014-3597\n\n It was discovered that the original fix for CVE-2014-4049 did not\n completely address the issue. A malicious server or\n man-in-the-middle attacker could cause a denial of service (crash)\n and possibly execute arbitrary code via a crafted DNS TXT record.\n\nCVE-2014-4670\n\n It was discovered that PHP incorrectly handled certain SPL\n Iterators. A local attacker could use this flaw to cause PHP to\n crash, resulting in a denial of service.\n\n", "edition": 7, "modified": "2014-09-30T07:46:52", "published": "2014-09-30T07:46:52", "id": "DEBIAN:DLA-67-1:7F98B", "href": "https://lists.debian.org/debian-lts-announce/2014/debian-lts-announce-201409/msg00024.html", "title": "[SECURITY] [DLA 67-1] php5 security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:22:57", "bulletinFamily": "unix", "cvelist": ["CVE-2013-7345", "CVE-2014-3587", "CVE-2014-4670", "CVE-2014-3538", "CVE-2014-3597", "CVE-2014-4049"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3008-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nAugust 21, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : php5\nCVE ID : CVE-2014-3538 CVE-2014-3587 CVE-2014-3597 CVE-2014-4670\n\nSeveral vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2014-3538\n\n It was discovered that the original fix for CVE-2013-7345 did not\n sufficiently address the problem. A remote attacker could still\n cause a denial of service (CPU consumption) via a specially-crafted\n input file that triggers backtracking during processing of an awk\n regular expression rule.\n\nCVE-2014-3587\n\n It was discovered that the CDF parser of the fileinfo module does\n not properly process malformed files in the Composite Document File\n (CDF) format, leading to crashes.\n\nCVE-2014-3597\n\n It was discovered that the original fix for CVE-2014-4049 did not\n completely address the issue. A malicious server or\n man-in-the-middle attacker could cause a denial of service (crash)\n and possibly execute arbitrary code via a crafted DNS TXT record.\n\nCVE-2014-4670\n\n It was discovered that PHP incorrectly handled certain SPL\n Iterators. A local attacker could use this flaw to cause PHP to\n crash, resulting in a denial of service.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 5.4.4-14+deb7u13. In addition, this update contains several\nbugfixes originally targeted for the upcoming Wheezy point release.\n\nFor the unstable distribution (sid), these problems will be fied soon.\n\nWe recommend that you upgrade your php5 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2014-08-21T06:22:40", "published": "2014-08-21T06:22:40", "id": "DEBIAN:DSA-3008-1:C990A", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00191.html", "title": "[SECURITY] [DSA 3008-1] php5 security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:21:50", "bulletinFamily": "unix", "cvelist": ["CVE-2013-7345", "CVE-2014-3587", "CVE-2014-4670", "CVE-2014-3538", "CVE-2014-3597", "CVE-2014-4049"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3008-2 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nAugust 21, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : php5\nCVE ID : CVE-2014-3538 CVE-2014-3587 CVE-2014-3597 CVE-2014-4670\n\nThis update corrects a packaging error for the packages released in\nDSA-3008-1. The new sessionclean script used in the updated cronjob in\n/etc/cron.d/php5 was not installed into the php5-common package. No\nother changes are introduced. For reference, the original advisory text\nfollows.\n\nSeveral vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2014-3538\n\n It was discovered that the original fix for CVE-2013-7345 did not\n sufficiently address the problem. A remote attacker could still\n cause a denial of service (CPU consumption) via a specially-crafted\n input file that triggers backtracking during processing of an awk\n regular expression rule.\n\nCVE-2014-3587\n\n It was discovered that the CDF parser of the fileinfo module does\n not properly process malformed files in the Composite Document File\n (CDF) format, leading to crashes.\n\nCVE-2014-3597\n\n It was discovered that the original fix for CVE-2014-4049 did not\n completely address the issue. A malicious server or\n man-in-the-middle attacker could cause a denial of service (crash)\n and possibly execute arbitrary code via a crafted DNS TXT record.\n\nCVE-2014-4670\n\n It was discovered that PHP incorrectly handled certain SPL\n Iterators. A local attacker could use this flaw to cause PHP to\n crash, resulting in a denial of service.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 5.4.4-14+deb7u13. In addition, this update contains several\nbugfixes originally targeted for the upcoming Wheezy point release.\n\nFor the unstable distribution (sid), these problems will be fied soon.\n\nWe recommend that you upgrade your php5 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2014-08-21T12:40:18", "published": "2014-08-21T12:40:18", "id": "DEBIAN:DSA-3008-2:2595B", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00193.html", "title": "[SECURITY] [DSA 3008-2] php5 regression update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2016-09-04T11:35:06", "bulletinFamily": "unix", "cvelist": ["CVE-2014-4049", "CVE-2014-2497"], "description": "PHP5 has been updated to fix two security vulnerabilities:\n\n * Heap-based buffer overflow in DNS TXT record parsing (CVE-2014-4049)\n * NULL pointer dereference in GD XPM decoder (CVE-2014-2497)\n", "edition": 1, "modified": "2014-07-04T00:04:20", "published": "2014-07-04T00:04:20", "id": "SUSE-SU-2014:0868-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00001.html", "type": "suse", "title": "Security update for PHP5 (important)", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:57:54", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0237", "CVE-2014-4049", "CVE-2014-2497", "CVE-2014-0238"], "description": "php53 was updated to fix the following security vulnerabilities:\n\n * Heap-based buffer overflow in DNS TXT record parsing. (CVE-2014-4049)\n * Denial of service in Fileinfo component. (CVE-2014-0238)\n * Performance degradation by too many file_printf calls.\n (CVE-2014-0237)\n * NULL pointer dereference in GD XPM decoder. (CVE-2014-2497)\n\n Security Issues references:\n\n * CVE-2014-4049\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049</a>&gt;\n * CVE-2014-0238\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238</a>&gt;\n * CVE-2014-0237\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237</a>&gt;\n * CVE-2014-2497\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497</a>&gt;\n\n", "edition": 1, "modified": "2014-07-04T01:04:18", "published": "2014-07-04T01:04:18", "id": "SUSE-SU-2014:0869-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00002.html", "type": "suse", "title": "Security update for php53 (important)", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:50:21", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4248", "CVE-2014-4049", "CVE-2013-6420", "CVE-2014-2497"], "description": "PHP5 has been updated to fix four security vulnerabilities:\n\n * Heap-based buffer overflow in DNS TXT record parsing (CVE-2014-4049)\n * Heap based buffer overflow in time handling in openssl_x509_parse\n (CVE-2013-6420)\n * Man in the Middle attack in the the openssl_x509_parse due to lack\n of \\0 handling (CVE-2013-4248)\n * NULL pointer dereference in GD XPM decoder (CVE-2014-2497)\n\n Security Issues:\n\n * CVE-2014-4049\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049</a>&gt;\n * CVE-2013-6420\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420</a>&gt;\n * CVE-2013-4248\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4248\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4248</a>&gt;\n * CVE-2014-2497\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497</a>&gt;\n\n", "edition": 1, "modified": "2014-07-07T19:04:42", "published": "2014-07-07T19:04:42", "id": "SUSE-SU-2014:0873-2", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00005.html", "title": "Security update for PHP5 (important)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4248", "CVE-2014-4049", "CVE-2013-6420", "CVE-2014-2497"], "description": "PHP5 has been updated to fix four security vulnerabilities:\n\n * Heap-based buffer overflow in DNS TXT record parsing (CVE-2014-4049)\n * NULL pointer dereference in GD XPM decoder (CVE-2014-2497)\n * Memory corrpution in openssl_parse_x509 (CVE-2013-6420)\n * Attackers can perform man-in-the-middle attacks by specially\n crafting certificates (CVE-2013-4248)\n\n Security Issues:\n\n * CVE-2014-4049\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049</a>&gt;\n * CVE-2014-2497\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497</a>&gt;\n * CVE-2013-6420\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420</a>&gt;\n * CVE-2013-4248\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4248\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4248</a>&gt;\n\n\n", "edition": 1, "modified": "2014-07-05T02:05:05", "published": "2014-07-05T02:05:05", "id": "SUSE-SU-2014:0873-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00004.html", "title": "Security update for PHP5 (important)", "type": "suse", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:09:51", "bulletinFamily": "unix", "cvelist": ["CVE-2014-9705", "CVE-2015-2787", "CVE-2015-0232", "CVE-2015-4601", "CVE-2014-9767", "CVE-2016-4342", "CVE-2015-2783", "CVE-2015-8873", "CVE-2015-5161", "CVE-2015-3329", "CVE-2014-3478", "CVE-2016-4540", "CVE-2016-4538", "CVE-2015-4644", "CVE-2015-8879", "CVE-2015-1352", "CVE-2016-3185", "CVE-2016-4544", "CVE-2015-2301", "CVE-2014-3515", "CVE-2014-3479", "CVE-2015-8867", "CVE-2014-9709", "CVE-2014-4670", "CVE-2015-2305", "CVE-2016-4543", "CVE-2014-3668", "CVE-2015-0273", "CVE-2016-4542", "CVE-2016-4541", "CVE-2014-3480", "CVE-2014-8142", "CVE-2015-4148", "CVE-2006-7243", "CVE-2014-0207", "CVE-2016-2554", "CVE-2014-3669", "CVE-2015-4024", "CVE-2015-8835", "CVE-2015-4021", "CVE-2014-3487", "CVE-2014-3597", "CVE-2015-6836", "CVE-2015-3152", "CVE-2015-4602", "CVE-2015-4026", "CVE-2015-6833", "CVE-2014-4721", "CVE-2016-4070", "CVE-2014-4698", "CVE-2015-8874", "CVE-2015-3411", "CVE-2015-4116", "CVE-2014-4049", "CVE-2015-6831", "CVE-2014-3670", "CVE-2015-5590", "CVE-2015-4600", "CVE-2015-4022", "CVE-2014-9652", "CVE-2015-3412", "CVE-2016-4539", "CVE-2015-6837", "CVE-2016-5093", "CVE-2016-5094", "CVE-2016-5095", "CVE-2016-4073", "CVE-2015-7803", "CVE-2014-5459", "CVE-2015-4603", "CVE-2015-4599", "CVE-2016-5096", "CVE-2015-4598", "CVE-2015-8866", "CVE-2015-5589", "CVE-2016-3141", "CVE-2015-4643", "CVE-2015-8838", "CVE-2016-4346", "CVE-2015-0231", "CVE-2016-5114", "CVE-2004-1019", "CVE-2016-3142", "CVE-2015-6838", "CVE-2016-4537"], "edition": 1, "description": "This update for php53 to version 5.3.17 fixes the following issues:\n\n These security issues were fixed:\n - CVE-2016-5093: get_icu_value_internal out-of-bounds read (bnc#982010).\n - CVE-2016-5094: Don't create strings with lengths outside int range\n (bnc#982011).\n - CVE-2016-5095: Don't create strings with lengths outside int range\n (bnc#982012).\n - CVE-2016-5096: int/size_t confusion in fread (bsc#982013).\n - CVE-2016-5114: fpm_log.c memory leak and buffer overflow (bnc#982162).\n - CVE-2015-8879: The odbc_bindcols function in ext/odbc/php_odbc.c in PHP\n mishandles driver behavior for SQL_WVARCHAR columns, which allowed\n remote attackers to cause a denial of service (application crash) in\n opportunistic circumstances by leveraging use of the odbc_fetch_array\n function to access a certain type of Microsoft SQL Server table\n (bsc#981050).\n - CVE-2015-4116: Use-after-free vulnerability in the spl_ptr_heap_insert\n function in ext/spl/spl_heap.c in PHP allowed remote attackers to\n execute arbitrary code by triggering a failed SplMinHeap::compare\n operation (bsc#980366).\n - CVE-2015-8874: Stack consumption vulnerability in GD in PHP allowed\n remote attackers to cause a denial of service via a crafted\n imagefilltoborder call (bsc#980375).\n - CVE-2015-8873: Stack consumption vulnerability in Zend/zend_exceptions.c\n in PHP allowed remote attackers to cause a denial of service\n (segmentation fault) via recursive method calls (bsc#980373).\n - CVE-2016-4540: The grapheme_stripos function in\n ext/intl/grapheme/grapheme_string.c in PHP allowed remote attackers to\n cause a denial of service (out-of-bounds read) or possibly have\n unspecified other impact via a negative offset (bsc#978829).\n - CVE-2016-4541: The grapheme_strpos function in\n ext/intl/grapheme/grapheme_string.c in PHP allowed remote attackers to\n cause a denial of service (out-of-bounds read) or possibly have\n unspecified other impact via a negative offset (bsc#978829.\n - CVE-2016-4542: The exif_process_IFD_TAG function in ext/exif/exif.c in\n PHP did not properly construct spprintf arguments, which allowed remote\n attackers to cause a denial of service (out-of-bounds read) or possibly\n have unspecified other impact via crafted header data (bsc#978830).\n - CVE-2016-4543: The exif_process_IFD_in_JPEG function in ext/exif/exif.c\n in PHP did not validate IFD sizes, which allowed remote attackers to\n cause a denial of service (out-of-bounds read) or possibly have\n unspecified other impact via crafted header data (bsc#978830.\n - CVE-2016-4544: The exif_process_TIFF_in_JPEG function in ext/exif/exif.c\n in PHP did not validate TIFF start data, which allowed remote attackers\n to cause a denial of service (out-of-bounds read) or possibly have\n unspecified other impact via crafted header data (bsc#978830.\n - CVE-2016-4537: The bcpowmod function in ext/bcmath/bcmath.c in PHP\n accepted a negative integer for the scale argument, which allowed remote\n attackers to cause a denial of service or possibly have unspecified\n other impact via a crafted call (bsc#978827).\n - CVE-2016-4538: The bcpowmod function in ext/bcmath/bcmath.c in PHP\n modified certain data structures without considering whether they are\n copies of the _zero_, _one_, or _two_ global variable, which allowed\n remote attackers to cause a denial of service or possibly have\n unspecified other impact via a crafted call (bsc#978827).\n - CVE-2016-4539: The xml_parse_into_struct function in ext/xml/xml.c in\n PHP allowed remote attackers to cause a denial of service (buffer\n under-read and segmentation fault) or possibly have unspecified other\n impact via crafted XML data in the second argument, leading to a parser\n level of zero (bsc#978828).\n - CVE-2016-4342: ext/phar/phar_object.c in PHP mishandles zero-length\n uncompressed data, which allowed remote attackers to cause a denial of\n service (heap memory corruption) or possibly have unspecified other\n impact via a crafted (1) TAR, (2) ZIP, or (3) PHAR archive (bsc#977991).\n - CVE-2016-4346: Integer overflow in the str_pad function in\n ext/standard/string.c in PHP allowed remote attackers to cause a denial\n of service or possibly have unspecified other impact via a long string,\n leading to a heap-based buffer overflow (bsc#977994).\n - CVE-2016-4073: Multiple integer overflows in the mbfl_strcut function in\n ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP allowed remote attackers to\n cause a denial of service (application crash) or possibly execute\n arbitrary code via a crafted mb_strcut call (bsc#977003).\n - CVE-2015-8867: The openssl_random_pseudo_bytes function in\n ext/openssl/openssl.c in PHP incorrectly relied on the deprecated\n RAND_pseudo_bytes function, which made it easier for remote attackers to\n defeat cryptographic protection mechanisms via unspecified vectors\n (bsc#977005).\n - CVE-2016-4070: Integer overflow in the php_raw_url_encode function in\n ext/standard/url.c in PHP allowed remote attackers to cause a denial of\n service (application crash) via a long string to the rawurlencode\n function (bsc#976997).\n - CVE-2015-8866: ext/libxml/libxml.c in PHP when PHP-FPM is used, did not\n isolate each thread from libxml_disable_entity_loader changes in other\n threads, which allowed remote attackers to conduct XML External Entity\n (XXE) and XML Entity Expansion (XEE) attacks via a crafted XML document,\n a related issue to CVE-2015-5161 (bsc#976996).\n - CVE-2015-8838: ext/mysqlnd/mysqlnd.c in PHP used a client SSL option to\n mean that SSL is optional, which allowed man-in-the-middle attackers to\n spoof servers via a cleartext-downgrade attack, a related issue to\n CVE-2015-3152 (bsc#973792).\n - CVE-2015-8835: The make_http_soap_request function in\n ext/soap/php_http.c in PHP did not properly retrieve keys, which allowed\n remote attackers to cause a denial of service (NULL pointer dereference,\n type confusion, and application crash) or possibly execute arbitrary\n code via crafted serialized data representing a numerically indexed\n _cookies array, related to the SoapClient::__call method in\n ext/soap/soap.c (bsc#973351).\n - CVE-2016-3141: Use-after-free vulnerability in wddx.c in the WDDX\n extension in PHP allowed remote attackers to cause a denial of service\n (memory corruption and application crash) or possibly have unspecified\n other impact by triggering a wddx_deserialize call on XML data\n containing a crafted var element (bsc#969821).\n - CVE-2016-3142: The phar_parse_zipfile function in zip.c in the PHAR\n extension in PHP allowed remote attackers to obtain sensitive\n information from process memory or cause a denial of service\n (out-of-bounds read and application crash) by placing a PK\\x05\\x06\n signature at an invalid location (bsc#971912).\n - CVE-2014-9767: Directory traversal vulnerability in the\n ZipArchive::extractTo function in ext/zip/php_zip.c in PHP\n ext/zip/ext_zip.cpp in HHVM allowed remote attackers to create arbitrary\n empty directories via a crafted ZIP archive (bsc#971612).\n - CVE-2016-3185: The make_http_soap_request function in\n ext/soap/php_http.c in PHP allowed remote attackers to obtain sensitive\n information from process memory or cause a denial of service (type\n confusion and application crash) via crafted serialized _cookies data,\n related to the SoapClient::__call method in ext/soap/soap.c (bsc#971611).\n - CVE-2016-2554: Stack-based buffer overflow in ext/phar/tar.c in PHP\n allowed remote attackers to cause a denial of service (application\n crash) or possibly have unspecified other impact via a crafted TAR\n archive (bsc#968284).\n - CVE-2015-7803: The phar_get_entry_data function in ext/phar/util.c in\n PHP allowed remote attackers to cause a denial of service (NULL pointer\n dereference and application crash) via a .phar file with a crafted TAR\n archive entry in which the Link indicator references a file that did not\n exist (bsc#949961).\n - CVE-2015-6831: Multiple use-after-free vulnerabilities in SPL in PHP\n allowed remote attackers to execute arbitrary code via vectors involving\n (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList,\n which are mishandled during unserialization (bsc#942291).\n - CVE-2015-6833: Directory traversal vulnerability in the PharData class\n in PHP allowed remote attackers to write to arbitrary files via a ..\n (dot dot) in a ZIP archive entry that is mishandled during an extractTo\n call (bsc#942296.\n - CVE-2015-6836: The SoapClient __call method in ext/soap/soap.c in PHP\n did not properly manage headers, which allowed remote attackers to\n execute arbitrary code via crafted serialized data that triggers a &quot;type\n confusion&quot; in the serialize_function_call function (bsc#945428).\n - CVE-2015-6837: The xsl_ext_function_php function in\n ext/xsl/xsltprocessor.c in PHP when libxml2 is used, did not consider\n the possibility of a NULL valuePop return value proceeding with a free\n operation during initial error checking, which allowed remote attackers\n to cause a denial of service (NULL pointer dereference and application\n crash) via a crafted XML document, a different vulnerability than\n CVE-2015-6838 (bsc#945412).\n - CVE-2015-6838: The xsl_ext_function_php function in\n ext/xsl/xsltprocessor.c in PHP when libxml2 is used, did not consider\n the possibility of a NULL valuePop return value proceeding with a free\n operation after the principal argument loop, which allowed remote\n attackers to cause a denial of service (NULL pointer dereference and\n application crash) via a crafted XML document, a different vulnerability\n than CVE-2015-6837 (bsc#945412).\n - CVE-2015-5590: Stack-based buffer overflow in the phar_fix_filepath\n function in ext/phar/phar.c in PHP allowed remote attackers to cause a\n denial of service or possibly have unspecified other impact via a large\n length value, as demonstrated by mishandling of an e-mail attachment by\n the imap PHP extension (bsc#938719).\n - CVE-2015-5589: The phar_convert_to_other function in\n ext/phar/phar_object.c in PHP did not validate a file pointer a close\n operation, which allowed remote attackers to cause a denial of service\n (segmentation fault) or possibly have unspecified other impact via a\n crafted TAR archive that is mishandled in a Phar::convertToData call\n (bsc#938721).\n - CVE-2015-4602: The __PHP_Incomplete_Class function in\n ext/standard/incomplete_class.c in PHP allowed remote attackers to cause\n a denial of service (application crash) or possibly execute arbitrary\n code via an unexpected data type, related to a &quot;type confusion&quot; issue\n (bsc#935224).\n - CVE-2015-4599: The SoapFault::__toString method in ext/soap/soap.c in\n PHP allowed remote attackers to obtain sensitive information, cause a\n denial of service (application crash), or possibly execute arbitrary\n code via an unexpected data type, related to a &quot;type confusion&quot; issue\n (bsc#935226).\n - CVE-2015-4600: The SoapClient implementation in PHP allowed remote\n attackers to cause a denial of service (application crash) or possibly\n execute arbitrary code via an unexpected data type, related to &quot;type\n confusion&quot; issues in the (1) SoapClient::__getLastRequest, (2)\n SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders,\n (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies,\n and (6) SoapClient::__setCookie methods (bsc#935226).\n - CVE-2015-4601: PHP allowed remote attackers to cause a denial of service\n (application crash) or possibly execute arbitrary code via an unexpected\n data type, related to &quot;type confusion&quot; issues in (1)\n ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3)\n ext/soap/soap.c, a different issue than CVE-2015-4600 (bsc#935226.\n - CVE-2015-4603: The exception::getTraceAsString function in\n Zend/zend_exceptions.c in PHP allowed remote attackers to execute\n arbitrary code via an unexpected data type, related to a &quot;type\n confusion&quot; issue (bsc#935234).\n - CVE-2015-4644: The php_pgsql_meta_data function in pgsql.c in the\n PostgreSQL (aka pgsql) extension in PHP did not validate token\n extraction for table names, which might allowed remote attackers to\n cause a denial of service (NULL pointer dereference and application\n crash) via a crafted name. NOTE: this vulnerability exists because of an\n incomplete fix for CVE-2015-1352 (bsc#935274).\n - CVE-2015-4643: Integer overflow in the ftp_genlist function in\n ext/ftp/ftp.c in PHP allowed remote FTP servers to execute arbitrary\n code via a long reply to a LIST command, leading to a heap-based buffer\n overflow. NOTE: this vulnerability exists because of an incomplete fix\n for CVE-2015-4022 (bsc#935275).\n - CVE-2015-3411: PHP did not ensure that pathnames lack %00 sequences,\n which might have allowed remote attackers to read or write to arbitrary\n files via crafted input to an application that calls (1) a DOMDocument\n load method, (2) the xmlwriter_open_uri function, (3) the finfo_file\n function, or (4) the hash_hmac_file function, as demonstrated by a\n filename\\0.xml attack that bypasses an intended configuration in which\n client users may read only .xml files (bsc#935227).\n - CVE-2015-3412: PHP did not ensure that pathnames lack %00 sequences,\n which might have allowed remote attackers to read arbitrary files via\n crafted input to an application that calls the\n stream_resolve_include_path function in ext/standard/streamsfuncs.c, as\n demonstrated by a filename\\0.extension attack that bypasses an intended\n configuration in which client users may read files with only one\n specific extension (bsc#935229).\n - CVE-2015-4598: PHP did not ensure that pathnames lack %00 sequences,\n which might have allowed remote attackers to read or write to arbitrary\n files via crafted input to an application that calls (1) a DOMDocument\n save method or (2) the GD imagepsloadfont function, as demonstrated by a\n filename\\0.html attack that bypasses an intended configuration in which\n client users may write to only .html files (bsc#935232).\n - CVE-2015-4148: The do_soap_call function in ext/soap/soap.c in PHP did\n not verify that the uri property is a string, which allowed remote\n attackers to obtain sensitive information by providing crafted\n serialized data with an int data type, related to a &quot;type confusion&quot;\n issue (bsc#933227).\n - CVE-2015-4024: Algorithmic complexity vulnerability in the\n multipart_buffer_headers function in main/rfc1867.c in PHP allowed\n remote attackers to cause a denial of service (CPU consumption) via\n crafted form data that triggers an improper order-of-growth outcome\n (bsc#931421).\n - CVE-2015-4026: The pcntl_exec implementation in PHP truncates a pathname\n upon encountering a \\x00 character, which might allowed remote attackers\n to bypass intended extension restrictions and execute files with\n unexpected names via a crafted first argument. NOTE: this vulnerability\n exists because of an incomplete fix for CVE-2006-7243 (bsc#931776).\n - CVE-2015-4022: Integer overflow in the ftp_genlist function in\n ext/ftp/ftp.c in PHP allowed remote FTP servers to execute arbitrary\n code via a long reply to a LIST command, leading to a heap-based buffer\n overflow (bsc#931772).\n - CVE-2015-4021: The phar_parse_tarfile function in ext/phar/tar.c in PHP\n did not verify that the first character of a filename is different from\n the \\0 character, which allowed remote attackers to cause a denial of\n service (integer underflow and memory corruption) via a crafted entry in\n a tar archive (bsc#931769).\n - CVE-2015-3329: Multiple stack-based buffer overflows in the\n phar_set_inode function in phar_internal.h in PHP allowed remote\n attackers to execute arbitrary code via a crafted length value in a (1)\n tar, (2) phar, or (3) ZIP archive (bsc#928506).\n - CVE-2015-2783: ext/phar/phar.c in PHP allowed remote attackers to obtain\n sensitive information from process memory or cause a denial of service\n (buffer over-read and application crash) via a crafted length value in\n conjunction with crafted serialized data in a phar archive, related to\n the phar_parse_metadata and phar_parse_pharfile functions (bsc#928511).\n - CVE-2015-2787: Use-after-free vulnerability in the process_nested_data\n function in ext/standard/var_unserializer.re in PHP allowed remote\n attackers to execute arbitrary code via a crafted unserialize call that\n leverages use of the unset function within an __wakeup function, a\n related issue to CVE-2015-0231 (bsc#924972).\n - CVE-2014-9709: The GetCode_ function in gd_gif_in.c in GD 2.1.1 and\n earlier, as used in PHP allowed remote attackers to cause a denial of\n service (buffer over-read and application crash) via a crafted GIF image\n that is improperly handled by the gdImageCreateFromGif function\n (bsc#923945).\n - CVE-2015-2301: Use-after-free vulnerability in the phar_rename_archive\n function in phar_object.c in PHP allowed remote attackers to cause a\n denial of service or possibly have unspecified other impact via vectors\n that trigger an attempted renaming of a Phar archive to the name of an\n existing file (bsc#922452).\n - CVE-2015-2305: Integer overflow in the regcomp implementation in the\n Henry Spencer BSD regex library (aka rxspencer) 32-bit platforms might\n have allowed context-dependent attackers to execute arbitrary code via a\n large regular expression that leads to a heap-based buffer overflow\n (bsc#921950).\n - CVE-2014-9705: Heap-based buffer overflow in the\n enchant_broker_request_dict function in ext/enchant/enchant.c in PHP\n allowed remote attackers to execute arbitrary code via vectors that\n trigger creation of multiple dictionaries (bsc#922451).\n - CVE-2015-0273: Multiple use-after-free vulnerabilities in\n ext/date/php_date.c in PHP allowed remote attackers to execute arbitrary\n code via crafted serialized input containing a (1) R or (2) r type\n specifier in (a) DateTimeZone data handled by the\n php_date_timezone_initialize_from_hash function or (b) DateTime data\n handled by the php_date_initialize_from_hash function (bsc#918768).\n - CVE-2014-9652: The mconvert function in softmagic.c in file as used in\n the Fileinfo component in PHP did not properly handle a certain\n string-length field during a copy of a truncated version of a Pascal\n string, which might allowed remote attackers to cause a denial of\n service (out-of-bounds memory access and application crash) via a\n crafted file (bsc#917150).\n - CVE-2014-8142: Use-after-free vulnerability in the process_nested_data\n function in ext/standard/var_unserializer.re in PHP allowed remote\n attackers to execute arbitrary code via a crafted unserialize call that\n leverages improper handling of duplicate keys within the serialized\n properties of an object, a different vulnerability than CVE-2004-1019\n (bsc#910659).\n - CVE-2015-0231: Use-after-free vulnerability in the process_nested_data\n function in ext/standard/var_unserializer.re in PHP allowed remote\n attackers to execute arbitrary code via a crafted unserialize call that\n leverages improper handling of duplicate numerical keys within the\n serialized properties of an object. NOTE: this vulnerability exists\n because of an incomplete fix for CVE-2014-8142 (bsc#910659).\n - CVE-2014-8142: Use-after-free vulnerability in the process_nested_data\n function in ext/standard/var_unserializer.re in PHP allowed remote\n attackers to execute arbitrary code via a crafted unserialize call that\n leverages improper handling of duplicate keys within the serialized\n properties of an object, a different vulnerability than CVE-2004-1019\n (bsc#910659).\n - CVE-2015-0232: The exif_process_unicode function in ext/exif/exif.c in\n PHP allowed remote attackers to execute arbitrary code or cause a denial\n of service (uninitialized pointer free and application crash) via\n crafted EXIF data in a JPEG image (bsc#914690).\n - CVE-2014-3670: The exif_ifd_make_value function in exif.c in the EXIF\n extension in PHP operates on floating-point arrays incorrectly, which\n allowed remote attackers to cause a denial of service (heap memory\n corruption and application crash) or possibly execute arbitrary code via\n a crafted JPEG image with TIFF thumbnail data that is improperly handled\n by the exif_thumbnail function (bsc#902357).\n - CVE-2014-3669: Integer overflow in the object_custom function in\n ext/standard/var_unserializer.c in PHP allowed remote attackers to cause\n a denial of service (application crash) or possibly execute arbitrary\n code via an argument to the unserialize function that triggers\n calculation of a large length value (bsc#902360).\n - CVE-2014-3668: Buffer overflow in the date_from_ISO8601 function in the\n mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in\n PHP allowed remote attackers to cause a denial of service (application\n crash) via (1) a crafted first argument to the xmlrpc_set_type function\n or (2) a crafted argument to the xmlrpc_decode function, related to an\n out-of-bounds read operation (bsc#902368).\n - CVE-2014-5459: The PEAR_REST class in REST.php in PEAR in PHP allowed\n local users to write to arbitrary files via a symlink attack on a (1)\n rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to\n the retrieveCacheFirst and useLocalCache functions (bsc#893849).\n - CVE-2014-3597: Multiple buffer overflows in the php_parserr function in\n ext/standard/dns.c in PHP allowed remote DNS servers to cause a denial\n of service (application crash) or possibly execute arbitrary code via a\n crafted DNS record, related to the dns_get_record function and the\n dn_expand function. NOTE: this issue exists because of an incomplete fix\n for CVE-2014-4049 (bsc#893853).\n - CVE-2014-4670: Use-after-free vulnerability in ext/spl/spl_dllist.c in\n the SPL component in PHP allowed context-dependent attackers to cause a\n denial of service or possibly have unspecified other impact via crafted\n iterator usage within applications in certain web-hosting environments\n (bsc#886059).\n - CVE-2014-4698: Use-after-free vulnerability in ext/spl/spl_array.c in\n the SPL component in PHP allowed context-dependent attackers to cause a\n denial of service or possibly have unspecified other impact via crafted\n ArrayIterator usage within applications in certain web-hosting\n environments (bsc#886060).\n - CVE-2014-4721: The phpinfo implementation in ext/standard/info.c in PHP\n did not ensure use of the string data type for the PHP_AUTH_PW,\n PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might\n allowed context-dependent attackers to obtain sensitive information from\n process memory by using the integer data type with crafted values,\n related to a &quot;type confusion&quot; vulnerability, as demonstrated by reading\n a private SSL key in an Apache HTTP Server web-hosting environment with\n mod_ssl and a PHP 5.3.x mod_php (bsc#885961).\n - CVE-2014-0207: The cdf_read_short_sector function in cdf.c in file as\n used in the Fileinfo component in PHP allowed remote attackers to cause\n a denial of service (assertion failure and application exit) via a\n crafted CDF file (bsc#884986).\n - CVE-2014-3478: Buffer overflow in the mconvert function in softmagic.c\n in file as used in the Fileinfo component in PHP allowed remote\n attackers to cause a denial of service (application crash) via a crafted\n Pascal string in a FILE_PSTRING conversion (bsc#884987).\n - CVE-2014-3479: The cdf_check_stream_offset function in cdf.c in file as\n used in the Fileinfo component in PHP relies on incorrect sector-size\n data, which allowed remote attackers to cause a denial of service\n (application crash) via a crafted stream offset in a CDF file\n (bsc#884989).\n - CVE-2014-3480: The cdf_count_chain function in cdf.c in file as used in\n the Fileinfo component in PHP did not properly validate sector-count\n data, which allowed remote attackers to cause a denial of service\n (application crash) via a crafted CDF file (bsc#884990).\n - CVE-2014-3487: The cdf_read_property_info function in file as used in\n the Fileinfo component in PHP did not properly validate a stream offset,\n which allowed remote attackers to cause a denial of service (application\n crash) via a crafted CDF file (bsc#884991).\n - CVE-2014-3515: The SPL component in PHP incorrectly anticipates that\n certain data structures will have the array data type after\n unserialization, which allowed remote attackers to execute arbitrary\n code via a crafted string that triggers use of a Hashtable destructor,\n related to &quot;type confusion&quot; issues in (1) ArrayObject and (2)\n SPLObjectStorage (bsc#884992).\n\n These non-security issues were fixed:\n - bnc#935074: compare with SQL_NULL_DATA correctly\n - bnc#935074: fix segfault in odbc_fetch_array\n - bnc#919080: fix timezone map\n - bnc#925109: unserialize SoapClient type confusion\n\n", "modified": "2016-06-21T13:08:17", "published": "2016-06-21T13:08:17", "id": "SUSE-SU-2016:1638-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00041.html", "title": "Security update for php53 (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2020-07-02T11:41:51", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0237", "CVE-2014-4049", "CVE-2014-0185", "CVE-2014-0238"], "description": "USN-2254-1 fixed vulnerabilities in PHP. The fix for CVE-2014-0185 \nfurther restricted the permissions on the PHP FastCGI Process Manager (FPM) \nUNIX socket. This update grants socket access to the www-data user and \ngroup so installations and documentation relying on the previous socket \npermissions will continue to function.\n\nOriginal advisory details:\n\nChristian Hoffmann discovered that the PHP FastCGI Process Manager (FPM) \nset incorrect permissions on the UNIX socket. A local attacker could use \nthis issue to possibly elevate their privileges. This issue only affected \nUbuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-0185)\n\nFrancisco Alonso discovered that the PHP Fileinfo component incorrectly \nhandled certain CDF documents. A remote attacker could use this issue to \ncause PHP to hang or crash, resulting in a denial of service. \n(CVE-2014-0237, CVE-2014-0238)\n\nStefan Esser discovered that PHP incorrectly handled DNS TXT records. A \nremote attacker could use this issue to cause PHP to crash, resulting in a \ndenial of service, or possibly execute arbitrary code. (CVE-2014-4049)", "edition": 5, "modified": "2014-06-25T00:00:00", "published": "2014-06-25T00:00:00", "id": "USN-2254-2", "href": "https://ubuntu.com/security/notices/USN-2254-2", "title": "PHP updates", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:33:23", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0237", "CVE-2014-4049", "CVE-2014-0185", "CVE-2014-0238"], "description": "Christian Hoffmann discovered that the PHP FastCGI Process Manager (FPM) \nset incorrect permissions on the UNIX socket. A local attacker could use \nthis issue to possibly elevate their privileges. This issue only affected \nUbuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. (CVE-2014-0185)\n\nFrancisco Alonso discovered that the PHP Fileinfo component incorrectly \nhandled certain CDF documents. A remote attacker could use this issue to \ncause PHP to hang or crash, resulting in a denial of service. \n(CVE-2014-0237, CVE-2014-0238)\n\nStefan Esser discovered that PHP incorrectly handled DNS TXT records. A \nremote attacker could use this issue to cause PHP to crash, resulting in a \ndenial of service, or possibly execute arbitrary code. (CVE-2014-4049)", "edition": 5, "modified": "2014-06-23T00:00:00", "published": "2014-06-23T00:00:00", "id": "USN-2254-1", "href": "https://ubuntu.com/security/notices/USN-2254-1", "title": "PHP vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:56", "bulletinFamily": "software", "cvelist": ["CVE-2014-3986", "CVE-2014-3981", "CVE-2014-4049", "CVE-2014-3982"], "description": "Symbolic links vulnerabilities, dns_get_record&#40;&#41; buffer overflow.", "edition": 1, "modified": "2014-06-17T00:00:00", "published": "2014-06-17T00:00:00", "id": "SECURITYVULNS:VULN:13848", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13848", "title": "PHP security vulnerabilities", "type": "securityvulns", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:53", "bulletinFamily": "software", "cvelist": ["CVE-2014-4403", "CVE-2013-7345", "CVE-2014-3478", "CVE-2014-4979", "CVE-2014-0237", "CVE-2014-1391", "CVE-2014-1943", "CVE-2014-4390", "CVE-2014-0076", "CVE-2014-4388", "CVE-2014-4350", "CVE-2014-3515", "CVE-2014-3479", "CVE-2014-0224", "CVE-2014-4378", "CVE-2014-4401", "CVE-2014-3480", "CVE-2014-3981", "CVE-2014-4379", "CVE-2014-4394", "CVE-2014-0207", "CVE-2014-4381", "CVE-2014-3470", "CVE-2014-4398", "CVE-2014-4416", "CVE-2014-4402", "CVE-2014-4377", "CVE-2014-3487", "CVE-2014-4395", "CVE-2014-4376", "CVE-2014-0195", "CVE-2014-4396", "CVE-2014-2270", "CVE-2014-4049", "CVE-2014-4397", "CVE-2014-4374", "CVE-2014-4400", "CVE-2014-2525", "CVE-2014-0185", "CVE-2014-4399", "CVE-2014-4389", "CVE-2014-4393", "CVE-2014-0238", "CVE-2014-0221"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update\r\n2014-004\r\n\r\nOS X Mavericks 10.9.5 and Security Update 2014-004 are now available\r\nand address the following:\r\n\r\napache_mod_php\r\nAvailable for: OS X Mavericks 10.9 to 10.9.4\r\nImpact: Multiple vulnerabilities in PHP 5.4.24\r\nDescription: Multiple vulnerabilities existed in PHP 5.4.24, the\r\nmost serious of which may have led to arbitrary code execution. This\r\nupdate addresses the issues by updating PHP to version 5.4.30\r\nCVE-ID\r\nCVE-2013-7345\r\nCVE-2014-0185\r\nCVE-2014-0207\r\nCVE-2014-0237\r\nCVE-2014-0238\r\nCVE-2014-1943\r\nCVE-2014-2270\r\nCVE-2014-3478\r\nCVE-2014-3479\r\nCVE-2014-3480\r\nCVE-2014-3487\r\nCVE-2014-3515\r\nCVE-2014-3981\r\nCVE-2014-4049\r\n\r\nBluetooth\r\nAvailable for: OS X Mavericks 10.9 to 10.9.4\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A validation issue existed in the handling of a\r\nBluetooth API call. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2014-4390 : Ian Beer of Google Project Zero\r\n\r\nCoreGraphics\r\nAvailable for: OS X Mavericks 10.9 to 10.9.4\r\nImpact: Opening a maliciously crafted PDF file may lead to an\r\nunexpected application termination or an information disclosure\r\nDescription: An out of bounds memory read existed in the handling of\r\nPDF files. This issue was addressed through improved bounds checking.\r\nCVE-ID\r\nCVE-2014-4378 : Felipe Andres Manzano of Binamuse VRT working with\r\nthe iSIGHT Partners GVP Program\r\n\r\nCoreGraphics\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4\r\nImpact: Opening a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An integer overflow existed in the handling of PDF\r\nfiles. This issue was addressed through improved bounds checking.\r\nCVE-ID\r\nCVE-2014-4377 : Felipe Andres Manzano of Binamuse VRT working with\r\nthe iSIGHT Partners GVP Program\r\n\r\nFoundation\r\nAvailable for: OS X Mavericks 10.9 to 10.9.4\r\nImpact: An application using NSXMLParser may be misused to disclose\r\ninformation\r\nDescription: An XML External Entity issue existed in NSXMLParser&#39;s\r\nhandling of XML. This issue was addressed by not loading external\r\nentities across origins.\r\nCVE-ID\r\nCVE-2014-4374 : George Gal of VSR &#40;http://www.vsecurity.com/&#41;\r\n\r\nIntel Graphics Driver\r\nAvailable for: OS X Mountain Lion v10.8.5,\r\nOS X Mavericks 10.9 to 10.9.4\r\nImpact: Compiling untrusted GLSL shaders may lead to an unexpected\r\napplication termination or arbitrary code execution\r\nDescription: A user-space buffer overflow existed in the shader\r\ncompiler. This issue was addressed through improved bounds checking.\r\nCVE-ID\r\nCVE-2014-4393 : Apple\r\n\r\nIntel Graphics Driver\r\nAvailable for: OS X Mountain Lion v10.8.5,\r\nOS X Mavericks 10.9 to 10.9.4\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: Multiple validation issues existed in some integrated\r\ngraphics driver routines. These issues were addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2014-4394 : Ian Beer of Google Project Zero\r\nCVE-2014-4395 : Ian Beer of Google Project Zero\r\nCVE-2014-4396 : Ian Beer of Google Project Zero\r\nCVE-2014-4397 : Ian Beer of Google Project Zero\r\nCVE-2014-4398 : Ian Beer of Google Project Zero\r\nCVE-2014-4399 : Ian Beer of Google Project Zero\r\nCVE-2014-4400 : Ian Beer of Google Project Zero\r\nCVE-2014-4401 : Ian Beer of Google Project Zero\r\nCVE-2014-4416 : Ian Beer of Google Project Zero\r\n\r\nIOAcceleratorFamily\r\nAvailable for: OS X Mountain Lion v10.8.5,\r\nOS X Mavericks 10.9 to 10.9.4\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A null pointer dereference existed in the handling of\r\nIOKit API arguments. This issue was addressed through improved\r\nvalidation of IOKit API arguments.\r\nCVE-ID\r\nCVE-2014-4376 : Ian Beer of Google Project Zero\r\n\r\nIOAcceleratorFamily\r\nAvailable for: OS X Mavericks 10.9 to 10.9.4\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: An out-of-bounds read issue existed in the handling of\r\nan IOAcceleratorFamily function. This issue was addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2014-4402 : Ian Beer of Google Project Zero\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Mountain Lion v10.8.5,\r\nOS X Mavericks 10.9 to 10.9.4\r\nImpact: A local user can read kernel pointers, which can be used to\r\nbypass kernel address space layout randomization\r\nDescription: An out-of-bounds read issue existed in the handling of\r\nan IOHIDFamily function. This issue was addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2014-4379 : Ian Beer of Google Project Zero\r\n\r\nIOKit\r\nAvailable for: OS X Mountain Lion v10.8.5,\r\nOS X Mavericks 10.9 to 10.9.4\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A validation issue existed in the handling of certain\r\nmetadata fields of IODataQueue objects. This issue was addressed\r\nthrough improved validation of metadata.\r\nCVE-ID\r\nCVE-2014-4388 : @PanguTeam\r\n\r\nIOKit\r\nAvailable for: OS X Mountain Lion v10.8.5,\r\nOS X Mavericks 10.9 to 10.9.4\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: An integer overflow existed in the handling of IOKit\r\nfunctions. This issue was addressed through improved bounds checking.\r\nCVE-ID\r\nCVE-2014-4389 : Ian Beer of Google Project Zero\r\n\r\nKernel\r\nAvailable for: OS X Mavericks 10.9 to 10.9.4\r\nImpact: A local user can infer kernel addresses and bypass kernel\r\naddress space layout randomization\r\nDescription: In some cases, the CPU Global Descriptor Table was\r\nallocated at a predictable address. This issue was addressed through\r\nalways allocating the Global Descriptor Table at random addresses.\r\nCVE-ID\r\nCVE-2014-4403 : Ian Beer of Google Project Zero\r\n\r\nLibnotify\r\nAvailable for: OS X Mountain Lion v10.8.5,\r\nOS X Mavericks 10.9 to 10.9.4\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with root privileges\r\nDescription: An out-of-bounds write issue existed in Libnotify. This\r\nissue was addressed through improved bounds checking\r\nCVE-ID\r\nCVE-2014-4381 : Ian Beer of Google Project Zero\r\n\r\nOpenSSL\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4\r\nImpact: Multiple vulnerabilities in OpenSSL 0.9.8y, including one\r\nthat may lead to arbitrary code execution\r\nDescription: Multiple vulnerabilities existed in OpenSSL 0.9.8y.\r\nThis update was addressed by updating OpenSSL to version 0.9.8za.\r\nCVE-ID\r\nCVE-2014-0076\r\nCVE-2014-0195\r\nCVE-2014-0221\r\nCVE-2014-0224\r\nCVE-2014-3470\r\n\r\nQT Media Foundation\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4\r\nImpact: Playing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the handling of\r\nRLE encoded movie files. This issue was addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2014-1391 : Fernando Munoz working with iDefense VCP, Tom\r\nGallagher &amp; Paul Bates working with HP&#39;s Zero Day Initiative\r\n\r\nQT Media Foundation\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4\r\nImpact: Playing a maliciously crafted MIDI file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of MIDI\r\nfiles. This issue was addressed through improved bounds checking.\r\nCVE-ID\r\nCVE-2014-4350 : s3tm3m working with HP&#39;s Zero Day Initiative\r\n\r\nQT Media Foundation\r\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\r\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 to 10.9.4\r\nImpact: Playing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the handling of\r\nthe &#39;mvhd&#39; atoms. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2014-4979 : Andrea Micalizzi aka rgod working with HP&#39;s Zero Day\r\nInitiative\r\n\r\nruby\r\nAvailable for: OS X Mavericks 10.9 to 10.9.4\r\nImpact: A remote attacker may be able to cause arbitrary code\r\nexecution\r\nDescription: A heap buffer overflow existed in LibYAML&#39;s handling of\r\npercent-encoded characters in a URI. This issue was addressed through\r\nimproved bounds checking. This update addresses the issues by\r\nupdating LibYAML to version 0.1.6\r\nCVE-ID\r\nCVE-2014-2525\r\n\r\n\r\nNote: OS X Mavericks 10.9.5 includes the security content of\r\nSafari 7.0.6: http://support.apple.com/kb/HT6367\r\n\r\nOS X Mavericks v10.9.5 and Security Update 2014-004 may be obtained\r\nfrom the Mac App Store or Apple&#39;s Software Downloads web site:\r\nhttp://www.apple.com/support/downloads/\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple&#39;s Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 &#40;Darwin&#41;\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJUGkP0AAoJEBcWfLTuOo7tygQP/1vHYXtWy6492Tjj6ycymWa+\r\nCt0eCCBU/AUi5ODNDeV9ddWkuFeXKbgQSHoPU19IPcIBAKnYUupVJSJ/cEHfSthh\r\nCiROjJw8Bt8comn04BgggHieLveN1xQCXQDcO29kBIpQr394XKS0lNXP//Z0oG5V\r\nsCnEDPz/0R92mwT5XkKD9WC7G/WjybS5V7BjEbdzDOn4qdTVje05xI5pof+fkeQ1\r\nhFHo7uTCDkSzLH2YxrQHifNVyItz8AgnNHwH7zc6XmNtiNFkiFP/KU6BYyr8WiTQ\r\nJb3pyLB/Xvmbd0kuETnDNvV0oJc88G38a++xZPnuM7zQrW/TQkkKQpiqKtYAiJuw\r\nZhUoky620/7HULegcYtsTyuDFyEN6whdSmHLFCJzk2oZXZ7MPA8ywCFB8Y79rohW\r\n5MTe/zVUSxxYBgVXpkmhPwXYSTINeUJGJA1RQtXhC2Hh6O2jeqJP2H0hTmgsCBRA\r\n3X/2CGoyAAgoKTJwgXk07tBbJWf+wQwAvUN9L1Yph+uOvvUzqFt8LNEGw9jVPsZl\r\nQHcSEW/Ef/HK/OLwVZiPqse6lRJAdRZl5//vm4408jnXfJCy6KnvxcsO4Z1yTyoP\r\nkCXdWlSLBiidcRRWBfoQBSC3gANcx9a56ItWieEvJrdNOiyhb+gqEk7XraOlb/gf\r\nk4w2RKNm0Fv+kdNoFAnd\r\n=gpVc\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2014-09-21T00:00:00", "published": "2014-09-21T00:00:00", "id": "SECURITYVULNS:DOC:31090", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31090", "title": "APPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update 2014-004", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:57", "bulletinFamily": "software", "cvelist": ["CVE-2014-4403", "CVE-2013-7345", "CVE-2014-3478", "CVE-2014-4979", "CVE-2014-0237", "CVE-2014-1391", "CVE-2014-4424", "CVE-2014-1943", "CVE-2014-4390", "CVE-2014-0076", "CVE-2014-4388", "CVE-2014-4350", "CVE-2014-3515", "CVE-2014-3479", "CVE-2014-0224", "CVE-2014-4378", "CVE-2014-4406", "CVE-2014-4401", "CVE-2014-3480", "CVE-2014-3981", "CVE-2014-4379", "CVE-2014-4394", "CVE-2014-0065", "CVE-2014-0207", "CVE-2014-4381", "CVE-2014-3470", "CVE-2014-4398", "CVE-2014-4416", "CVE-2014-4402", "CVE-2014-4377", "CVE-2014-3487", "CVE-2014-0064", "CVE-2014-4395", "CVE-2014-4376", "CVE-2014-0195", "CVE-2014-4396", "CVE-2014-2270", "CVE-2014-0063", "CVE-2014-4049", "CVE-2014-4397", "CVE-2014-0060", "CVE-2014-4374", "CVE-2014-4400", "CVE-2014-2525", "CVE-2014-0062", "CVE-2014-0185", "CVE-2014-0066", "CVE-2014-4399", "CVE-2014-4389", "CVE-2014-4393", "CVE-2014-0061", "CVE-2014-0238", "CVE-2014-0221"], "description": "Privilege escalation, multiple memory corruptions on different formats parsing, information leakage, DoS, protection bypass, multiple vulnerabilities in 3rd parties components.", "edition": 1, "modified": "2014-09-21T00:00:00", "published": "2014-09-21T00:00:00", "id": "SECURITYVULNS:VULN:13971", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13971", "title": "Apple Mac OS X / OS X Server multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:59", "bulletinFamily": "software", "cvelist": ["CVE-2015-1144", "CVE-2015-1117", "CVE-2015-1102", "CVE-2014-4405", "CVE-2015-1096", "CVE-2014-3478", "CVE-2014-0231", "CVE-2014-3572", "CVE-2014-0237", "CVE-2014-3571", "CVE-2013-5704", "CVE-2014-3587", "CVE-2015-1132", "CVE-2014-3479", "CVE-2014-4670", "CVE-2015-1091", "CVE-2015-1148", "CVE-2015-1143", "CVE-2014-9298", "CVE-2014-3668", "CVE-2015-1149", "CVE-2014-8830", "CVE-2015-1145", "CVE-2014-0098", "CVE-2014-3480", "CVE-2015-1138", "CVE-2014-3981", "CVE-2015-1140", "CVE-2013-0118", "CVE-2014-0207", "CVE-2014-8275", "CVE-2014-3570", "CVE-2013-6438", "CVE-2015-1147", "CVE-2014-3669", "CVE-2015-1093", "CVE-2015-1545", "CVE-2014-3487", "CVE-2014-3538", "CVE-2014-5120", "CVE-2014-3597", "CVE-2015-1130", "CVE-2015-1136", "CVE-2015-1142", "CVE-2014-3710", "CVE-2015-1139", "CVE-2014-4698", "CVE-2014-3523", "CVE-2014-4049", "CVE-2014-3670", "CVE-2015-1546", "CVE-2015-0204", "CVE-2015-1105", "CVE-2015-1099", "CVE-2015-1146", "CVE-2015-1135", "CVE-2014-2497", "CVE-2015-1118", "CVE-2014-0118", "CVE-2015-1131", "CVE-2015-1137", "CVE-2015-1101", "CVE-2015-1103", "CVE-2015-1104", "CVE-2014-4404", "CVE-2015-1089", "CVE-2015-1133", "CVE-2015-1141", "CVE-2014-0117", "CVE-2015-1088", "CVE-2013-6712", "CVE-2015-1069", "CVE-2014-4380", "CVE-2015-1095", "CVE-2015-1098", "CVE-2014-3569", "CVE-2015-1100", "CVE-2014-0238", "CVE-2014-0226", "CVE-2015-1134"], "description": "80 different vulnerabilities.", "edition": 1, "modified": "2015-04-13T00:00:00", "published": "2015-04-13T00:00:00", "id": "SECURITYVULNS:VULN:14366", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14366", "title": "Apple Mac OS X multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:58", "bulletinFamily": "software", "cvelist": ["CVE-2015-1144", "CVE-2015-1117", "CVE-2015-1102", "CVE-2014-4405", "CVE-2015-1096", "CVE-2014-3478", "CVE-2014-0231", "CVE-2014-3572", "CVE-2014-0237", "CVE-2014-3571", "CVE-2013-5704", "CVE-2014-3587", "CVE-2015-1132", "CVE-2014-3479", "CVE-2014-4670", "CVE-2015-1091", "CVE-2015-1067", "CVE-2015-1148", "CVE-2015-1143", "CVE-2014-9298", "CVE-2014-3668", "CVE-2014-8830", "CVE-2015-1145", "CVE-2014-0098", "CVE-2014-3480", "CVE-2015-1138", "CVE-2014-3981", "CVE-2015-1140", "CVE-2013-0118", "CVE-2014-0207", "CVE-2014-8275", "CVE-2014-3570", "CVE-2013-6438", "CVE-2015-1147", "CVE-2014-3669", "CVE-2015-1093", "CVE-2015-1545", "CVE-2014-3487", "CVE-2014-3538", "CVE-2014-5120", "CVE-2014-3597", "CVE-2015-1130", "CVE-2015-1136", "CVE-2015-1142", "CVE-2014-3710", "CVE-2015-1139", "CVE-2014-4698", "CVE-2014-3523", "CVE-2014-4049", "CVE-2014-3670", "CVE-2015-1546", "CVE-2015-0204", "CVE-2015-1105", "CVE-2015-1099", "CVE-2015-1146", "CVE-2015-1135", "CVE-2014-2497", "CVE-2015-1118", "CVE-2014-0118", "CVE-2015-1131", "CVE-2015-1137", "CVE-2015-1101", "CVE-2015-1103", "CVE-2015-1104", "CVE-2014-4404", "CVE-2015-1089", "CVE-2015-1133", "CVE-2015-1141", "CVE-2014-0117", "CVE-2015-1088", "CVE-2013-6712", "CVE-2015-1069", "CVE-2014-4380", "CVE-2015-1095", "CVE-2015-1098", "CVE-2014-3569", "CVE-2015-1100", "CVE-2014-0238", "CVE-2014-0226", "CVE-2015-1134"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004\r\n\r\nOS X Yosemite 10.10.3 and Security Update 2015-004 are now available\r\nand address the following:\r\n\r\nAdmin Framework\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A process may gain admin privileges without properly\r\nauthenticating\r\nDescription: An issue existed when checking XPC entitlements. This\r\nissue was addressed with improved entitlement checking.\r\nCVE-ID\r\nCVE-2015-1130 : Emil Kvarnhammar at TrueSec\r\n\r\napache\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Multiple vulnerabilities in Apache\r\nDescription: Multiple vulnerabilities existed in Apache versions\r\nprior to 2.4.10 and 2.2.29, including one that may allow a remote\r\nattacker to execute arbitrary code. These issues were addressed by\r\nupdating Apache to versions 2.4.10 and 2.2.29\r\nCVE-ID\r\nCVE-2013-0118\r\nCVE-2013-5704\r\nCVE-2013-6438\r\nCVE-2014-0098\r\nCVE-2014-0117\r\nCVE-2014-0118\r\nCVE-2014-0226\r\nCVE-2014-0231\r\nCVE-2014-3523\r\n\r\nATS\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: Multiple input validation issues existed in fontd.\r\nThese issues were addressed through improved input validation.\r\nCVE-ID\r\nCVE-2015-1131 : Ian Beer of Google Project Zero\r\nCVE-2015-1132 : Ian Beer of Google Project Zero\r\nCVE-2015-1133 : Ian Beer of Google Project Zero\r\nCVE-2015-1134 : Ian Beer of Google Project Zero\r\nCVE-2015-1135 : Ian Beer of Google Project Zero\r\n\r\nCertificate Trust Policy\r\nImpact: Update to the certificate trust policy\r\nDescription: The certificate trust policy was updated. The complete\r\nlist of certificates may be viewed at https://support.apple.com/en-\r\nus/HT202858.\r\n\r\nCFNetwork HTTPProtocol\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: Cookies belonging to one origin may be sent to another\r\norigin\r\nDescription: A cross-domain cookie issue existed in redirect\r\nhandling. Cookies set in a redirect response could be passed on to a\r\nredirect target belonging to another origin. The issue was address\r\nthrough improved handling of redirects.\r\nCVE-ID\r\nCVE-2015-1089 : Niklas Keller\r\n\r\nCFNetwork Session\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: Authentication credentials may be sent to a server on\r\nanother origin\r\nDescription: A cross-domain HTTP request headers issue existed in\r\nredirect handling. HTTP request headers sent in a redirect response\r\ncould be passed on to another origin. The issue was addressed through\r\nimproved handling of redirects.\r\nCVE-ID\r\nCVE-2015-1091 : Diego Torres &#40;http://dtorres.me&#41;\r\n\r\nCFURL\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: An input validation issue existed within URL\r\nprocessing. This issue was addressed through improved URL validation.\r\nCVE-ID\r\nCVE-2015-1088 : Luigi Galli\r\n\r\nCoreAnimation\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: A use-after-free issue existed in CoreAnimation. This\r\nissue was addressed through improved mutex management.\r\nCVE-ID\r\nCVE-2015-1136 : Apple\r\n\r\nFontParser\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Processing a maliciously crafted font file may lead to\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nprocessing of font files. These issues were addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2015-1093 : Marc Schoenefeld\r\n\r\nGraphics Driver\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A NULL pointer dereference existed in NVIDIA graphics\r\ndriver&#39;s handling of certain IOService userclient types. This issue\r\nwas addressed through additional context validation.\r\nCVE-ID\r\nCVE-2015-1137 :\r\nFrank Graziano and John Villamil of the Yahoo Pentest Team\r\n\r\nHypervisor\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A local application may be able to cause a denial of service\r\nDescription: An input validation issue existed in the hypervisor\r\nframework. This issue was addressed through improved input\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-1138 : Izik Eidus and Alex Fishman\r\n\r\nImageIO\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Processing a maliciously crafted .sgi file may lead to\r\narbitrary code execution\r\nDescription: A memory corruption issue existed in the handling of\r\n.sgi files. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-1139 : Apple\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A malicious HID device may be able to cause arbitrary code\r\nexecution\r\nDescription: A memory corruption issue existed in an IOHIDFamily\r\nAPI. This issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1095 : Andrew Church\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A buffer overflow issue existed in IOHIDFamily. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1140 : lokihardt@ASRT working with HP&#39;s Zero Day Initiative,\r\nLuca Todesco\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to determine kernel memory layout\r\nDescription: An issue existed in IOHIDFamily that led to the\r\ndisclosure of kernel memory content. This issue was addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2015-1096 : Ilja van Sprundel of IOActive\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A heap buffer overflow existed in IOHIDFamily&#39;s\r\nhandling of key-mapping properties. This issue was addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2014-4404 : Ian Beer of Google Project Zero\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A null pointer dereference existed in IOHIDFamily&#39;s\r\nhandling of key-mapping properties. This issue was addressed through\r\nimproved validation of IOHIDFamily key-mapping properties.\r\nCVE-ID\r\nCVE-2014-4405 : Ian Beer of Google Project Zero\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5\r\nImpact: A user may be able to execute arbitrary code with system\r\nprivileges\r\nDescription: An out-of-bounds write issue exited in the IOHIDFamily\r\ndriver. The issue was addressed through improved input validation.\r\nCVE-ID\r\nCVE-2014-4380 : cunzhang from Adlab of Venustech\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to cause unexpected system shutdown\r\nDescription: An issue existed in the handling of virtual memory\r\noperations within the kernel. The issue is fixed through improved\r\nhandling of the mach_vm_read operation.\r\nCVE-ID\r\nCVE-2015-1141 : Ole Andre Vadla Ravnas of www.frida.re\r\n\r\nKernel\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to cause a system denial of service\r\nDescription: A race condition existed in the kernel&#39;s setreuid\r\nsystem call. This issue was addressed through improved state\r\nmanagement.\r\nCVE-ID\r\nCVE-2015-1099 : Mark Mentovai of Google Inc.\r\n\r\nKernel\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local application may escalate privileges using a\r\ncompromised service intended to run with reduced privileges\r\nDescription: setreuid and setregid system calls failed to drop\r\nprivileges permanently. This issue was addressed by correctly\r\ndropping privileges.\r\nCVE-ID\r\nCVE-2015-1117 : Mark Mentovai of Google Inc.\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: An attacker with a privileged network position may be able\r\nto redirect user traffic to arbitrary hosts\r\nDescription: ICMP redirects were enabled by default on OS X. This\r\nissue was addressed by disabling ICMP redirects.\r\nCVE-ID\r\nCVE-2015-1103 : Zimperium Mobile Security Labs\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: An attacker with a privileged network position may be able\r\nto cause a denial of service\r\nDescription: A state inconsistency existed in the processing of TCP\r\nheaders. This issue was addressed through improved state handling.\r\nCVE-ID\r\nCVE-2015-1102 : Andrey Khudyakov and Maxim Zhuravlev of Kaspersky Lab\r\n\r\nKernel\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to cause unexpected system\r\ntermination or read kernel memory\r\nDescription: A out of bounds memory access issue existed in the\r\nkernel. This issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1100 : Maxime Villard of m00nbsd\r\n\r\nKernel\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A remote attacker may be able to bypass network filters\r\nDescription: The system would treat some IPv6 packets from remote\r\nnetwork interfaces as local packets. The issue was addressed by\r\nrejecting these packets.\r\nCVE-ID\r\nCVE-2015-1104 : Stephen Roettger of the Google Security Team\r\n\r\nKernel\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1101 : lokihardt@ASRT working with HP&#39;s Zero Day Initiative\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A remote attacker may be able to cause a denial of service\r\nDescription: A state inconsistency issue existed in the handling of\r\nTCP out of band data. This issue was addressed through improved state\r\nmanagement.\r\nCVE-ID\r\nCVE-2015-1105 : Kenton Varda of Sandstorm.io\r\n\r\nLaunchServices\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to cause the Finder to crash\r\nDescription: An input validation issue existed in LaunchServices&#39;s\r\nhandling of application localization data. This issue was addressed\r\nthrough improved validation of localization data.\r\nCVE-ID\r\nCVE-2015-1142\r\n\r\nLaunchServices\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A type confusion issue existed in LaunchServices&#39;s\r\nhandling of localized strings. This issue was addressed through\r\nadditional bounds checking.\r\nCVE-ID\r\nCVE-2015-1143 : Apple\r\n\r\nlibnetcore\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: Processing a maliciously crafted configuration profile may\r\nlead to unexpected application termination\r\nDescription: A memory corruption issue existed in the handling of\r\nconfiguration profiles. This issue was addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-1118 : Zhaofeng Chen, Hui Xue, Yulong Zhang, and Tao Wei of\r\nFireEye, Inc.\r\n\r\nntp\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A remote attacker may brute force ntpd authentication keys\r\nDescription: The config_auth function in ntpd generated a weak key\r\nwhen an authentication key was not configured. This issue was\r\naddressed by improved key generation.\r\nCVE-ID\r\nCVE-2014-9298\r\n\r\nOpenLDAP\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A remote unauthenticated client may be able to cause a\r\ndenial of service\r\nDescription: Multiple input validation issues existed in OpenLDAP.\r\nThese issues were addressed by improved input validation.\r\nCVE-ID\r\nCVE-2015-1545 : Ryan Tandy\r\nCVE-2015-1546 : Ryan Tandy\r\n\r\nOpenSSL\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Multiple vulnerabilities in OpenSSL\r\nDescription: Multiple vulnerabilities existed in OpenSSL 0.9.8zc,\r\nincluding one that may allow an attacker to intercept connections to\r\na server that supports export-grade ciphers. These issues were\r\naddressed by updating OpenSSL to version 0.9.8zd.\r\nCVE-ID\r\nCVE-2014-3569\r\nCVE-2014-3570\r\nCVE-2014-3571\r\nCVE-2014-3572\r\nCVE-2014-8275\r\nCVE-2015-0204\r\n\r\nOpen Directory Client\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A password might be sent unencrypted over the network when\r\nusing Open Directory from OS X Server\r\nDescription: If an Open Directory client was bound to an OS X Server\r\nbut did not install the certificates of the OS X Server, and then a\r\nuser on that client changed their password, the password change\r\nrequest was sent over the network without encryption. This issue was\r\naddressed by having the client require encryption for this case.\r\nCVE-ID\r\nCVE-2015-1147 : Apple\r\n\r\nPHP\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Multiple vulnerabilities in PHP\r\nDescription: Multiple vulnerabilities existed in PHP versions prior\r\nto 5.3.29, 5.4.38, and 5.5.20, including one which may have led to\r\narbitrary code execution. This update addresses the issues by\r\nupdating PHP to versions 5.3.29, 5.4.38, and 5.5.20.\r\nCVE-ID\r\nCVE-2013-6712\r\nCVE-2014-0207\r\nCVE-2014-0237\r\nCVE-2014-0238\r\nCVE-2014-2497\r\nCVE-2014-3478\r\nCVE-2014-3479\r\nCVE-2014-3480\r\nCVE-2014-3487\r\nCVE-2014-3538\r\nCVE-2014-3587\r\nCVE-2014-3597\r\nCVE-2014-3668\r\nCVE-2014-3669\r\nCVE-2014-3670\r\nCVE-2014-3710\r\nCVE-2014-3981\r\nCVE-2014-4049\r\nCVE-2014-4670\r\nCVE-2014-4698\r\nCVE-2014-5120\r\n\r\nQuickLook\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Opening a maliciously crafted iWork file may lead to\r\narbitrary code execution\r\nDescription: A memory corruption issue existed in the handling of\r\niWork files. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-1098 : Christopher Hickstein\r\n\r\nSceneKit\r\nAvailable for: OS X Mountain Lion v10.8.5\r\nImpact: Viewing a maliciously crafted Collada file may lead to\r\narbitrary code execution\r\nDescription: A heap buffer overflow existed in SceneKit&#39;s handling\r\nof Collada files. Viewing a maliciously crafted Collada file may have\r\nled to arbitrary code execution. This issue was addressed through\r\nimproved validation of accessor elements.\r\nCVE-ID\r\nCVE-2014-8830 : Jose Duart of Google Security Team\r\n\r\nScreen Sharing\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A user&#39;s password may be logged to a local file\r\nDescription: In some circumstances, Screen Sharing may log a user&#39;s\r\npassword that is not readable by other users on the system. This\r\nissue was addressed by removing logging of credential.\r\nCVE-ID\r\nCVE-2015-1148 : Apple\r\n\r\nSecurity - Code Signing\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Tampered applications may not be prevented from launching\r\nDescription: Applications containing specially crafted bundles may\r\nhave been able to launch without a completely valid signature. This\r\nissue was addressed by adding additional checks.\r\nCVE-ID\r\nCVE-2015-1145\r\nCVE-2015-1146\r\n\r\nUniformTypeIdentifiers\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A buffer overflow existed in the way Uniform Type\r\nIdentifiers were handled. This issue was addressed with improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-1144 : Apple\r\n\r\nWebKit\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: A memory corruption issue existed in WebKit. This\r\nissues was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1069 : lokihardt@ASRT working with HP&#39;s Zero Day Initiative\r\n\r\nSecurity Update 2015-004 &#40;available for OS X Mountain Lion v10.8.5\r\nand OS X Mavericks v10.9.5&#41; also addresses an issue caused by the fix\r\nfor CVE-2015-1067 in Security Update 2015-002. This issue prevented\r\nRemote Apple Events clients on any version from connecting to the\r\nRemote Apple Events server. In default configurations, Remote Apple\r\nEvents is not enabled.\r\n\r\nOS X Yosemite 10.10.3 includes the security content of Safari 8.0.5.\r\nhttps://support.apple.com/en-us/HT204658\r\n\r\nOS X Yosemite 10.10.3 and Security Update 2015-004 may be obtained\r\nfrom the Mac App Store or Apple&#39;s Software Downloads web site:\r\nhttp://www.apple.com/support/downloads/\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple&#39;s Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 &#40;Darwin&#41;\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJVJKj2AAoJEBcWfLTuOo7tDh4QAK0LxfwMRKcdOXOKpXsRz6lg\r\nlhZ+CLVcSepq8qBkFQ74f3B5CuhxD0IGQPaAuSXl51tWYdfN+92tkbmyZ9k8901l\r\n+I0vw6upeE+oqRnGtSRzq68UhcARbdV8V1+C0Xl3IIuuHc+xlEgvklDhF9Pc8XM6\r\nDudGiVNqt6MOqd5Oc4s4FFF0nnpnyG9+UJem3mi4Ee88PwI4x1Hev7utPPmaPDzj\r\ncjkVeislko3QArNJxtBpkYudErA4eR5OX8Tdf12jAmPTtjrXUb3VigEf78Nna0RW\r\nkHTOGdB5EZ+YFZ8KlyIQlENBjTtI8CGdCF4/S/2xDN83NTRsimd5Y7LSjdd0uANo\r\npqxAc3Gzn5xngWF1Qbb6V+XZBfz5NoeTq5BXBB5OHz4PSGaQuMsBA2RYFMzNLqWv\r\nD/T5U1JtzRLALt0lYAz63B0OhW7KXeLI9oer1Vo4wWF9O9cUFyuSI4JU5uYLQpJX\r\nkEpSFt4YPFFxMnlzCLzLkmVGax4w9M/tRHYeSKAnRlnsoPBtIGFItlNZE2RduD/R\r\n5n2APoJa3banQ8miycGORYP3WsktDRZzBy+2QPWuz8sE3AvAkO9xWp8PrQBkqf/b\r\n6CIG5UkCYITG2uzBXqnGbfDiEDvBLNN1Yq0ZZI23iYRxrdW0I0pv1CHio354q12G\r\nvVE37tYUU4PnLfwlcazq\r\n=MOsT\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2015-04-09T00:00:00", "published": "2015-04-09T00:00:00", "id": "SECURITYVULNS:DOC:31890", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31890", "title": "APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "f5": [{"lastseen": "2016-09-26T17:23:20", "bulletinFamily": "software", "cvelist": ["CVE-2014-4670", "CVE-2014-5120", "CVE-2014-3597", "CVE-2014-4698", "CVE-2014-4049", "CVE-2014-2497"], "edition": 1, "description": " * [CVE-2014-2497](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2497>)\n\nThe gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file.\n\n * [CVE-2014-3597](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3597>)\n\nMultiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049.\n\n * [CVE-2014-4670](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4670>)\n\nUse-after-free vulnerability in ext/spl/spl_dllist.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications in certain web-hosting environments.\n\n * [CVE-2014-4698](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4698>)\n\nUse-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments.\n\n * [CVE-2014-5120](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5120>)\n\ngd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) imagewebp function.\n", "modified": "2015-09-17T00:00:00", "published": "2014-10-30T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/700/sol15761.html", "id": "SOL15761", "title": "SOL15761 - Multiple PHP 5.x vulnerabilities", "type": "f5", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-23T12:54:19", "bulletinFamily": "software", "cvelist": ["CVE-2014-4670", "CVE-2014-5120", "CVE-2014-3597", "CVE-2014-4698", "CVE-2014-4049", "CVE-2014-2497"], "description": "\nF5 Product Development has assigned ID 479897 (BIG-IP), ID 486354 (BIG-IQ), and ID 486355 (Enterprise Manager) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H480933 on the **Diagnostics **&gt; **Identified **&gt; **High **screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature \n---|---|---|--- \nBIG-IP LTM | 11.0.0 - 11.6.0* \n10.0.0 - 10.2.4* | 12.0.0 | Configuration utility \nBIG-IP AAM | 11.4.0 - 11.6.0* | 12.0.0 | Configuration utility \nBIG-IP AFM | 11.3.0 - 11.6.0* | 12.0.0 | Configuration utility \nBIG-IP Analytics | 11.0.0 - 11.6.0* | 12.0.0 | Configuration utility \nBIG-IP APM | 11.0.0 - 11.6.0* \n10.1.0 - 10.2.4* | 12.0.0 | Configuration utility \nBIG-IP ASM | 11.0.0 - 11.6.0* \n10.0.0 - 10.2.4* | 12.0.0 | Configuration utility \nBIG-IP DNS | None | 12.0.0 | None \nBIG-IP Edge Gateway | 11.0.0 - 11.3.0* \n10.1.0 - 10.2.4* | None | Configuration utility \nBIG-IP GTM | 11.0.0 - 11.6.0* \n10.0.0 - 10.2.4* | None | Configuration utility \nBIG-IP Link Controller | 11.0.0 - 11.6.0* \n10.0.0 - 10.2.4* | 12.0.0 | Configuration utility \nBIG-IP PEM | 11.3.0 - 11.6.0* | 12.0.0 | Configuration utility \nBIG-IP PSM | 11.0.0 - 11.4.1* \n10.0.0 - 10.2.4* | None | Configuration utility \nBIG-IP WebAccelerator | 11.0.0 - 11.3.0* \n10.0.0 - 10.2.4* | None | Configuration utility \nBIG-IP WOM | 11.0.0 - 11.3.0* \n10.0.0 - 10.2.4* | None | Configuration utility \nARX | None | 6.0.0 - 6.4.0 | None \nEnterprise Manager | 3.0.0 - 3.1.1* \n2.1.0 - 2.3.0* | None | Configuration utility \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 | None \nBIG-IQ ADC | 4.5.0* | None | Configuration utility \nBIG-IQ Cloud | 4.0.0 - 4.5.0* | None | Configuration utility \nBIG-IQ Device | 4.2.0 - 4.5.0* | None | Configuration utility \nBIG-IQ Security | 4.0.0 - 4.5.0* | None | Configuration utility \n \n*The affected versions ship with vulnerable code; however, F5 Product Development has determined that the vulnerability is unlikely to be exploited as BIG-IP, BIG-IQ, and Enterprise Manager have mitigations in place.\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists. \n \nF5 is responding to this vulnerability as determined by the parameters defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "edition": 1, "modified": "2016-01-09T02:06:00", "published": "2014-10-30T19:36:00", "href": "https://support.f5.com/csp/article/K15761", "id": "F5:K15761", "title": "Multiple PHP 5.x vulnerabilities", "type": "f5", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:06", "bulletinFamily": "software", "cvelist": ["CVE-2014-3478", "CVE-2014-3515", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-3981", "CVE-2014-0207", "CVE-2014-3487", "CVE-2014-4049"], "edition": 1, "description": "Recommended Action\n\nNone\n\nSupplemental Information\n\n * [SOL9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html>)\n * [SOL9957: Creating a custom RSS feed to view new and updated documents.](<https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html>)\n * [SOL4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html>)\n * [SOL4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html>)\n", "modified": "2014-08-12T00:00:00", "published": "2014-08-12T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/400/sol15498.html", "id": "SOL15498", "title": "SOL15498 - Multiple PHP vulnerabilities", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "amazon": [{"lastseen": "2020-11-10T12:35:07", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0237", "CVE-2014-3515", "CVE-2014-3981", "CVE-2014-0207", "CVE-2014-4049", "CVE-2013-6712", "CVE-2014-0238"], "description": "**Issue Overview:**\n\nA denial of service flaw was found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file.\n\nacinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. \n\nA buffer over-read flaw was found in the way the DateInterval class parsed interval specifications. An attacker able to make a PHP application parse a specially crafted specification using DateInterval could possibly cause the PHP interpreter to crash. \n\nA heap-based buffer overflow flaw was found in the way PHP parsed DNS TXT records. A malicious DNS server or a man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application used the dns_get_record() function to perform a DNS query. \n\nA type confusion issue was found in the SPL ArrayObject and SPLObjectStorage classes' unserialize() method. A remote attacker able to submit specially crafted input to a PHP application, which would then unserialize this input using one of the aforementioned methods, could use this flaw to execute arbitrary code with the privileges of the user running that PHP application.\n\n \n**Affected Packages:** \n\n\nphp\n\n \n**Issue Correction:** \nRun _yum update php_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n php-enchant-5.3.29-1.7.amzn1.i686 \n php-5.3.29-1.7.amzn1.i686 \n php-devel-5.3.29-1.7.amzn1.i686 \n php-xmlrpc-5.3.29-1.7.amzn1.i686 \n php-bcmath-5.3.29-1.7.amzn1.i686 \n php-fpm-5.3.29-1.7.amzn1.i686 \n php-tidy-5.3.29-1.7.amzn1.i686 \n php-embedded-5.3.29-1.7.amzn1.i686 \n php-mysql-5.3.29-1.7.amzn1.i686 \n php-xml-5.3.29-1.7.amzn1.i686 \n php-mcrypt-5.3.29-1.7.amzn1.i686 \n php-snmp-5.3.29-1.7.amzn1.i686 \n php-pspell-5.3.29-1.7.amzn1.i686 \n php-mssql-5.3.29-1.7.amzn1.i686 \n php-ldap-5.3.29-1.7.amzn1.i686 \n php-intl-5.3.29-1.7.amzn1.i686 \n php-odbc-5.3.29-1.7.amzn1.i686 \n php-debuginfo-5.3.29-1.7.amzn1.i686 \n php-pdo-5.3.29-1.7.amzn1.i686 \n php-mbstring-5.3.29-1.7.amzn1.i686 \n php-gd-5.3.29-1.7.amzn1.i686 \n php-recode-5.3.29-1.7.amzn1.i686 \n php-pgsql-5.3.29-1.7.amzn1.i686 \n php-imap-5.3.29-1.7.amzn1.i686 \n php-cli-5.3.29-1.7.amzn1.i686 \n php-soap-5.3.29-1.7.amzn1.i686 \n php-process-5.3.29-1.7.amzn1.i686 \n php-dba-5.3.29-1.7.amzn1.i686 \n php-common-5.3.29-1.7.amzn1.i686 \n php-mysqlnd-5.3.29-1.7.amzn1.i686 \n \n src: \n php-5.3.29-1.7.amzn1.src \n \n x86_64: \n php-debuginfo-5.3.29-1.7.amzn1.x86_64 \n php-tidy-5.3.29-1.7.amzn1.x86_64 \n php-enchant-5.3.29-1.7.amzn1.x86_64 \n php-5.3.29-1.7.amzn1.x86_64 \n php-pdo-5.3.29-1.7.amzn1.x86_64 \n php-mcrypt-5.3.29-1.7.amzn1.x86_64 \n php-mssql-5.3.29-1.7.amzn1.x86_64 \n php-cli-5.3.29-1.7.amzn1.x86_64 \n php-recode-5.3.29-1.7.amzn1.x86_64 \n php-ldap-5.3.29-1.7.amzn1.x86_64 \n php-dba-5.3.29-1.7.amzn1.x86_64 \n php-xml-5.3.29-1.7.amzn1.x86_64 \n php-intl-5.3.29-1.7.amzn1.x86_64 \n php-snmp-5.3.29-1.7.amzn1.x86_64 \n php-embedded-5.3.29-1.7.amzn1.x86_64 \n php-xmlrpc-5.3.29-1.7.amzn1.x86_64 \n php-imap-5.3.29-1.7.amzn1.x86_64 \n php-devel-5.3.29-1.7.amzn1.x86_64 \n php-bcmath-5.3.29-1.7.amzn1.x86_64 \n php-odbc-5.3.29-1.7.amzn1.x86_64 \n php-soap-5.3.29-1.7.amzn1.x86_64 \n php-mysql-5.3.29-1.7.amzn1.x86_64 \n php-mysqlnd-5.3.29-1.7.amzn1.x86_64 \n php-mbstring-5.3.29-1.7.amzn1.x86_64 \n php-pgsql-5.3.29-1.7.amzn1.x86_64 \n php-gd-5.3.29-1.7.amzn1.x86_64 \n php-process-5.3.29-1.7.amzn1.x86_64 \n php-fpm-5.3.29-1.7.amzn1.x86_64 \n php-common-5.3.29-1.7.amzn1.x86_64 \n php-pspell-5.3.29-1.7.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2014-08-21T11:15:00", "published": "2014-08-21T11:15:00", "id": "ALAS-2014-393", "href": "https://alas.aws.amazon.com/ALAS-2014-393.html", "title": "Medium: php", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-10T12:36:32", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3478", "CVE-2014-3515", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-3981", "CVE-2014-0207", "CVE-2014-3487", "CVE-2014-4049"], "description": "**Issue Overview:**\n\nacinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. \n\nA denial of service flaw was found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file. \n\nA type confusion issue was found in the SPL ArrayObject and SPLObjectStorage classes' unserialize() method. A remote attacker able to submit specially crafted input to a PHP application, which would then unserialize this input using one of the aforementioned methods, could use this flaw to execute arbitrary code with the privileges of the user running that PHP application. \n\nBuffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion. \n\nA heap-based buffer overflow flaw was found in the way PHP parsed DNS TXT records. A malicious DNS server or a man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application used the dns_get_record() function to perform a DNS query. \n\n \n**Affected Packages:** \n\n\nphp54\n\n \n**Issue Correction:** \nRun _yum update php54_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n php54-gd-5.4.30-1.56.amzn1.i686 \n php54-intl-5.4.30-1.56.amzn1.i686 \n php54-snmp-5.4.30-1.56.amzn1.i686 \n php54-mysqlnd-5.4.30-1.56.amzn1.i686 \n php54-bcmath-5.4.30-1.56.amzn1.i686 \n php54-mbstring-5.4.30-1.56.amzn1.i686 \n php54-embedded-5.4.30-1.56.amzn1.i686 \n php54-xml-5.4.30-1.56.amzn1.i686 \n php54-xmlrpc-5.4.30-1.56.amzn1.i686 \n php54-debuginfo-5.4.30-1.56.amzn1.i686 \n php54-pdo-5.4.30-1.56.amzn1.i686 \n php54-dba-5.4.30-1.56.amzn1.i686 \n php54-tidy-5.4.30-1.56.amzn1.i686 \n php54-imap-5.4.30-1.56.amzn1.i686 \n php54-soap-5.4.30-1.56.amzn1.i686 \n php54-5.4.30-1.56.amzn1.i686 \n php54-enchant-5.4.30-1.56.amzn1.i686 \n php54-devel-5.4.30-1.56.amzn1.i686 \n php54-fpm-5.4.30-1.56.amzn1.i686 \n php54-common-5.4.30-1.56.amzn1.i686 \n php54-cli-5.4.30-1.56.amzn1.i686 \n php54-mysql-5.4.30-1.56.amzn1.i686 \n php54-odbc-5.4.30-1.56.amzn1.i686 \n php54-ldap-5.4.30-1.56.amzn1.i686 \n php54-pspell-5.4.30-1.56.amzn1.i686 \n php54-mssql-5.4.30-1.56.amzn1.i686 \n php54-recode-5.4.30-1.56.amzn1.i686 \n php54-mcrypt-5.4.30-1.56.amzn1.i686 \n php54-pgsql-5.4.30-1.56.amzn1.i686 \n php54-process-5.4.30-1.56.amzn1.i686 \n \n src: \n php54-5.4.30-1.56.amzn1.src \n \n x86_64: \n php54-mcrypt-5.4.30-1.56.amzn1.x86_64 \n php54-ldap-5.4.30-1.56.amzn1.x86_64 \n php54-imap-5.4.30-1.56.amzn1.x86_64 \n php54-5.4.30-1.56.amzn1.x86_64 \n php54-snmp-5.4.30-1.56.amzn1.x86_64 \n php54-pdo-5.4.30-1.56.amzn1.x86_64 \n php54-pspell-5.4.30-1.56.amzn1.x86_64 \n php54-dba-5.4.30-1.56.amzn1.x86_64 \n php54-embedded-5.4.30-1.56.amzn1.x86_64 \n php54-bcmath-5.4.30-1.56.amzn1.x86_64 \n php54-intl-5.4.30-1.56.amzn1.x86_64 \n php54-common-5.4.30-1.56.amzn1.x86_64 \n php54-xml-5.4.30-1.56.amzn1.x86_64 \n php54-fpm-5.4.30-1.56.amzn1.x86_64 \n php54-pgsql-5.4.30-1.56.amzn1.x86_64 \n php54-cli-5.4.30-1.56.amzn1.x86_64 \n php54-process-5.4.30-1.56.amzn1.x86_64 \n php54-soap-5.4.30-1.56.amzn1.x86_64 \n php54-tidy-5.4.30-1.56.amzn1.x86_64 \n php54-recode-5.4.30-1.56.amzn1.x86_64 \n php54-gd-5.4.30-1.56.amzn1.x86_64 \n php54-enchant-5.4.30-1.56.amzn1.x86_64 \n php54-mssql-5.4.30-1.56.amzn1.x86_64 \n php54-debuginfo-5.4.30-1.56.amzn1.x86_64 \n php54-mysqlnd-5.4.30-1.56.amzn1.x86_64 \n php54-odbc-5.4.30-1.56.amzn1.x86_64 \n php54-devel-5.4.30-1.56.amzn1.x86_64 \n php54-mysql-5.4.30-1.56.amzn1.x86_64 \n php54-mbstring-5.4.30-1.56.amzn1.x86_64 \n php54-xmlrpc-5.4.30-1.56.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2014-07-09T16:24:00", "published": "2014-07-09T16:24:00", "id": "ALAS-2014-367", "href": "https://alas.aws.amazon.com/ALAS-2014-367.html", "title": "Medium: php54", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-10T12:35:08", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3478", "CVE-2014-3515", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-3981", "CVE-2014-0207", "CVE-2014-3487", "CVE-2014-4049"], "description": "**Issue Overview:**\n\nacinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. \n\nA denial of service flaw was found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file. \n\nA type confusion issue was found in the SPL ArrayObject and SPLObjectStorage classes' unserialize() method. A remote attacker able to submit specially crafted input to a PHP application, which would then unserialize this input using one of the aforementioned methods, could use this flaw to execute arbitrary code with the privileges of the user running that PHP application. \n\nBuffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion. \n\nA heap-based buffer overflow flaw was found in the way PHP parsed DNS TXT records. A malicious DNS server or a man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application used the dns_get_record() function to perform a DNS query.\n\n \n**Affected Packages:** \n\n\nphp55\n\n \n**Issue Correction:** \nRun _yum update php55_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n php55-mysqlnd-5.5.14-1.75.amzn1.i686 \n php55-soap-5.5.14-1.75.amzn1.i686 \n php55-embedded-5.5.14-1.75.amzn1.i686 \n php55-xml-5.5.14-1.75.amzn1.i686 \n php55-intl-5.5.14-1.75.amzn1.i686 \n php55-recode-5.5.14-1.75.amzn1.i686 \n php55-mssql-5.5.14-1.75.amzn1.i686 \n php55-odbc-5.5.14-1.75.amzn1.i686 \n php55-dba-5.5.14-1.75.amzn1.i686 \n php55-imap-5.5.14-1.75.amzn1.i686 \n php55-enchant-5.5.14-1.75.amzn1.i686 \n php55-gmp-5.5.14-1.75.amzn1.i686 \n php55-5.5.14-1.75.amzn1.i686 \n php55-debuginfo-5.5.14-1.75.amzn1.i686 \n php55-common-5.5.14-1.75.amzn1.i686 \n php55-bcmath-5.5.14-1.75.amzn1.i686 \n php55-xmlrpc-5.5.14-1.75.amzn1.i686 \n php55-tidy-5.5.14-1.75.amzn1.i686 \n php55-pgsql-5.5.14-1.75.amzn1.i686 \n php55-pdo-5.5.14-1.75.amzn1.i686 \n php55-ldap-5.5.14-1.75.amzn1.i686 \n php55-opcache-5.5.14-1.75.amzn1.i686 \n php55-snmp-5.5.14-1.75.amzn1.i686 \n php55-gd-5.5.14-1.75.amzn1.i686 \n php55-pspell-5.5.14-1.75.amzn1.i686 \n php55-mcrypt-5.5.14-1.75.amzn1.i686 \n php55-mbstring-5.5.14-1.75.amzn1.i686 \n php55-devel-5.5.14-1.75.amzn1.i686 \n php55-fpm-5.5.14-1.75.amzn1.i686 \n php55-cli-5.5.14-1.75.amzn1.i686 \n php55-process-5.5.14-1.75.amzn1.i686 \n \n src: \n php55-5.5.14-1.75.amzn1.src \n \n x86_64: \n php55-gd-5.5.14-1.75.amzn1.x86_64 \n php55-opcache-5.5.14-1.75.amzn1.x86_64 \n php55-recode-5.5.14-1.75.amzn1.x86_64 \n php55-pdo-5.5.14-1.75.amzn1.x86_64 \n php55-common-5.5.14-1.75.amzn1.x86_64 \n php55-embedded-5.5.14-1.75.amzn1.x86_64 \n php55-intl-5.5.14-1.75.amzn1.x86_64 \n php55-gmp-5.5.14-1.75.amzn1.x86_64 \n php55-tidy-5.5.14-1.75.amzn1.x86_64 \n php55-enchant-5.5.14-1.75.amzn1.x86_64 \n php55-cli-5.5.14-1.75.amzn1.x86_64 \n php55-snmp-5.5.14-1.75.amzn1.x86_64 \n php55-soap-5.5.14-1.75.amzn1.x86_64 \n php55-bcmath-5.5.14-1.75.amzn1.x86_64 \n php55-xml-5.5.14-1.75.amzn1.x86_64 \n php55-imap-5.5.14-1.75.amzn1.x86_64 \n php55-devel-5.5.14-1.75.amzn1.x86_64 \n php55-5.5.14-1.75.amzn1.x86_64 \n php55-mysqlnd-5.5.14-1.75.amzn1.x86_64 \n php55-mcrypt-5.5.14-1.75.amzn1.x86_64 \n php55-odbc-5.5.14-1.75.amzn1.x86_64 \n php55-fpm-5.5.14-1.75.amzn1.x86_64 \n php55-process-5.5.14-1.75.amzn1.x86_64 \n php55-mbstring-5.5.14-1.75.amzn1.x86_64 \n php55-debuginfo-5.5.14-1.75.amzn1.x86_64 \n php55-xmlrpc-5.5.14-1.75.amzn1.x86_64 \n php55-ldap-5.5.14-1.75.amzn1.x86_64 \n php55-dba-5.5.14-1.75.amzn1.x86_64 \n php55-pgsql-5.5.14-1.75.amzn1.x86_64 \n php55-pspell-5.5.14-1.75.amzn1.x86_64 \n php55-mssql-5.5.14-1.75.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2014-07-09T16:42:00", "published": "2014-07-09T16:42:00", "id": "ALAS-2014-372", "href": "https://alas.aws.amazon.com/ALAS-2014-372.html", "title": "Medium: php55", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:25", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0237", "CVE-2014-3515", "CVE-2014-3981", "CVE-2014-0207", "CVE-2014-4049", "CVE-2013-6712", "CVE-2014-0238"], "description": "\nThe PHP Team reports:\n\ninsecure temporary file use in the configure script\nunserialize() SPL ArrayObject / SPLObjectStorage Type Confusion\n\t \nHeap buffer over-read in DateInterval\nfileinfo: cdf_read_short_sector insufficient boundary check\nfileinfo: CDF infinite loop in nelements DoS\nfileinfo: fileinfo: numerous file_printf calls resulting in\n\t performance degradation)\nFix potential segfault in dns_check_record()\n\n", "edition": 4, "modified": "2014-08-14T00:00:00", "published": "2014-08-14T00:00:00", "id": "D2A892B9-2605-11E4-9DA0-00A0986F28C4", "href": "https://vuxml.freebsd.org/freebsd/d2a892b9-2605-11e4-9da0-00a0986f28c4.html", "title": "PHP multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:39", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3587", "CVE-2012-1571", "CVE-2014-4670", "CVE-2014-3597", "CVE-2014-4698", "CVE-2014-4049", "CVE-2014-2497"], "description": "[5.3.3-27.2]\n- spl: fix use-after-free in ArrayIterator due to object\n change during sorting. CVE-2014-4698\n- spl: fix use-after-free in SPL Iterators. CVE-2014-4670\n- gd: fix NULL pointer dereference in gdImageCreateFromXpm.\n CVE-2014-2497\n- fileinfo: fix incomplete fix for CVE-2012-1571 in\n cdf_read_property_info. CVE-2014-3587\n- core: fix incomplete fix for CVE-2014-4049 DNS TXT\n record parsing. CVE-2014-3597", "edition": 4, "modified": "2014-09-30T00:00:00", "published": "2014-09-30T00:00:00", "id": "ELSA-2014-1326", "href": "http://linux.oracle.com/errata/ELSA-2014-1326.html", "title": "php53 and php security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:51", "bulletinFamily": "unix", "cvelist": ["CVE-2013-7345", "CVE-2014-0237", "CVE-2014-3515", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-0207", "CVE-2014-3487", "CVE-2014-4721", "CVE-2014-4049", "CVE-2014-0238"], "description": "[5.4.16-23]\n- fileinfo: cdf_unpack_summary_info() excessive looping\n DoS. CVE-2014-0237\n- fileinfo: CDF property info parsing nelements infinite\n loop. CVE-2014-0238\n- fileinfo: cdf_check_stream_offset insufficient boundary\n check. CVE-2014-3479\n- fileinfo: cdf_count_chain insufficient boundary check\n CVE-2014-3480\n- fileinfo: cdf_read_short_sector insufficient boundary\n check. CVE-2014-0207\n- fileinfo: cdf_read_property_info insufficient boundary\n check. CVE-2014-3487\n- fileinfo: fix extensive backtracking CVE-2013-7345\n- core: type confusion issue in phpinfo(). CVE-2014-4721\n- core: fix heap-based buffer overflow in DNS TXT record\n parsing. CVE-2014-4049\n- core: unserialize() SPL ArrayObject / SPLObjectStorage\n type confusion flaw. CVE-2014-3515", "edition": 4, "modified": "2014-08-06T00:00:00", "published": "2014-08-06T00:00:00", "id": "ELSA-2014-1013", "href": "http://linux.oracle.com/errata/ELSA-2014-1013.html", "title": "php security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:12", "bulletinFamily": "unix", "cvelist": ["CVE-2013-7345", "CVE-2014-3478", "CVE-2014-3587", "CVE-2012-1571", "CVE-2014-4670", "CVE-2014-3538", "CVE-2014-5120", "CVE-2014-3597", "CVE-2014-4698", "CVE-2014-4049", "CVE-2014-2497"], "description": "[5.4.16-23.1]\n- gd: fix NULL pointer dereference in gdImageCreateFromXpm().\n CVE-2014-2497\n- gd: fix NUL byte injection in file names. CVE-2014-5120\n- fileinfo: fix extensive backtracking in regular expression\n (incomplete fix for CVE-2013-7345). CVE-2014-3538\n- fileinfo: fix mconvert incorrect handling of truncated\n pascal string size. CVE-2014-3478\n- fileinfo: fix cdf_read_property_info\n (incomplete fix for CVE-2012-1571). CVE-2014-3587\n- spl: fix use-after-free in ArrayIterator due to object\n change during sorting. CVE-2014-4698\n- spl: fix use-after-free in SPL Iterators. CVE-2014-4670\n- network: fix segfault in dns_get_record\n (incomplete fix for CVE-2014-4049). CVE-2014-3597", "edition": 4, "modified": "2014-09-30T00:00:00", "published": "2014-09-30T00:00:00", "id": "ELSA-2014-1327", "href": "http://linux.oracle.com/errata/ELSA-2014-1327.html", "title": "php security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:12", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0237", "CVE-2014-1943", "CVE-2014-3515", "CVE-2012-1571", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-4721", "CVE-2014-2270", "CVE-2014-4049", "CVE-2013-6712", "CVE-2014-0238"], "description": "[5.3.3-27.1]\n- core: type confusion issue in phpinfo(). CVE-2014-4721\n- date: fix heap-based buffer over-read in DateInterval. CVE-2013-6712\n- core: fix heap-based buffer overflow in DNS TXT record parsing.\n CVE-2014-4049\n- core: unserialize() SPL ArrayObject / SPLObjectStorage type\n confusion flaw. CVE-2014-3515\n- fileinfo: out-of-bounds memory access in fileinfo. CVE-2014-2270\n- fileinfo: unrestricted recursion in handling of indirect type\n rules. CVE-2014-1943\n- fileinfo: out of bounds read in CDF parser. CVE-2012-1571\n- fileinfo: cdf_check_stream_offset boundary check. CVE-2014-3479\n- fileinfo: cdf_count_chain insufficient boundary check. CVE-2014-3480\n- fileinfo: cdf_unpack_summary_info() excessive looping\n DoS. CVE-2014-0237\n- fileinfo: CDF property info parsing nelements infinite\n loop. CVE-2014-0238", "edition": 4, "modified": "2014-08-06T00:00:00", "published": "2014-08-06T00:00:00", "id": "ELSA-2014-1012", "href": "http://linux.oracle.com/errata/ELSA-2014-1012.html", "title": "php53 and php security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:15", "bulletinFamily": "unix", "cvelist": ["CVE-2015-2348", "CVE-2014-9705", "CVE-2015-2787", "CVE-2015-0232", "CVE-2015-4601", "CVE-2013-7345", "CVE-2015-2783", "CVE-2015-3329", "CVE-2014-3478", "CVE-2015-3330", "CVE-2015-2301", "CVE-2014-3587", "CVE-2012-1571", "CVE-2014-9709", "CVE-2014-4670", "CVE-2014-3668", "CVE-2015-0273", "CVE-2014-8142", "CVE-2015-4148", "CVE-2015-4605", "CVE-2015-3307", "CVE-2015-4025", "CVE-2014-3669", "CVE-2015-4024", "CVE-2015-4021", "CVE-2014-3538", "CVE-2014-5120", "CVE-2014-3597", "CVE-2014-3710", "CVE-2015-4602", "CVE-2015-4026", "CVE-2014-4698", "CVE-2015-4147", "CVE-2015-3411", "CVE-2014-4049", "CVE-2015-4604", "CVE-2014-3670", "CVE-2015-4600", "CVE-2015-4022", "CVE-2014-9652", "CVE-2015-3412", "CVE-2014-2497", "CVE-2015-4603", "CVE-2015-4599", "CVE-2015-4598", "CVE-2015-0231"], "description": "[5.4.16-36]\n- fix more functions accept paths with NUL character #1213407\n[5.4.16-35]\n- core: fix multipart/form-data request can use excessive\n amount of CPU usage CVE-2015-4024\n- fix various functions accept paths with NUL character\n CVE-2015-4025, CVE-2015-4026, #1213407\n- fileinfo: fix denial of service when processing a crafted\n file #1213442\n- ftp: fix integer overflow leading to heap overflow when\n reading FTP file listing CVE-2015-4022\n- phar: fix buffer over-read in metadata parsing CVE-2015-2783\n- phar: invalid pointer free() in phar_tar_process_metadata()\n CVE-2015-3307\n- phar: fix buffer overflow in phar_set_inode() CVE-2015-3329\n- phar: fix memory corruption in phar_parse_tarfile caused by\n empty entry file name CVE-2015-4021\n- soap: fix type confusion through unserialize #1222538\n- apache2handler: fix pipelined request executed in deinitialized\n interpreter under httpd 2.4 CVE-2015-3330\n[5.4.16-34]\n- fix memory corruption in fileinfo module on big endian\n machines #1082624\n- fix segfault in pdo_odbc on x86_64 #1159892\n- fix segfault in gmp allocator #1154760\n[5.4.16-33]\n- core: use after free vulnerability in unserialize()\n CVE-2014-8142 and CVE-2015-0231\n- core: fix use-after-free in unserialize CVE-2015-2787\n- core: fix NUL byte injection in file name argument of\n move_uploaded_file() CVE-2015-2348\n- date: use after free vulnerability in unserialize CVE-2015-0273\n- enchant: fix heap buffer overflow in enchant_broker_request_dict\n CVE-2014-9705\n- exif: free called on unitialized pointer CVE-2015-0232\n- fileinfo: fix out of bounds read in mconvert CVE-2014-9652\n- gd: fix buffer read overflow in gd_gif_in.c CVE-2014-9709\n- phar: use after free in phar_object.c CVE-2015-2301\n- soap: fix type confusion through unserialize\n[5.4.16-31]\n- fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710\n[5.4.16-29]\n- xmlrpc: fix out-of-bounds read flaw in mkgmtime() CVE-2014-3668\n- core: fix integer overflow in unserialize() CVE-2014-3669\n- exif: fix heap corruption issue in exif_thumbnail() CVE-2014-3670\n[5.4.16-27]\n- gd: fix NULL pointer dereference in gdImageCreateFromXpm().\n CVE-2014-2497\n- gd: fix NUL byte injection in file names. CVE-2014-5120\n- fileinfo: fix extensive backtracking in regular expression\n (incomplete fix for CVE-2013-7345). CVE-2014-3538\n- fileinfo: fix mconvert incorrect handling of truncated\n pascal string size. CVE-2014-3478\n- fileinfo: fix cdf_read_property_info\n (incomplete fix for CVE-2012-1571). CVE-2014-3587\n- spl: fix use-after-free in ArrayIterator due to object\n change during sorting. CVE-2014-4698\n- spl: fix use-after-free in SPL Iterators. CVE-2014-4670\n- network: fix segfault in dns_get_record\n (incomplete fix for CVE-2014-4049). CVE-2014-3597\n[5.4.16-25]\n- fix segfault after startup on aarch64 (#1107567)\n- compile php with -O3 on ppc64le (#1123499)", "edition": 4, "modified": "2015-06-23T00:00:00", "published": "2015-06-23T00:00:00", "id": "ELSA-2015-1135", "href": "http://linux.oracle.com/errata/ELSA-2015-1135.html", "title": "php security and bug fix update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "slackware": [{"lastseen": "2020-10-25T16:36:15", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0207", "CVE-2014-3478", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-3487", "CVE-2014-3515", "CVE-2014-3981", "CVE-2014-4049"], "description": "New php packages are available for Slackware 14.0, 14.1, and -current to\nfix security issues.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/php-5.4.30-i486-1_slack14.1.txz: Upgraded.\n This update fixes bugs and security issues.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.4.30-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.4.30-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.4.30-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.4.30-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.4.30-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.4.30-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\n71915785e23ebf475fa83f7a3099fe04 php-5.4.30-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\na100c5543e09318adbcf4ef4dda01c31 php-5.4.30-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n330880b3b057465046bde06eb754a700 php-5.4.30-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n598ec85923640db387caaf70284f2b01 php-5.4.30-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n176ee84e2d5eeae934cb1079cbf812d4 n/php-5.4.30-i486-1.txz\n\nSlackware x86_64 -current package:\n217c4b13a6102c23970edf39f41f83b6 n/php-5.4.30-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg php-5.4.30-i486-1_slack14.1.txz\n\nThen, restart Apache httpd:\n > /etc/rc.d/rc.httpd stop\n > /etc/rc.d/rc.httpd start", "modified": "2014-07-12T03:48:04", "published": "2014-07-12T03:48:04", "id": "SSA-2014-192-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.413705", "type": "slackware", "title": "[slackware-security] php", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2019-12-20T18:28:59", "bulletinFamily": "unix", "cvelist": ["CVE-2013-7345", "CVE-2014-0237", "CVE-2014-3515", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-0207", "CVE-2014-3487", "CVE-2014-4721", "CVE-2014-4049", "CVE-2014-0238"], "description": "**CentOS Errata and Security Advisory** CESA-2014:1013\n\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server. PHP's fileinfo module provides functions used to identify a\nparticular file according to the type of data contained by the file.\n\nA denial of service flaw was found in the File Information (fileinfo)\nextension rules for detecting AWK files. A remote attacker could use this\nflaw to cause a PHP application using fileinfo to consume an excessive\namount of CPU. (CVE-2013-7345)\n\nMultiple denial of service flaws were found in the way the File Information\n(fileinfo) extension parsed certain Composite Document Format (CDF) files.\nA remote attacker could use either of these flaws to crash a PHP\napplication using fileinfo via a specially crafted CDF file.\n(CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480,\nCVE-2014-3487)\n\nA heap-based buffer overflow flaw was found in the way PHP parsed DNS TXT\nrecords. A malicious DNS server or a man-in-the-middle attacker could\npossibly use this flaw to execute arbitrary code as the PHP interpreter if\na PHP application used the dns_get_record() function to perform a DNS\nquery. (CVE-2014-4049)\n\nA type confusion issue was found in PHP's phpinfo() function. A malicious\nscript author could possibly use this flaw to disclose certain portions of\nserver memory. (CVE-2014-4721)\n\nA type confusion issue was found in the SPL ArrayObject and\nSPLObjectStorage classes' unserialize() method. A remote attacker able to\nsubmit specially crafted input to a PHP application, which would then\nunserialize this input using one of the aforementioned methods, could use\nthis flaw to execute arbitrary code with the privileges of the user running\nthat PHP application. (CVE-2014-3515)\n\nThe CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3479,\nCVE-2014-3480, and CVE-2014-3487 issues were discovered by Francisco Alonso\nof Red Hat Product Security.\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-August/032506.html\n\n**Affected packages:**\nphp\nphp-bcmath\nphp-cli\nphp-common\nphp-dba\nphp-devel\nphp-embedded\nphp-enchant\nphp-fpm\nphp-gd\nphp-intl\nphp-ldap\nphp-mbstring\nphp-mysql\nphp-mysqlnd\nphp-odbc\nphp-pdo\nphp-pgsql\nphp-process\nphp-pspell\nphp-recode\nphp-snmp\nphp-soap\nphp-xml\nphp-xmlrpc\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1013.html", "edition": 3, "modified": "2014-08-06T14:38:20", "published": "2014-08-06T14:38:20", "href": "http://lists.centos.org/pipermail/centos-announce/2014-August/032506.html", "id": "CESA-2014:1013", "title": "php security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-20T18:27:58", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0237", "CVE-2014-1943", "CVE-2014-3515", "CVE-2012-1571", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-4721", "CVE-2014-2270", "CVE-2014-4049", "CVE-2013-6712", "CVE-2014-0238"], "description": "**CentOS Errata and Security Advisory** CESA-2014:1012\n\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server. PHP's fileinfo module provides functions used to identify a\nparticular file according to the type of data contained by the file.\n\nMultiple denial of service flaws were found in the way the File Information\n(fileinfo) extension parsed certain Composite Document Format (CDF) files.\nA remote attacker could use either of these flaws to crash a PHP\napplication using fileinfo via a specially crafted CDF file.\n(CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, CVE-2012-1571)\n\nTwo denial of service flaws were found in the way the File Information\n(fileinfo) extension handled indirect and search rules. A remote attacker\ncould use either of these flaws to cause a PHP application using fileinfo\nto crash or consume an excessive amount of CPU. (CVE-2014-1943,\nCVE-2014-2270)\n\nA heap-based buffer overflow flaw was found in the way PHP parsed DNS TXT\nrecords. A malicious DNS server or a man-in-the-middle attacker could\npossibly use this flaw to execute arbitrary code as the PHP interpreter if\na PHP application used the dns_get_record() function to perform a DNS\nquery. (CVE-2014-4049)\n\nA type confusion issue was found in PHP's phpinfo() function. A malicious\nscript author could possibly use this flaw to disclose certain portions of\nserver memory. (CVE-2014-4721)\n\nA buffer over-read flaw was found in the way the DateInterval class parsed\ninterval specifications. An attacker able to make a PHP application parse a\nspecially crafted specification using DateInterval could possibly cause the\nPHP interpreter to crash. (CVE-2013-6712)\n\nA type confusion issue was found in the SPL ArrayObject and\nSPLObjectStorage classes' unserialize() method. A remote attacker able to\nsubmit specially crafted input to a PHP application, which would then\nunserialize this input using one of the aforementioned methods, could use\nthis flaw to execute arbitrary code with the privileges of the user running\nthat PHP application. (CVE-2014-3515)\n\nThe CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, and CVE-2014-3480 issues\nwere discovered by Francisco Alonso of Red Hat Product Security.\n\nAll php53 and php users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-August/032508.html\nhttp://lists.centos.org/pipermail/centos-announce/2014-August/032511.html\n\n**Affected packages:**\nphp\nphp-bcmath\nphp-cli\nphp-common\nphp-dba\nphp-devel\nphp-embedded\nphp-enchant\nphp-fpm\nphp-gd\nphp-imap\nphp-intl\nphp-ldap\nphp-mbstring\nphp-mysql\nphp-odbc\nphp-pdo\nphp-pgsql\nphp-process\nphp-pspell\nphp-recode\nphp-snmp\nphp-soap\nphp-tidy\nphp-xml\nphp-xmlrpc\nphp-zts\nphp53\nphp53-bcmath\nphp53-cli\nphp53-common\nphp53-dba\nphp53-devel\nphp53-gd\nphp53-imap\nphp53-intl\nphp53-ldap\nphp53-mbstring\nphp53-mysql\nphp53-odbc\nphp53-pdo\nphp53-pgsql\nphp53-process\nphp53-pspell\nphp53-snmp\nphp53-soap\nphp53-xml\nphp53-xmlrpc\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-1012.html", "edition": 3, "modified": "2014-08-06T18:20:19", "published": "2014-08-06T14:53:37", "href": "http://lists.centos.org/pipermail/centos-announce/2014-August/032508.html", "id": "CESA-2014:1012", "title": "php, php53 security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:45:47", "bulletinFamily": "unix", "cvelist": ["CVE-2013-7345", "CVE-2014-0207", "CVE-2014-0237", "CVE-2014-0238", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-3487", "CVE-2014-3515", "CVE-2014-4049", "CVE-2014-4721"], "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server. PHP's fileinfo module provides functions used to identify a\nparticular file according to the type of data contained by the file.\n\nA denial of service flaw was found in the File Information (fileinfo)\nextension rules for detecting AWK files. A remote attacker could use this\nflaw to cause a PHP application using fileinfo to consume an excessive\namount of CPU. (CVE-2013-7345)\n\nMultiple denial of service flaws were found in the way the File Information\n(fileinfo) extension parsed certain Composite Document Format (CDF) files.\nA remote attacker could use either of these flaws to crash a PHP\napplication using fileinfo via a specially crafted CDF file.\n(CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480,\nCVE-2014-3487)\n\nA heap-based buffer overflow flaw was found in the way PHP parsed DNS TXT\nrecords. A malicious DNS server or a man-in-the-middle attacker could\npossibly use this flaw to execute arbitrary code as the PHP interpreter if\na PHP application used the dns_get_record() function to perform a DNS\nquery. (CVE-2014-4049)\n\nA type confusion issue was found in PHP's phpinfo() function. A malicious\nscript author could possibly use this flaw to disclose certain portions of\nserver memory. (CVE-2014-4721)\n\nA type confusion issue was found in the SPL ArrayObject and\nSPLObjectStorage classes' unserialize() method. A remote attacker able to\nsubmit specially crafted input to a PHP application, which would then\nunserialize this input using one of the aforementioned methods, could use\nthis flaw to execute arbitrary code with the privileges of the user running\nthat PHP application. (CVE-2014-3515)\n\nThe CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3479,\nCVE-2014-3480, and CVE-2014-3487 issues were discovered by Francisco Alonso\nof Red Hat Product Security.\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\n", "modified": "2018-04-12T03:33:28", "published": "2014-08-06T04:00:00", "id": "RHSA-2014:1013", "href": "https://access.redhat.com/errata/RHSA-2014:1013", "type": "redhat", "title": "(RHSA-2014:1013) Moderate: php security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1571", "CVE-2013-6712", "CVE-2014-0237", "CVE-2014-0238", "CVE-2014-1943", "CVE-2014-2270", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-3515", "CVE-2014-4049", "CVE-2014-4721"], "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server. PHP's fileinfo module provides functions used to identify a\nparticular file according to the type of data contained by the file.\n\nMultiple denial of service flaws were found in the way the File Information\n(fileinfo) extension parsed certain Composite Document Format (CDF) files.\nA remote attacker could use either of these flaws to crash a PHP\napplication using fileinfo via a specially crafted CDF file.\n(CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, CVE-2012-1571)\n\nTwo denial of service flaws were found in the way the File Information\n(fileinfo) extension handled indirect and search rules. A remote attacker\ncould use either of these flaws to cause a PHP application using fileinfo\nto crash or consume an excessive amount of CPU. (CVE-2014-1943,\nCVE-2014-2270)\n\nA heap-based buffer overflow flaw was found in the way PHP parsed DNS TXT\nrecords. A malicious DNS server or a man-in-the-middle attacker could\npossibly use this flaw to execute arbitrary code as the PHP interpreter if\na PHP application used the dns_get_record() function to perform a DNS\nquery. (CVE-2014-4049)\n\nA type confusion issue was found in PHP's phpinfo() function. A malicious\nscript author could possibly use this flaw to disclose certain portions of\nserver memory. (CVE-2014-4721)\n\nA buffer over-read flaw was found in the way the DateInterval class parsed\ninterval specifications. An attacker able to make a PHP application parse a\nspecially crafted specification using DateInterval could possibly cause the\nPHP interpreter to crash. (CVE-2013-6712)\n\nA type confusion issue was found in the SPL ArrayObject and\nSPLObjectStorage classes' unserialize() method. A remote attacker able to\nsubmit specially crafted input to a PHP application, which would then\nunserialize this input using one of the aforementioned methods, could use\nthis flaw to execute arbitrary code with the privileges of the user running\nthat PHP application. (CVE-2014-3515)\n\nThe CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, and CVE-2014-3480 issues\nwere discovered by Francisco Alonso of Red Hat Product Security.\n\nAll php53 and php users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues.\n", "modified": "2018-06-06T20:24:21", "published": "2014-08-06T04:00:00", "id": "RHSA-2014:1012", "href": "https://access.redhat.com/errata/RHSA-2014:1012", "type": "redhat", "title": "(RHSA-2014:1012) Moderate: php53 and php security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:56", "bulletinFamily": "unix", "cvelist": ["CVE-2014-0207", "CVE-2014-0237", "CVE-2014-0238", "CVE-2014-2497", "CVE-2014-3478", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-3487", "CVE-2014-3515", "CVE-2014-3538", "CVE-2014-3587", "CVE-2014-3597", "CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710", "CVE-2014-4049", "CVE-2014-4670", "CVE-2014-4698", "CVE-2014-4721", "CVE-2014-5120"], "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code. (CVE-2014-3670)\n\nMultiple buffer overflow flaws were found in the way PHP parsed DNS\nresponses. A malicious DNS server or a man-in-the-middle attacker could\nuse these flaws to crash or, possibly, execute arbitrary code with the\nprivileges of a PHP application that uses the dns_get_record() function.\n(CVE-2014-4049, CVE-2014-3597)\n\nMultiple denial of service flaws were found in the File Information\n(fileinfo) extension. A remote attacker could use these flaws to cause a\nPHP application using fileinfo to consume an excessive amount of CPU and\npossibly crash. (CVE-2014-0237, CVE-2014-0238, CVE-2014-3538)\n\nMultiple boundary check flaws were found in the File Information (fileinfo)\nextension. A remote attacker could use these flaws to cause a PHP\napplication using fileinfo to crash. (CVE-2014-0207, CVE-2014-3478,\nCVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3587, CVE-2014-3710)\n\nA type confusion issue was found in PHP's phpinfo() function. A malicious\nscript author could possibly use this flaw to disclose certain portions of\nserver memory. (CVE-2014-4721)\n\nA type confusion issue was found in the SPL ArrayObject and\nSPLObjectStorage classes' unserialize() method. A remote attacker able to\nsubmit specially crafted input to a PHP application, which would then\nunserialize this input using one of the aforementioned methods, could use\nthis flaw to execute arbitrary code with the privileges of the user running\nthat PHP application. (CVE-2014-3515)\n\nTwo use-after-free flaws were found in the way PHP handled certain Standard\nPHP Library (SPL) Iterators and ArrayIterators. A malicious script author\ncould possibly use either of these flaws to disclose certain portions of\nserver memory. (CVE-2014-4670, CVE-2014-4698)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nIt was found that PHP's gd extension did not properly handle file names\nwith a null character. A remote attacker could possibly use this flaw to\nmake a PHP application access unexpected files and bypass intended file\nsystem access restrictions. (CVE-2014-5120)\n\nA NULL pointer dereference flaw was found in the gdImageCreateFromXpm()\nfunction of PHP's gd extension. A remote attacker could use this flaw to\ncrash a PHP application using gd via a specially crafted X PixMap (XPM)\nfile. (CVE-2014-2497)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed\ndates in the ISO 8601 format. A specially crafted XML-RPC request or\nresponse could possibly cause a PHP application to crash. (CVE-2014-3668)\n\nThe CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3478,\nCVE-2014-3479, CVE-2014-3480, CVE-2014-3487, and CVE-2014-3710 issues were\ndiscovered by Francisco Alonso of Red Hat Product Security; the\nCVE-2014-3538 issue was discovered by Jan Kalu\u017ea of the Red Hat Web Stack\nTeam; the CVE-2014-3597 issue was discovered by David Kut\u00e1lek of Red Hat\nBaseOS QE.\n\nAll php55-php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd24-httpd service must be restarted for the\nupdate to take effect.\n", "modified": "2018-06-13T01:28:25", "published": "2014-10-30T04:00:00", "id": "RHSA-2014:1766", "href": "https://access.redhat.com/errata/RHSA-2014:1766", "type": "redhat", "title": "(RHSA-2014:1766) Important: php55-php security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:48", "bulletinFamily": "unix", "cvelist": ["CVE-2013-6712", "CVE-2013-7345", "CVE-2014-0207", "CVE-2014-0237", "CVE-2014-0238", "CVE-2014-1943", "CVE-2014-2270", "CVE-2014-2497", "CVE-2014-3478", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-3487", "CVE-2014-3515", "CVE-2014-3538", "CVE-2014-3587", "CVE-2014-3597", "CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710", "CVE-2014-4049", "CVE-2014-4670", "CVE-2014-4698", "CVE-2014-4721", "CVE-2014-5120"], "description": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code. (CVE-2014-3670)\n\nMultiple buffer overflow flaws were found in the way PHP parsed DNS\nresponses. A malicious DNS server or a man-in-the-middle attacker could\nuse these flaws to crash or, possibly, execute arbitrary code with the\nprivileges of a PHP application that uses the dns_get_record() function.\n(CVE-2014-4049, CVE-2014-3597)\n\nMultiple denial of service flaws were found in the File Information\n(fileinfo) extension. A remote attacker could use these flaws to cause a\nPHP application using fileinfo to consume an excessive amount of CPU and\npossibly crash. (CVE-2013-7345, CVE-2014-0237, CVE-2014-0238,\nCVE-2014-1943, CVE-2014-3538)\n\nMultiple boundary check flaws were found in the File Information\n(fileinfo) extension. A remote attacker could use these flaws to cause a\nPHP application using fileinfo to crash. (CVE-2014-0207, CVE-2014-2270,\nCVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3587,\nCVE-2014-3710)\n\nA type confusion issue was found in PHP's phpinfo() function. A malicious\nscript author could possibly use this flaw to disclose certain portions of\nserver memory. (CVE-2014-4721)\n\nA type confusion issue was found in the SPL ArrayObject and\nSPLObjectStorage classes' unserialize() method. A remote attacker able to\nsubmit specially crafted input to a PHP application, which would then\nunserialize this input using one of the aforementioned methods, could use\nthis flaw to execute arbitrary code with the privileges of the user running\nthat PHP application. (CVE-2014-3515)\n\nTwo use-after-free flaws were found in the way PHP handled certain Standard\nPHP Library (SPL) Iterators and ArrayIterators. A malicious script author\ncould possibly use either of these flaws to disclose certain portions of\nserver memory. (CVE-2014-4670, CVE-2014-4698)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nIt was found that PHP's gd extension did not properly handle file names\nwith a null character. A remote attacker could possibly use this flaw to\nmake a PHP application access unexpected files and bypass intended file\nsystem access restrictions. (CVE-2014-5120)\n\nA NULL pointer dereference flaw was found in the gdImageCreateFromXpm()\nfunction of PHP's gd extension. A remote attacker could use this flaw to\ncrash a PHP application using gd via a specially crafted X PixMap (XPM)\nfile. (CVE-2014-2497)\n\nA buffer over-read flaw was found in the way the DateInterval class parsed\ninterval specifications. An attacker able to make a PHP application parse a\nspecially crafted specification using DateInterval could possibly cause the\nPHP interpreter to crash. (CVE-2013-6712)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed\ndates in the ISO 8601 format. A specially crafted XML-RPC request or\nresponse could possibly cause a PHP application to crash. (CVE-2014-3668)\n\nThe CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-3478,\nCVE-2014-3479, CVE-2014-3480, CVE-2014-3487, and CVE-2014-3710 issues were\ndiscovered by Francisco Alonso of Red Hat Product Security; the\nCVE-2014-3538 issue was discovered by Jan Kalu\u017ea of the Red Hat Web Stack\nTeam; the CVE-2014-3597 issue was discovered by David Kut\u00e1lek of Red Hat\nBaseOS QE.\n\nAll php54-php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd service must be restarted for the update to\ntake effect.\n", "modified": "2018-06-13T01:28:16", "published": "2014-10-30T04:00:00", "id": "RHSA-2014:1765", "href": "https://access.redhat.com/errata/RHSA-2014:1765", "type": "redhat", "title": "(RHSA-2014:1765) Important: php54-php security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:57", "bulletinFamily": "unix", "cvelist": ["CVE-2013-7345", "CVE-2013-7327", "CVE-2013-4113", "CVE-2011-4718", "CVE-2013-4248", "CVE-2013-3735", "CVE-2014-0237", "CVE-2014-1943", "CVE-2013-1643", "CVE-2013-2110", "CVE-2013-4636", "CVE-2014-4670", "CVE-2014-3981", "CVE-2013-1824", "CVE-2013-4635", "CVE-2014-5120", "CVE-2014-3597", "CVE-2013-7226", "CVE-2014-2270", "CVE-2014-4049", "CVE-2013-6420", "CVE-2014-2497", "CVE-2013-1635", "CVE-2014-0185", "CVE-2013-6712", "CVE-2014-0238"], "description": "### Background\n\nPHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. \n\n### Description\n\nMultiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA context-dependent attacker can cause arbitrary code execution, create a Denial of Service condition, read or write arbitrary files, impersonate other servers, hijack a web session, or have other unspecified impact. Additionally, a local attacker could gain escalated privileges. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll PHP 5.5 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-5.5.16\"\n \n\nAll PHP 5.4 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-5.4.32\"\n \n\nAll PHP 5.3 users should upgrade to the latest version. This release marks the end of life of the PHP 5.3 series. Future releases of this series are not planned. All PHP 5.3 users are encouraged to upgrade to the current stable version of PHP 5.5 or previous stable version of PHP 5.4, which are supported till at least 2016 and 2015 respectively. \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-5.3.29\"", "edition": 1, "modified": "2015-08-22T00:00:00", "published": "2014-08-29T00:00:00", "id": "GLSA-201408-11", "href": "https://security.gentoo.org/glsa/201408-11", "type": "gentoo", "title": "PHP: Multiple vulnerabilities", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}