{"id": "SOL15866", "type": "f5", "bulletinFamily": "software", "title": "SOL15866 - Multiple PHP vulnerabilities CVE-2014-3668, CVE-2014-3669, and CVE-2014-3670", "description": "Recommended Action\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "published": "2014-11-26T00:00:00", "modified": "2014-11-26T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "http://support.f5.com/kb/en-us/solutions/public/15000/800/sol15866.html", "reporter": "f5", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "immutableFields": [], "lastseen": "2016-09-26T17:23:10", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2014-434", "ALAS-2014-435"]}, {"type": "centos", "idList": ["CESA-2014:1767", "CESA-2014:1768", "CESA-2014:1824"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-2228", "CPAI-2014-2265"]}, {"type": "cve", "idList": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"]}, {"type": "debian", "idList": ["DEBIAN:DLA-94-1:92D05", "DEBIAN:DSA-3064-1:BB7D1", "DEBIAN:DSA-3064-1:C51AD"]}, {"type": "fedora", "idList": ["FEDORA:27DD261EADCB", "FEDORA:3079E60D68D9", "FEDORA:EE5BE60DC923"]}, {"type": "gentoo", "idList": ["GLSA-201411-04"]}, {"type": "hackerone", "idList": ["H1:104011", "H1:104012"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/AMAZON-LINUX-AMI-ALAS-2014-434/", "MSF:ILITIES/SUSE-CVE-2014-3668/"]}, {"type": "nessus", "idList": ["700510.PRM", "8557.PRM", "8563.PRM", "ALA_ALAS-2014-434.NASL", "ALA_ALAS-2014-435.NASL", "CENTOS_RHSA-2014-1767.NASL", "CENTOS_RHSA-2014-1768.NASL", "CENTOS_RHSA-2014-1824.NASL", "DEBIAN_DLA-94.NASL", "DEBIAN_DSA-3064.NASL", "EULEROS_SA-2019-1543.NASL", "EULEROS_SA-2019-1544.NASL", "GENTOO_GLSA-201411-04.NASL", "MACOSX_10_10_3.NASL", "MACOSX_SECUPD2015-004.NASL", "MANDRIVA_MDVSA-2014-202.NASL", "MANDRIVA_MDVSA-2015-080.NASL", "OPENSUSE-2014-636.NASL", "OPENSUSE-2014-645.NASL", "ORACLELINUX_ELSA-2014-1767.NASL", "ORACLELINUX_ELSA-2014-1768.NASL", "ORACLELINUX_ELSA-2014-1824.NASL", "PHP_5_4_34.NASL", "PHP_5_5_18.NASL", "PHP_5_6_2.NASL", "REDHAT-RHSA-2014-1767.NASL", "REDHAT-RHSA-2014-1768.NASL", "REDHAT-RHSA-2014-1824.NASL", "REDHAT-RHSA-2015-0021.NASL", "SLACKWARE_SSA_2014-307-03.NASL", "SL_20141030_PHP53_ON_SL5_X.NASL", "SL_20141030_PHP_ON_SL6_X.NASL", "SL_20141106_PHP_ON_SL5_X.NASL", "SUSE_11_APACHE2-MOD_PHP53-141028.NASL", "SUSE_SU-2014-1497-1.NASL", "SUSE_SU-2016-1638-1.NASL", "UBUNTU_USN-2391-1.NASL", "WEB_APPLICATION_SCANNING_98809"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120347", "OPENVAS:1361412562310120348", "OPENVAS:1361412562310121279", "OPENVAS:1361412562310123257", "OPENVAS:1361412562310123262", "OPENVAS:1361412562310123264", "OPENVAS:1361412562310703064", "OPENVAS:1361412562310805409", "OPENVAS:1361412562310842016", "OPENVAS:1361412562310868424", "OPENVAS:1361412562310868436", "OPENVAS:1361412562310871281", "OPENVAS:1361412562310871283", "OPENVAS:1361412562310871287", "OPENVAS:1361412562310882072", "OPENVAS:1361412562310882073", "OPENVAS:1361412562310882074", "OPENVAS:1361412562310882077", "OPENVAS:1361412562311220191543", "OPENVAS:1361412562311220191544", "OPENVAS:703064"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-1767", "ELSA-2014-1768", "ELSA-2014-1824", "ELSA-2015-1135"]}, {"type": "redhat", "idList": ["RHSA-2014:1765", "RHSA-2014:1766", "RHSA-2014:1767", "RHSA-2014:1768", "RHSA-2014:1824", "RHSA-2015:0021"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31310", "SECURITYVULNS:DOC:31326", "SECURITYVULNS:DOC:31890", "SECURITYVULNS:VULN:14056", "SECURITYVULNS:VULN:14366"]}, {"type": "slackware", "idList": ["SSA-2014-307-03"]}, {"type": "suse", "idList": ["SUSE-SU-2016:1638-1"]}, {"type": "threatpost", "idList": ["THREATPOST:24B2243A9CE72574CE8C218BC61048D9"]}, {"type": "ubuntu", "idList": ["USN-2391-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-3668", "UB:CVE-2014-3669", "UB:CVE-2014-3670"]}], "rev": 4}, "score": {"value": 6.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2014-434"]}, {"type": "centos", "idList": ["CESA-2014:1767", "CESA-2014:1768", "CESA-2014:1824"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2014-2228"]}, {"type": "cve", "idList": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"]}, {"type": "debian", "idList": ["DEBIAN:DLA-94-1:92D05"]}, {"type": "fedora", "idList": ["FEDORA:27DD261EADCB"]}, {"type": "gentoo", "idList": ["GLSA-201411-04"]}, {"type": "hackerone", "idList": ["H1:104012"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/SUSE-CVE-2014-3668/"]}, {"type": "nessus", "idList": ["ALA_ALAS-2014-434.NASL", "EULEROS_SA-2019-1543.NASL", "ORACLELINUX_ELSA-2014-1824.NASL", "SUSE_SU-2014-1497-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703064", "OPENVAS:1361412562310882072", "OPENVAS:1361412562310882073", "OPENVAS:1361412562311220191544", "OPENVAS:703064"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-1767"]}, {"type": "redhat", "idList": ["RHSA-2014:1766", "RHSA-2014:1824"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31890"]}, {"type": "suse", "idList": ["SUSE-SU-2016:1638-1"]}, {"type": "threatpost", "idList": ["THREATPOST:24B2243A9CE72574CE8C218BC61048D9"]}, {"type": "ubuntu", "idList": ["USN-2391-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-3669", "UB:CVE-2014-3670"]}]}, "exploitation": null, "vulnersScore": 6.2}, "affectedSoftware": [], "_state": {"dependencies": 1647589307, "score": 0}}

{"nessus": [{"lastseen": "2021-08-19T12:29:00", "description": "php5 was updated to fix three security issues.\n\nThe following security issues were fixed :\n\n - xmlrpc ISO8601 date format parsing out-of-bounds read in mkgmtime() (CVE-2014-3668).\n\n - integer overflow in unserialize() (CVE-2014-3669).\n\n - heap corruption issue in exif_thumbnail() (CVE-2014-3670).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : php5 (SUSE-SU-2014:1497-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_php5", "p-cpe:/a:novell:suse_linux:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:suse_linux:php5", "p-cpe:/a:novell:suse_linux:php5-bcmath", "p-cpe:/a:novell:suse_linux:php5-bcmath-debuginfo", "p-cpe:/a:novell:suse_linux:php5-bz2", "p-cpe:/a:novell:suse_linux:php5-bz2-debuginfo", "p-cpe:/a:novell:suse_linux:php5-calendar", "p-cpe:/a:novell:suse_linux:php5-calendar-debuginfo", "p-cpe:/a:novell:suse_linux:php5-ctype", "p-cpe:/a:novell:suse_linux:php5-ctype-debuginfo", "p-cpe:/a:novell:suse_linux:php5-curl", "p-cpe:/a:novell:suse_linux:php5-curl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-dba", "p-cpe:/a:novell:suse_linux:php5-dba-debuginfo", "p-cpe:/a:novell:suse_linux:php5-debuginfo", "p-cpe:/a:novell:suse_linux:php5-debugsource", "p-cpe:/a:novell:suse_linux:php5-dom", "p-cpe:/a:novell:suse_linux:php5-dom-debuginfo", "p-cpe:/a:novell:suse_linux:php5-enchant", "p-cpe:/a:novell:suse_linux:php5-enchant-debuginfo", "p-cpe:/a:novell:suse_linux:php5-exif", "p-cpe:/a:novell:suse_linux:php5-exif-debuginfo", "p-cpe:/a:novell:suse_linux:php5-fastcgi", "p-cpe:/a:novell:suse_linux:php5-fastcgi-debuginfo", "p-cpe:/a:novell:suse_linux:php5-fileinfo", "p-cpe:/a:novell:suse_linux:php5-fileinfo-debuginfo", "p-cpe:/a:novell:suse_linux:php5-fpm", "p-cpe:/a:novell:suse_linux:php5-fpm-debuginfo", "p-cpe:/a:novell:suse_linux:php5-ftp", "p-cpe:/a:novell:suse_linux:php5-ftp-debuginfo", "p-cpe:/a:novell:suse_linux:php5-gd", "p-cpe:/a:novell:suse_linux:php5-gd-debuginfo", "p-cpe:/a:novell:suse_linux:php5-gettext", "p-cpe:/a:novell:suse_linux:php5-gettext-debuginfo", "p-cpe:/a:novell:suse_linux:php5-gmp", "p-cpe:/a:novell:suse_linux:php5-gmp-debuginfo", "p-cpe:/a:novell:suse_linux:php5-iconv", "p-cpe:/a:novell:suse_linux:php5-iconv-debuginfo", "p-cpe:/a:novell:suse_linux:php5-intl", "p-cpe:/a:novell:suse_linux:php5-intl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-json", "p-cpe:/a:novell:suse_linux:php5-json-debuginfo", "p-cpe:/a:novell:suse_linux:php5-ldap", "p-cpe:/a:novell:suse_linux:php5-ldap-debuginfo", "p-cpe:/a:novell:suse_linux:php5-mbstring", "p-cpe:/a:novell:suse_linux:php5-mbstring-debuginfo", "p-cpe:/a:novell:suse_linux:php5-mcrypt", "p-cpe:/a:novell:suse_linux:php5-mcrypt-debuginfo", "p-cpe:/a:novell:suse_linux:php5-mysql", "p-cpe:/a:novell:suse_linux:php5-mysql-debuginfo", "p-cpe:/a:novell:suse_linux:php5-odbc", "p-cpe:/a:novell:suse_linux:php5-odbc-debuginfo", "p-cpe:/a:novell:suse_linux:php5-openssl", "p-cpe:/a:novell:suse_linux:php5-openssl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pcntl", "p-cpe:/a:novell:suse_linux:php5-pcntl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pdo", "p-cpe:/a:novell:suse_linux:php5-pdo-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pgsql", "p-cpe:/a:novell:suse_linux:php5-pgsql-debuginfo", "p-cpe:/a:novell:suse_linux:php5-pspell", "p-cpe:/a:novell:suse_linux:php5-pspell-debuginfo", "p-cpe:/a:novell:suse_linux:php5-shmop", "p-cpe:/a:novell:suse_linux:php5-shmop-debuginfo", "p-cpe:/a:novell:suse_linux:php5-snmp", "p-cpe:/a:novell:suse_linux:php5-snmp-debuginfo", "p-cpe:/a:novell:suse_linux:php5-soap", "p-cpe:/a:novell:suse_linux:php5-soap-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sockets", "p-cpe:/a:novell:suse_linux:php5-sockets-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sqlite", "p-cpe:/a:novell:suse_linux:php5-sqlite-debuginfo", "p-cpe:/a:novell:suse_linux:php5-suhosin", "p-cpe:/a:novell:suse_linux:php5-suhosin-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sysvmsg", "p-cpe:/a:novell:suse_linux:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sysvsem", "p-cpe:/a:novell:suse_linux:php5-sysvsem-debuginfo", "p-cpe:/a:novell:suse_linux:php5-sysvshm", "p-cpe:/a:novell:suse_linux:php5-sysvshm-debuginfo", "p-cpe:/a:novell:suse_linux:php5-tokenizer", "p-cpe:/a:novell:suse_linux:php5-tokenizer-debuginfo", "p-cpe:/a:novell:suse_linux:php5-wddx", "p-cpe:/a:novell:suse_linux:php5-wddx-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xmlreader", "p-cpe:/a:novell:suse_linux:php5-xmlreader-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xmlrpc", "p-cpe:/a:novell:suse_linux:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xmlwriter", "p-cpe:/a:novell:suse_linux:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:suse_linux:php5-xsl", "p-cpe:/a:novell:suse_linux:php5-xsl-debuginfo", "p-cpe:/a:novell:suse_linux:php5-zip", "p-cpe:/a:novell:suse_linux:php5-zip-debuginfo", "p-cpe:/a:novell:suse_linux:php5-zlib", "p-cpe:/a:novell:suse_linux:php5-zlib-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2014-1497-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119958", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2014:1497-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119958);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n script_bugtraq_id(70611, 70665, 70666);\n\n script_name(english:\"SUSE SLES12 Security Update : php5 (SUSE-SU-2014:1497-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"php5 was updated to fix three security issues.\n\nThe following security issues were fixed :\n\n - xmlrpc ISO8601 date format parsing out-of-bounds read in\n mkgmtime() (CVE-2014-3668).\n\n - integer overflow in unserialize() (CVE-2014-3669).\n\n - heap corruption issue in exif_thumbnail()\n (CVE-2014-3670).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=902357\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=902360\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=902368\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-3668/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-3669/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-3670/\"\n );\n # https://www.suse.com/support/update/announcement/2014/suse-su-20141497-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?95edb29b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2014-80\n\nSUSE Linux Enterprise Module for Web Scripting 12 :\n\nzypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2014-80\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"apache2-mod_php5-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"apache2-mod_php5-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-bcmath-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-bcmath-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-bz2-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-bz2-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-calendar-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-calendar-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ctype-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ctype-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-curl-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-curl-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-dba-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-dba-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-debugsource-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-dom-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-dom-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-enchant-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-enchant-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-exif-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-exif-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fastcgi-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fastcgi-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fileinfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fileinfo-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fpm-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-fpm-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ftp-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ftp-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gd-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gd-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gettext-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gettext-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gmp-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-gmp-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-iconv-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-iconv-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-intl-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-intl-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-json-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-json-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ldap-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-ldap-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mbstring-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mbstring-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mcrypt-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mcrypt-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mysql-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-mysql-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-odbc-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-odbc-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-openssl-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-openssl-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pcntl-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pcntl-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pdo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pdo-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pgsql-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pgsql-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pspell-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-pspell-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-shmop-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-shmop-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-snmp-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-snmp-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-soap-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-soap-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sockets-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sockets-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sqlite-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sqlite-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-suhosin-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-suhosin-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvmsg-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvmsg-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvsem-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvsem-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvshm-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-sysvshm-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-tokenizer-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-tokenizer-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-wddx-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-wddx-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlreader-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlreader-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlrpc-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlrpc-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlwriter-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xmlwriter-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xsl-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-xsl-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-zip-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-zip-debuginfo-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-zlib-5.5.14-7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"php5-zlib-debuginfo-5.5.14-7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php5\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:47:45", "description": "The remote host is affected by the vulnerability described in GLSA-201411-04 (PHP: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A context-dependent attacker can possibly execute arbitrary code or create a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2014-11-10T00:00:00", "type": "nessus", "title": "GLSA-201411-04 : PHP: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:php", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201411-04.NASL", "href": "https://www.tenable.com/plugins/nessus/79080", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201411-04.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79080);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n script_bugtraq_id(70611, 70665, 70666);\n script_xref(name:\"GLSA\", value:\"201411-04\");\n\n script_name(english:\"GLSA-201411-04 : PHP: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201411-04\n(PHP: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PHP. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A context-dependent attacker can possibly execute arbitrary code or\n create a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201411-04\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All PHP 5.5 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.5.18'\n All PHP 5.4 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.4.34'\n All PHP 5.3 users should upgrade to the latest version. This release\n marks the end of life of the PHP 5.3 series. Future releases of this\n series are not planned. All PHP 5.3 users are encouraged to upgrade to\n the current stable version of PHP 5.5 or previous stable version of PHP\n 5.4, which are supported till at least 2016 and 2015 respectively.\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.3.29'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-lang/php\", unaffected:make_list(\"ge 5.5.18\", \"rge 5.4.34\", \"rge 5.3.29\", \"rge 5.4.36\", \"rge 5.4.37\", \"rge 5.4.38\", \"rge 5.4.39\", \"rge 5.4.35\", \"rge 5.4.40\", \"rge 5.4.41\", \"rge 5.4.42\", \"rge 5.4.43\", \"rge 5.4.44\", \"rge 5.4.45\", \"rge 5.4.46\"), vulnerable:make_list(\"lt 5.5.18\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"PHP\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T01:47:25", "description": "An out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669)\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application.\n(CVE-2014-3670)", "cvss3": {"score": null, "vector": null}, "published": "2014-11-03T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : php55 (ALAS-2014-435)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php55", "p-cpe:/a:amazon:linux:php55-bcmath", "p-cpe:/a:amazon:linux:php55-cli", "p-cpe:/a:amazon:linux:php55-common", "p-cpe:/a:amazon:linux:php55-dba", "p-cpe:/a:amazon:linux:php55-debuginfo", "p-cpe:/a:amazon:linux:php55-devel", "p-cpe:/a:amazon:linux:php55-embedded", "p-cpe:/a:amazon:linux:php55-enchant", "p-cpe:/a:amazon:linux:php55-fpm", "p-cpe:/a:amazon:linux:php55-gd", "p-cpe:/a:amazon:linux:php55-gmp", "p-cpe:/a:amazon:linux:php55-imap", "p-cpe:/a:amazon:linux:php55-intl", "p-cpe:/a:amazon:linux:php55-ldap", "p-cpe:/a:amazon:linux:php55-mbstring", "p-cpe:/a:amazon:linux:php55-mcrypt", "p-cpe:/a:amazon:linux:php55-mssql", "p-cpe:/a:amazon:linux:php55-mysqlnd", "p-cpe:/a:amazon:linux:php55-odbc", "p-cpe:/a:amazon:linux:php55-opcache", "p-cpe:/a:amazon:linux:php55-pdo", "p-cpe:/a:amazon:linux:php55-pgsql", "p-cpe:/a:amazon:linux:php55-process", "p-cpe:/a:amazon:linux:php55-pspell", "p-cpe:/a:amazon:linux:php55-recode", "p-cpe:/a:amazon:linux:php55-snmp", "p-cpe:/a:amazon:linux:php55-soap", "p-cpe:/a:amazon:linux:php55-tidy", "p-cpe:/a:amazon:linux:php55-xml", "p-cpe:/a:amazon:linux:php55-xmlrpc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2014-435.NASL", "href": "https://www.tenable.com/plugins/nessus/78778", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-435.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78778);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n script_xref(name:\"ALAS\", value:\"2014-435\");\n\n script_name(english:\"Amazon Linux AMI : php55 (ALAS-2014-435)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An out of bounds read flaw was found in the way the xmlrpc extension\nparsed dates in the ISO 8601 format. A specially crafted XML-RPC\nrequest or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-435.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php55' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php55-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php55-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-bcmath-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-cli-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-common-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-dba-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-debuginfo-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-devel-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-embedded-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-enchant-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-fpm-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-gd-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-gmp-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-imap-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-intl-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-ldap-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mbstring-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mcrypt-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mssql-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-mysqlnd-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-odbc-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-opcache-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-pdo-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-pgsql-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-process-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-pspell-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-recode-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-snmp-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-soap-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-tidy-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-xml-5.5.18-1.92.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php55-xmlrpc-5.5.18-1.92.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php55 / php55-bcmath / php55-cli / php55-common / php55-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T14:10:55", "description": "16 Oct 2014, PHP 5.5.18\n\nCore :\n\n - Fixed bug #67985 (Incorrect last used array index copied to new array after unset). (Tjerk)\n\n - Fixed bug #67739 (Windows 8.1/Server 2012 R2 OS build number reported as 6.2 (instead of 6.3)). (Christian Wenz)\n\n - Fixed bug #67633 (A foreach on an array returned from a function not doing copy-on-write). (Nikita)\n\n - Fixed bug #51800 (proc_open on Windows hangs forever).\n (Anatol)\n\n - Fixed bug #68044 (Integer overflow in unserialize() (32-bits only)). (CVE-2014-3669) (Stas)\n\ncURL :\n\n - Fixed bug #68089 (NULL byte injection - cURL lib).\n (Stas)\n\nEXIF :\n\n - Fixed bug #68113 (Heap corruption in exif_thumbnail()).\n (CVE-2014-3670) (Stas)\n\nFPM :\n\n - Fixed bug #65641 (PHP-FPM incorrectly defines the SCRIPT_NAME variable when using Apache, mod_proxy-fcgi and ProxyPass). (Remi)\n\nOpenSSL :\n\n - Revert regression introduced by fix of bug #41631\n\nReflection :\n\n - Fixed bug #68103 (Duplicate entry in Reflection for class alias). (Remi)\n\nSession :\n\n - Fixed bug #67972 (SessionHandler Invalid memory read create_sid()). (Adam)\n\nXMLRPC :\n\n - Fixed bug #68027 (Global buffer overflow in mkgmtime() function). (CVE-2014-3668) (Stas)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-10-29T00:00:00", "type": "nessus", "title": "Fedora 19 : php-5.5.18-1.fc19 (2014-13031)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php", "cpe:/o:fedoraproject:fedora:19"], "id": "FEDORA_2014-13031.NASL", "href": "https://www.tenable.com/plugins/nessus/78708", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-13031.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78708);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(61128, 61776, 61929, 64225, 67118, 70611, 70665, 70666);\n script_xref(name:\"FEDORA\", value:\"2014-13031\");\n\n script_name(english:\"Fedora 19 : php-5.5.18-1.fc19 (2014-13031)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"16 Oct 2014, PHP 5.5.18\n\nCore :\n\n - Fixed bug #67985 (Incorrect last used array index copied\n to new array after unset). (Tjerk)\n\n - Fixed bug #67739 (Windows 8.1/Server 2012 R2 OS build\n number reported as 6.2 (instead of 6.3)). (Christian\n Wenz)\n\n - Fixed bug #67633 (A foreach on an array returned from\n a function not doing copy-on-write). (Nikita)\n\n - Fixed bug #51800 (proc_open on Windows hangs forever).\n (Anatol)\n\n - Fixed bug #68044 (Integer overflow in unserialize()\n (32-bits only)). (CVE-2014-3669) (Stas)\n\ncURL :\n\n - Fixed bug #68089 (NULL byte injection - cURL lib).\n (Stas)\n\nEXIF :\n\n - Fixed bug #68113 (Heap corruption in exif_thumbnail()).\n (CVE-2014-3670) (Stas)\n\nFPM :\n\n - Fixed bug #65641 (PHP-FPM incorrectly defines the\n SCRIPT_NAME variable when using Apache, mod_proxy-fcgi\n and ProxyPass). (Remi)\n\nOpenSSL :\n\n - Revert regression introduced by fix of bug #41631\n\nReflection :\n\n - Fixed bug #68103 (Duplicate entry in Reflection for\n class alias). (Remi)\n\nSession :\n\n - Fixed bug #67972 (SessionHandler Invalid memory read\n create_sid()). (Adam)\n\nXMLRPC :\n\n - Fixed bug #68027 (Global buffer overflow in mkgmtime()\n function). (CVE-2014-3668) (Stas)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-October/141404.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5e1b1b90\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"php-5.5.18-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T14:11:38", "description": "16 Oct 2014, PHP 5.6.2\n\nCore :\n\n - Fixed bug #68044 (Integer overflow in unserialize() (32-bits only)). (CVE-2014-3669) (Stas)\n\ncURL :\n\n - Fixed bug #68089 (NULL byte injection - cURL lib).\n (Stas)\n\nEXIF :\n\n - Fixed bug #68113 (Heap corruption in exif_thumbnail()).\n (CVE-2014-3670) (Stas)\n\nXMLRPC :\n\n - Fixed bug #68027 (Global buffer overflow in mkgmtime() function). (CVE-2014-3668) (Stas)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-11-03T00:00:00", "type": "nessus", "title": "Fedora 21 : php-5.6.2-1.fc21 (2014-12983)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2014-12983.NASL", "href": "https://www.tenable.com/plugins/nessus/78803", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-12983.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78803);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(70611, 70665, 70666);\n script_xref(name:\"FEDORA\", value:\"2014-12983\");\n\n script_name(english:\"Fedora 21 : php-5.6.2-1.fc21 (2014-12983)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"16 Oct 2014, PHP 5.6.2\n\nCore :\n\n - Fixed bug #68044 (Integer overflow in unserialize()\n (32-bits only)). (CVE-2014-3669) (Stas)\n\ncURL :\n\n - Fixed bug #68089 (NULL byte injection - cURL lib).\n (Stas)\n\nEXIF :\n\n - Fixed bug #68113 (Heap corruption in exif_thumbnail()).\n (CVE-2014-3670) (Stas)\n\nXMLRPC :\n\n - Fixed bug #68027 (Global buffer overflow in mkgmtime()\n function). (CVE-2014-3668) (Stas)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-November/142132.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?50dff14e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"php-5.6.2-1.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T14:10:48", "description": "According to its banner, the version of PHP 5.6.x installed on the remote host is prior to 5.6.2. It is, therefore, affected by the following vulnerabilities :\n\n - A buffer overflow error exists in the function 'mkgmtime' that can allow application crashes or arbitrary code execution. (CVE-2014-3668)\n\n - An integer overflow error exists in the function 'unserialize' that can allow denial of service attacks.\n Note that this only affects 32-bit instances.\n (CVE-2014-3669)\n\n - A heap corruption error exists in the function 'exif_thumbnail' that can allow application crashes or arbitrary code execution. (CVE-2014-3670)\n\n - An input-validation error exists in the cURL extension's file 'ext/curl/interface.c' and NULL option handling that can allow information disclosure. (Bug #68089)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2014-10-17T00:00:00", "type": "nessus", "title": "PHP 5.6.x < 5.6.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_6_2.NASL", "href": "https://www.tenable.com/plugins/nessus/78547", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78547);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n script_bugtraq_id(70611, 70665, 70666);\n\n script_name(english:\"PHP 5.6.x < 5.6.2 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.6.x installed on the\nremote host is prior to 5.6.2. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - A buffer overflow error exists in the function\n 'mkgmtime' that can allow application crashes or\n arbitrary code execution. (CVE-2014-3668)\n\n - An integer overflow error exists in the function\n 'unserialize' that can allow denial of service attacks.\n Note that this only affects 32-bit instances.\n (CVE-2014-3669)\n\n - A heap corruption error exists in the function\n 'exif_thumbnail' that can allow application crashes or\n arbitrary code execution. (CVE-2014-3670)\n\n - An input-validation error exists in the cURL extension's\n file 'ext/curl/interface.c' and NULL option handling\n that can allow information disclosure. (Bug #68089)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/ChangeLog-5.php#5.6.2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.6.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3669\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.6)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.6\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.6.x\", port);\n\nif (version =~ \"^5\\.6\\.[01]($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version +\n '\\n Fixed version : 5.6.2' + \n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T14:11:00", "description": "According to its banner, the version of PHP 5.4.x installed on the remote host is prior to 5.4.34. It is, therefore, affected by the following vulnerabilities :\n\n - A buffer overflow error exists in the function 'mkgmtime' that can allow application crashes or arbitrary code execution. (CVE-2014-3668)\n\n - An integer overflow error exists in the function 'unserialize' that can allow denial of service attacks.\n Note that this only affects 32-bit instances.\n (CVE-2014-3669)\n\n - A heap corruption error exists in the function 'exif_thumbnail' that can allow application crashes or arbitrary code execution. (CVE-2014-3670)\n\n - An input-validation error exists in the cURL extension's file 'ext/curl/interface.c' and NULL option handling that can allow information disclosure. (Bug #68089)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2014-10-17T00:00:00", "type": "nessus", "title": "PHP 5.4.x < 5.4.34 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_4_34.NASL", "href": "https://www.tenable.com/plugins/nessus/78545", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78545);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n script_bugtraq_id(70611, 70665, 70666);\n\n script_name(english:\"PHP 5.4.x < 5.4.34 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.4.x installed on the\nremote host is prior to 5.4.34. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - A buffer overflow error exists in the function\n 'mkgmtime' that can allow application crashes or\n arbitrary code execution. (CVE-2014-3668)\n\n - An integer overflow error exists in the function\n 'unserialize' that can allow denial of service attacks.\n Note that this only affects 32-bit instances.\n (CVE-2014-3669)\n\n - A heap corruption error exists in the function\n 'exif_thumbnail' that can allow application crashes or\n arbitrary code execution. (CVE-2014-3670)\n\n - An input-validation error exists in the cURL extension's\n file 'ext/curl/interface.c' and NULL option handling\n that can allow information disclosure. (Bug #68089)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/ChangeLog-5.php#5.4.34\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.4.34 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3669\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.4)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.4\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.4.x\", port);\n\nif (version =~ \"^5\\.4\\.([0-9]|[12][0-9]|3[0-3])($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version +\n '\\n Fixed version : 5.4.34' + \n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T14:11:15", "description": "According to its banner, the version of PHP 5.5.x installed on the remote host is prior to 5.5.18. It is, therefore, affected by the following vulnerabilities :\n\n - A buffer overflow error exists in the function 'mkgmtime' that can allow application crashes or arbitrary code execution. (CVE-2014-3668)\n\n - An integer overflow error exists in the function 'unserialize' that can allow denial of service attacks.\n Note that this only affects 32-bit instances.\n (CVE-2014-3669)\n\n - A heap corruption error exists in the function 'exif_thumbnail' that can allow application crashes or arbitrary code execution. (CVE-2014-3670)\n\n - An input-validation error exists in the cURL extension's file 'ext/curl/interface.c' and NULL option handling that can allow information disclosure. (Bug #68089)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2014-10-17T00:00:00", "type": "nessus", "title": "PHP 5.5.x < 5.5.18 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_5_18.NASL", "href": "https://www.tenable.com/plugins/nessus/78546", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78546);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n script_bugtraq_id(70611, 70665, 70666);\n\n script_name(english:\"PHP 5.5.x < 5.5.18 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP 5.5.x installed on the\nremote host is prior to 5.5.18. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - A buffer overflow error exists in the function\n 'mkgmtime' that can allow application crashes or\n arbitrary code execution. (CVE-2014-3668)\n\n - An integer overflow error exists in the function\n 'unserialize' that can allow denial of service attacks.\n Note that this only affects 32-bit instances.\n (CVE-2014-3669)\n\n - A heap corruption error exists in the function\n 'exif_thumbnail' that can allow application crashes or\n arbitrary code execution. (CVE-2014-3670)\n\n - An input-validation error exists in the cURL extension's\n file 'ext/curl/interface.c' and NULL option handling\n that can allow information disclosure. (Bug #68089)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/ChangeLog-5.php#5.5.18\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.5.18 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3669\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported) audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.5)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.5\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.5.x\", port);\n\nif (version =~ \"^5\\.5\\.([0-9]|1[0-7])($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version +\n '\\n Fixed version : 5.5.18' + \n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-16T14:10:17", "description": "16 Oct 2014, PHP 5.5.18\n\nCore :\n\n - Fixed bug #67985 (Incorrect last used array index copied to new array after unset). (Tjerk)\n\n - Fixed bug #67739 (Windows 8.1/Server 2012 R2 OS build number reported as 6.2 (instead of 6.3)). (Christian Wenz)\n\n - Fixed bug #67633 (A foreach on an array returned from a function not doing copy-on-write). (Nikita)\n\n - Fixed bug #51800 (proc_open on Windows hangs forever).\n (Anatol)\n\n - Fixed bug #68044 (Integer overflow in unserialize() (32-bits only)). (CVE-2014-3669) (Stas)\n\ncURL :\n\n - Fixed bug #68089 (NULL byte injection - cURL lib).\n (Stas)\n\nEXIF :\n\n - Fixed bug #68113 (Heap corruption in exif_thumbnail()).\n (CVE-2014-3670) (Stas)\n\nFPM :\n\n - Fixed bug #65641 (PHP-FPM incorrectly defines the SCRIPT_NAME variable when using Apache, mod_proxy-fcgi and ProxyPass). (Remi)\n\nOpenSSL :\n\n - Revert regression introduced by fix of bug #41631\n\nReflection :\n\n - Fixed bug #68103 (Duplicate entry in Reflection for class alias). (Remi)\n\nSession :\n\n - Fixed bug #67972 (SessionHandler Invalid memory read create_sid()). (Adam)\n\nXMLRPC :\n\n - Fixed bug #68027 (Global buffer overflow in mkgmtime() function). (CVE-2014-3668) (Stas)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-10-24T00:00:00", "type": "nessus", "title": "Fedora 20 : php-5.5.18-1.fc20 (2014-13013)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:php", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-13013.NASL", "href": "https://www.tenable.com/plugins/nessus/78661", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-13013.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78661);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(64225, 67118, 70611, 70665, 70666);\n script_xref(name:\"FEDORA\", value:\"2014-13013\");\n\n script_name(english:\"Fedora 20 : php-5.5.18-1.fc20 (2014-13013)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"16 Oct 2014, PHP 5.5.18\n\nCore :\n\n - Fixed bug #67985 (Incorrect last used array index copied\n to new array after unset). (Tjerk)\n\n - Fixed bug #67739 (Windows 8.1/Server 2012 R2 OS build\n number reported as 6.2 (instead of 6.3)). (Christian\n Wenz)\n\n - Fixed bug #67633 (A foreach on an array returned from\n a function not doing copy-on-write). (Nikita)\n\n - Fixed bug #51800 (proc_open on Windows hangs forever).\n (Anatol)\n\n - Fixed bug #68044 (Integer overflow in unserialize()\n (32-bits only)). (CVE-2014-3669) (Stas)\n\ncURL :\n\n - Fixed bug #68089 (NULL byte injection - cURL lib).\n (Stas)\n\nEXIF :\n\n - Fixed bug #68113 (Heap corruption in exif_thumbnail()).\n (CVE-2014-3670) (Stas)\n\nFPM :\n\n - Fixed bug #65641 (PHP-FPM incorrectly defines the\n SCRIPT_NAME variable when using Apache, mod_proxy-fcgi\n and ProxyPass). (Remi)\n\nOpenSSL :\n\n - Revert regression introduced by fix of bug #41631\n\nReflection :\n\n - Fixed bug #68103 (Duplicate entry in Reflection for\n class alias). (Remi)\n\nSession :\n\n - Fixed bug #67972 (SessionHandler Invalid memory read\n create_sid()). (Adam)\n\nXMLRPC :\n\n - Fixed bug #68027 (Global buffer overflow in mkgmtime()\n function). (CVE-2014-3668) (Stas)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-October/141349.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?023c6872\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"php-5.5.18-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:48:04", "description": "Versions earlier than 5.6.2, 5.5.18, and 5.4.34 are exposed to the following issues :\n\n - An array indexing flaw in the 'date_from_ISO8601()' function in ext/xmlrpc/libxmlrpc/xmlrpc.c could be used to disclose memory content (CVE-2014-3668)\n\n - A memory corruption vulnerability when processing thumbnails in the 'exif_ifd_make_value()' function of ext/exif/exif.c could potentially crash the system or be a vector for remote code execution (CVE-2014-3670)\n\n - An integer overflow condition in the 'object_custom()' function in ext/standard/var_unserializer.re can cause a crash (CVE-2014-3669)\n\n - Memory content disclosure in ext/curl/interface.c when handling NULL bytes ('\\0') in cURL options.", "cvss3": {"score": 7.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2014-10-21T00:00:00", "type": "nessus", "title": "PHP 5.4.x < 5.4.34 / 5.5.x < 5.5.18 / 5.6.x < 5.6.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "8563.PRM", "href": "https://www.tenable.com/plugins/nnm/8563", "sourceData": "Binary data 8563.prm", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:47:59", "description": "- security update :\n\n - CVE-2014-3670 [bnc#902357]\n\n - CVE-2014-3669 [bnc#902360]\n\n - CVE-2014-3668 [bnc#902368]\n\n - added patches :\n\n - php-CVE-2014-3670.patch\n\n - php-CVE-2014-3669.patch\n\n - php-CVE-2014-3668.patch", "cvss3": {"score": null, "vector": null}, "published": "2014-11-11T00:00:00", "type": "nessus", "title": "openSUSE Security Update : php5 (openSUSE-SU-2014:1377-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:php5-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:php5-curl-debuginfo", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-dba-debuginfo", "p-cpe:/a:novell:opensuse:php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-debugsource", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-dom-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-exif-debuginfo", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php5-firebird", "p-cpe:/a:novell:opensuse:php5-firebird-debuginfo", "p-cpe:/a:novell:opensuse:php5-fpm", "p-cpe:/a:novell:opensuse:php5-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-gd-debuginfo", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-imap-debuginfo", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-intl-debuginfo", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-json-debuginfo", "p-cpe:/a:novell:opensuse:php5-ldap", "p-cpe:/a:novell:opensuse:php5-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo", "p-cpe:/a:novell:opensuse:php5-mssql", "p-cpe:/a:novell:opensuse:php5-mssql-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-pdo-debuginfo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-phar-debuginfo", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-posix-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-pspell-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-readline-debuginfo", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-soap-debuginfo", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-zip-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib", "p-cpe:/a:novell:opensuse:php5-zlib-debuginfo", "cpe:/o:novell:opensuse:12.3", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2014-636.NASL", "href": "https://www.tenable.com/plugins/nessus/79102", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-636.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79102);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n\n script_name(english:\"openSUSE Security Update : php5 (openSUSE-SU-2014:1377-1)\");\n script_summary(english:\"Check for the openSUSE-2014-636 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - security update :\n\n - CVE-2014-3670 [bnc#902357]\n\n - CVE-2014-3669 [bnc#902360]\n\n - CVE-2014-3668 [bnc#902368]\n\n - added patches :\n\n - php-CVE-2014-3670.patch\n\n - php-CVE-2014-3669.patch\n\n - php-CVE-2014-3668.patch\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=902357\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=902360\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=902368\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-11/msg00024.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-mod_php5-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"apache2-mod_php5-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bcmath-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bcmath-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bz2-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-bz2-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-calendar-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-calendar-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ctype-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ctype-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-curl-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-curl-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dba-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dba-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-debugsource-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-devel-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dom-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-dom-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-enchant-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-enchant-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-exif-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-exif-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fastcgi-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fastcgi-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fileinfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fileinfo-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fpm-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-fpm-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ftp-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ftp-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gd-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gd-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gettext-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gettext-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gmp-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-gmp-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-iconv-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-iconv-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-imap-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-imap-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-intl-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-intl-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-json-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-json-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ldap-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-ldap-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mbstring-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mbstring-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mcrypt-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mcrypt-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mssql-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mssql-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mysql-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-mysql-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-odbc-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-odbc-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-openssl-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-openssl-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pcntl-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pcntl-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pdo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pdo-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pear-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pgsql-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pgsql-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-phar-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-phar-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-posix-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-posix-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pspell-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-pspell-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-readline-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-readline-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-shmop-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-shmop-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-snmp-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-snmp-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-soap-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-soap-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sockets-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sockets-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sqlite-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sqlite-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-suhosin-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-suhosin-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvmsg-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvmsg-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvsem-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvsem-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvshm-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-sysvshm-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tidy-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tidy-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tokenizer-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-tokenizer-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-wddx-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-wddx-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlreader-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlreader-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlrpc-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlrpc-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlwriter-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xmlwriter-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xsl-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-xsl-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zip-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zip-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zlib-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"php5-zlib-debuginfo-5.3.17-3.38.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"apache2-mod_php5-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"apache2-mod_php5-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bcmath-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bcmath-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bz2-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-bz2-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-calendar-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-calendar-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ctype-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ctype-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-curl-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-curl-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dba-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dba-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-debugsource-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-devel-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dom-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-dom-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-enchant-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-enchant-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-exif-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-exif-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fastcgi-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fastcgi-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fileinfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fileinfo-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-firebird-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-firebird-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fpm-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-fpm-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ftp-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ftp-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gd-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gd-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gettext-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gettext-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gmp-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-gmp-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-iconv-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-iconv-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-imap-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-imap-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-intl-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-intl-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-json-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-json-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ldap-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-ldap-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mbstring-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mbstring-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mcrypt-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mcrypt-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mssql-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mssql-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mysql-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-mysql-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-odbc-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-odbc-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-openssl-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-openssl-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pcntl-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pcntl-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pdo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pdo-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pear-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pgsql-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pgsql-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-phar-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-phar-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-posix-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-posix-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pspell-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-pspell-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-readline-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-readline-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-shmop-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-shmop-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-snmp-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-snmp-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-soap-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-soap-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sockets-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sockets-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sqlite-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sqlite-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-suhosin-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-suhosin-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvmsg-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvmsg-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvsem-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvsem-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvshm-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-sysvshm-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tidy-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tidy-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tokenizer-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-tokenizer-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-wddx-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-wddx-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlreader-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlreader-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlrpc-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlrpc-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlwriter-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xmlwriter-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xsl-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-xsl-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zip-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zip-debuginfo-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zlib-5.4.20-34.3\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"php5-zlib-debuginfo-5.4.20-34.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:10:27", "description": "According to its banner, the version of PHP 5.6.x installed on the remote host is prior to 5.6.2. It is, therefore, affected by the following vulnerabilities :\n\n - A buffer overflow error exists in the function 'mkgmtime' that can allow application crashes or arbitrary code execution. (CVE-2014-3668)\n\n - An integer overflow error exists in the function 'unserialize' that can allow denial of service attacks. Note that this only affects 32-bit instances. (CVE-2014-3669)\n\n - A heap corruption error exists in the function 'exif_thumbnail' that can allow application crashes or arbitrary code execution. (CVE-2014-3670)\n\n - An input-validation error exists in the cURL extension's file 'ext/curl/interface.c' and NULL option handling that can allow information disclosure. (Bug #68089)\n\nNote that the scanner has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-01-09T00:00:00", "type": "nessus", "title": "PHP 5.6.x < 5.6.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98809", "href": "https://www.tenable.com/plugins/was/98809", "sourceData": "No source data", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:48:02", "description": "- security update :\n\n - CVE-2014-3670 [bnc#902357]\n\n - CVE-2014-3669 [bnc#902360]\n\n - CVE-2014-3668 [bnc#902368]\n\n - added patches :\n\n - php-CVE-2014-3670.patch\n\n - php-CVE-2014-3669.patch\n\n - php-CVE-2014-3668.patch", "cvss3": {"score": null, "vector": null}, "published": "2014-11-12T00:00:00", "type": "nessus", "title": "openSUSE Security Update : php5 (openSUSE-SU-2014:1391-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:php5-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:php5-curl-debuginfo", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-dba-debuginfo", "p-cpe:/a:novell:opensuse:php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-debugsource", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-dom-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-exif-debuginfo", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php5-firebird", "p-cpe:/a:novell:opensuse:php5-firebird-debuginfo", "p-cpe:/a:novell:opensuse:php5-fpm", "p-cpe:/a:novell:opensuse:php5-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-gd-debuginfo", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-imap-debuginfo", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-intl-debuginfo", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-json-debuginfo", "p-cpe:/a:novell:opensuse:php5-ldap", "p-cpe:/a:novell:opensuse:php5-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo", "p-cpe:/a:novell:opensuse:php5-mssql", "p-cpe:/a:novell:opensuse:php5-mssql-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php5-opcache", "p-cpe:/a:novell:opensuse:php5-opcache-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-pdo-debuginfo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-phar-debuginfo", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-posix-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-pspell-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-readline-debuginfo", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-soap-debuginfo", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-zip-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib", "p-cpe:/a:novell:opensuse:php5-zlib-debuginfo", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2014-645.NASL", "href": "https://www.tenable.com/plugins/nessus/79198", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-645.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79198);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n\n script_name(english:\"openSUSE Security Update : php5 (openSUSE-SU-2014:1391-1)\");\n script_summary(english:\"Check for the openSUSE-2014-645 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - security update :\n\n - CVE-2014-3670 [bnc#902357]\n\n - CVE-2014-3669 [bnc#902360]\n\n - CVE-2014-3668 [bnc#902368]\n\n - added patches :\n\n - php-CVE-2014-3670.patch\n\n - php-CVE-2014-3669.patch\n\n - php-CVE-2014-3668.patch\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=902357\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=902360\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=902368\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-11/msg00034.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-firebird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-opcache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"apache2-mod_php5-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"apache2-mod_php5-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bcmath-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bcmath-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bz2-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-bz2-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-calendar-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-calendar-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ctype-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ctype-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-curl-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-curl-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dba-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dba-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-debugsource-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-devel-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dom-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-dom-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-enchant-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-enchant-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-exif-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-exif-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fastcgi-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fastcgi-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fileinfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fileinfo-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-firebird-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-firebird-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fpm-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-fpm-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ftp-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ftp-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gd-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gd-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gettext-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gettext-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gmp-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-gmp-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-iconv-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-iconv-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-imap-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-imap-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-intl-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-intl-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-json-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-json-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ldap-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-ldap-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mbstring-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mbstring-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mcrypt-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mcrypt-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mssql-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mssql-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mysql-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-mysql-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-odbc-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-odbc-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-opcache-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-opcache-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-openssl-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-openssl-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pcntl-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pcntl-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pdo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pdo-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pear-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pgsql-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pgsql-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-phar-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-phar-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-posix-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-posix-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pspell-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-pspell-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-readline-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-readline-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-shmop-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-shmop-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-snmp-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-snmp-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-soap-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-soap-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sockets-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sockets-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sqlite-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sqlite-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-suhosin-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-suhosin-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvmsg-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvmsg-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvsem-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvsem-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvshm-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-sysvshm-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tidy-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tidy-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tokenizer-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-tokenizer-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-wddx-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-wddx-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlreader-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlreader-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlrpc-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlrpc-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlwriter-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xmlwriter-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xsl-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-xsl-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zip-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zip-debuginfo-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zlib-5.6.1-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"php5-zlib-debuginfo-5.6.1-4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T01:47:44", "description": "An out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669)\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application.\n(CVE-2014-3670)", "cvss3": {"score": null, "vector": null}, "published": "2014-11-03T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : php54 (ALAS-2014-434)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:php54", "p-cpe:/a:amazon:linux:php54-bcmath", "p-cpe:/a:amazon:linux:php54-cli", "p-cpe:/a:amazon:linux:php54-common", "p-cpe:/a:amazon:linux:php54-dba", "p-cpe:/a:amazon:linux:php54-debuginfo", "p-cpe:/a:amazon:linux:php54-devel", "p-cpe:/a:amazon:linux:php54-embedded", "p-cpe:/a:amazon:linux:php54-enchant", "p-cpe:/a:amazon:linux:php54-fpm", "p-cpe:/a:amazon:linux:php54-gd", "p-cpe:/a:amazon:linux:php54-imap", "p-cpe:/a:amazon:linux:php54-intl", "p-cpe:/a:amazon:linux:php54-ldap", "p-cpe:/a:amazon:linux:php54-mbstring", "p-cpe:/a:amazon:linux:php54-mcrypt", "p-cpe:/a:amazon:linux:php54-mssql", "p-cpe:/a:amazon:linux:php54-mysql", "p-cpe:/a:amazon:linux:php54-mysqlnd", "p-cpe:/a:amazon:linux:php54-odbc", "p-cpe:/a:amazon:linux:php54-pdo", "p-cpe:/a:amazon:linux:php54-pgsql", "p-cpe:/a:amazon:linux:php54-process", "p-cpe:/a:amazon:linux:php54-pspell", "p-cpe:/a:amazon:linux:php54-recode", "p-cpe:/a:amazon:linux:php54-snmp", "p-cpe:/a:amazon:linux:php54-soap", "p-cpe:/a:amazon:linux:php54-tidy", "p-cpe:/a:amazon:linux:php54-xml", "p-cpe:/a:amazon:linux:php54-xmlrpc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2014-434.NASL", "href": "https://www.tenable.com/plugins/nessus/78777", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-434.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78777);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n script_xref(name:\"ALAS\", value:\"2014-434\");\n\n script_name(english:\"Amazon Linux AMI : php54 (ALAS-2014-434)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An out of bounds read flaw was found in the way the xmlrpc extension\nparsed dates in the ISO 8601 format. A specially crafted XML-RPC\nrequest or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-434.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php54' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php54-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php54-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-bcmath-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-cli-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-common-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-dba-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-debuginfo-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-devel-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-embedded-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-enchant-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-fpm-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-gd-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-imap-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-intl-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-ldap-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mbstring-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mcrypt-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mssql-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mysql-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-mysqlnd-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-odbc-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-pdo-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-pgsql-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-process-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-pspell-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-recode-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-snmp-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-soap-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-tidy-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-xml-5.4.34-1.62.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php54-xmlrpc-5.4.34-1.62.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php54 / php54-bcmath / php54-cli / php54-common / php54-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:48:10", "description": "New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-11-04T00:00:00", "type": "nessus", "title": "Slackware 14.0 / 14.1 / current : php (SSA:2014-307-03)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:php", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1"], "id": "SLACKWARE_SSA_2014-307-03.NASL", "href": "https://www.tenable.com/plugins/nessus/78831", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2014-307-03. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78831);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n script_bugtraq_id(70611, 70665, 70666);\n script_xref(name:\"SSA\", value:\"2014-307-03\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / current : php (SSA:2014-307-03)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New php packages are available for Slackware 14.0, 14.1, and -current\nto fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.403317\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7563d939\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"php\", pkgver:\"5.4.34\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.4.34\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"php\", pkgver:\"5.4.34\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.4.34\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"php\", pkgver:\"5.4.34\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.4.34\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:47:49", "description": "This update fixes the following vulnerabilities in php :\n\n - Heap corruption issue in exif_thumbnail().\n (CVE-2014-3670)\n\n - Integer overflow in unserialize(). (CVE-2014-3669)\n\n - Xmlrpc ISO8601 date format parsing out-of-bounds read in mkgmtime(). (CVE-2014-3668)", "cvss3": {"score": null, "vector": null}, "published": "2014-11-18T00:00:00", "type": "nessus", "title": "SuSE 11.3 Security Update : php53 (SAT Patch Number 9916)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:apache2-mod_php53", "p-cpe:/a:novell:suse_linux:11:php53", "p-cpe:/a:novell:suse_linux:11:php53-bcmath", "p-cpe:/a:novell:suse_linux:11:php53-bz2", "p-cpe:/a:novell:suse_linux:11:php53-calendar", "p-cpe:/a:novell:suse_linux:11:php53-ctype", "p-cpe:/a:novell:suse_linux:11:php53-curl", "p-cpe:/a:novell:suse_linux:11:php53-dba", "p-cpe:/a:novell:suse_linux:11:php53-dom", "p-cpe:/a:novell:suse_linux:11:php53-exif", "p-cpe:/a:novell:suse_linux:11:php53-fastcgi", "p-cpe:/a:novell:suse_linux:11:php53-fileinfo", "p-cpe:/a:novell:suse_linux:11:php53-ftp", "p-cpe:/a:novell:suse_linux:11:php53-gd", "p-cpe:/a:novell:suse_linux:11:php53-gettext", "p-cpe:/a:novell:suse_linux:11:php53-gmp", "p-cpe:/a:novell:suse_linux:11:php53-iconv", "p-cpe:/a:novell:suse_linux:11:php53-intl", "p-cpe:/a:novell:suse_linux:11:php53-json", "p-cpe:/a:novell:suse_linux:11:php53-ldap", "p-cpe:/a:novell:suse_linux:11:php53-mbstring", "p-cpe:/a:novell:suse_linux:11:php53-mcrypt", "p-cpe:/a:novell:suse_linux:11:php53-mysql", "p-cpe:/a:novell:suse_linux:11:php53-odbc", "p-cpe:/a:novell:suse_linux:11:php53-openssl", "p-cpe:/a:novell:suse_linux:11:php53-pcntl", "p-cpe:/a:novell:suse_linux:11:php53-pdo", "p-cpe:/a:novell:suse_linux:11:php53-pear", "p-cpe:/a:novell:suse_linux:11:php53-pgsql", "p-cpe:/a:novell:suse_linux:11:php53-pspell", "p-cpe:/a:novell:suse_linux:11:php53-shmop", "p-cpe:/a:novell:suse_linux:11:php53-snmp", "p-cpe:/a:novell:suse_linux:11:php53-soap", "p-cpe:/a:novell:suse_linux:11:php53-suhosin", "p-cpe:/a:novell:suse_linux:11:php53-sysvmsg", "p-cpe:/a:novell:suse_linux:11:php53-sysvsem", "p-cpe:/a:novell:suse_linux:11:php53-sysvshm", "p-cpe:/a:novell:suse_linux:11:php53-tokenizer", "p-cpe:/a:novell:suse_linux:11:php53-wddx", "p-cpe:/a:novell:suse_linux:11:php53-xmlreader", "p-cpe:/a:novell:suse_linux:11:php53-xmlrpc", "p-cpe:/a:novell:suse_linux:11:php53-xmlwriter", "p-cpe:/a:novell:suse_linux:11:php53-xsl", "p-cpe:/a:novell:suse_linux:11:php53-zip", "p-cpe:/a:novell:suse_linux:11:php53-zlib", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_APACHE2-MOD_PHP53-141028.NASL", "href": "https://www.tenable.com/plugins/nessus/79307", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79307);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n\n script_name(english:\"SuSE 11.3 Security Update : php53 (SAT Patch Number 9916)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following vulnerabilities in php :\n\n - Heap corruption issue in exif_thumbnail().\n (CVE-2014-3670)\n\n - Integer overflow in unserialize(). (CVE-2014-3669)\n\n - Xmlrpc ISO8601 date format parsing out-of-bounds read in\n mkgmtime(). (CVE-2014-3668)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=902357\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=902360\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=902368\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-3668.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-3669.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-3670.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 9916.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-mod_php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"apache2-mod_php53-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-bcmath-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-bz2-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-calendar-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-ctype-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-curl-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-dba-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-dom-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-exif-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-fastcgi-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-fileinfo-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-ftp-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-gd-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-gettext-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-gmp-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-iconv-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-intl-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-json-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-ldap-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-mbstring-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-mcrypt-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-mysql-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-odbc-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-openssl-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pcntl-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pdo-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pear-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pgsql-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-pspell-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-shmop-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-snmp-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-soap-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-suhosin-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-sysvmsg-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-sysvsem-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-sysvshm-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-tokenizer-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-wddx-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xmlreader-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xmlrpc-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xmlwriter-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-xsl-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-zip-5.3.17-0.31.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"php53-zlib-5.3.17-0.31.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:48:07", "description": "Updated php53 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information (fileinfo) extension parsed Executable and Linkable Format (ELF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file.\n(CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat Product Security.\n\nAll php53 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-10-31T00:00:00", "type": "nessus", "title": "RHEL 5 : php53 (RHSA-2014:1768)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:php53", "p-cpe:/a:redhat:enterprise_linux:php53-bcmath", "p-cpe:/a:redhat:enterprise_linux:php53-cli", "p-cpe:/a:redhat:enterprise_linux:php53-common", "p-cpe:/a:redhat:enterprise_linux:php53-dba", "p-cpe:/a:redhat:enterprise_linux:php53-debuginfo", "p-cpe:/a:redhat:enterprise_linux:php53-devel", "p-cpe:/a:redhat:enterprise_linux:php53-gd", "p-cpe:/a:redhat:enterprise_linux:php53-imap", "p-cpe:/a:redhat:enterprise_linux:php53-intl", "p-cpe:/a:redhat:enterprise_linux:php53-ldap", "p-cpe:/a:redhat:enterprise_linux:php53-mbstring", "p-cpe:/a:redhat:enterprise_linux:php53-mysql", "p-cpe:/a:redhat:enterprise_linux:php53-odbc", "p-cpe:/a:redhat:enterprise_linux:php53-pdo", "p-cpe:/a:redhat:enterprise_linux:php53-pgsql", "p-cpe:/a:redhat:enterprise_linux:php53-process", "p-cpe:/a:redhat:enterprise_linux:php53-pspell", "p-cpe:/a:redhat:enterprise_linux:php53-snmp", "p-cpe:/a:redhat:enterprise_linux:php53-soap", "p-cpe:/a:redhat:enterprise_linux:php53-xml", "p-cpe:/a:redhat:enterprise_linux:php53-xmlrpc", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2014-1768.NASL", "href": "https://www.tenable.com/plugins/nessus/78760", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1768. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78760);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n script_bugtraq_id(70611, 70665, 70666, 70807);\n script_xref(name:\"RHSA\", value:\"2014:1768\");\n\n script_name(english:\"RHEL 5 : php53 (RHSA-2014:1768)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php53 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information\n(fileinfo) extension parsed Executable and Linkable Format (ELF)\nfiles. A remote attacker could use this flaw to crash a PHP\napplication using fileinfo via a specially crafted ELF file.\n(CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension\nparsed dates in the ISO 8601 format. A specially crafted XML-RPC\nrequest or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat\nProduct Security.\n\nAll php53 users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling the updated packages, the httpd daemon must be restarted\nfor the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3668\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3670\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:1768\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:1768\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-bcmath-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-bcmath-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-bcmath-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-cli-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-cli-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-cli-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-common-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-common-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-common-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-dba-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-dba-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-dba-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-debuginfo-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-debuginfo-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-debuginfo-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-devel-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-devel-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-devel-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-gd-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-gd-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-gd-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-imap-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-imap-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-imap-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-intl-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-intl-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-intl-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-ldap-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-ldap-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-ldap-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-mbstring-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-mbstring-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-mbstring-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-mysql-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-mysql-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-mysql-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-odbc-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-odbc-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-odbc-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-pdo-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-pdo-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-pdo-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-pgsql-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-pgsql-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-pgsql-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-process-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-process-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-process-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-pspell-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-pspell-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-pspell-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-snmp-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-snmp-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-snmp-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-soap-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-soap-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-soap-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-xml-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-xml-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-xml-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-xmlrpc-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-xmlrpc-5.3.3-26.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-xmlrpc-5.3.3-26.el5_11\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53 / php53-bcmath / php53-cli / php53-common / php53-dba / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:48:17", "description": "A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information (fileinfo) extension parsed Executable and Linkable Format (ELF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file.\n(CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat Product Security.\n\nAfter installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-11-04T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : php on SL6.x, SL7.x i386/x86_64 (20141030)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:php", "p-cpe:/a:fermilab:scientific_linux:php-bcmath", "p-cpe:/a:fermilab:scientific_linux:php-cli", "p-cpe:/a:fermilab:scientific_linux:php-common", "p-cpe:/a:fermilab:scientific_linux:php-dba", "p-cpe:/a:fermilab:scientific_linux:php-debuginfo", "p-cpe:/a:fermilab:scientific_linux:php-devel", "p-cpe:/a:fermilab:scientific_linux:php-embedded", "p-cpe:/a:fermilab:scientific_linux:php-enchant", "p-cpe:/a:fermilab:scientific_linux:php-fpm", "p-cpe:/a:fermilab:scientific_linux:php-gd", "p-cpe:/a:fermilab:scientific_linux:php-imap", "p-cpe:/a:fermilab:scientific_linux:php-intl", "p-cpe:/a:fermilab:scientific_linux:php-ldap", "p-cpe:/a:fermilab:scientific_linux:php-mbstring", "p-cpe:/a:fermilab:scientific_linux:php-mysql", "p-cpe:/a:fermilab:scientific_linux:php-mysqlnd", "p-cpe:/a:fermilab:scientific_linux:php-odbc", "p-cpe:/a:fermilab:scientific_linux:php-pdo", "p-cpe:/a:fermilab:scientific_linux:php-pgsql", "p-cpe:/a:fermilab:scientific_linux:php-process", "p-cpe:/a:fermilab:scientific_linux:php-pspell", "p-cpe:/a:fermilab:scientific_linux:php-recode", "p-cpe:/a:fermilab:scientific_linux:php-snmp", "p-cpe:/a:fermilab:scientific_linux:php-soap", "p-cpe:/a:fermilab:scientific_linux:php-tidy", "p-cpe:/a:fermilab:scientific_linux:php-xml", "p-cpe:/a:fermilab:scientific_linux:php-xmlrpc", "p-cpe:/a:fermilab:scientific_linux:php-zts", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20141030_PHP_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/78853", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78853);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n\n script_name(english:\"Scientific Linux Security Update : php on SL6.x, SL7.x i386/x86_64 (20141030)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information\n(fileinfo) extension parsed Executable and Linkable Format (ELF)\nfiles. A remote attacker could use this flaw to crash a PHP\napplication using fileinfo via a specially crafted ELF file.\n(CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension\nparsed dates in the ISO 8601 format. A specially crafted XML-RPC\nrequest or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat\nProduct Security.\n\nAfter installing the updated packages, the httpd daemon must be\nrestarted for the update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1411&L=scientific-linux-errata&T=0&P=79\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6b1b1326\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-zts\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"php-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-bcmath-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-cli-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-common-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-dba-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-debuginfo-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-devel-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-embedded-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-enchant-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-fpm-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-gd-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-imap-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-intl-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-ldap-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-mbstring-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-mysql-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-odbc-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-pdo-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-pgsql-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-process-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-pspell-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-recode-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-snmp-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-soap-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-tidy-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-xml-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-xmlrpc-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-zts-5.3.3-40.el6_6\")) flag++;\n\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-bcmath-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-cli-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-common-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-dba-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-debuginfo-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-devel-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-embedded-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-enchant-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-fpm-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-gd-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-intl-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-ldap-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-mbstring-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-mysql-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-mysqlnd-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-odbc-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-pdo-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-pgsql-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-process-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-pspell-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-recode-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-snmp-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-soap-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-xml-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.4.16-23.el7_0.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:48:21", "description": "From Red Hat Security Advisory 2014:1767 :\n\nUpdated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information (fileinfo) extension parsed Executable and Linkable Format (ELF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file.\n(CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat Product Security.\n\nAll php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-10-31T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : php (ELSA-2014-1767)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:php", "p-cpe:/a:oracle:linux:php-bcmath", "p-cpe:/a:oracle:linux:php-cli", "p-cpe:/a:oracle:linux:php-common", "p-cpe:/a:oracle:linux:php-dba", "p-cpe:/a:oracle:linux:php-devel", "p-cpe:/a:oracle:linux:php-embedded", "p-cpe:/a:oracle:linux:php-enchant", "p-cpe:/a:oracle:linux:php-fpm", "p-cpe:/a:oracle:linux:php-gd", "p-cpe:/a:oracle:linux:php-imap", "p-cpe:/a:oracle:linux:php-intl", "p-cpe:/a:oracle:linux:php-ldap", "p-cpe:/a:oracle:linux:php-mbstring", "p-cpe:/a:oracle:linux:php-mysql", "p-cpe:/a:oracle:linux:php-mysqlnd", "p-cpe:/a:oracle:linux:php-odbc", "p-cpe:/a:oracle:linux:php-pdo", "p-cpe:/a:oracle:linux:php-pgsql", "p-cpe:/a:oracle:linux:php-process", "p-cpe:/a:oracle:linux:php-pspell", "p-cpe:/a:oracle:linux:php-recode", "p-cpe:/a:oracle:linux:php-snmp", "p-cpe:/a:oracle:linux:php-soap", "p-cpe:/a:oracle:linux:php-tidy", "p-cpe:/a:oracle:linux:php-xml", "p-cpe:/a:oracle:linux:php-xmlrpc", "p-cpe:/a:oracle:linux:php-zts", "cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2014-1767.NASL", "href": "https://www.tenable.com/plugins/nessus/78754", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:1767 and \n# Oracle Linux Security Advisory ELSA-2014-1767 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78754);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n script_bugtraq_id(70611, 70665, 70666, 70807);\n script_xref(name:\"RHSA\", value:\"2014:1767\");\n\n script_name(english:\"Oracle Linux 6 / 7 : php (ELSA-2014-1767)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:1767 :\n\nUpdated php packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information\n(fileinfo) extension parsed Executable and Linkable Format (ELF)\nfiles. A remote attacker could use this flaw to crash a PHP\napplication using fileinfo via a specially crafted ELF file.\n(CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension\nparsed dates in the ISO 8601 format. A specially crafted XML-RPC\nrequest or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat\nProduct Security.\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-October/004597.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-October/004598.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-zts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6 / 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"php-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-bcmath-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-cli-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-common-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-dba-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-devel-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-embedded-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-enchant-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-fpm-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-gd-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-imap-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-intl-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-ldap-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-mbstring-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-mysql-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-odbc-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-pdo-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-pgsql-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-process-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-pspell-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-recode-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-snmp-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-soap-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-tidy-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-xml-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-xmlrpc-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-zts-5.3.3-40.el6_6\")) flag++;\n\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-bcmath-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-cli-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-common-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-dba-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-devel-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-embedded-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-enchant-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-fpm-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-gd-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-intl-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-ldap-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-mbstring-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-mysql-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-mysqlnd-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-odbc-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-pdo-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-pgsql-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-process-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-pspell-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-recode-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-snmp-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-soap-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-xml-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.4.16-23.el7_0.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:48:17", "description": "Symeon Paraschoudis discovered that PHP incorrectly handled the mkgmtime function. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2014-3668)\n\nSymeon Paraschoudis discovered that PHP incorrectly handled unserializing objects. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service.\n(CVE-2014-3669)\n\nOtto Ebeling discovered that PHP incorrectly handled the exif_thumbnail function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-3670)\n\nFrancisco Alonso that PHP incorrectly handled ELF files in the fileinfo extension. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2014-3710)\n\nIt was discovered that PHP incorrectly handled NULL bytes when processing certain URLs with the curl functions. A remote attacker could possibly use this issue to bypass filename restrictions and obtain access to sensitive files. (No CVE number).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-10-31T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : php5 vulnerabilities (USN-2391-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5", "p-cpe:/a:canonical:ubuntu_linux:php5-cgi", "p-cpe:/a:canonical:ubuntu_linux:php5-cli", "p-cpe:/a:canonical:ubuntu_linux:php5-curl", "p-cpe:/a:canonical:ubuntu_linux:php5-fpm", "p-cpe:/a:canonical:ubuntu_linux:php5-xmlrpc", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:14.10"], "id": "UBUNTU_USN-2391-1.NASL", "href": "https://www.tenable.com/plugins/nessus/78761", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2391-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78761);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n script_xref(name:\"USN\", value:\"2391-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : php5 vulnerabilities (USN-2391-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Symeon Paraschoudis discovered that PHP incorrectly handled the\nmkgmtime function. A remote attacker could possibly use this issue to\ncause PHP to crash, resulting in a denial of service. (CVE-2014-3668)\n\nSymeon Paraschoudis discovered that PHP incorrectly handled\nunserializing objects. A remote attacker could possibly use this issue\nto cause PHP to crash, resulting in a denial of service.\n(CVE-2014-3669)\n\nOtto Ebeling discovered that PHP incorrectly handled the\nexif_thumbnail function. A remote attacker could use this issue to\ncause PHP to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. (CVE-2014-3670)\n\nFrancisco Alonso that PHP incorrectly handled ELF files in the\nfileinfo extension. A remote attacker could possibly use this issue to\ncause PHP to crash, resulting in a denial of service. (CVE-2014-3710)\n\nIt was discovered that PHP incorrectly handled NULL bytes when\nprocessing certain URLs with the curl functions. A remote attacker\ncould possibly use this issue to bypass filename restrictions and\nobtain access to sensitive files. (No CVE number).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2391-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|12\\.04|14\\.04|14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 14.04 / 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.3.2-1ubuntu4.28\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-cgi\", pkgver:\"5.3.2-1ubuntu4.28\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-cli\", pkgver:\"5.3.2-1ubuntu4.28\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-curl\", pkgver:\"5.3.2-1ubuntu4.28\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5-xmlrpc\", pkgver:\"5.3.2-1ubuntu4.28\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.3.10-1ubuntu3.15\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-cgi\", pkgver:\"5.3.10-1ubuntu3.15\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-cli\", pkgver:\"5.3.10-1ubuntu3.15\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-curl\", pkgver:\"5.3.10-1ubuntu3.15\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-fpm\", pkgver:\"5.3.10-1ubuntu3.15\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5-xmlrpc\", pkgver:\"5.3.10-1ubuntu3.15\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.5.9+dfsg-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-cgi\", pkgver:\"5.5.9+dfsg-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-cli\", pkgver:\"5.5.9+dfsg-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-curl\", pkgver:\"5.5.9+dfsg-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-fpm\", pkgver:\"5.5.9+dfsg-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"php5-xmlrpc\", pkgver:\"5.5.9+dfsg-1ubuntu4.5\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"libapache2-mod-php5\", pkgver:\"5.5.12+dfsg-2ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"php5-cgi\", pkgver:\"5.5.12+dfsg-2ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"php5-cli\", pkgver:\"5.5.12+dfsg-2ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"php5-curl\", pkgver:\"5.5.12+dfsg-2ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"php5-fpm\", pkgver:\"5.5.12+dfsg-2ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"php5-xmlrpc\", pkgver:\"5.5.12+dfsg-2ubuntu4.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libapache2-mod-php5 / php5-cgi / php5-cli / php5-curl / php5-fpm / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:46:35", "description": "CVE-2014-3668\n\nFix bug #68027 - fix date parsing in XMLRPC lib\n\nCVE-2014-3669\n\nFix bug #68044: Integer overflow in unserialize() (32-bits only)\n\nCVE-2014-3670\n\nFix bug #68113 (Heap corruption in exif_thumbnail())\n\nCVE-2014-3710\n\nFix bug #68283: fileinfo: out-of-bounds read in elf note headers\n\nAdditional bugfix\n\nFix null byte handling in LDAP bindings in ldap-fix.patch\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2015-03-26T00:00:00", "type": "nessus", "title": "Debian DLA-94-1 : php5 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libapache2-mod-php5", "p-cpe:/a:debian:debian_linux:libapache2-mod-php5filter", "p-cpe:/a:debian:debian_linux:php-pear", "p-cpe:/a:debian:debian_linux:php5", "p-cpe:/a:debian:debian_linux:php5-cgi", "p-cpe:/a:debian:debian_linux:php5-cli", "p-cpe:/a:debian:debian_linux:php5-common", "p-cpe:/a:debian:debian_linux:php5-curl", "p-cpe:/a:debian:debian_linux:php5-dbg", "p-cpe:/a:debian:debian_linux:php5-dev", "p-cpe:/a:debian:debian_linux:php5-enchant", "p-cpe:/a:debian:debian_linux:php5-gd", "p-cpe:/a:debian:debian_linux:php5-gmp", "p-cpe:/a:debian:debian_linux:php5-imap", "p-cpe:/a:debian:debian_linux:php5-interbase", "p-cpe:/a:debian:debian_linux:php5-intl", "p-cpe:/a:debian:debian_linux:php5-ldap", "p-cpe:/a:debian:debian_linux:php5-mcrypt", "p-cpe:/a:debian:debian_linux:php5-mysql", "p-cpe:/a:debian:debian_linux:php5-odbc", "p-cpe:/a:debian:debian_linux:php5-pgsql", "p-cpe:/a:debian:debian_linux:php5-pspell", "p-cpe:/a:debian:debian_linux:php5-recode", "p-cpe:/a:debian:debian_linux:php5-snmp", "p-cpe:/a:debian:debian_linux:php5-sqlite", "p-cpe:/a:debian:debian_linux:php5-sybase", "p-cpe:/a:debian:debian_linux:php5-tidy", "p-cpe:/a:debian:debian_linux:php5-xmlrpc", "p-cpe:/a:debian:debian_linux:php5-xsl", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-94.NASL", "href": "https://www.tenable.com/plugins/nessus/82239", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-94-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82239);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n script_bugtraq_id(70611, 70665, 70666, 70807);\n\n script_name(english:\"Debian DLA-94-1 : php5 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2014-3668\n\nFix bug #68027 - fix date parsing in XMLRPC lib\n\nCVE-2014-3669\n\nFix bug #68044: Integer overflow in unserialize() (32-bits only)\n\nCVE-2014-3670\n\nFix bug #68113 (Heap corruption in exif_thumbnail())\n\nCVE-2014-3710\n\nFix bug #68283: fileinfo: out-of-bounds read in elf note headers\n\nAdditional bugfix\n\nFix null byte handling in LDAP bindings in ldap-fix.patch\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2014/11/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/php5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache2-mod-php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libapache2-mod-php5filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-interbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-sybase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libapache2-mod-php5\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php-pear\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-cgi\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-cli\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-common\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-curl\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-dbg\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-dev\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-enchant\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-gd\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-gmp\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-imap\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-interbase\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-intl\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-ldap\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-mcrypt\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-mysql\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-odbc\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-pgsql\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-pspell\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-recode\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-snmp\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-sqlite\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-sybase\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-tidy\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-xmlrpc\", reference:\"5.3.3-7+squeeze23\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-xsl\", reference:\"5.3.3-7+squeeze23\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:47:44", "description": "Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. It has been decided to follow the stable 5.4.x releases for the Wheezy PHP packages. Consequently the vulnerabilities are addressed by upgrading PHP to a new upstream version 5.4.34, which includes additional bug fixes, new features and possibly incompatible changes. Please refer to the upstream changelog for more information :\n\n http://php.net/ChangeLog-5.php#5.4.34", "cvss3": {"score": null, "vector": null}, "published": "2014-11-05T00:00:00", "type": "nessus", "title": "Debian DSA-3064-1 : php5 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7345", "CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:php5", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3064.NASL", "href": "https://www.tenable.com/plugins/nessus/78861", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3064. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78861);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-7345\", \"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n script_bugtraq_id(70611, 70665, 70666);\n script_xref(name:\"DSA\", value:\"3064\");\n\n script_name(english:\"Debian DSA-3064-1 : php5 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. It has been\ndecided to follow the stable 5.4.x releases for the Wheezy PHP\npackages. Consequently the vulnerabilities are addressed by upgrading\nPHP to a new upstream version 5.4.34, which includes additional bug\nfixes, new features and possibly incompatible changes. Please refer to\nthe upstream changelog for more information :\n\n http://php.net/ChangeLog-5.php#5.4.34\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.4.34\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/php5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-3064\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the php5 packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 5.4.34-0+deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libapache2-mod-php5\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libphp5-embed\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php-pear\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-cgi\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-cli\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-common\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-curl\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-dbg\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-dev\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-enchant\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-fpm\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-gd\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-gmp\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-imap\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-interbase\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-intl\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-ldap\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-mcrypt\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-mysql\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-mysqlnd\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-odbc\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-pgsql\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-pspell\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-recode\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-snmp\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-sqlite\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-sybase\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-tidy\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-xmlrpc\", reference:\"5.4.34-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"php5-xsl\", reference:\"5.4.34-0+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:48:10", "description": "A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information (fileinfo) extension parsed Executable and Linkable Format (ELF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file.\n(CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nAfter installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-11-04T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : php53 on SL5.x i386/x86_64 (20141030)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:php53", "p-cpe:/a:fermilab:scientific_linux:php53-bcmath", "p-cpe:/a:fermilab:scientific_linux:php53-cli", "p-cpe:/a:fermilab:scientific_linux:php53-common", "p-cpe:/a:fermilab:scientific_linux:php53-dba", "p-cpe:/a:fermilab:scientific_linux:php53-debuginfo", "p-cpe:/a:fermilab:scientific_linux:php53-devel", "p-cpe:/a:fermilab:scientific_linux:php53-gd", "p-cpe:/a:fermilab:scientific_linux:php53-imap", "p-cpe:/a:fermilab:scientific_linux:php53-intl", "p-cpe:/a:fermilab:scientific_linux:php53-ldap", "p-cpe:/a:fermilab:scientific_linux:php53-mbstring", "p-cpe:/a:fermilab:scientific_linux:php53-mysql", "p-cpe:/a:fermilab:scientific_linux:php53-odbc", "p-cpe:/a:fermilab:scientific_linux:php53-pdo", "p-cpe:/a:fermilab:scientific_linux:php53-pgsql", "p-cpe:/a:fermilab:scientific_linux:php53-process", "p-cpe:/a:fermilab:scientific_linux:php53-pspell", "p-cpe:/a:fermilab:scientific_linux:php53-snmp", "p-cpe:/a:fermilab:scientific_linux:php53-soap", "p-cpe:/a:fermilab:scientific_linux:php53-xml", "p-cpe:/a:fermilab:scientific_linux:php53-xmlrpc", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20141030_PHP53_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/78852", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78852);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n\n script_name(english:\"Scientific Linux Security Update : php53 on SL5.x i386/x86_64 (20141030)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information\n(fileinfo) extension parsed Executable and Linkable Format (ELF)\nfiles. A remote attacker could use this flaw to crash a PHP\napplication using fileinfo via a specially crafted ELF file.\n(CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension\nparsed dates in the ISO 8601 format. A specially crafted XML-RPC\nrequest or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nAfter installing the updated packages, the httpd daemon must be\nrestarted for the update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1411&L=scientific-linux-errata&T=0&P=336\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?aed75678\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"php53-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-bcmath-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-cli-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-common-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-dba-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-debuginfo-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-devel-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-gd-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-imap-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-intl-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-ldap-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-mbstring-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-mysql-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-odbc-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-pdo-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-pgsql-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-process-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-pspell-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-snmp-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-soap-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-xml-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-xmlrpc-5.3.3-26.el5_11\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53 / php53-bcmath / php53-cli / php53-common / php53-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:48:11", "description": "Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information (fileinfo) extension parsed Executable and Linkable Format (ELF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file.\n(CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat Product Security.\n\nAll php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-11-03T00:00:00", "type": "nessus", "title": "CentOS 6 / 7 : php (CESA-2014:1767)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:php", "p-cpe:/a:centos:centos:php-bcmath", "p-cpe:/a:centos:centos:php-cli", "p-cpe:/a:centos:centos:php-common", "p-cpe:/a:centos:centos:php-dba", "p-cpe:/a:centos:centos:php-devel", "p-cpe:/a:centos:centos:php-embedded", "p-cpe:/a:centos:centos:php-enchant", "p-cpe:/a:centos:centos:php-fpm", "p-cpe:/a:centos:centos:php-gd", "p-cpe:/a:centos:centos:php-imap", "p-cpe:/a:centos:centos:php-intl", "p-cpe:/a:centos:centos:php-ldap", "p-cpe:/a:centos:centos:php-mbstring", "p-cpe:/a:centos:centos:php-mysql", "p-cpe:/a:centos:centos:php-mysqlnd", "p-cpe:/a:centos:centos:php-odbc", "p-cpe:/a:centos:centos:php-pdo", "p-cpe:/a:centos:centos:php-pgsql", "p-cpe:/a:centos:centos:php-process", "p-cpe:/a:centos:centos:php-pspell", "p-cpe:/a:centos:centos:php-recode", "p-cpe:/a:centos:centos:php-snmp", "p-cpe:/a:centos:centos:php-soap", "p-cpe:/a:centos:centos:php-tidy", "p-cpe:/a:centos:centos:php-xml", "p-cpe:/a:centos:centos:php-xmlrpc", "p-cpe:/a:centos:centos:php-zts", "cpe:/o:centos:centos:6", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2014-1767.NASL", "href": "https://www.tenable.com/plugins/nessus/78782", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1767 and \n# CentOS Errata and Security Advisory 2014:1767 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78782);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n script_bugtraq_id(70611, 70665, 70666, 70807);\n script_xref(name:\"RHSA\", value:\"2014:1767\");\n\n script_name(english:\"CentOS 6 / 7 : php (CESA-2014:1767)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information\n(fileinfo) extension parsed Executable and Linkable Format (ELF)\nfiles. A remote attacker could use this flaw to crash a PHP\napplication using fileinfo via a specially crafted ELF file.\n(CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension\nparsed dates in the ISO 8601 format. A specially crafted XML-RPC\nrequest or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat\nProduct Security.\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-October/020723.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4fc0e179\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-October/020726.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8e727a51\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3669\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-zts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x / 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-bcmath-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-cli-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-common-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-dba-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-devel-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-embedded-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-enchant-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-fpm-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-gd-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-imap-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-intl-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-ldap-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-mbstring-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-mysql-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-odbc-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-pdo-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-pgsql-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-process-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-pspell-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-recode-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-snmp-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-soap-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-tidy-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-xml-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-xmlrpc-5.3.3-40.el6_6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-zts-5.3.3-40.el6_6\")) flag++;\n\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-bcmath-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-cli-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-common-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-dba-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-devel-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-embedded-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-enchant-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-fpm-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-gd-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-intl-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-ldap-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-mbstring-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-mysql-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-mysqlnd-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-odbc-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-pdo-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-pgsql-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-process-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-pspell-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-recode-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-snmp-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-soap-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-xml-5.4.16-23.el7_0.3\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.4.16-23.el7_0.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:48:21", "description": "Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information (fileinfo) extension parsed Executable and Linkable Format (ELF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file.\n(CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat Product Security.\n\nAll php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-10-31T00:00:00", "type": "nessus", "title": "RHEL 6 / 7 : php (RHSA-2014:1767)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:php", "p-cpe:/a:redhat:enterprise_linux:php-bcmath", "p-cpe:/a:redhat:enterprise_linux:php-cli", "p-cpe:/a:redhat:enterprise_linux:php-common", "p-cpe:/a:redhat:enterprise_linux:php-dba", "p-cpe:/a:redhat:enterprise_linux:php-debuginfo", "p-cpe:/a:redhat:enterprise_linux:php-devel", "p-cpe:/a:redhat:enterprise_linux:php-embedded", "p-cpe:/a:redhat:enterprise_linux:php-enchant", "p-cpe:/a:redhat:enterprise_linux:php-fpm", "p-cpe:/a:redhat:enterprise_linux:php-gd", "p-cpe:/a:redhat:enterprise_linux:php-imap", "p-cpe:/a:redhat:enterprise_linux:php-intl", "p-cpe:/a:redhat:enterprise_linux:php-ldap", "p-cpe:/a:redhat:enterprise_linux:php-mbstring", "p-cpe:/a:redhat:enterprise_linux:php-mysql", "p-cpe:/a:redhat:enterprise_linux:php-mysqlnd", "p-cpe:/a:redhat:enterprise_linux:php-odbc", "p-cpe:/a:redhat:enterprise_linux:php-pdo", "p-cpe:/a:redhat:enterprise_linux:php-pgsql", "p-cpe:/a:redhat:enterprise_linux:php-process", "p-cpe:/a:redhat:enterprise_linux:php-pspell", "p-cpe:/a:redhat:enterprise_linux:php-recode", "p-cpe:/a:redhat:enterprise_linux:php-snmp", "p-cpe:/a:redhat:enterprise_linux:php-soap", "p-cpe:/a:redhat:enterprise_linux:php-tidy", "p-cpe:/a:redhat:enterprise_linux:php-xml", "p-cpe:/a:redhat:enterprise_linux:php-xmlrpc", "p-cpe:/a:redhat:enterprise_linux:php-zts", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.6", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2014-1767.NASL", "href": "https://www.tenable.com/plugins/nessus/78759", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1767. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78759);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n script_xref(name:\"RHSA\", value:\"2014:1767\");\n\n script_name(english:\"RHEL 6 / 7 : php (RHSA-2014:1767)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information\n(fileinfo) extension parsed Executable and Linkable Format (ELF)\nfiles. A remote attacker could use this flaw to crash a PHP\napplication using fileinfo via a specially crafted ELF file.\n(CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension\nparsed dates in the ISO 8601 format. A specially crafted XML-RPC\nrequest or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat\nProduct Security.\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:1767\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3668\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3670\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3710\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-zts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:1767\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-bcmath-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-bcmath-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-bcmath-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-cli-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-cli-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-cli-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-common-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-common-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-common-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-dba-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-dba-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-dba-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-debuginfo-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-debuginfo-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-debuginfo-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-devel-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-devel-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-devel-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-embedded-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-embedded-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-embedded-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-enchant-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-enchant-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-enchant-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-fpm-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-fpm-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-fpm-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-gd-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-gd-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-gd-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-imap-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-imap-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-imap-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-intl-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-intl-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-intl-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-ldap-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-ldap-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-ldap-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-mbstring-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-mbstring-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-mbstring-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-mysql-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-mysql-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-mysql-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-odbc-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-odbc-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-odbc-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-pdo-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-pdo-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-pdo-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-pgsql-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-pgsql-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-pgsql-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-process-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-process-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-process-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-pspell-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-pspell-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-pspell-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-recode-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-recode-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-recode-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-snmp-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-snmp-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-snmp-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-soap-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-soap-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-soap-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-tidy-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-tidy-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-tidy-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-xml-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-xml-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-xml-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-xmlrpc-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-xmlrpc-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-zts-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-zts-5.3.3-40.el6_6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-zts-5.3.3-40.el6_6\")) flag++;\n\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-bcmath-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-bcmath-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-cli-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-cli-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-common-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-common-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-dba-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-dba-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-debuginfo-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-debuginfo-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-devel-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-devel-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-embedded-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-embedded-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-enchant-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-enchant-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-fpm-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-fpm-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-gd-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-gd-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-intl-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-intl-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-ldap-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-ldap-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-mbstring-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-mbstring-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-mysql-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-mysql-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-mysqlnd-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-mysqlnd-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-odbc-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-odbc-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-pdo-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-pdo-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-pgsql-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-pgsql-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-process-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-process-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-pspell-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-pspell-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-recode-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-recode-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-snmp-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-snmp-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-soap-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-soap-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-xml-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-xml-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"php-xmlrpc-5.4.16-23.el7_0.3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.4.16-23.el7_0.3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:48:21", "description": "From Red Hat Security Advisory 2014:1768 :\n\nUpdated php53 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information (fileinfo) extension parsed Executable and Linkable Format (ELF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file.\n(CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat Product Security.\n\nAll php53 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-10-31T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : php53 (ELSA-2014-1768)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:php53", "p-cpe:/a:oracle:linux:php53-bcmath", "p-cpe:/a:oracle:linux:php53-cli", "p-cpe:/a:oracle:linux:php53-common", "p-cpe:/a:oracle:linux:php53-dba", "p-cpe:/a:oracle:linux:php53-devel", "p-cpe:/a:oracle:linux:php53-gd", "p-cpe:/a:oracle:linux:php53-imap", "p-cpe:/a:oracle:linux:php53-intl", "p-cpe:/a:oracle:linux:php53-ldap", "p-cpe:/a:oracle:linux:php53-mbstring", "p-cpe:/a:oracle:linux:php53-mysql", "p-cpe:/a:oracle:linux:php53-odbc", "p-cpe:/a:oracle:linux:php53-pdo", "p-cpe:/a:oracle:linux:php53-pgsql", "p-cpe:/a:oracle:linux:php53-process", "p-cpe:/a:oracle:linux:php53-pspell", "p-cpe:/a:oracle:linux:php53-snmp", "p-cpe:/a:oracle:linux:php53-soap", "p-cpe:/a:oracle:linux:php53-xml", "p-cpe:/a:oracle:linux:php53-xmlrpc", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2014-1768.NASL", "href": "https://www.tenable.com/plugins/nessus/78755", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:1768 and \n# Oracle Linux Security Advisory ELSA-2014-1768 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78755);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n script_bugtraq_id(70611, 70665, 70666, 70807);\n script_xref(name:\"RHSA\", value:\"2014:1768\");\n\n script_name(english:\"Oracle Linux 5 : php53 (ELSA-2014-1768)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:1768 :\n\nUpdated php53 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information\n(fileinfo) extension parsed Executable and Linkable Format (ELF)\nfiles. A remote attacker could use this flaw to crash a PHP\napplication using fileinfo via a specially crafted ELF file.\n(CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension\nparsed dates in the ISO 8601 format. A specially crafted XML-RPC\nrequest or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat\nProduct Security.\n\nAll php53 users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling the updated packages, the httpd daemon must be restarted\nfor the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-October/004599.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php53 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"php53-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-bcmath-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-cli-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-common-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-dba-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-devel-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-gd-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-imap-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-intl-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-ldap-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-mbstring-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-mysql-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-odbc-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-pdo-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-pgsql-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-process-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-pspell-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-snmp-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-soap-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-xml-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-xmlrpc-5.3.3-26.el5_11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53 / php53-bcmath / php53-cli / php53-common / php53-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:48:11", "description": "Updated php53 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information (fileinfo) extension parsed Executable and Linkable Format (ELF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file.\n(CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat Product Security.\n\nAll php53 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-11-03T00:00:00", "type": "nessus", "title": "CentOS 5 : php53 (CESA-2014:1768)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:php53", "p-cpe:/a:centos:centos:php53-bcmath", "p-cpe:/a:centos:centos:php53-cli", "p-cpe:/a:centos:centos:php53-common", "p-cpe:/a:centos:centos:php53-dba", "p-cpe:/a:centos:centos:php53-devel", "p-cpe:/a:centos:centos:php53-gd", "p-cpe:/a:centos:centos:php53-imap", "p-cpe:/a:centos:centos:php53-intl", "p-cpe:/a:centos:centos:php53-ldap", "p-cpe:/a:centos:centos:php53-mbstring", "p-cpe:/a:centos:centos:php53-mysql", "p-cpe:/a:centos:centos:php53-odbc", "p-cpe:/a:centos:centos:php53-pdo", "p-cpe:/a:centos:centos:php53-pgsql", "p-cpe:/a:centos:centos:php53-process", "p-cpe:/a:centos:centos:php53-pspell", "p-cpe:/a:centos:centos:php53-snmp", "p-cpe:/a:centos:centos:php53-soap", "p-cpe:/a:centos:centos:php53-xml", "p-cpe:/a:centos:centos:php53-xmlrpc", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2014-1768.NASL", "href": "https://www.tenable.com/plugins/nessus/78783", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1768 and \n# CentOS Errata and Security Advisory 2014:1768 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78783);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n script_bugtraq_id(70611, 70665, 70666, 70807);\n script_xref(name:\"RHSA\", value:\"2014:1768\");\n\n script_name(english:\"CentOS 5 : php53 (CESA-2014:1768)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php53 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information\n(fileinfo) extension parsed Executable and Linkable Format (ELF)\nfiles. A remote attacker could use this flaw to crash a PHP\napplication using fileinfo via a specially crafted ELF file.\n(CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension\nparsed dates in the ISO 8601 format. A specially crafted XML-RPC\nrequest or response could possibly cause a PHP application to crash.\n(CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat\nProduct Security.\n\nAll php53 users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After\ninstalling the updated packages, the httpd daemon must be restarted\nfor the update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-October/020724.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ec8306ba\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php53 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3669\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-bcmath-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-cli-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-common-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-dba-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-devel-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-gd-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-imap-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-intl-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-ldap-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-mbstring-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-mysql-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-odbc-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-pdo-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-pgsql-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-process-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-pspell-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-snmp-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-soap-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-xml-5.3.3-26.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-xmlrpc-5.3.3-26.el5_11\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53 / php53-bcmath / php53-cli / php53-common / php53-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:47:17", "description": "Updated php packages that fix two security issues are now available for Red Hat Enterprise Linux 6.5 Extended Update Support.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2015-01-09T00:00:00", "type": "nessus", "title": "RHEL 6 : php (RHSA-2015:0021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3669", "CVE-2014-3670"], "modified": "2021-02-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:php", "p-cpe:/a:redhat:enterprise_linux:php-bcmath", "p-cpe:/a:redhat:enterprise_linux:php-cli", "p-cpe:/a:redhat:enterprise_linux:php-common", "p-cpe:/a:redhat:enterprise_linux:php-dba", "p-cpe:/a:redhat:enterprise_linux:php-debuginfo", "p-cpe:/a:redhat:enterprise_linux:php-devel", "p-cpe:/a:redhat:enterprise_linux:php-embedded", "p-cpe:/a:redhat:enterprise_linux:php-enchant", "p-cpe:/a:redhat:enterprise_linux:php-fpm", "p-cpe:/a:redhat:enterprise_linux:php-gd", "p-cpe:/a:redhat:enterprise_linux:php-imap", "p-cpe:/a:redhat:enterprise_linux:php-intl", "p-cpe:/a:redhat:enterprise_linux:php-ldap", "p-cpe:/a:redhat:enterprise_linux:php-mbstring", "p-cpe:/a:redhat:enterprise_linux:php-mysql", "p-cpe:/a:redhat:enterprise_linux:php-odbc", "p-cpe:/a:redhat:enterprise_linux:php-pdo", "p-cpe:/a:redhat:enterprise_linux:php-pgsql", "p-cpe:/a:redhat:enterprise_linux:php-process", "p-cpe:/a:redhat:enterprise_linux:php-pspell", "p-cpe:/a:redhat:enterprise_linux:php-recode", "p-cpe:/a:redhat:enterprise_linux:php-snmp", "p-cpe:/a:redhat:enterprise_linux:php-soap", "p-cpe:/a:redhat:enterprise_linux:php-tidy", "p-cpe:/a:redhat:enterprise_linux:php-xml", "p-cpe:/a:redhat:enterprise_linux:php-xmlrpc", "p-cpe:/a:redhat:enterprise_linux:php-zts", "cpe:/o:redhat:enterprise_linux:6.5"], "id": "REDHAT-RHSA-2015-0021.NASL", "href": "https://www.tenable.com/plugins/nessus/80440", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0021. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80440);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/05\");\n\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3670\");\n script_bugtraq_id(70611, 70665);\n script_xref(name:\"RHSA\", value:\"2015:0021\");\n\n script_name(english:\"RHEL 6 : php (RHSA-2015:0021)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated php packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 6.5 Extended Update Support.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:0021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3670\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-zts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6\\.5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.5\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:0021\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-bcmath-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-bcmath-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-bcmath-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-cli-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-cli-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-cli-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-common-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-common-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-common-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-dba-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-dba-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-dba-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-debuginfo-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-debuginfo-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-debuginfo-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-devel-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-devel-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-devel-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-embedded-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-embedded-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-embedded-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-enchant-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-enchant-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-enchant-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-fpm-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-fpm-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-fpm-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-gd-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-gd-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-gd-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-imap-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-imap-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-imap-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-intl-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-intl-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-intl-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-ldap-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-ldap-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-ldap-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-mbstring-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-mbstring-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-mbstring-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-mysql-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-mysql-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-mysql-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-odbc-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-odbc-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-odbc-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-pdo-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-pdo-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-pdo-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-pgsql-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-pgsql-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-pgsql-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-process-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-process-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-process-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-pspell-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-pspell-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-pspell-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-recode-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-recode-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-recode-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-snmp-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-snmp-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-snmp-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-soap-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-soap-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-soap-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-tidy-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-tidy-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-tidy-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-xml-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-xml-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-xml-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-xmlrpc-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-xmlrpc-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"i686\", reference:\"php-zts-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"s390x\", reference:\"php-zts-5.3.3-27.el6_5.3\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"php-zts-5.3.3-27.el6_5.3\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:47:59", "description": "A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. (CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669)\n\nAfter installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-11-10T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : php on SL5.x i386/x86_64 (20141106)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3669", "CVE-2014-3670", "CVE-2014-8626"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:php", "p-cpe:/a:fermilab:scientific_linux:php-bcmath", "p-cpe:/a:fermilab:scientific_linux:php-cli", "p-cpe:/a:fermilab:scientific_linux:php-common", "p-cpe:/a:fermilab:scientific_linux:php-dba", "p-cpe:/a:fermilab:scientific_linux:php-debuginfo", "p-cpe:/a:fermilab:scientific_linux:php-devel", "p-cpe:/a:fermilab:scientific_linux:php-gd", "p-cpe:/a:fermilab:scientific_linux:php-imap", "p-cpe:/a:fermilab:scientific_linux:php-ldap", "p-cpe:/a:fermilab:scientific_linux:php-mbstring", "p-cpe:/a:fermilab:scientific_linux:php-mysql", "p-cpe:/a:fermilab:scientific_linux:php-ncurses", "p-cpe:/a:fermilab:scientific_linux:php-odbc", "p-cpe:/a:fermilab:scientific_linux:php-pdo", "p-cpe:/a:fermilab:scientific_linux:php-pgsql", "p-cpe:/a:fermilab:scientific_linux:php-snmp", "p-cpe:/a:fermilab:scientific_linux:php-soap", "p-cpe:/a:fermilab:scientific_linux:php-xml", "p-cpe:/a:fermilab:scientific_linux:php-xmlrpc", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20141106_PHP_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/79082", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79082);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-8626\");\n\n script_name(english:\"Scientific Linux Security Update : php on SL5.x i386/x86_64 (20141106)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc\nextension parsed dates in the ISO 8601 format. A specially crafted\nXML-RPC request or response could possibly cause a PHP application to\ncrash. (CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAfter installing the updated packages, the httpd daemon must be\nrestarted for the update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1411&L=scientific-linux-errata&T=0&P=2298\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?11798c86\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"php-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-bcmath-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-cli-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-common-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-dba-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-debuginfo-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-devel-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-gd-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-imap-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-ldap-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-mbstring-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-mysql-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-ncurses-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-odbc-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-pdo-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-pgsql-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-snmp-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-soap-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-xml-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php-xmlrpc-5.1.6-45.el5_11\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:47:56", "description": "Updated php packages that fix three security issues are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. (CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-11-07T00:00:00", "type": "nessus", "title": "RHEL 5 : php (RHSA-2014:1824)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3669", "CVE-2014-3670", "CVE-2014-8626"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:php", "p-cpe:/a:redhat:enterprise_linux:php-bcmath", "p-cpe:/a:redhat:enterprise_linux:php-cli", "p-cpe:/a:redhat:enterprise_linux:php-common", "p-cpe:/a:redhat:enterprise_linux:php-dba", "p-cpe:/a:redhat:enterprise_linux:php-debuginfo", "p-cpe:/a:redhat:enterprise_linux:php-devel", "p-cpe:/a:redhat:enterprise_linux:php-gd", "p-cpe:/a:redhat:enterprise_linux:php-imap", "p-cpe:/a:redhat:enterprise_linux:php-ldap", "p-cpe:/a:redhat:enterprise_linux:php-mbstring", "p-cpe:/a:redhat:enterprise_linux:php-mysql", "p-cpe:/a:redhat:enterprise_linux:php-ncurses", "p-cpe:/a:redhat:enterprise_linux:php-odbc", "p-cpe:/a:redhat:enterprise_linux:php-pdo", "p-cpe:/a:redhat:enterprise_linux:php-pgsql", "p-cpe:/a:redhat:enterprise_linux:php-snmp", "p-cpe:/a:redhat:enterprise_linux:php-soap", "p-cpe:/a:redhat:enterprise_linux:php-xml", "p-cpe:/a:redhat:enterprise_linux:php-xmlrpc", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2014-1824.NASL", "href": "https://www.tenable.com/plugins/nessus/78909", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1824. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78909);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-8626\");\n script_bugtraq_id(70611, 70665, 70928);\n script_xref(name:\"RHSA\", value:\"2014:1824\");\n\n script_name(english:\"RHEL 5 : php (RHSA-2014:1824)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php packages that fix three security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc\nextension parsed dates in the ISO 8601 format. A specially crafted\nXML-RPC request or response could possibly cause a PHP application to\ncrash. (CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3670\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-8626\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:1824\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:1824\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-bcmath-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-bcmath-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-bcmath-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-cli-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-cli-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-cli-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-common-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-common-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-common-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-dba-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-dba-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-dba-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-debuginfo-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-debuginfo-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-debuginfo-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-devel-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-devel-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-devel-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-gd-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-gd-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-gd-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-imap-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-imap-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-imap-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-ldap-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-ldap-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-ldap-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-mbstring-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-mbstring-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-mbstring-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-mysql-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-mysql-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-mysql-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-ncurses-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-ncurses-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-ncurses-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-odbc-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-odbc-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-odbc-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-pdo-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-pdo-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-pdo-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-pgsql-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-pgsql-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-pgsql-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-snmp-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-snmp-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-snmp-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-soap-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-soap-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-soap-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-xml-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-xml-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-xml-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php-xmlrpc-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php-xmlrpc-5.1.6-45.el5_11\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.1.6-45.el5_11\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:47:43", "description": "Updated php packages that fix three security issues are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. (CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-11-07T00:00:00", "type": "nessus", "title": "CentOS 5 : php (CESA-2014:1824)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3669", "CVE-2014-3670", "CVE-2014-8626"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:php", "p-cpe:/a:centos:centos:php-bcmath", "p-cpe:/a:centos:centos:php-cli", "p-cpe:/a:centos:centos:php-common", "p-cpe:/a:centos:centos:php-dba", "p-cpe:/a:centos:centos:php-devel", "p-cpe:/a:centos:centos:php-gd", "p-cpe:/a:centos:centos:php-imap", "p-cpe:/a:centos:centos:php-ldap", "p-cpe:/a:centos:centos:php-mbstring", "p-cpe:/a:centos:centos:php-mysql", "p-cpe:/a:centos:centos:php-ncurses", "p-cpe:/a:centos:centos:php-odbc", "p-cpe:/a:centos:centos:php-pdo", "p-cpe:/a:centos:centos:php-pgsql", "p-cpe:/a:centos:centos:php-snmp", "p-cpe:/a:centos:centos:php-soap", "p-cpe:/a:centos:centos:php-xml", "p-cpe:/a:centos:centos:php-xmlrpc", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2014-1824.NASL", "href": "https://www.tenable.com/plugins/nessus/78895", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1824 and \n# CentOS Errata and Security Advisory 2014:1824 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78895);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-8626\");\n script_bugtraq_id(70611, 70665, 70928);\n script_xref(name:\"RHSA\", value:\"2014:1824\");\n\n script_name(english:\"CentOS 5 : php (CESA-2014:1824)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php packages that fix three security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc\nextension parsed dates in the ISO 8601 format. A specially crafted\nXML-RPC request or response could possibly cause a PHP application to\ncrash. (CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-November/020743.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?78f3ff81\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3669\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-bcmath-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-cli-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-common-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-dba-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-devel-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-gd-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-imap-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-ldap-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-mbstring-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-mysql-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-ncurses-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-odbc-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-pdo-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-pgsql-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-snmp-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-soap-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-xml-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php-xmlrpc-5.1.6-45.el5_11\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:47:50", "description": "From Red Hat Security Advisory 2014:1824 :\n\nUpdated php packages that fix three security issues are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. (CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-11-07T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : php (ELSA-2014-1824)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3669", "CVE-2014-3670", "CVE-2014-8626"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:php", "p-cpe:/a:oracle:linux:php-bcmath", "p-cpe:/a:oracle:linux:php-cli", "p-cpe:/a:oracle:linux:php-common", "p-cpe:/a:oracle:linux:php-dba", "p-cpe:/a:oracle:linux:php-devel", "p-cpe:/a:oracle:linux:php-gd", "p-cpe:/a:oracle:linux:php-imap", "p-cpe:/a:oracle:linux:php-ldap", "p-cpe:/a:oracle:linux:php-mbstring", "p-cpe:/a:oracle:linux:php-mysql", "p-cpe:/a:oracle:linux:php-ncurses", "p-cpe:/a:oracle:linux:php-odbc", "p-cpe:/a:oracle:linux:php-pdo", "p-cpe:/a:oracle:linux:php-pgsql", "p-cpe:/a:oracle:linux:php-snmp", "p-cpe:/a:oracle:linux:php-soap", "p-cpe:/a:oracle:linux:php-xml", "p-cpe:/a:oracle:linux:php-xmlrpc", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2014-1824.NASL", "href": "https://www.tenable.com/plugins/nessus/78908", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:1824 and \n# Oracle Linux Security Advisory ELSA-2014-1824 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78908);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-8626\");\n script_bugtraq_id(70611, 70665, 70928);\n script_xref(name:\"RHSA\", value:\"2014:1824\");\n\n script_name(english:\"Oracle Linux 5 : php (ELSA-2014-1824)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:1824 :\n\nUpdated php packages that fix three security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially\ncrafted JPEG or TIFF file could cause a PHP application using the\nexif_thumbnail() function to crash or, possibly, execute arbitrary\ncode with the privileges of the user running that PHP application.\n(CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc\nextension parsed dates in the ISO 8601 format. A specially crafted\nXML-RPC request or response could possibly cause a PHP application to\ncrash. (CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-November/004623.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-ncurses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"php-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-bcmath-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-cli-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-common-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-dba-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-devel-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-gd-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-imap-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-ldap-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-mbstring-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-mysql-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-ncurses-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-odbc-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-pdo-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-pgsql-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-snmp-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-soap-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-xml-5.1.6-45.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php-xmlrpc-5.1.6-45.el5_11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:48:04", "description": "Versions of PHP 5.5 prior to 5.5.18 are vulnerable to a vulnerability which can allow a remote attacker to render the service unavailable. Specifically, the unserialize() function fails to properly parse user-supplied input.", "cvss3": {"score": 3.7, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "published": "2014-10-17T00:00:00", "type": "nessus", "title": "PHP 5.5.x < 5.5.18 Denial Of Service", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3669"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "8557.PRM", "href": "https://www.tenable.com/plugins/nnm/8557", "sourceData": "Binary data 8557.prm", "cvss": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:48:06", "description": "A vulnerability has been discovered and corrected in php :\n\nA heap corruption issue was reported in PHP's exif_thumbnail() function. A specially crafted JPEG image could cause the PHP interpreter to crash or, potentially, execute arbitrary code (CVE-2014-3670).\n\nThe updated php packages have been upgraded to the 5.5.18 version resolve this security flaw.\n\nAdditionally, php-apc has been rebuilt against the updated php packages.", "cvss3": {"score": null, "vector": null}, "published": "2014-10-24T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : php (MDVSA-2014:202)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3670"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:apache-mod_php", "p-cpe:/a:mandriva:linux:lib64php5_common5", "p-cpe:/a:mandriva:linux:php-apc", "p-cpe:/a:mandriva:linux:php-apc-admin", "p-cpe:/a:mandriva:linux:php-bcmath", "p-cpe:/a:mandriva:linux:php-bz2", "p-cpe:/a:mandriva:linux:php-calendar", "p-cpe:/a:mandriva:linux:php-cgi", "p-cpe:/a:mandriva:linux:php-cli", "p-cpe:/a:mandriva:linux:php-ctype", "p-cpe:/a:mandriva:linux:php-curl", "p-cpe:/a:mandriva:linux:php-dba", "p-cpe:/a:mandriva:linux:php-devel", "p-cpe:/a:mandriva:linux:php-doc", "p-cpe:/a:mandriva:linux:php-dom", "p-cpe:/a:mandriva:linux:php-enchant", "p-cpe:/a:mandriva:linux:php-exif", "p-cpe:/a:mandriva:linux:php-fileinfo", "p-cpe:/a:mandriva:linux:php-filter", "p-cpe:/a:mandriva:linux:php-fpm", "p-cpe:/a:mandriva:linux:php-ftp", "p-cpe:/a:mandriva:linux:php-gd", "p-cpe:/a:mandriva:linux:php-gettext", "p-cpe:/a:mandriva:linux:php-gmp", "p-cpe:/a:mandriva:linux:php-hash", "p-cpe:/a:mandriva:linux:php-iconv", "p-cpe:/a:mandriva:linux:php-imap", "p-cpe:/a:mandriva:linux:php-ini", "p-cpe:/a:mandriva:linux:php-intl", "p-cpe:/a:mandriva:linux:php-json", "p-cpe:/a:mandriva:linux:php-ldap", "p-cpe:/a:mandriva:linux:php-mbstring", "p-cpe:/a:mandriva:linux:php-mcrypt", "p-cpe:/a:mandriva:linux:php-mssql", "p-cpe:/a:mandriva:linux:php-mysql", "p-cpe:/a:mandriva:linux:php-mysqli", "p-cpe:/a:mandriva:linux:php-mysqlnd", "p-cpe:/a:mandriva:linux:php-odbc", "p-cpe:/a:mandriva:linux:php-opcache", "p-cpe:/a:mandriva:linux:php-openssl", "p-cpe:/a:mandriva:linux:php-pcntl", "p-cpe:/a:mandriva:linux:php-pdo", "p-cpe:/a:mandriva:linux:php-pdo_dblib", "p-cpe:/a:mandriva:linux:php-pdo_mysql", "p-cpe:/a:mandriva:linux:php-pdo_odbc", "p-cpe:/a:mandriva:linux:php-pdo_pgsql", "p-cpe:/a:mandriva:linux:php-pdo_sqlite", "p-cpe:/a:mandriva:linux:php-pgsql", "p-cpe:/a:mandriva:linux:php-phar", "p-cpe:/a:mandriva:linux:php-posix", "p-cpe:/a:mandriva:linux:php-readline", "p-cpe:/a:mandriva:linux:php-recode", "p-cpe:/a:mandriva:linux:php-session", "p-cpe:/a:mandriva:linux:php-shmop", "p-cpe:/a:mandriva:linux:php-snmp", "p-cpe:/a:mandriva:linux:php-soap", "p-cpe:/a:mandriva:linux:php-sockets", "p-cpe:/a:mandriva:linux:php-sqlite3", "p-cpe:/a:mandriva:linux:php-sybase_ct", "p-cpe:/a:mandriva:linux:php-sysvmsg", "p-cpe:/a:mandriva:linux:php-sysvsem", "p-cpe:/a:mandriva:linux:php-sysvshm", "p-cpe:/a:mandriva:linux:php-tidy", "p-cpe:/a:mandriva:linux:php-tokenizer", "p-cpe:/a:mandriva:linux:php-wddx", "p-cpe:/a:mandriva:linux:php-xml", "p-cpe:/a:mandriva:linux:php-xmlreader", "p-cpe:/a:mandriva:linux:php-xmlrpc", "p-cpe:/a:mandriva:linux:php-xmlwriter", "p-cpe:/a:mandriva:linux:php-xsl", "p-cpe:/a:mandriva:linux:php-zip", "p-cpe:/a:mandriva:linux:php-zlib", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2014-202.NASL", "href": "https://www.tenable.com/plugins/nessus/78664", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:202. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78664);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-3670\");\n script_bugtraq_id(70665);\n script_xref(name:\"MDVSA\", value:\"2014:202\");\n\n script_name(english:\"Mandriva Linux Security Advisory : php (MDVSA-2014:202)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been discovered and corrected in php :\n\nA heap corruption issue was reported in PHP's exif_thumbnail()\nfunction. A specially crafted JPEG image could cause the PHP\ninterpreter to crash or, potentially, execute arbitrary code\n(CVE-2014-3670).\n\nThe updated php packages have been upgraded to the 5.5.18 version\nresolve this security flaw.\n\nAdditionally, php-apc has been rebuilt against the updated php\npackages.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.18\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64php5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-apc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-apc-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sybase_ct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"apache-mod_php-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-apc-3.1.15-1.12.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-apc-admin-3.1.15-1.12.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-bcmath-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-bz2-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-calendar-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-cgi-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-cli-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-ctype-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-curl-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-dba-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-devel-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"php-doc-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-dom-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-enchant-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-exif-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-fileinfo-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-filter-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-fpm-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-ftp-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-gd-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-gettext-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-gmp-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-hash-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-iconv-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-imap-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-ini-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-intl-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-json-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-ldap-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mbstring-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mcrypt-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mssql-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mysql-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mysqli-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-mysqlnd-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-odbc-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-opcache-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-openssl-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pcntl-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_dblib-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_mysql-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_odbc-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_pgsql-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pdo_sqlite-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-pgsql-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-phar-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-posix-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-readline-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-recode-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-session-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-shmop-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-snmp-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-soap-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sockets-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sqlite3-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sybase_ct-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sysvmsg-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sysvsem-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-sysvshm-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-tidy-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-tokenizer-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-wddx-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xml-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xmlreader-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xmlwriter-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-xsl-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-zip-5.5.18-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"php-zlib-5.5.18-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-09T00:26:21", "description": "According to the versions of the php packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - An integer underflow flaw leading to out-of-bounds memory access was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened.(CVE-2015-4021)\n\n - An out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash.(CVE-2014-3668)\n\n - It was found that certain PHP functions did not properly handle file names containing a NULL character.\n A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions.(CVE-2015-4598)\n\n - A flaw was found in the way PHP handled malformed source files when running in CGI mode. A specially crafted PHP file could cause PHP CGI to crash.(CVE-2014-9427)\n\n - An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.(CVE-2018-10548)\n\n - An infinite loop vulnerability was found in ext/iconv/iconv.c in PHP due to the iconv stream not rejecting invalid multibyte sequences. A remote attacker could use this vulnerability to hang the php process and consume resources.(CVE-2018-10546)\n\n - The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\\\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.(CVE-2013-4248)\n\n - A use-after-free flaw was found in the way PHP's unserialize() function processed data. If a remote attacker was able to pass crafted input to PHP's unserialize() function, they could cause the PHP interpreter to crash or, possibly, execute arbitrary code.(CVE-2015-0231)\n\n - A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code.(CVE-2015-4602)\n\n - It was found that certain PHP functions did not properly handle file names containing a NULL character.\n A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions.(CVE-2015-3412)\n\n - The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a 'Python script text executable' rule.(CVE-2015-4605)\n\n - A heap buffer overflow flaw was found in the enchant_broker_request_dict() function of PHP's enchant extension. A specially crafted tag input could possibly cause a PHP application to crash.(CVE-2014-9705)\n\n - A buffer overflow flaw was found in the Exif extension.\n A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application.(CVE-2014-3670)\n\n - A flaws was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code.(CVE-2015-4148)\n\n - A type confusion issue was found in the SPL ArrayObject and SPLObjectStorage classes' unserialize() method. A remote attacker able to submit specially crafted input to a PHP application, which would then unserialize this input using one of the aforementioned methods, could use this flaw to execute arbitrary code with the privileges of the user running that PHP application.(CVE-2014-3515)\n\n - The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a 'Python script text executable' rule.(CVE-2015-4604)\n\n - A NULL pointer dereference flaw was found in the gdImageCreateFromXpm() function of PHP's gd extension.\n A remote attacker could use this flaw to crash a PHP application using gd via a specially crafted X PixMap (XPM) file.(CVE-2014-2497)\n\n - A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time.(CVE-2015-4024)\n\n - Multiple flaws were discovered in the way PHP's Soap extension performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to disclose portion of its memory or crash.(CVE-2015-4599)\n\n - A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code.(CVE-2015-4603)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-14T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.1.0 : php (EulerOS-SA-2019-1544)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4248", "CVE-2014-2497", "CVE-2014-3515", "CVE-2014-3668", "CVE-2014-3670", "CVE-2014-9427", "CVE-2014-9705", "CVE-2015-0231", "CVE-2015-3412", "CVE-2015-4021", "CVE-2015-4024", "CVE-2015-4148", "CVE-2015-4598", "CVE-2015-4599", "CVE-2015-4602", "CVE-2015-4603", "CVE-2015-4604", "CVE-2015-4605", "CVE-2018-10546", "CVE-2018-10548"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:php", "p-cpe:/a:huawei:euleros:php-cli", "p-cpe:/a:huawei:euleros:php-common", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "id": "EULEROS_SA-2019-1544.NASL", "href": "https://www.tenable.com/plugins/nessus/124997", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124997);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2013-4248\",\n \"CVE-2014-2497\",\n \"CVE-2014-3515\",\n \"CVE-2014-3668\",\n \"CVE-2014-3670\",\n \"CVE-2014-9427\",\n \"CVE-2014-9705\",\n \"CVE-2015-0231\",\n \"CVE-2015-3412\",\n \"CVE-2015-4021\",\n \"CVE-2015-4024\",\n \"CVE-2015-4148\",\n \"CVE-2015-4598\",\n \"CVE-2015-4599\",\n \"CVE-2015-4602\",\n \"CVE-2015-4603\",\n \"CVE-2015-4604\",\n \"CVE-2015-4605\",\n \"CVE-2018-10546\",\n \"CVE-2018-10548\"\n );\n script_bugtraq_id(\n 61776,\n 66233,\n 68237,\n 70665,\n 70666,\n 71833,\n 72539,\n 73031,\n 74700,\n 74903,\n 75103,\n 75233,\n 75241,\n 75244,\n 75249,\n 75250,\n 75251,\n 75252\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.1.0 : php (EulerOS-SA-2019-1544)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the php packages installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - An integer underflow flaw leading to out-of-bounds\n memory access was found in the way PHP's Phar extension\n parsed Phar archives. A specially crafted archive could\n cause PHP to crash or, possibly, execute arbitrary code\n when opened.(CVE-2015-4021)\n\n - An out of bounds read flaw was found in the way the\n xmlrpc extension parsed dates in the ISO 8601 format. A\n specially crafted XML-RPC request or response could\n possibly cause a PHP application to\n crash.(CVE-2014-3668)\n\n - It was found that certain PHP functions did not\n properly handle file names containing a NULL character.\n A remote attacker could possibly use this flaw to make\n a PHP script access unexpected files and bypass\n intended file system access\n restrictions.(CVE-2015-4598)\n\n - A flaw was found in the way PHP handled malformed\n source files when running in CGI mode. A specially\n crafted PHP file could cause PHP CGI to\n crash.(CVE-2014-9427)\n\n - An issue was discovered in PHP before 5.6.36, 7.0.x\n before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before\n 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to\n cause a denial of service (NULL pointer dereference and\n application crash) because of mishandling of the\n ldap_get_dn return value.(CVE-2018-10548)\n\n - An infinite loop vulnerability was found in\n ext/iconv/iconv.c in PHP due to the iconv stream not\n rejecting invalid multibyte sequences. A remote\n attacker could use this vulnerability to hang the php\n process and consume resources.(CVE-2018-10546)\n\n - The openssl_x509_parse function in openssl.c in the\n OpenSSL module in PHP before 5.4.18 and 5.5.x before\n 5.5.2 does not properly handle a '\\\\0' character in a\n domain name in the Subject Alternative Name field of an\n X.509 certificate, which allows man-in-the-middle\n attackers to spoof arbitrary SSL servers via a crafted\n certificate issued by a legitimate Certification\n Authority, a related issue to\n CVE-2009-2408.(CVE-2013-4248)\n\n - A use-after-free flaw was found in the way PHP's\n unserialize() function processed data. If a remote\n attacker was able to pass crafted input to PHP's\n unserialize() function, they could cause the PHP\n interpreter to crash or, possibly, execute arbitrary\n code.(CVE-2015-0231)\n\n - A flaw was discovered in the way PHP performed object\n unserialization. Specially crafted input processed by\n the unserialize() function could cause a PHP\n application to crash or, possibly, execute arbitrary\n code.(CVE-2015-4602)\n\n - It was found that certain PHP functions did not\n properly handle file names containing a NULL character.\n A remote attacker could possibly use this flaw to make\n a PHP script access unexpected files and bypass\n intended file system access\n restrictions.(CVE-2015-3412)\n\n - The mcopy function in softmagic.c in file 5.x, as used\n in the Fileinfo component in PHP before 5.4.40, 5.5.x\n before 5.5.24, and 5.6.x before 5.6.8, does not\n properly restrict a certain offset value, which allows\n remote attackers to cause a denial of service\n (application crash) or possibly execute arbitrary code\n via a crafted string that is mishandled by a 'Python\n script text executable' rule.(CVE-2015-4605)\n\n - A heap buffer overflow flaw was found in the\n enchant_broker_request_dict() function of PHP's enchant\n extension. A specially crafted tag input could possibly\n cause a PHP application to crash.(CVE-2014-9705)\n\n - A buffer overflow flaw was found in the Exif extension.\n A specially crafted JPEG or TIFF file could cause a PHP\n application using the exif_thumbnail() function to\n crash or, possibly, execute arbitrary code with the\n privileges of the user running that PHP\n application.(CVE-2014-3670)\n\n - A flaws was discovered in the way PHP performed object\n unserialization. Specially crafted input processed by\n the unserialize() function could cause a PHP\n application to crash or, possibly, execute arbitrary\n code.(CVE-2015-4148)\n\n - A type confusion issue was found in the SPL ArrayObject\n and SPLObjectStorage classes' unserialize() method. A\n remote attacker able to submit specially crafted input\n to a PHP application, which would then unserialize this\n input using one of the aforementioned methods, could\n use this flaw to execute arbitrary code with the\n privileges of the user running that PHP\n application.(CVE-2014-3515)\n\n - The mget function in softmagic.c in file 5.x, as used\n in the Fileinfo component in PHP before 5.4.40, 5.5.x\n before 5.5.24, and 5.6.x before 5.6.8, does not\n properly maintain a certain pointer relationship, which\n allows remote attackers to cause a denial of service\n (application crash) or possibly execute arbitrary code\n via a crafted string that is mishandled by a 'Python\n script text executable' rule.(CVE-2015-4604)\n\n - A NULL pointer dereference flaw was found in the\n gdImageCreateFromXpm() function of PHP's gd extension.\n A remote attacker could use this flaw to crash a PHP\n application using gd via a specially crafted X PixMap\n (XPM) file.(CVE-2014-2497)\n\n - A flaw was found in the way PHP parsed multipart HTTP\n POST requests. A specially crafted request could cause\n PHP to use an excessive amount of CPU\n time.(CVE-2015-4024)\n\n - Multiple flaws were discovered in the way PHP's Soap\n extension performed object unserialization. Specially\n crafted input processed by the unserialize() function\n could cause a PHP application to disclose portion of\n its memory or crash.(CVE-2015-4599)\n\n - A flaw was discovered in the way PHP performed object\n unserialization. Specially crafted input processed by\n the unserialize() function could cause a PHP\n application to crash or, possibly, execute arbitrary\n code.(CVE-2015-4603)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1544\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?eb62c9b4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"php-5.4.16-45.h9\",\n \"php-cli-5.4.16-45.h9\",\n \"php-common-5.4.16-45.h9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T14:56:24", "description": "Multiple vulnerabilities has been discovered and corrected in php :\n\nIt was discovered that the file utility contains a flaw in the handling of indirect magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files (CVE-2014-1943).\n\nA flaw was found in the way the file utility determined the type of Portable Executable (PE) format files, the executable format used on Windows. A malicious PE file could cause the file utility to crash or, potentially, execute arbitrary code (CVE-2014-2270).\n\nThe BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters (CVE-2013-7345).\n\nPHP FPM in PHP versions before 5.4.28 and 5.5.12 uses a UNIX domain socket with world-writable permissions by default, which allows any local user to connect to it and execute PHP scripts as the apache user (CVE-2014-0185).\n\nA flaw was found in the way file's Composite Document Files (CDF) format parser handle CDF files with many summary info entries. The cdf_unpack_summary_info() function unnecessarily repeatedly read the info from the same offset. This led to many file_printf() calls in cdf_file_property_info(), which caused file to use an excessive amount of CPU time when parsing a specially crafted CDF file (CVE-2014-0237).\n\nA flaw was found in the way file parsed property information from Composite Document Files (CDF) files. A property entry with 0 elements triggers an infinite loop (CVE-2014-0238).\n\nThe unserialize() function in PHP before 5.4.30 and 5.5.14 has a Type Confusion issue related to the SPL ArrayObject and SPLObjectStorage Types (CVE-2014-3515).\n\nIt was discovered that PHP is vulnerable to a heap-based buffer overflow in the DNS TXT record parsing. A malicious server or man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application uses dns_get_record() to perform a DNS query (CVE-2014-4049).\n\nA flaw was found in the way file parsed property information from Composite Document Files (CDF) files, where the mconvert() function did not correctly compute the truncated pascal string size (CVE-2014-3478).\n\nMultiple flaws were found in the way file parsed property information from Composite Document Files (CDF) files, due to insufficient boundary checks on buffers (CVE-2014-0207, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487).\n\nThe phpinfo() function in PHP before 5.4.30 and 5.5.14 has a Type Confusion issue that can cause it to leak arbitrary process memory (CVE-2014-4721).\n\nUse-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments (CVE-2014-4698).\n\nUse-after-free vulnerability in ext/spl/spl_dllist.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications in certain web-hosting environments (CVE-2014-4670).\n\nfile before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule, due to an incomplete fix for CVE-2013-7345 (CVE-2014-3538).\n\nInteger overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE:\nthis vulnerability exists because of an incomplete fix for CVE-2012-1571 (CVE-2014-3587).\n\nMultiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049 (CVE-2014-3597).\n\nAn integer overflow flaw in PHP's unserialize() function was reported.\nIf unserialize() were used on untrusted data, this issue could lead to a crash or potentially information disclosure (CVE-2014-3669).\n\nA heap corruption issue was reported in PHP's exif_thumbnail() function. A specially crafted JPEG image could cause the PHP interpreter to crash or, potentially, execute arbitrary code (CVE-2014-3670).\n\nIf client-supplied input was passed to PHP's cURL client as a URL to download, it could return local files from the server due to improper handling of null bytes (PHP#68089).\n\nAn out-of-bounds read flaw was found in file's donote() function in the way the file utility determined the note headers of a elf file.\nThis could possibly lead to file executable crash (CVE-2014-3710).\n\nA use-after-free flaw was found in PHP unserialize(). An untrusted input could cause PHP interpreter to crash or, possibly, execute arbitrary code when processed using unserialize() (CVE-2014-8142).\n\nDouble free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine in PHP before 5.5.21 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors (CVE-2014-9425).\n\nsapi/cgi/cgi_main.c in the CGI component in PHP before 5.5.21, when mmap is used to read a .php file, does not properly consider the mapping's length during processing of an invalid file that begins with a # character and lacks a newline character, which causes an out-of-bounds read and might allow remote attackers to obtain sensitive information from php-cgi process memory by leveraging the ability to upload a .php file or trigger unexpected code execution if a valid PHP script is present in memory locations adjacent to the mapping (CVE-2014-9427).\n\nUse after free vulnerability in unserialize() in PHP before 5.5.21 (CVE-2015-0231).\n\nFree called on an uninitialized pointer in php-exif in PHP before 5.5.21 (CVE-2015-0232).\n\nThe readelf.c source file has been removed from PHP's bundled copy of file's libmagic, eliminating exposure to denial of service issues in ELF file parsing such as CVE-2014-8116, CVE-2014-8117, CVE-2014-9620 and CVE-2014-9621 in PHP's fileinfo module.\n\nS. Paraschoudis discovered that PHP incorrectly handled memory in the enchant binding. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2014-9705).\n\nTaoguang Chen discovered that PHP incorrectly handled unserializing objects. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2015-0273).\n\nIt was discovered that PHP incorrectly handled memory in the phar extension. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2015-2301).\n\nUse-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate numerical keys within the serialized properties of an object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8142 (CVE-2015-0231).\n\nThe exif_process_unicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free and application crash) via crafted EXIF data in a JPEG image (CVE-2015-0232).\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libzip, which is embedded in PHP, processed certain ZIP archives. If an attacker were able to supply a specially crafted ZIP archive to an application using libzip, it could cause the application to crash or, possibly, execute arbitrary code (CVE-2015-2331).\n\nIt was discovered that the PHP opcache component incorrectly handled memory. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2015-1351).\n\nIt was discovered that the PHP PostgreSQL database extension incorrectly handled certain pointers. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2015-1352).\n\nPHP contains a bundled copy of the file utility's libmagic library, so it was vulnerable to the libmagic issues.\n\nThe updated php packages have been patched and upgraded to the 5.5.23 version which is not vulnerable to these issues. The libzip packages has been patched to address the CVE-2015-2331 flaw.\n\nA bug in the php zip extension that could cause a crash has been fixed (mga#13820)\n\nAdditionally the jsonc and timezonedb packages has been upgraded to the latest versions and the PECL packages which requires so has been rebuilt for php-5.5.23.", "cvss3": {"score": null, "vector": null}, "published": "2015-03-30T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : php (MDVSA-2015:080)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1571", "CVE-2013-7345", "CVE-2014-0185", "CVE-2014-0207", "CVE-2014-0237", "CVE-2014-0238", "CVE-2014-1943", "CVE-2014-2270", "CVE-2014-3478", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-3487", "CVE-2014-3515", "CVE-2014-3538", "CVE-2014-3587", "CVE-2014-3597", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710", "CVE-2014-4049", "CVE-2014-4670", "CVE-2014-4698", "CVE-2014-4721", "CVE-2014-8116", "CVE-2014-8117", "CVE-2014-8142", "CVE-2014-9425", "CVE-2014-9427", "CVE-2014-9620", "CVE-2014-9621", "CVE-2014-9705", "CVE-2015-0231", "CVE-2015-0232", "CVE-2015-0273", "CVE-2015-1351", "CVE-2015-1352", "CVE-2015-2301", "CVE-2015-2331"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:apache-mod_php", "p-cpe:/a:mandriva:linux:lib64php5_common5", "p-cpe:/a:mandriva:linux:lib64zip-devel", "p-cpe:/a:mandriva:linux:lib64zip2", "p-cpe:/a:mandriva:linux:libzip", "p-cpe:/a:mandriva:linux:php-bcmath", "p-cpe:/a:mandriva:linux:php-bz2", "p-cpe:/a:mandriva:linux:php-calendar", "p-cpe:/a:mandriva:linux:php-cgi", "p-cpe:/a:mandriva:linux:php-cli", "p-cpe:/a:mandriva:linux:php-ctype", "p-cpe:/a:mandriva:linux:php-curl", "p-cpe:/a:mandriva:linux:php-dba", "p-cpe:/a:mandriva:linux:php-devel", "p-cpe:/a:mandriva:linux:php-doc", "p-cpe:/a:mandriva:linux:php-dom", "p-cpe:/a:mandriva:linux:php-enchant", "p-cpe:/a:mandriva:linux:php-exif", "p-cpe:/a:mandriva:linux:php-fileinfo", "p-cpe:/a:mandriva:linux:php-filter", "p-cpe:/a:mandriva:linux:php-fpm", "p-cpe:/a:mandriva:linux:php-ftp", "p-cpe:/a:mandriva:linux:php-gd", "p-cpe:/a:mandriva:linux:php-gettext", "p-cpe:/a:mandriva:linux:php-gmp", "p-cpe:/a:mandriva:linux:php-hash", "p-cpe:/a:mandriva:linux:php-iconv", "p-cpe:/a:mandriva:linux:php-imap", "p-cpe:/a:mandriva:linux:php-ini", "p-cpe:/a:mandriva:linux:php-interbase", "p-cpe:/a:mandriva:linux:php-intl", "p-cpe:/a:mandriva:linux:php-json", "p-cpe:/a:mandriva:linux:php-ldap", "p-cpe:/a:mandriva:linux:php-mbstring", "p-cpe:/a:mandriva:linux:php-mcrypt", "p-cpe:/a:mandriva:linux:php-mssql", "p-cpe:/a:mandriva:linux:php-mysql", "p-cpe:/a:mandriva:linux:php-mysqli", "p-cpe:/a:mandriva:linux:php-mysqlnd", "p-cpe:/a:mandriva:linux:php-odbc", "p-cpe:/a:mandriva:linux:php-opcache", "p-cpe:/a:mandriva:linux:php-openssl", "p-cpe:/a:mandriva:linux:php-pcntl", "p-cpe:/a:mandriva:linux:php-pdo", "p-cpe:/a:mandriva:linux:php-pdo_dblib", "p-cpe:/a:mandriva:linux:php-pdo_firebird", "p-cpe:/a:mandriva:linux:php-pdo_mysql", "p-cpe:/a:mandriva:linux:php-pdo_odbc", "p-cpe:/a:mandriva:linux:php-pdo_pgsql", "p-cpe:/a:mandriva:linux:php-pdo_sqlite", "p-cpe:/a:mandriva:linux:php-pgsql", "p-cpe:/a:mandriva:linux:php-phar", "p-cpe:/a:mandriva:linux:php-posix", "p-cpe:/a:mandriva:linux:php-readline", "p-cpe:/a:mandriva:linux:php-recode", "p-cpe:/a:mandriva:linux:php-session", "p-cpe:/a:mandriva:linux:php-shmop", "p-cpe:/a:mandriva:linux:php-snmp", "p-cpe:/a:mandriva:linux:php-soap", "p-cpe:/a:mandriva:linux:php-sockets", "p-cpe:/a:mandriva:linux:php-sqlite3", "p-cpe:/a:mandriva:linux:php-sybase_ct", "p-cpe:/a:mandriva:linux:php-sysvmsg", "p-cpe:/a:mandriva:linux:php-sysvsem", "p-cpe:/a:mandriva:linux:php-sysvshm", "p-cpe:/a:mandriva:linux:php-tidy", "p-cpe:/a:mandriva:linux:php-timezonedb", "p-cpe:/a:mandriva:linux:php-tokenizer", "p-cpe:/a:mandriva:linux:php-wddx", "p-cpe:/a:mandriva:linux:php-xml", "p-cpe:/a:mandriva:linux:php-xmlreader", "p-cpe:/a:mandriva:linux:php-xmlrpc", "p-cpe:/a:mandriva:linux:php-xmlwriter", "p-cpe:/a:mandriva:linux:php-xsl", "p-cpe:/a:mandriva:linux:php-zip", "p-cpe:/a:mandriva:linux:php-zlib", "cpe:/o:mandriva:business_server:2"], "id": "MANDRIVA_MDVSA-2015-080.NASL", "href": "https://www.tenable.com/plugins/nessus/82333", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2015:080. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82333);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-7345\", \"CVE-2014-0185\", \"CVE-2014-0207\", \"CVE-2014-0237\", \"CVE-2014-0238\", \"CVE-2014-1943\", \"CVE-2014-2270\", \"CVE-2014-3478\", \"CVE-2014-3479\", \"CVE-2014-3480\", \"CVE-2014-3487\", \"CVE-2014-3515\", \"CVE-2014-3538\", \"CVE-2014-3587\", \"CVE-2014-3597\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\", \"CVE-2014-4049\", \"CVE-2014-4670\", \"CVE-2014-4698\", \"CVE-2014-4721\", \"CVE-2014-8116\", \"CVE-2014-8117\", \"CVE-2014-8142\", \"CVE-2014-9425\", \"CVE-2014-9427\", \"CVE-2014-9620\", \"CVE-2014-9621\", \"CVE-2014-9705\", \"CVE-2015-0231\", \"CVE-2015-0232\", \"CVE-2015-0273\", \"CVE-2015-1351\", \"CVE-2015-1352\", \"CVE-2015-2301\", \"CVE-2015-2331\");\n script_xref(name:\"MDVSA\", value:\"2015:080\");\n\n script_name(english:\"Mandriva Linux Security Advisory : php (MDVSA-2015:080)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been discovered and corrected in php :\n\nIt was discovered that the file utility contains a flaw in the\nhandling of indirect magic rules in the libmagic library, which leads\nto an infinite recursion when trying to determine the file type of\ncertain files (CVE-2014-1943).\n\nA flaw was found in the way the file utility determined the type of\nPortable Executable (PE) format files, the executable format used on\nWindows. A malicious PE file could cause the file utility to crash or,\npotentially, execute arbitrary code (CVE-2014-2270).\n\nThe BEGIN regular expression in the awk script detector in\nmagic/Magdir/commands in file before 5.15 uses multiple wildcards with\nunlimited repetitions, which allows context-dependent attackers to\ncause a denial of service (CPU consumption) via a crafted ASCII file\nthat triggers a large amount of backtracking, as demonstrated via a\nfile with many newline characters (CVE-2013-7345).\n\nPHP FPM in PHP versions before 5.4.28 and 5.5.12 uses a UNIX domain\nsocket with world-writable permissions by default, which allows any\nlocal user to connect to it and execute PHP scripts as the apache user\n(CVE-2014-0185).\n\nA flaw was found in the way file's Composite Document Files (CDF)\nformat parser handle CDF files with many summary info entries. The\ncdf_unpack_summary_info() function unnecessarily repeatedly read the\ninfo from the same offset. This led to many file_printf() calls in\ncdf_file_property_info(), which caused file to use an excessive amount\nof CPU time when parsing a specially crafted CDF file (CVE-2014-0237).\n\nA flaw was found in the way file parsed property information from\nComposite Document Files (CDF) files. A property entry with 0 elements\ntriggers an infinite loop (CVE-2014-0238).\n\nThe unserialize() function in PHP before 5.4.30 and 5.5.14 has a Type\nConfusion issue related to the SPL ArrayObject and SPLObjectStorage\nTypes (CVE-2014-3515).\n\nIt was discovered that PHP is vulnerable to a heap-based buffer\noverflow in the DNS TXT record parsing. A malicious server or\nman-in-the-middle attacker could possibly use this flaw to execute\narbitrary code as the PHP interpreter if a PHP application uses\ndns_get_record() to perform a DNS query (CVE-2014-4049).\n\nA flaw was found in the way file parsed property information from\nComposite Document Files (CDF) files, where the mconvert() function\ndid not correctly compute the truncated pascal string size\n(CVE-2014-3478).\n\nMultiple flaws were found in the way file parsed property information\nfrom Composite Document Files (CDF) files, due to insufficient\nboundary checks on buffers (CVE-2014-0207, CVE-2014-3479,\nCVE-2014-3480, CVE-2014-3487).\n\nThe phpinfo() function in PHP before 5.4.30 and 5.5.14 has a Type\nConfusion issue that can cause it to leak arbitrary process memory\n(CVE-2014-4721).\n\nUse-after-free vulnerability in ext/spl/spl_array.c in the SPL\ncomponent in PHP through 5.5.14 allows context-dependent attackers to\ncause a denial of service or possibly have unspecified other impact\nvia crafted ArrayIterator usage within applications in certain\nweb-hosting environments (CVE-2014-4698).\n\nUse-after-free vulnerability in ext/spl/spl_dllist.c in the SPL\ncomponent in PHP through 5.5.14 allows context-dependent attackers to\ncause a denial of service or possibly have unspecified other impact\nvia crafted iterator usage within applications in certain web-hosting\nenvironments (CVE-2014-4670).\n\nfile before 5.19 does not properly restrict the amount of data read\nduring a regex search, which allows remote attackers to cause a denial\nof service (CPU consumption) via a crafted file that triggers\nbacktracking during processing of an awk rule, due to an incomplete\nfix for CVE-2013-7345 (CVE-2014-3538).\n\nInteger overflow in the cdf_read_property_info function in cdf.c in\nfile through 5.19, as used in the Fileinfo component in PHP before\n5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a\ndenial of service (application crash) via a crafted CDF file. NOTE:\nthis vulnerability exists because of an incomplete fix for\nCVE-2012-1571 (CVE-2014-3587).\n\nMultiple buffer overflows in the php_parserr function in\next/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow\nremote DNS servers to cause a denial of service (application crash) or\npossibly execute arbitrary code via a crafted DNS record, related to\nthe dns_get_record function and the dn_expand function. NOTE: this\nissue exists because of an incomplete fix for CVE-2014-4049\n(CVE-2014-3597).\n\nAn integer overflow flaw in PHP's unserialize() function was reported.\nIf unserialize() were used on untrusted data, this issue could lead to\na crash or potentially information disclosure (CVE-2014-3669).\n\nA heap corruption issue was reported in PHP's exif_thumbnail()\nfunction. A specially crafted JPEG image could cause the PHP\ninterpreter to crash or, potentially, execute arbitrary code\n(CVE-2014-3670).\n\nIf client-supplied input was passed to PHP's cURL client as a URL to\ndownload, it could return local files from the server due to improper\nhandling of null bytes (PHP#68089).\n\nAn out-of-bounds read flaw was found in file's donote() function in\nthe way the file utility determined the note headers of a elf file.\nThis could possibly lead to file executable crash (CVE-2014-3710).\n\nA use-after-free flaw was found in PHP unserialize(). An untrusted\ninput could cause PHP interpreter to crash or, possibly, execute\narbitrary code when processed using unserialize() (CVE-2014-8142).\n\nDouble free vulnerability in the zend_ts_hash_graceful_destroy\nfunction in zend_ts_hash.c in the Zend Engine in PHP before 5.5.21\nallows remote attackers to cause a denial of service or possibly have\nunspecified other impact via unknown vectors (CVE-2014-9425).\n\nsapi/cgi/cgi_main.c in the CGI component in PHP before 5.5.21, when\nmmap is used to read a .php file, does not properly consider the\nmapping's length during processing of an invalid file that begins with\na # character and lacks a newline character, which causes an\nout-of-bounds read and might allow remote attackers to obtain\nsensitive information from php-cgi process memory by leveraging the\nability to upload a .php file or trigger unexpected code execution if\na valid PHP script is present in memory locations adjacent to the\nmapping (CVE-2014-9427).\n\nUse after free vulnerability in unserialize() in PHP before 5.5.21\n(CVE-2015-0231).\n\nFree called on an uninitialized pointer in php-exif in PHP before\n5.5.21 (CVE-2015-0232).\n\nThe readelf.c source file has been removed from PHP's bundled copy of\nfile's libmagic, eliminating exposure to denial of service issues in\nELF file parsing such as CVE-2014-8116, CVE-2014-8117, CVE-2014-9620\nand CVE-2014-9621 in PHP's fileinfo module.\n\nS. Paraschoudis discovered that PHP incorrectly handled memory in the\nenchant binding. A remote attacker could use this issue to cause PHP\nto crash, resulting in a denial of service, or possibly execute\narbitrary code (CVE-2014-9705).\n\nTaoguang Chen discovered that PHP incorrectly handled unserializing\nobjects. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code\n(CVE-2015-0273).\n\nIt was discovered that PHP incorrectly handled memory in the phar\nextension. A remote attacker could use this issue to cause PHP to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode (CVE-2015-2301).\n\nUse-after-free vulnerability in the process_nested_data function in\next/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before\n5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute\narbitrary code via a crafted unserialize call that leverages improper\nhandling of duplicate numerical keys within the serialized properties\nof an object. NOTE: this vulnerability exists because of an incomplete\nfix for CVE-2014-8142 (CVE-2015-0231).\n\nThe exif_process_unicode function in ext/exif/exif.c in PHP before\n5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote\nattackers to execute arbitrary code or cause a denial of service\n(uninitialized pointer free and application crash) via crafted EXIF\ndata in a JPEG image (CVE-2015-0232).\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was\nfound in the way libzip, which is embedded in PHP, processed certain\nZIP archives. If an attacker were able to supply a specially crafted\nZIP archive to an application using libzip, it could cause the\napplication to crash or, possibly, execute arbitrary code\n(CVE-2015-2331).\n\nIt was discovered that the PHP opcache component incorrectly handled\nmemory. A remote attacker could possibly use this issue to cause PHP\nto crash, resulting in a denial of service, or possibly execute\narbitrary code (CVE-2015-1351).\n\nIt was discovered that the PHP PostgreSQL database extension\nincorrectly handled certain pointers. A remote attacker could possibly\nuse this issue to cause PHP to crash, resulting in a denial of\nservice, or possibly execute arbitrary code (CVE-2015-1352).\n\nPHP contains a bundled copy of the file utility's libmagic library, so\nit was vulnerable to the libmagic issues.\n\nThe updated php packages have been patched and upgraded to the 5.5.23\nversion which is not vulnerable to these issues. The libzip packages\nhas been patched to address the CVE-2015-2331 flaw.\n\nA bug in the php zip extension that could cause a crash has been fixed\n(mga#13820)\n\nAdditionally the jsonc and timezonedb packages has been upgraded to\nthe latest versions and the PECL packages which requires so has been\nrebuilt for php-5.5.23.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0163.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0178.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0215.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0258.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0284.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0324.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0367.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0430.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0441.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0542.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2015-0040.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.10\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.11\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.12\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.13\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.14\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.15\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.16\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.17\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.18\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.19\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.20\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.21\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.22\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.23\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://php.net/ChangeLog-5.php#5.5.9\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2501-1/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2535-1/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.mageia.org/show_bug.cgi?id=13820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1204676\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64php5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64zip-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64zip2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libzip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-interbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-opcache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_firebird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sybase_ct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-timezonedb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"apache-mod_php-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64zip-devel-0.11.2-1.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64zip2-0.11.2-1.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"libzip-0.11.2-1.1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-bcmath-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-bz2-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-calendar-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-cgi-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-cli-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-ctype-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-curl-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-dba-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-devel-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"php-doc-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-dom-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-enchant-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-exif-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-fileinfo-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-filter-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-fpm-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-ftp-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-gd-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-gettext-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-gmp-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-hash-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-iconv-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-imap-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-ini-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-interbase-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-intl-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-json-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-ldap-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-mbstring-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-mcrypt-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-mssql-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-mysql-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-mysqli-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-mysqlnd-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-odbc-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-opcache-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-openssl-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-pcntl-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-pdo-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-pdo_dblib-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-pdo_firebird-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-pdo_mysql-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-pdo_odbc-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-pdo_pgsql-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-pdo_sqlite-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-pgsql-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-phar-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-posix-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-readline-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-recode-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-session-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-shmop-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-snmp-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-soap-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-sockets-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-sqlite3-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-sybase_ct-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-sysvmsg-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-sysvsem-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-sysvshm-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-tidy-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-timezonedb-2015.1-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-tokenizer-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-wddx-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-xml-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-xmlreader-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-xmlwriter-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-xsl-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-zip-5.5.23-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"php-zlib-5.5.23-1.mbs2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-13T15:02:48", "description": "The remote host is running a version of Mac OS X 10.8.5 or 10.9.5 that is missing Security Update 2015-004. It is, therefore, affected multiple vulnerabilities in the following components :\n\n - Apache\n - ATS\n - Certificate Trust Policy\n - CoreAnimation\n - FontParser\n - Graphics Driver\n - ImageIO\n - IOHIDFamily\n - Kernel\n - LaunchServices\n - Open Directory Client\n - OpenLDAP\n - OpenSSL\n - PHP\n - QuickLook\n - SceneKit\n - Security - Code SIgning\n - UniformTypeIdentifiers\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-04-10T00:00:00", "type": "nessus", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2015-004) (FREAK)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0118", "CVE-2013-5704", "CVE-2013-6438", "CVE-2013-6712", "CVE-2014-0098", "CVE-2014-0117", "CVE-2014-0118", "CVE-2014-0207", "CVE-2014-0226", "CVE-2014-0231", "CVE-2014-0237", "CVE-2014-0238", "CVE-2014-2497", "CVE-2014-3478", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-3487", "CVE-2014-3523", "CVE-2014-3538", "CVE-2014-3569", "CVE-2014-3570", "CVE-2014-3571", "CVE-2014-3572", "CVE-2014-3587", "CVE-2014-3597", "CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710", "CVE-2014-3981", "CVE-2014-4049", "CVE-2014-4380", "CVE-2014-4404", "CVE-2014-4405", "CVE-2014-4670", "CVE-2014-4698", "CVE-2014-5120", "CVE-2014-8275", "CVE-2014-8830", "CVE-2015-0204", "CVE-2015-1091", "CVE-2015-1093", "CVE-2015-1098", "CVE-2015-1099", "CVE-2015-1100", "CVE-2015-1101", "CVE-2015-1104", "CVE-2015-1117", "CVE-2015-1131", "CVE-2015-1132", "CVE-2015-1133", "CVE-2015-1134", "CVE-2015-1135", "CVE-2015-1136", "CVE-2015-1137", "CVE-2015-1139", "CVE-2015-1140", "CVE-2015-1143", "CVE-2015-1144", "CVE-2015-1145", "CVE-2015-1146", "CVE-2015-1147", "CVE-2015-1545", "CVE-2015-1546"], "modified": "2022-02-11T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2015-004.NASL", "href": "https://www.tenable.com/plugins/nessus/82700", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82700);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/11\");\n\n script_cve_id(\n \"CVE-2013-0118\",\n \"CVE-2013-5704\",\n \"CVE-2013-6438\",\n \"CVE-2013-6712\",\n \"CVE-2014-0098\",\n \"CVE-2014-0117\",\n \"CVE-2014-0118\",\n \"CVE-2014-0207\",\n \"CVE-2014-0226\",\n \"CVE-2014-0231\",\n \"CVE-2014-0237\",\n \"CVE-2014-0238\",\n \"CVE-2014-2497\",\n \"CVE-2014-3478\",\n \"CVE-2014-3479\",\n \"CVE-2014-3480\",\n \"CVE-2014-3487\",\n \"CVE-2014-3523\",\n \"CVE-2014-3538\",\n \"CVE-2014-3569\",\n \"CVE-2014-3570\",\n \"CVE-2014-3571\",\n \"CVE-2014-3572\",\n \"CVE-2014-3587\",\n \"CVE-2014-3597\",\n \"CVE-2014-3668\",\n \"CVE-2014-3669\",\n \"CVE-2014-3670\",\n \"CVE-2014-3710\",\n \"CVE-2014-3981\",\n \"CVE-2014-4049\",\n \"CVE-2014-4380\",\n \"CVE-2014-4404\",\n \"CVE-2014-4405\",\n \"CVE-2014-4670\",\n \"CVE-2014-4698\",\n \"CVE-2014-5120\",\n \"CVE-2014-8275\",\n \"CVE-2014-8830\",\n \"CVE-2015-0204\",\n \"CVE-2015-1091\",\n \"CVE-2015-1093\",\n \"CVE-2015-1098\",\n \"CVE-2015-1099\",\n \"CVE-2015-1099\",\n \"CVE-2015-1100\",\n \"CVE-2015-1101\",\n \"CVE-2015-1104\",\n \"CVE-2015-1117\",\n \"CVE-2015-1131\",\n \"CVE-2015-1132\",\n \"CVE-2015-1133\",\n \"CVE-2015-1134\",\n \"CVE-2015-1135\",\n \"CVE-2015-1136\",\n \"CVE-2015-1137\",\n \"CVE-2015-1139\",\n \"CVE-2015-1140\",\n \"CVE-2015-1143\",\n \"CVE-2015-1144\",\n \"CVE-2015-1145\",\n \"CVE-2015-1146\",\n \"CVE-2015-1147\",\n \"CVE-2015-1545\",\n \"CVE-2015-1546\"\n );\n script_bugtraq_id(\n 58128,\n 64018,\n 66233,\n 66303,\n 66550,\n 67759,\n 67765,\n 67837,\n 68007,\n 68120,\n 68238,\n 68239,\n 68241,\n 68243,\n 68348,\n 68511,\n 68513,\n 68678,\n 68740,\n 68742,\n 68745,\n 68747,\n 69322,\n 69325,\n 69375,\n 69938,\n 69942,\n 69947,\n 70611,\n 70665,\n 70666,\n 70807,\n 71934,\n 71935,\n 71936,\n 71937,\n 71939,\n 71942,\n 72328,\n 72519,\n 73176,\n 73984\n );\n script_xref(name:\"CERT\", value:\"243585\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-04-08-2\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/08/10\");\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2015-004) (FREAK)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes multiple\nsecurity vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.8.5 or 10.9.5\nthat is missing Security Update 2015-004. It is, therefore, affected\nmultiple vulnerabilities in the following components :\n\n - Apache\n - ATS\n - Certificate Trust Policy\n - CoreAnimation\n - FontParser\n - Graphics Driver\n - ImageIO\n - IOHIDFamily\n - Kernel\n - LaunchServices\n - Open Directory Client\n - OpenLDAP\n - OpenSSL\n - PHP\n - QuickLook\n - SceneKit\n - Security - Code SIgning\n - UniformTypeIdentifiers\n\nNote that successful exploitation of the most serious issues can\nresult in arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT204659\");\n # https://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cf90c4cb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install Security Update 2015-004 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-1132\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Mac OS X IOKit Keyboard Driver Root Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\npatch = \"2015-004\";\n\n# Compare 2 patch numbers to determine if patch requirements are satisfied.\n# Return true if this patch or a later patch is applied\n# Return false otherwise\nfunction check_patch(year, number)\n{\n local_var p_split = split(patch, sep:\"-\");\n local_var p_year = int( p_split[0]);\n local_var p_num = int( p_split[1]);\n\n if (year > p_year) return TRUE;\n else if (year < p_year) return FALSE;\n else if (number >= p_num) return TRUE;\n else return FALSE;\n}\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\n# Advisory states that the update is available for 10.10.2\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\nif (!ereg(pattern:\"Mac OS X 10\\.[89]\\.5([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.8.5 or Mac OS X 10.9.5\");\n\npackages = get_kb_item_or_exit(\"Host/MacOSX/packages/boms\", exit_code:1);\nsec_boms_report = egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\\..*bom$\", string:packages);\nsec_boms = split(sec_boms_report, sep:'\\n');\n\nforeach package (sec_boms)\n{\n # Grab patch year and number\n match = eregmatch(pattern:\"[^0-9](20[0-9][0-9])[-.]([0-9]{3})[^0-9]\", string:package);\n if (empty_or_null(match[1]) || empty_or_null(match[2]))\n continue;\n\n patch_found = check_patch(year:int(match[1]), number:int(match[2]));\n if (patch_found) exit(0, \"The host has Security Update \" + patch + \" or later installed and is therefore not affected.\");\n}\n\nreport = '\\n Missing security update : ' + patch;\nreport += '\\n Installed security BOMs : ';\nif (sec_boms_report) report += str_replace(find:'\\n', replace:'\\n ', string:sec_boms_report);\nelse report += 'n/a';\nreport += '\\n';\n\nsecurity_report_v4(port:0, severity:SECURITY_HOLE, extra:report);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-25T12:41:26", "description": "According to the versions of the php packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A flaws was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code.(CVE-2014-8142)\n\n - It was found that certain PHP functions did not properly handle file names containing a NULL character.\n A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions.(CVE-2015-4026)\n\n - A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code.(CVE-2015-6834)\n\n - It was found that certain PHP functions did not properly handle file names containing a NULL character.\n A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions.(CVE-2015-4025)\n\n - An integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash.(CVE-2014-3669)\n\n - It was found that PHP move_uploaded_file() function did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions.(CVE-2015-2348)\n\n - An integer overflow flaw leading to a heap-based buffer overflow was found in the way PHP's FTP extension parsed file listing FTP server responses. A malicious FTP server could use this flaw to cause a PHP application to crash or, possibly, execute arbitrary code.(CVE-2015-4022)\n\n - A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code.(CVE-2015-6836)\n\n - A NULL pointer dereference flaw was found in the XSLTProcessor class in PHP. An attacker could use this flaw to cause a PHP application to crash if it performed Extensible Stylesheet Language (XSL) transformations using untrusted XSLT files and allowed the use of PHP functions to be used as XSLT functions within XSL stylesheets.(CVE-2015-6837)\n\n - It was found that PHP's gd extension did not properly handle file names with a null character. A remote attacker could possibly use this flaw to make a PHP application access unexpected files and bypass intended file system access restrictions.(CVE-2014-5120)\n\n - A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code.(CVE-2015-6835)\n\n - Stack consumption vulnerability in Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to cause a denial of service (segmentation fault) via recursive method calls.(CVE-2015-8873)\n\n - An uninitialized pointer use flaw was found in PHP's Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_read_data() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application.(CVE-2015-0232)\n\n - A flaws was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code.(CVE-2015-2787)\n\n - A buffer over-read flaw was found in PHP's phar (PHP Archive) paths implementation. A malicious script author could possibly use this flaw to disclose certain portions of server memory.(CVE-2015-2783)\n\n - A use-after-free flaw was found in the unserialize() function of PHP's DateTimeZone implementation. A malicious script author could possibly use this flaw to disclose certain portions of server memory.(CVE-2015-0273)\n\n - Multiple buffer over-read flaws were found in the php_parserr() function of PHP. A malicious DNS server or a man-in-the-middle attacker could possibly use this flaw to crash a PHP application that used the dns_get_record() function to perform a DNS query.(CVE-2014-3597)\n\n - A buffer overflow flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened.(CVE-2015-3329)\n\n - Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.\n NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4022.(CVE-2015-4643)\n\n - A type confusion issue was found in PHP's phpinfo() function. A malicious script author could possibly use this flaw to disclose certain portions of server memory.(CVE-2014-4721)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2019-05-14T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.1.0 : php (EulerOS-SA-2019-1543)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3597", "CVE-2014-3669", "CVE-2014-4721", "CVE-2014-5120", "CVE-2014-8142", "CVE-2015-0232", "CVE-2015-0273", "CVE-2015-2348", "CVE-2015-2783", "CVE-2015-2787", "CVE-2015-3329", "CVE-2015-4022", "CVE-2015-4025", "CVE-2015-4026", "CVE-2015-4643", "CVE-2015-6834", "CVE-2015-6835", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-8873"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:php", "p-cpe:/a:huawei:euleros:php-cli", "p-cpe:/a:huawei:euleros:php-common", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "id": "EULEROS_SA-2019-1543.NASL", "href": "https://www.tenable.com/plugins/nessus/124996", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124996);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2014-3597\",\n \"CVE-2014-3669\",\n \"CVE-2014-4721\",\n \"CVE-2014-5120\",\n \"CVE-2014-8142\",\n \"CVE-2015-0232\",\n \"CVE-2015-0273\",\n \"CVE-2015-2348\",\n \"CVE-2015-2783\",\n \"CVE-2015-2787\",\n \"CVE-2015-3329\",\n \"CVE-2015-4022\",\n \"CVE-2015-4025\",\n \"CVE-2015-4026\",\n \"CVE-2015-4643\",\n \"CVE-2015-6834\",\n \"CVE-2015-6835\",\n \"CVE-2015-6836\",\n \"CVE-2015-6837\",\n \"CVE-2015-8873\"\n );\n script_bugtraq_id(\n 68423,\n 69322,\n 69375,\n 70611,\n 71791,\n 72541,\n 72701,\n 73431,\n 73434,\n 74239,\n 74240,\n 74902,\n 74904,\n 75056,\n 75291\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.1.0 : php (EulerOS-SA-2019-1543)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the php packages installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - A flaws was discovered in the way PHP performed object\n unserialization. Specially crafted input processed by\n the unserialize() function could cause a PHP\n application to crash or, possibly, execute arbitrary\n code.(CVE-2014-8142)\n\n - It was found that certain PHP functions did not\n properly handle file names containing a NULL character.\n A remote attacker could possibly use this flaw to make\n a PHP script access unexpected files and bypass\n intended file system access\n restrictions.(CVE-2015-4026)\n\n - A flaw was discovered in the way PHP performed object\n unserialization. Specially crafted input processed by\n the unserialize() function could cause a PHP\n application to crash or, possibly, execute arbitrary\n code.(CVE-2015-6834)\n\n - It was found that certain PHP functions did not\n properly handle file names containing a NULL character.\n A remote attacker could possibly use this flaw to make\n a PHP script access unexpected files and bypass\n intended file system access\n restrictions.(CVE-2015-4025)\n\n - An integer overflow flaw was found in the way custom\n objects were unserialized. Specially crafted input\n processed by the unserialize() function could cause a\n PHP application to crash.(CVE-2014-3669)\n\n - It was found that PHP move_uploaded_file() function did\n not properly handle file names with a NULL character. A\n remote attacker could possibly use this flaw to make a\n PHP script access unexpected files and bypass intended\n file system access restrictions.(CVE-2015-2348)\n\n - An integer overflow flaw leading to a heap-based buffer\n overflow was found in the way PHP's FTP extension\n parsed file listing FTP server responses. A malicious\n FTP server could use this flaw to cause a PHP\n application to crash or, possibly, execute arbitrary\n code.(CVE-2015-4022)\n\n - A flaw was discovered in the way PHP performed object\n unserialization. Specially crafted input processed by\n the unserialize() function could cause a PHP\n application to crash or, possibly, execute arbitrary\n code.(CVE-2015-6836)\n\n - A NULL pointer dereference flaw was found in the\n XSLTProcessor class in PHP. An attacker could use this\n flaw to cause a PHP application to crash if it\n performed Extensible Stylesheet Language (XSL)\n transformations using untrusted XSLT files and allowed\n the use of PHP functions to be used as XSLT functions\n within XSL stylesheets.(CVE-2015-6837)\n\n - It was found that PHP's gd extension did not properly\n handle file names with a null character. A remote\n attacker could possibly use this flaw to make a PHP\n application access unexpected files and bypass intended\n file system access restrictions.(CVE-2014-5120)\n\n - A flaw was discovered in the way PHP performed object\n unserialization. Specially crafted input processed by\n the unserialize() function could cause a PHP\n application to crash or, possibly, execute arbitrary\n code.(CVE-2015-6835)\n\n - Stack consumption vulnerability in\n Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x\n before 5.5.28, and 5.6.x before 5.6.12 allows remote\n attackers to cause a denial of service (segmentation\n fault) via recursive method calls.(CVE-2015-8873)\n\n - An uninitialized pointer use flaw was found in PHP's\n Exif extension. A specially crafted JPEG or TIFF file\n could cause a PHP application using the\n exif_read_data() function to crash or, possibly,\n execute arbitrary code with the privileges of the user\n running that PHP application.(CVE-2015-0232)\n\n - A flaws was discovered in the way PHP performed object\n unserialization. Specially crafted input processed by\n the unserialize() function could cause a PHP\n application to crash or, possibly, execute arbitrary\n code.(CVE-2015-2787)\n\n - A buffer over-read flaw was found in PHP's phar (PHP\n Archive) paths implementation. A malicious script\n author could possibly use this flaw to disclose certain\n portions of server memory.(CVE-2015-2783)\n\n - A use-after-free flaw was found in the unserialize()\n function of PHP's DateTimeZone implementation. A\n malicious script author could possibly use this flaw to\n disclose certain portions of server\n memory.(CVE-2015-0273)\n\n - Multiple buffer over-read flaws were found in the\n php_parserr() function of PHP. A malicious DNS server\n or a man-in-the-middle attacker could possibly use this\n flaw to crash a PHP application that used the\n dns_get_record() function to perform a DNS\n query.(CVE-2014-3597)\n\n - A buffer overflow flaw was found in the way PHP's Phar\n extension parsed Phar archives. A specially crafted\n archive could cause PHP to crash or, possibly, execute\n arbitrary code when opened.(CVE-2015-3329)\n\n - Integer overflow in the ftp_genlist function in\n ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before\n 5.5.26, and 5.6.x before 5.6.10 allows remote FTP\n servers to execute arbitrary code via a long reply to a\n LIST command, leading to a heap-based buffer overflow.\n NOTE: this vulnerability exists because of an\n incomplete fix for CVE-2015-4022.(CVE-2015-4643)\n\n - A type confusion issue was found in PHP's phpinfo()\n function. A malicious script author could possibly use\n this flaw to disclose certain portions of server\n memory.(CVE-2014-4721)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1543\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a562103a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-6836\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"php-5.4.16-45.h9\",\n \"php-cli-5.4.16-45.h9\",\n \"php-common-5.4.16-45.h9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-19T16:56:21", "description": "The remote host is running a version of Mac OS X 10.10.x that is prior to 10.10.3. It is, therefore, affected multiple vulnerabilities in the following components :\n\n - Admin Framework\n - Apache\n - ATS\n - Certificate Trust Policy\n - CFNetwork HTTPProtocol\n - CFNetwork Session\n - CFURL\n - CoreAnimation\n - FontParser\n - Graphics Driver\n - Hypervisor\n - ImageIO\n - IOHIDFamily\n - Kernel\n - LaunchServices\n - libnetcore\n - ntp\n - Open Directory Client\n - OpenLDAP\n - OpenSSL\n - PHP\n - QuickLook\n - SceneKit\n - ScreenSharing\n - Security - Code SIgning\n - UniformTypeIdentifiers\n - WebKit\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {"score": null, "vector": null}, "published": "2015-04-10T00:00:00", "type": "nessus", "title": "Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities (FREAK)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0118", "CVE-2013-5704", "CVE-2013-6438", "CVE-2013-6712", "CVE-2014-0098", "CVE-2014-0117", "CVE-2014-0118", "CVE-2014-0207", "CVE-2014-0226", "CVE-2014-0231", "CVE-2014-0237", "CVE-2014-0238", "CVE-2014-2497", "CVE-2014-3478", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-3487", "CVE-2014-3523", "CVE-2014-3538", "CVE-2014-3569", "CVE-2014-3570", "CVE-2014-3571", "CVE-2014-3572", "CVE-2014-3587", "CVE-2014-3597", "CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-3710", "CVE-2014-3981", "CVE-2014-4049", "CVE-2014-4380", "CVE-2014-4404", "CVE-2014-4405", "CVE-2014-4670", "CVE-2014-4698", "CVE-2014-5120", "CVE-2014-8275", "CVE-2014-8830", "CVE-2014-9298", "CVE-2015-0204", "CVE-2015-1069", "CVE-2015-1088", "CVE-2015-1089", "CVE-2015-1091", "CVE-2015-1093", "CVE-2015-1095", "CVE-2015-1096", "CVE-2015-1098", "CVE-2015-1099", "CVE-2015-1100", "CVE-2015-1101", "CVE-2015-1102", "CVE-2015-1103", "CVE-2015-1104", "CVE-2015-1105", "CVE-2015-1117", "CVE-2015-1118", "CVE-2015-1130", "CVE-2015-1131", "CVE-2015-1132", "CVE-2015-1133", "CVE-2015-1134", "CVE-2015-1135", "CVE-2015-1136", "CVE-2015-1137", "CVE-2015-1138", "CVE-2015-1139", "CVE-2015-1140", "CVE-2015-1141", "CVE-2015-1142", "CVE-2015-1143", "CVE-2015-1144", "CVE-2015-1145", "CVE-2015-1146", "CVE-2015-1147", "CVE-2015-1148", "CVE-2015-1160", "CVE-2015-1545", "CVE-2015-1546"], "modified": "2022-02-11T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_10_3.NASL", "href": "https://www.tenable.com/plugins/nessus/82699", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82699);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/11\");\n\n script_cve_id(\n \"CVE-2013-0118\",\n \"CVE-2013-5704\",\n \"CVE-2013-6438\",\n \"CVE-2013-6712\",\n \"CVE-2014-0098\",\n \"CVE-2014-0117\",\n \"CVE-2014-0118\",\n \"CVE-2014-0207\",\n \"CVE-2014-0226\",\n \"CVE-2014-0231\",\n \"CVE-2014-0237\",\n \"CVE-2014-0238\",\n \"CVE-2014-2497\",\n \"CVE-2014-3478\",\n \"CVE-2014-3479\",\n \"CVE-2014-3480\",\n \"CVE-2014-3487\",\n \"CVE-2014-3523\",\n \"CVE-2014-3538\",\n \"CVE-2014-3569\",\n \"CVE-2014-3570\",\n \"CVE-2014-3571\",\n \"CVE-2014-3572\",\n \"CVE-2014-3587\",\n \"CVE-2014-3597\",\n \"CVE-2014-3668\",\n \"CVE-2014-3669\",\n \"CVE-2014-3670\",\n \"CVE-2014-3710\",\n \"CVE-2014-3981\",\n \"CVE-2014-4049\",\n \"CVE-2014-4380\",\n \"CVE-2014-4404\",\n \"CVE-2014-4405\",\n \"CVE-2014-4670\",\n \"CVE-2014-4698\",\n \"CVE-2014-5120\",\n \"CVE-2014-8275\",\n \"CVE-2014-8830\",\n \"CVE-2014-9298\",\n \"CVE-2015-0204\",\n \"CVE-2015-1069\",\n \"CVE-2015-1088\",\n \"CVE-2015-1089\",\n \"CVE-2015-1091\",\n \"CVE-2015-1093\",\n \"CVE-2015-1095\",\n \"CVE-2015-1096\",\n \"CVE-2015-1098\",\n \"CVE-2015-1099\",\n \"CVE-2015-1100\",\n \"CVE-2015-1101\",\n \"CVE-2015-1102\",\n \"CVE-2015-1103\",\n \"CVE-2015-1104\",\n \"CVE-2015-1105\",\n \"CVE-2015-1117\",\n \"CVE-2015-1118\",\n \"CVE-2015-1130\",\n \"CVE-2015-1131\",\n \"CVE-2015-1132\",\n \"CVE-2015-1133\",\n \"CVE-2015-1134\",\n \"CVE-2015-1135\",\n \"CVE-2015-1136\",\n \"CVE-2015-1137\",\n \"CVE-2015-1138\",\n \"CVE-2015-1139\",\n \"CVE-2015-1140\",\n \"CVE-2015-1141\",\n \"CVE-2015-1142\",\n \"CVE-2015-1143\",\n \"CVE-2015-1144\",\n \"CVE-2015-1145\",\n \"CVE-2015-1146\",\n \"CVE-2015-1147\",\n \"CVE-2015-1148\",\n \"CVE-2015-1160\",\n \"CVE-2015-1545\",\n \"CVE-2015-1546\"\n );\n script_bugtraq_id(\n 58128,\n 64018,\n 66233,\n 66303,\n 66550,\n 67759,\n 67765,\n 67837,\n 68007,\n 68120,\n 68238,\n 68239,\n 68241,\n 68243,\n 68348,\n 68511,\n 68513,\n 68678,\n 68740,\n 68742,\n 68745,\n 68747,\n 69322,\n 69325,\n 69375,\n 69938,\n 69942,\n 69947,\n 70611,\n 70665,\n 70666,\n 70807,\n 71934,\n 71935,\n 71936,\n 71937,\n 71939,\n 71942,\n 72328,\n 72519,\n 72584,\n 73176,\n 73981,\n 73982,\n 73984\n );\n script_xref(name:\"CERT\", value:\"243585\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2015-04-08-2\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/08/10\");\n\n script_name(english:\"Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities (FREAK)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes multiple\nsecurity vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.10.x that is prior\nto 10.10.3. It is, therefore, affected multiple vulnerabilities in the\nfollowing components :\n\n - Admin Framework\n - Apache\n - ATS\n - Certificate Trust Policy\n - CFNetwork HTTPProtocol\n - CFNetwork Session\n - CFURL\n - CoreAnimation\n - FontParser\n - Graphics Driver\n - Hypervisor\n - ImageIO\n - IOHIDFamily\n - Kernel\n - LaunchServices\n - libnetcore\n - ntp\n - Open Directory Client\n - OpenLDAP\n - OpenSSL\n - PHP\n - QuickLook\n - SceneKit\n - ScreenSharing\n - Security - Code SIgning\n - UniformTypeIdentifiers\n - WebKit\n\nNote that successful exploitation of the most serious issues can\nresult in arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/en-us/HT204659\");\n # https://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cf90c4cb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mac OS X 10.10.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-1132\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Apple OS X Rootpipe Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/04/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/OS\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Mac OS X\" >!< os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nmatch = eregmatch(pattern:\"Mac OS X ([0-9]+(\\.[0-9]+)+)\", string:os);\nif (isnull(match)) exit(1, \"Failed to parse the Mac OS X version ('\" + os + \"').\");\n\nversion = match[1];\nif (!ereg(pattern:\"^10\\.10([^0-9]|$)\", string:version)) audit(AUDIT_OS_NOT, \"Mac OS X 10.10\", \"Mac OS X \"+version);\n\nfixed_version = \"10.10.3\";\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected as it is running Mac OS X \"+version+\".\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:27:12", "description": "The remote host is running a version of Mac OS X 10.10.x that is prior to 10.10.3. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - Admin Framework\n - Apache\n - ATS\n - Certificate Trust Policy\n - CFNetwork HTTPProtocol\n - CFNetwork Session\n - CFURL\n - CoreAnimation\n - FontParser\n - Graphics Driver\n - Hypervisor\n - ImageIO\n - IOHIDFamily\n - Kernel\n - LaunchServices\n - libnetcore\n - ntp\n - Open Directory Client\n - OpenLDAP\n - OpenSSL\n - PHP\n - QuickLook\n - SceneKit\n - ScreenSharing\n - Security - Code SIgning\n - UniformTypeIdentifiers\n - WebKit\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {"score": 10, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}, "published": "2019-04-10T00:00:00", "type": "nessus", "title": "Mac OS X 10.10.x < 10.10.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-4405", "CVE-2014-4404", "CVE-2015-1130", "CVE-2015-0204", "CVE-2014-3710", "CVE-2013-6438", "CVE-2014-0098", "CVE-2014-0226", "CVE-2014-0231", "CVE-2014-9298", "CVE-2015-1545", "CVE-2015-1546", "CVE-2013-5704", "CVE-2014-3569", "CVE-2014-3570", "CVE-2014-3571", "CVE-2014-3572", "CVE-2014-8275", "CVE-2014-0207", "CVE-2014-3478", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-3487", "CVE-2014-3597", "CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-4049", "CVE-2014-4670", "CVE-2014-4698", "CVE-2014-3587", "CVE-2014-0118", "CVE-2014-3538", "CVE-2014-0117", "CVE-2014-2497", "CVE-2014-5120", "CVE-2014-0237", "CVE-2014-0238", "CVE-2013-6712", "CVE-2015-1098", "CVE-2013-0118", "CVE-2014-3523", "CVE-2014-3981", "CVE-2014-4380", "CVE-2014-8830", "CVE-2015-1069", "CVE-2015-1088", "CVE-2015-1089", "CVE-2015-1091", "CVE-2015-1093", "CVE-2015-1095", "CVE-2015-1096", "CVE-2015-1099", "CVE-2015-1100", "CVE-2015-1101", "CVE-2015-1102", "CVE-2015-1103", "CVE-2015-1104", "CVE-2015-1105", "CVE-2015-1117", "CVE-2015-1118", "CVE-2015-1131", "CVE-2015-1132", "CVE-2015-1133", "CVE-2015-1134", "CVE-2015-1135", "CVE-2015-1136", "CVE-2015-1137", "CVE-2015-1138", "CVE-2015-1139", "CVE-2015-1140", "CVE-2015-1141", "CVE-2015-1142", "CVE-2015-1143", "CVE-2015-1144", "CVE-2015-1145", "CVE-2015-1146", "CVE-2015-1147", "CVE-2015-1148", "CVE-2015-1160"], "modified": "2019-04-10T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "700510.PRM", "href": "https://www.tenable.com/plugins/nnm/700510", "sourceData": "Binary data 700510.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-09T01:30:05", "description": "This update for php53 to version 5.3.17 fixes the following issues :\n\nThese security issues were fixed :\n\n - CVE-2016-5093: get_icu_value_internal out-of-bounds read (bnc#982010).\n\n - CVE-2016-5094: Don't create strings with lengths outside int range (bnc#982011).\n\n - CVE-2016-5095: Don't create strings with lengths outside int range (bnc#982012).\n\n - CVE-2016-5096: int/size_t confusion in fread (bsc#982013).\n\n - CVE-2016-5114: fpm_log.c memory leak and buffer overflow (bnc#982162).\n\n - CVE-2015-8879: The odbc_bindcols function in ext/odbc/php_odbc.c in PHP mishandles driver behavior for SQL_WVARCHAR columns, which allowed remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table (bsc#981050).\n\n - CVE-2015-4116: Use-after-free vulnerability in the spl_ptr_heap_insert function in ext/spl/spl_heap.c in PHP allowed remote attackers to execute arbitrary code by triggering a failed SplMinHeap::compare operation (bsc#980366).\n\n - CVE-2015-8874: Stack consumption vulnerability in GD in PHP allowed remote attackers to cause a denial of service via a crafted imagefilltoborder call (bsc#980375).\n\n - CVE-2015-8873: Stack consumption vulnerability in Zend/zend_exceptions.c in PHP allowed remote attackers to cause a denial of service (segmentation fault) via recursive method calls (bsc#980373).\n\n - CVE-2016-4540: The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset (bsc#978829).\n\n - CVE-2016-4541: The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in PHP allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset (bsc#978829.\n\n - CVE-2016-4542: The exif_process_IFD_TAG function in ext/exif/exif.c in PHP did not properly construct spprintf arguments, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data (bsc#978830).\n\n - CVE-2016-4543: The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP did not validate IFD sizes, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data (bsc#978830.\n\n - CVE-2016-4544: The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP did not validate TIFF start data, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data (bsc#978830.\n\n - CVE-2016-4537: The bcpowmod function in ext/bcmath/bcmath.c in PHP accepted a negative integer for the scale argument, which allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call (bsc#978827).\n\n - CVE-2016-4538: The bcpowmod function in ext/bcmath/bcmath.c in PHP modified certain data structures without considering whether they are copies of the _zero_, _one_, or _two_ global variable, which allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call (bsc#978827).\n\n - CVE-2016-4539: The xml_parse_into_struct function in ext/xml/xml.c in PHP allowed remote attackers to cause a denial of service (buffer under-read and segmentation fault) or possibly have unspecified other impact via crafted XML data in the second argument, leading to a parser level of zero (bsc#978828).\n\n - CVE-2016-4342: ext/phar/phar_object.c in PHP mishandles zero-length uncompressed data, which allowed remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) TAR, (2) ZIP, or (3) PHAR archive (bsc#977991).\n\n - CVE-2016-4346: Integer overflow in the str_pad function in ext/standard/string.c in PHP allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow (bsc#977994).\n\n - CVE-2016-4073: Multiple integer overflows in the mbfl_strcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP allowed remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted mb_strcut call (bsc#977003).\n\n - CVE-2015-8867: The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP incorrectly relied on the deprecated RAND_pseudo_bytes function, which made it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors (bsc#977005).\n\n - CVE-2016-4070: Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP allowed remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function (bsc#976997).\n\n - CVE-2015-8866: ext/libxml/libxml.c in PHP when PHP-FPM is used, did not isolate each thread from libxml_disable_entity_loader changes in other threads, which allowed remote attackers to conduct XML External Entity (XXE) and XML Entity Expansion (XEE) attacks via a crafted XML document, a related issue to CVE-2015-5161 (bsc#976996).\n\n - CVE-2015-8838: ext/mysqlnd/mysqlnd.c in PHP used a client SSL option to mean that SSL is optional, which allowed man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152 (bsc#973792).\n\n - CVE-2015-8835: The make_http_soap_request function in ext/soap/php_http.c in PHP did not properly retrieve keys, which allowed remote attackers to cause a denial of service (NULL pointer dereference, type confusion, and application crash) or possibly execute arbitrary code via crafted serialized data representing a numerically indexed _cookies array, related to the SoapClient::__call method in ext/soap/soap.c (bsc#973351).\n\n - CVE-2016-3141: Use-after-free vulnerability in wddx.c in the WDDX extension in PHP allowed remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by triggering a wddx_deserialize call on XML data containing a crafted var element (bsc#969821).\n\n - CVE-2016-3142: The phar_parse_zipfile function in zip.c in the PHAR extension in PHP allowed remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) by placing a PK\\x05\\x06 signature at an invalid location (bsc#971912).\n\n - CVE-2014-9767: Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP ext/zip/ext_zip.cpp in HHVM allowed remote attackers to create arbitrary empty directories via a crafted ZIP archive (bsc#971612).\n\n - CVE-2016-3185: The make_http_soap_request function in ext/soap/php_http.c in PHP allowed remote attackers to obtain sensitive information from process memory or cause a denial of service (type confusion and application crash) via crafted serialized _cookies data, related to the SoapClient::__call method in ext/soap/soap.c (bsc#971611).\n\n - CVE-2016-2554: Stack-based buffer overflow in ext/phar/tar.c in PHP allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TAR archive (bsc#968284).\n\n - CVE-2015-7803: The phar_get_entry_data function in ext/phar/util.c in PHP allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that did not exist (bsc#949961).\n\n - CVE-2015-6831: Multiple use-after-free vulnerabilities in SPL in PHP allowed remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization (bsc#942291).\n\n - CVE-2015-6833: Directory traversal vulnerability in the PharData class in PHP allowed remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extractTo call (bsc#942296.\n\n - CVE-2015-6836: The SoapClient __call method in ext/soap/soap.c in PHP did not properly manage headers, which allowed remote attackers to execute arbitrary code via crafted serialized data that triggers a 'type confusion' in the serialize_function_call function (bsc#945428).\n\n - CVE-2015-6837: The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP when libxml2 is used, did not consider the possibility of a NULL valuePop return value proceeding with a free operation during initial error checking, which allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6838 (bsc#945412).\n\n - CVE-2015-6838: The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP when libxml2 is used, did not consider the possibility of a NULL valuePop return value proceeding with a free operation after the principal argument loop, which allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6837 (bsc#945412).\n\n - CVE-2015-5590: Stack-based buffer overflow in the phar_fix_filepath function in ext/phar/phar.c in PHP allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value, as demonstrated by mishandling of an e-mail attachment by the imap PHP extension (bsc#938719).\n\n - CVE-2015-5589: The phar_convert_to_other function in ext/phar/phar_object.c in PHP did not validate a file pointer a close operation, which allowed remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted TAR archive that is mishandled in a Phar::convertToData call (bsc#938721).\n\n - CVE-2015-4602: The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP allowed remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to a 'type confusion' issue (bsc#935224).\n\n - CVE-2015-4599: The SoapFault::__toString method in ext/soap/soap.c in PHP allowed remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a 'type confusion' issue (bsc#935226).\n\n - CVE-2015-4600: The SoapClient implementation in PHP allowed remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to 'type confusion' issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods (bsc#935226).\n\n - CVE-2015-4601: PHP allowed remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to 'type confusion' issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600 (bsc#935226.\n\n - CVE-2015-4603: The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP allowed remote attackers to execute arbitrary code via an unexpected data type, related to a 'type confusion' issue (bsc#935234).\n\n - CVE-2015-4644: The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP did not validate token extraction for table names, which might allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352 (bsc#935274).\n\n - CVE-2015-4643: Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP allowed remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.\n NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4022 (bsc#935275).\n\n - CVE-2015-3411: PHP did not ensure that pathnames lack %00 sequences, which might have allowed remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\\0.xml attack that bypasses an intended configuration in which client users may read only .xml files (bsc#935227).\n\n - CVE-2015-3412: PHP did not ensure that pathnames lack %00 sequences, which might have allowed remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension (bsc#935229).\n\n - CVE-2015-4598: PHP did not ensure that pathnames lack %00 sequences, which might have allowed remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont function, as demonstrated by a filename\\0.html attack that bypasses an intended configuration in which client users may write to only .html files (bsc#935232).\n\n - CVE-2015-4148: The do_soap_call function in ext/soap/soap.c in PHP did not verify that the uri property is a string, which allowed remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a 'type confusion' issue (bsc#933227).\n\n - CVE-2015-4024: Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP allowed remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome (bsc#931421).\n\n - CVE-2015-4026: The pcntl_exec implementation in PHP truncates a pathname upon encountering a \\x00 character, which might allowed remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243 (bsc#931776).\n\n - CVE-2015-4022: Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP allowed remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow (bsc#931772).\n\n - CVE-2015-4021: The phar_parse_tarfile function in ext/phar/tar.c in PHP did not verify that the first character of a filename is different from the \\0 character, which allowed remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive (bsc#931769).\n\n - CVE-2015-3329: Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP allowed remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive (bsc#928506).\n\n - CVE-2015-2783: ext/phar/phar.c in PHP allowed remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions (bsc#928511).\n\n - CVE-2015-2787: Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP allowed remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231 (bsc#924972).\n\n - CVE-2014-9709: The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP allowed remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function (bsc#923945).\n\n - CVE-2015-2301: Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP allowed remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file (bsc#922452).\n\n - CVE-2015-2305: Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) 32-bit platforms might have allowed context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow (bsc#921950).\n\n - CVE-2014-9705: Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP allowed remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries (bsc#922451).\n\n - CVE-2015-0273: Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP allowed remote attackers to execute arbitrary code via crafted serialized input containing a (1) R or (2) r type specifier in (a) DateTimeZone data handled by the php_date_timezone_initialize_from_hash function or (b) DateTime data handled by the php_date_initialize_from_hash function (bsc#918768).\n\n - CVE-2014-9652: The mconvert function in softmagic.c in file as used in the Fileinfo component in PHP did not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allowed remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file (bsc#917150).\n\n - CVE-2014-8142: Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP allowed remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys within the serialized properties of an object, a different vulnerability than CVE-2004-1019 (bsc#910659).\n\n - CVE-2015-0231: Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP allowed remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate numerical keys within the serialized properties of an object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8142 (bsc#910659).\n\n - CVE-2014-8142: Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP allowed remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys within the serialized properties of an object, a different vulnerability than CVE-2004-1019 (bsc#910659).\n\n - CVE-2015-0232: The exif_process_unicode function in ext/exif/exif.c in PHP allowed remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free and application crash) via crafted EXIF data in a JPEG image (bsc#914690).\n\n - CVE-2014-3670: The exif_ifd_make_value function in exif.c in the EXIF extension in PHP operates on floating-point arrays incorrectly, which allowed remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by the exif_thumbnail function (bsc#902357).\n\n - CVE-2014-3669: Integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP allowed remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an argument to the unserialize function that triggers calculation of a large length value (bsc#902360).\n\n - CVE-2014-3668: Buffer overflow in the date_from_ISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP allowed remote attackers to cause a denial of service (application crash) via (1) a crafted first argument to the xmlrpc_set_type function or (2) a crafted argument to the xmlrpc_decode function, related to an out-of-bounds read operation (bsc#902368).\n\n - CVE-2014-5459: The PEAR_REST class in REST.php in PEAR in PHP allowed local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions (bsc#893849).\n\n - CVE-2014-3597: Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP allowed remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049 (bsc#893853).\n\n - CVE-2014-4670: Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL component in PHP allowed context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications in certain web-hosting environments (bsc#886059).\n\n - CVE-2014-4698: Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP allowed context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments (bsc#886060).\n\n - CVE-2014-4721: The phpinfo implementation in ext/standard/info.c in PHP did not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allowed context-dependent attackers to obtain sensitive information from process memory by using the integer data type with crafted values, related to a 'type confusion' vulnerability, as demonstrated by reading a private SSL key in an Apache HTTP Server web-hosting environment with mod_ssl and a PHP 5.3.x mod_php (bsc#885961).\n\n - CVE-2014-0207: The cdf_read_short_sector function in cdf.c in file as used in the Fileinfo component in PHP allowed remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file (bsc#884986).\n\n - CVE-2014-3478: Buffer overflow in the mconvert function in softmagic.c in file as used in the Fileinfo component in PHP allowed remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion (bsc#884987).\n\n - CVE-2014-3479: The cdf_check_stream_offset function in cdf.c in file as used in the Fileinfo component in PHP relies on incorrect sector-size data, which allowed remote attackers to cause a denial of service (application crash) via a crafted stream offset in a CDF file (bsc#884989).\n\n - CVE-2014-3480: The cdf_count_chain function in cdf.c in file as used in the Fileinfo component in PHP did not properly validate sector-count data, which allowed remote attackers to cause a denial of service (application crash) via a crafted CDF file (bsc#884990).\n\n - CVE-2014-3487: The cdf_read_property_info function in file as used in the Fileinfo component in PHP did not properly validate a stream offset, which allowed remote attackers to cause a denial of service (application crash) via a crafted CDF file (bsc#884991).\n\n - CVE-2014-3515: The SPL component in PHP incorrectly anticipates that certain data structures will have the array data type after unserialization, which allowed remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, related to 'type confusion' issues in (1) ArrayObject and (2) SPLObjectStorage (bsc#884992).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-08-29T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1638-1) (BACKRONYM)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2004-1019", "CVE-2006-7243", "CVE-2014-0207", "CVE-2014-3478", "CVE-2014-3479", "CVE-2014-3480", "CVE-2014-3487", "CVE-2014-3515", "CVE-2014-3597", "CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2014-4049", "CVE-2014-4670", "CVE-2014-4698", "CVE-2014-4721", "CVE-2014-5459", "CVE-2014-8142", "CVE-2014-9652", "CVE-2014-9705", "CVE-2014-9709", "CVE-2014-9767", "CVE-2015-0231", "CVE-2015-0232", "CVE-2015-0273", "CVE-2015-1352", "CVE-2015-2301", "CVE-2015-2305", "CVE-2015-2783", "CVE-2015-2787", "CVE-2015-3152", "CVE-2015-3329", "CVE-2015-3411", "CVE-2015-3412", "CVE-2015-4021", "CVE-2015-4022", "CVE-2015-4024", "CVE-2015-4026", "CVE-2015-4116", "CVE-2015-4148", "CVE-2015-4598", "CVE-2015-4599", "CVE-2015-4600", "CVE-2015-4601", "CVE-2015-4602", "CVE-2015-4603", "CVE-2015-4643", "CVE-2015-4644", "CVE-2015-5161", "CVE-2015-5589", "CVE-2015-5590", "CVE-2015-6831", "CVE-2015-6833", "CVE-2015-6836", "CVE-2015-6837", "CVE-2015-6838", "CVE-2015-7803", "CVE-2015-8835", "CVE-2015-8838", "CVE-2015-8866", "CVE-2015-8867", "CVE-2015-8873", "CVE-2015-8874", "CVE-2015-8879", "CVE-2016-2554", "CVE-2016-3141", "CVE-2016-3142", "CVE-2016-3185", "CVE-2016-4070", "CVE-2016-4073", "CVE-2016-4342", "CVE-2016-4346", "CVE-2016-4537", "CVE-2016-4538", "CVE-2016-4539", "CVE-2016-4540", "CVE-2016-4541", "CVE-2016-4542", "CVE-2016-4543", "CVE-2016-4544", "CVE-2016-5093", "CVE-2016-5094", "CVE-2016-5095", "CVE-2016-5096", "CVE-2016-5114"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2-mod_php53", "p-cpe:/a:novell:suse_linux:php53", "p-cpe:/a:novell:suse_linux:php53-bcmath", "p-cpe:/a:novell:suse_linux:php53-bz2", "p-cpe:/a:novell:suse_linux:php53-calendar", "p-cpe:/a:novell:suse_linux:php53-ctype", "p-cpe:/a:novell:suse_linux:php53-curl", "p-cpe:/a:novell:suse_linux:php53-dba", "p-cpe:/a:novell:suse_linux:php53-dom", "p-cpe:/a:novell:suse_linux:php53-exif", "p-cpe:/a:novell:suse_linux:php53-fastcgi", "p-cpe:/a:novell:suse_linux:php53-fileinfo", "p-cpe:/a:novell:suse_linux:php53-ftp", "p-cpe:/a:novell:suse_linux:php53-gd", "p-cpe:/a:novell:suse_linux:php53-gettext", "p-cpe:/a:novell:suse_linux:php53-gmp", "p-cpe:/a:novell:suse_linux:php53-iconv", "p-cpe:/a:novell:suse_linux:php53-intl", "p-cpe:/a:novell:suse_linux:php53-json", "p-cpe:/a:novell:suse_linux:php53-ldap", "p-cpe:/a:novell:suse_linux:php53-mbstring", "p-cpe:/a:novell:suse_linux:php53-mcrypt", "p-cpe:/a:novell:suse_linux:php53-mysql", "p-cpe:/a:novell:suse_linux:php53-odbc", "p-cpe:/a:novell:suse_linux:php53-openssl", "p-cpe:/a:novell:suse_linux:php53-pcntl", "p-cpe:/a:novell:suse_linux:php53-pdo", "p-cpe:/a:novell:suse_linux:php53-pear", "p-cpe:/a:novell:suse_linux:php53-pgsql", "p-cpe:/a:novell:suse_linux:php53-pspell", "p-cpe:/a:novell:suse_linux:php53-shmop", "p-cpe:/a:novell:suse_linux:php53-snmp", "p-cpe:/a:novell:suse_linux:php53-soap", "p-cpe:/a:novell:suse_linux:php53-suhosin", "p-cpe:/a:novell:suse_linux:php53-sysvmsg", "p-cpe:/a:novell:suse_linux:php53-sysvsem", "p-cpe:/a:novell:suse_linux:php53-sysvshm", "p-cpe:/a:novell:suse_linux:php53-tokenizer", "p-cpe:/a:novell:suse_linux:php53-wddx", "p-cpe:/a:novell:suse_linux:php53-xmlreader", "p-cpe:/a:novell:suse_linux:php53-xmlrpc", "p-cpe:/a:novell:suse_linux:php53-xmlwriter", "p-cpe:/a:novell:suse_linux:php53-xsl", "p-cpe:/a:novell:suse_linux:php53-zip", "p-cpe:/a:novell:suse_linux:php53-zlib", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2016-1638-1.NASL", "href": "https://www.tenable.com/plugins/nessus/93161", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:1638-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93161);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2004-1019\", \"CVE-2006-7243\", \"CVE-2014-0207\", \"CVE-2014-3478\", \"CVE-2014-3479\", \"CVE-2014-3480\", \"CVE-2014-3487\", \"CVE-2014-3515\", \"CVE-2014-3597\", \"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-4049\", \"CVE-2014-4670\", \"CVE-2014-4698\", \"CVE-2014-4721\", \"CVE-2014-5459\", \"CVE-2014-8142\", \"CVE-2014-9652\", \"CVE-2014-9705\", \"CVE-2014-9709\", \"CVE-2014-9767\", \"CVE-2015-0231\", \"CVE-2015-0232\", \"CVE-2015-0273\", \"CVE-2015-1352\", \"CVE-2015-2301\", \"CVE-2015-2305\", \"CVE-2015-2783\", \"CVE-2015-2787\", \"CVE-2015-3152\", \"CVE-2015-3329\", \"CVE-2015-3411\", \"CVE-2015-3412\", \"CVE-2015-4021\", \"CVE-2015-4022\", \"CVE-2015-4024\", \"CVE-2015-4026\", \"CVE-2015-4116\", \"CVE-2015-4148\", \"CVE-2015-4598\", \"CVE-2015-4599\", \"CVE-2015-4600\", \"CVE-2015-4601\", \"CVE-2015-4602\", \"CVE-2015-4603\", \"CVE-2015-4643\", \"CVE-2015-4644\", \"CVE-2015-5161\", \"CVE-2015-5589\", \"CVE-2015-5590\", \"CVE-2015-6831\", \"CVE-2015-6833\", \"CVE-2015-6836\", \"CVE-2015-6837\", \"CVE-2015-6838\", \"CVE-2015-7803\", \"CVE-2015-8835\", \"CVE-2015-8838\", \"CVE-2015-8866\", \"CVE-2015-8867\", \"CVE-2015-8873\", \"CVE-2015-8874\", \"CVE-2015-8879\", \"CVE-2016-2554\", \"CVE-2016-3141\", \"CVE-2016-3142\", \"CVE-2016-3185\", \"CVE-2016-4070\", \"CVE-2016-4073\", \"CVE-2016-4342\", \"CVE-2016-4346\", \"CVE-2016-4537\", \"CVE-2016-4538\", \"CVE-2016-4539\", \"CVE-2016-4540\", \"CVE-2016-4541\", \"CVE-2016-4542\", \"CVE-2016-4543\", \"CVE-2016-4544\", \"CVE-2016-5093\", \"CVE-2016-5094\", \"CVE-2016-5095\", \"CVE-2016-5096\", \"CVE-2016-5114\");\n script_bugtraq_id(44951, 68007, 68120, 68237, 68238, 68239, 68241, 68243, 68423, 68511, 68513, 69322, 69388, 70611, 70665, 70666, 71791, 71932, 72505, 72539, 72541, 72611, 72701, 73031, 73037, 73306, 73431, 74239, 74240, 74398, 74413, 74700, 74902, 74903, 75056, 75103, 75244, 75246, 75249, 75250, 75251, 75252, 75255, 75291, 75292, 75970, 75974);\n\n script_name(english:\"SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1638-1) (BACKRONYM)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for php53 to version 5.3.17 fixes the following issues :\n\nThese security issues were fixed :\n\n - CVE-2016-5093: get_icu_value_internal out-of-bounds read\n (bnc#982010).\n\n - CVE-2016-5094: Don't create strings with lengths outside\n int range (bnc#982011).\n\n - CVE-2016-5095: Don't create strings with lengths outside\n int range (bnc#982012).\n\n - CVE-2016-5096: int/size_t confusion in fread\n (bsc#982013).\n\n - CVE-2016-5114: fpm_log.c memory leak and buffer overflow\n (bnc#982162).\n\n - CVE-2015-8879: The odbc_bindcols function in\n ext/odbc/php_odbc.c in PHP mishandles driver behavior\n for SQL_WVARCHAR columns, which allowed remote attackers\n to cause a denial of service (application crash) in\n opportunistic circumstances by leveraging use of the\n odbc_fetch_array function to access a certain type of\n Microsoft SQL Server table (bsc#981050).\n\n - CVE-2015-4116: Use-after-free vulnerability in the\n spl_ptr_heap_insert function in ext/spl/spl_heap.c in\n PHP allowed remote attackers to execute arbitrary code\n by triggering a failed SplMinHeap::compare operation\n (bsc#980366).\n\n - CVE-2015-8874: Stack consumption vulnerability in GD in\n PHP allowed remote attackers to cause a denial of\n service via a crafted imagefilltoborder call\n (bsc#980375).\n\n - CVE-2015-8873: Stack consumption vulnerability in\n Zend/zend_exceptions.c in PHP allowed remote attackers\n to cause a denial of service (segmentation fault) via\n recursive method calls (bsc#980373).\n\n - CVE-2016-4540: The grapheme_stripos function in\n ext/intl/grapheme/grapheme_string.c in PHP allowed\n remote attackers to cause a denial of service\n (out-of-bounds read) or possibly have unspecified other\n impact via a negative offset (bsc#978829).\n\n - CVE-2016-4541: The grapheme_strpos function in\n ext/intl/grapheme/grapheme_string.c in PHP allowed\n remote attackers to cause a denial of service\n (out-of-bounds read) or possibly have unspecified other\n impact via a negative offset (bsc#978829.\n\n - CVE-2016-4542: The exif_process_IFD_TAG function in\n ext/exif/exif.c in PHP did not properly construct\n spprintf arguments, which allowed remote attackers to\n cause a denial of service (out-of-bounds read) or\n possibly have unspecified other impact via crafted\n header data (bsc#978830).\n\n - CVE-2016-4543: The exif_process_IFD_in_JPEG function in\n ext/exif/exif.c in PHP did not validate IFD sizes, which\n allowed remote attackers to cause a denial of service\n (out-of-bounds read) or possibly have unspecified other\n impact via crafted header data (bsc#978830.\n\n - CVE-2016-4544: The exif_process_TIFF_in_JPEG function in\n ext/exif/exif.c in PHP did not validate TIFF start data,\n which allowed remote attackers to cause a denial of\n service (out-of-bounds read) or possibly have\n unspecified other impact via crafted header data\n (bsc#978830.\n\n - CVE-2016-4537: The bcpowmod function in\n ext/bcmath/bcmath.c in PHP accepted a negative integer\n for the scale argument, which allowed remote attackers\n to cause a denial of service or possibly have\n unspecified other impact via a crafted call\n (bsc#978827).\n\n - CVE-2016-4538: The bcpowmod function in\n ext/bcmath/bcmath.c in PHP modified certain data\n structures without considering whether they are copies\n of the _zero_, _one_, or _two_ global variable, which\n allowed remote attackers to cause a denial of service or\n possibly have unspecified other impact via a crafted\n call (bsc#978827).\n\n - CVE-2016-4539: The xml_parse_into_struct function in\n ext/xml/xml.c in PHP allowed remote attackers to cause a\n denial of service (buffer under-read and segmentation\n fault) or possibly have unspecified other impact via\n crafted XML data in the second argument, leading to a\n parser level of zero (bsc#978828).\n\n - CVE-2016-4342: ext/phar/phar_object.c in PHP mishandles\n zero-length uncompressed data, which allowed remote\n attackers to cause a denial of service (heap memory\n corruption) or possibly have unspecified other impact\n via a crafted (1) TAR, (2) ZIP, or (3) PHAR archive\n (bsc#977991).\n\n - CVE-2016-4346: Integer overflow in the str_pad function\n in ext/standard/string.c in PHP allowed remote attackers\n to cause a denial of service or possibly have\n unspecified other impact via a long string, leading to a\n heap-based buffer overflow (bsc#977994).\n\n - CVE-2016-4073: Multiple integer overflows in the\n mbfl_strcut function in\n ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP allowed\n remote attackers to cause a denial of service\n (application crash) or possibly execute arbitrary code\n via a crafted mb_strcut call (bsc#977003).\n\n - CVE-2015-8867: The openssl_random_pseudo_bytes function\n in ext/openssl/openssl.c in PHP incorrectly relied on\n the deprecated RAND_pseudo_bytes function, which made it\n easier for remote attackers to defeat cryptographic\n protection mechanisms via unspecified vectors\n (bsc#977005).\n\n - CVE-2016-4070: Integer overflow in the\n php_raw_url_encode function in ext/standard/url.c in PHP\n allowed remote attackers to cause a denial of service\n (application crash) via a long string to the\n rawurlencode function (bsc#976997).\n\n - CVE-2015-8866: ext/libxml/libxml.c in PHP when PHP-FPM\n is used, did not isolate each thread from\n libxml_disable_entity_loader changes in other threads,\n which allowed remote attackers to conduct XML External\n Entity (XXE) and XML Entity Expansion (XEE) attacks via\n a crafted XML document, a related issue to CVE-2015-5161\n (bsc#976996).\n\n - CVE-2015-8838: ext/mysqlnd/mysqlnd.c in PHP used a\n client SSL option to mean that SSL is optional, which\n allowed man-in-the-middle attackers to spoof servers via\n a cleartext-downgrade attack, a related issue to\n CVE-2015-3152 (bsc#973792).\n\n - CVE-2015-8835: The make_http_soap_request function in\n ext/soap/php_http.c in PHP did not properly retrieve\n keys, which allowed remote attackers to cause a denial\n of service (NULL pointer dereference, type confusion,\n and application crash) or possibly execute arbitrary\n code via crafted serialized data representing a\n numerically indexed _cookies array, related to the\n SoapClient::__call method in ext/soap/soap.c\n (bsc#973351).\n\n - CVE-2016-3141: Use-after-free vulnerability in wddx.c in\n the WDDX extension in PHP allowed remote attackers to\n cause a denial of service (memory corruption and\n application crash) or possibly have unspecified other\n impact by triggering a wddx_deserialize call on XML data\n containing a crafted var element (bsc#969821).\n\n - CVE-2016-3142: The phar_parse_zipfile function in zip.c\n in the PHAR extension in PHP allowed remote attackers to\n obtain sensitive information from process memory or\n cause a denial of service (out-of-bounds read and\n application crash) by placing a PK\\x05\\x06 signature at\n an invalid location (bsc#971912).\n\n - CVE-2014-9767: Directory traversal vulnerability in the\n ZipArchive::extractTo function in ext/zip/php_zip.c in\n PHP ext/zip/ext_zip.cpp in HHVM allowed remote attackers\n to create arbitrary empty directories via a crafted ZIP\n archive (bsc#971612).\n\n - CVE-2016-3185: The make_http_soap_request function in\n ext/soap/php_http.c in PHP allowed remote attackers to\n obtain sensitive information from process memory or\n cause a denial of service (type confusion and\n application crash) via crafted serialized _cookies data,\n related to the SoapClient::__call method in\n ext/soap/soap.c (bsc#971611).\n\n - CVE-2016-2554: Stack-based buffer overflow in\n ext/phar/tar.c in PHP allowed remote attackers to cause\n a denial of service (application crash) or possibly have\n unspecified other impact via a crafted TAR archive\n (bsc#968284).\n\n - CVE-2015-7803: The phar_get_entry_data function in\n ext/phar/util.c in PHP allowed remote attackers to cause\n a denial of service (NULL pointer dereference and\n application crash) via a .phar file with a crafted TAR\n archive entry in which the Link indicator references a\n file that did not exist (bsc#949961).\n\n - CVE-2015-6831: Multiple use-after-free vulnerabilities\n in SPL in PHP allowed remote attackers to execute\n arbitrary code via vectors involving (1) ArrayObject,\n (2) SplObjectStorage, and (3) SplDoublyLinkedList, which\n are mishandled during unserialization (bsc#942291).\n\n - CVE-2015-6833: Directory traversal vulnerability in the\n PharData class in PHP allowed remote attackers to write\n to arbitrary files via a .. (dot dot) in a ZIP archive\n entry that is mishandled during an extractTo call\n (bsc#942296.\n\n - CVE-2015-6836: The SoapClient __call method in\n ext/soap/soap.c in PHP did not properly manage headers,\n which allowed remote attackers to execute arbitrary code\n via crafted serialized data that triggers a 'type\n confusion' in the serialize_function_call function\n (bsc#945428).\n\n - CVE-2015-6837: The xsl_ext_function_php function in\n ext/xsl/xsltprocessor.c in PHP when libxml2 is used, did\n not consider the possibility of a NULL valuePop return\n value proceeding with a free operation during initial\n error checking, which allowed remote attackers to cause\n a denial of service (NULL pointer dereference and\n application crash) via a crafted XML document, a\n different vulnerability than CVE-2015-6838 (bsc#945412).\n\n - CVE-2015-6838: The xsl_ext_function_php function in\n ext/xsl/xsltprocessor.c in PHP when libxml2 is used, did\n not consider the possibility of a NULL valuePop return\n value proceeding with a free operation after the\n principal argument loop, which allowed remote attackers\n to cause a denial of service (NULL pointer dereference\n and application crash) via a crafted XML document, a\n different vulnerability than CVE-2015-6837 (bsc#945412).\n\n - CVE-2015-5590: Stack-based buffer overflow in the\n phar_fix_filepath function in ext/phar/phar.c in PHP\n allowed remote attackers to cause a denial of service or\n possibly have unspecified other impact via a large\n length value, as demonstrated by mishandling of an\n e-mail attachment by the imap PHP extension\n (bsc#938719).\n\n - CVE-2015-5589: The phar_convert_to_other function in\n ext/phar/phar_object.c in PHP did not validate a file\n pointer a close operation, which allowed remote\n attackers to cause a denial of service (segmentation\n fault) or possibly have unspecified other impact via a\n crafted TAR archive that is mishandled in a\n Phar::convertToData call (bsc#938721).\n\n - CVE-2015-4602: The __PHP_Incomplete_Class function in\n ext/standard/incomplete_class.c in PHP allowed remote\n attackers to cause a denial of service (application\n crash) or possibly execute arbitrary code via an\n unexpected data type, related to a 'type confusion'\n issue (bsc#935224).\n\n - CVE-2015-4599: The SoapFault::__toString method in\n ext/soap/soap.c in PHP allowed remote attackers to\n obtain sensitive information, cause a denial of service\n (application crash), or possibly execute arbitrary code\n via an unexpected data type, related to a 'type\n confusion' issue (bsc#935226).\n\n - CVE-2015-4600: The SoapClient implementation in PHP\n allowed remote attackers to cause a denial of service\n (application crash) or possibly execute arbitrary code\n via an unexpected data type, related to 'type confusion'\n issues in the (1) SoapClient::__getLastRequest, (2)\n SoapClient::__getLastResponse, (3)\n SoapClient::__getLastRequestHeaders, (4)\n SoapClient::__getLastResponseHeaders, (5)\n SoapClient::__getCookies, and (6)\n SoapClient::__setCookie methods (bsc#935226).\n\n - CVE-2015-4601: PHP allowed remote attackers to cause a\n denial of service (application crash) or possibly\n execute arbitrary code via an unexpected data type,\n related to 'type confusion' issues in (1)\n ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and\n (3) ext/soap/soap.c, a different issue than\n CVE-2015-4600 (bsc#935226.\n\n - CVE-2015-4603: The exception::getTraceAsString function\n in Zend/zend_exceptions.c in PHP allowed remote\n attackers to execute arbitrary code via an unexpected\n data type, related to a 'type confusion' issue\n (bsc#935234).\n\n - CVE-2015-4644: The php_pgsql_meta_data function in\n pgsql.c in the PostgreSQL (aka pgsql) extension in PHP\n did not validate token extraction for table names, which\n might allowed remote attackers to cause a denial of\n service (NULL pointer dereference and application crash)\n via a crafted name. NOTE: this vulnerability exists\n because of an incomplete fix for CVE-2015-1352\n (bsc#935274).\n\n - CVE-2015-4643: Integer overflow in the ftp_genlist\n function in ext/ftp/ftp.c in PHP allowed remote FTP\n servers to execute arbitrary code via a long reply to a\n LIST command, leading to a heap-based buffer overflow.\n NOTE: this vulnerability exists because of an incomplete\n fix for CVE-2015-4022 (bsc#935275).\n\n - CVE-2015-3411: PHP did not ensure that pathnames lack\n %00 sequences, which might have allowed remote attackers\n to read or write to arbitrary files via crafted input to\n an application that calls (1) a DOMDocument load method,\n (2) the xmlwriter_open_uri function, (3) the finfo_file\n function, or (4) the hash_hmac_file function, as\n demonstrated by a filename\\0.xml attack that bypasses an\n intended configuration in which client users may read\n only .xml files (bsc#935227).\n\n - CVE-2015-3412: PHP did not ensure that pathnames lack\n %00 sequences, which might have allowed remote attackers\n to read arbitrary files via crafted input to an\n application that calls the stream_resolve_include_path\n function in ext/standard/streamsfuncs.c, as demonstrated\n by a filename\\0.extension attack that bypasses an\n intended configuration in which client users may read\n files with only one specific extension (bsc#935229).\n\n - CVE-2015-4598: PHP did not ensure that pathnames lack\n %00 sequences, which might have allowed remote attackers\n to read or write to arbitrary files via crafted input to\n an application that calls (1) a DOMDocument save method\n or (2) the GD imagepsloadfont function, as demonstrated\n by a filename\\0.html attack that bypasses an intended\n configuration in which client users may write to only\n .html files (bsc#935232).\n\n - CVE-2015-4148: The do_soap_call function in\n ext/soap/soap.c in PHP did not verify that the uri\n property is a string, which allowed remote attackers to\n obtain sensitive information by providing crafted\n serialized data with an int data type, related to a\n 'type confusion' issue (bsc#933227).\n\n - CVE-2015-4024: Algorithmic complexity vulnerability in\n the multipart_buffer_headers function in main/rfc1867.c\n in PHP allowed remote attackers to cause a denial of\n service (CPU consumption) via crafted form data that\n triggers an improper order-of-growth outcome\n (bsc#931421).\n\n - CVE-2015-4026: The pcntl_exec implementation in PHP\n truncates a pathname upon encountering a \\x00 character,\n which might allowed remote attackers to bypass intended\n extension restrictions and execute files with unexpected\n names via a crafted first argument. NOTE: this\n vulnerability exists because of an incomplete fix for\n CVE-2006-7243 (bsc#931776).\n\n - CVE-2015-4022: Integer overflow in the ftp_genlist\n function in ext/ftp/ftp.c in PHP allowed remote FTP\n servers to execute arbitrary code via a long reply to a\n LIST command, leading to a heap-based buffer overflow\n (bsc#931772).\n\n - CVE-2015-4021: The phar_parse_tarfile function in\n ext/phar/tar.c in PHP did not verify that the first\n character of a filename is different from the \\0\n character, which allowed remote attackers to cause a\n denial of service (integer underflow and memory\n corruption) via a crafted entry in a tar archive\n (bsc#931769).\n\n - CVE-2015-3329: Multiple stack-based buffer overflows in\n the phar_set_inode function in phar_internal.h in PHP\n allowed remote attackers to execute arbitrary code via a\n crafted length value in a (1) tar, (2) phar, or (3) ZIP\n archive (bsc#928506).\n\n - CVE-2015-2783: ext/phar/phar.c in PHP allowed remote\n attackers to obtain sensitive information from process\n memory or cause a denial of service (buffer over-read\n and application crash) via a crafted length value in\n conjunction with crafted serialized data in a phar\n archive, related to the phar_parse_metadata and\n phar_parse_pharfile functions (bsc#928511).\n\n - CVE-2015-2787: Use-after-free vulnerability in the\n process_nested_data function in\n ext/standard/var_unserializer.re in PHP allowed remote\n attackers to execute arbitrary code via a crafted\n unserialize call that leverages use of the unset\n function within an __wakeup function, a related issue to\n CVE-2015-0231 (bsc#924972).\n\n - CVE-2014-9709: The GetCode_ function in gd_gif_in.c in\n GD 2.1.1 and earlier, as used in PHP allowed remote\n attackers to cause a denial of service (buffer over-read\n and application crash) via a crafted GIF image that is\n improperly handled by the gdImageCreateFromGif function\n (bsc#923945).\n\n - CVE-2015-2301: Use-after-free vulnerability in the\n phar_rename_archive function in phar_object.c in PHP\n allowed remote attackers to cause a denial of service or\n possibly have unspecified other impact via vectors that\n trigger an attempted renaming of a Phar archive to the\n name of an existing file (bsc#922452).\n\n - CVE-2015-2305: Integer overflow in the regcomp\n implementation in the Henry Spencer BSD regex library\n (aka rxspencer) 32-bit platforms might have allowed\n context-dependent attackers to execute arbitrary code\n via a large regular expression that leads to a\n heap-based buffer overflow (bsc#921950).\n\n - CVE-2014-9705: Heap-based buffer overflow in the\n enchant_broker_request_dict function in\n ext/enchant/enchant.c in PHP allowed remote attackers to\n execute arbitrary code via vectors that trigger creation\n of multiple dictionaries (bsc#922451).\n\n - CVE-2015-0273: Multiple use-after-free vulnerabilities\n in ext/date/php_date.c in PHP allowed remote attackers\n to execute arbitrary code via crafted serialized input\n containing a (1) R or (2) r type specifier in (a)\n DateTimeZone data handled by the\n php_date_timezone_initialize_from_hash function or (b)\n DateTime data handled by the\n php_date_initialize_from_hash function (bsc#918768).\n\n - CVE-2014-9652: The mconvert function in softmagic.c in\n file as used in the Fileinfo component in PHP did not\n properly handle a certain string-length field during a\n copy of a truncated version of a Pascal string, which\n might allowed remote attackers to cause a denial of\n service (out-of-bounds memory access and application\n crash) via a crafted file (bsc#917150).\n\n - CVE-2014-8142: Use-after-free vulnerability in the\n process_nested_data function in\n ext/standard/var_unserializer.re in PHP allowed remote\n attackers to execute arbitrary code via a crafted\n unserialize call that leverages improper handling of\n duplicate keys within the serialized properties of an\n object, a different vulnerability than CVE-2004-1019\n (bsc#910659).\n\n - CVE-2015-0231: Use-after-free vulnerability in the\n process_nested_data function in\n ext/standard/var_unserializer.re in PHP allowed remote\n attackers to execute arbitrary code via a crafted\n unserialize call that leverages improper handling of\n duplicate numerical keys within the serialized\n properties of an object. NOTE: this vulnerability exists\n because of an incomplete fix for CVE-2014-8142\n (bsc#910659).\n\n - CVE-2014-8142: Use-after-free vulnerability in the\n process_nested_data function in\n ext/standard/var_unserializer.re in PHP allowed remote\n attackers to execute arbitrary code via a crafted\n unserialize call that leverages improper handling of\n duplicate keys within the serialized properties of an\n object, a different vulnerability than CVE-2004-1019\n (bsc#910659).\n\n - CVE-2015-0232: The exif_process_unicode function in\n ext/exif/exif.c in PHP allowed remote attackers to\n execute arbitrary code or cause a denial of service\n (uninitialized pointer free and application crash) via\n crafted EXIF data in a JPEG image (bsc#914690).\n\n - CVE-2014-3670: The exif_ifd_make_value function in\n exif.c in the EXIF extension in PHP operates on\n floating-point arrays incorrectly, which allowed remote\n attackers to cause a denial of service (heap memory\n corruption and application crash) or possibly execute\n arbitrary code via a crafted JPEG image with TIFF\n thumbnail data that is improperly handled by the\n exif_thumbnail function (bsc#902357).\n\n - CVE-2014-3669: Integer overflow in the object_custom\n function in ext/standard/var_unserializer.c in PHP\n allowed remote attackers to cause a denial of service\n (application crash) or possibly execute arbitrary code\n via an argument to the unserialize function that\n triggers calculation of a large length value\n (bsc#902360).\n\n - CVE-2014-3668: Buffer overflow in the date_from_ISO8601\n function in the mkgmtime implementation in\n libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP\n allowed remote attackers to cause a denial of service\n (application crash) via (1) a crafted first argument to\n the xmlrpc_set_type function or (2) a crafted argument\n to the xmlrpc_decode function, related to an\n out-of-bounds read operation (bsc#902368).\n\n - CVE-2014-5459: The PEAR_REST class in REST.php in PEAR\n in PHP allowed local users to write to arbitrary files\n via a symlink attack on a (1) rest.cachefile or (2)\n rest.cacheid file in /tmp/pear/cache/, related to the\n retrieveCacheFirst and useLocalCache functions\n (bsc#893849).\n\n - CVE-2014-3597: Multiple buffer overflows in the\n php_parserr function in ext/standard/dns.c in PHP\n allowed remote DNS servers to cause a denial of service\n (application crash) or possibly execute arbitrary code\n via a crafted DNS record, related to the dns_get_record\n function and the dn_expand function. NOTE: this issue\n exists because of an incomplete fix for CVE-2014-4049\n (bsc#893853).\n\n - CVE-2014-4670: Use-after-free vulnerability in\n ext/spl/spl_dllist.c in the SPL component in PHP allowed\n context-dependent attackers to cause a denial of service\n or possibly have unspecified other impact via crafted\n iterator usage within applications in certain\n web-hosting environments (bsc#886059).\n\n - CVE-2014-4698: Use-after-free vulnerability in\n ext/spl/spl_array.c in the SPL component in PHP allowed\n context-dependent attackers to cause a denial of service\n or possibly have unspecified other impact via crafted\n ArrayIterator usage within applications in certain\n web-hosting environments (bsc#886060).\n\n - CVE-2014-4721: The phpinfo implementation in\n ext/standard/info.c in PHP did not ensure use of the\n string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE,\n PHP_AUTH_USER, and PHP_SELF variables, which might\n allowed context-dependent attackers to obtain sensitive\n information from process memory by using the integer\n data type with crafted values, related to a 'type\n confusion' vulnerability, as demonstrated by reading a\n private SSL key in an Apache HTTP Server web-hosting\n environment with mod_ssl and a PHP 5.3.x mod_php\n (bsc#885961).\n\n - CVE-2014-0207: The cdf_read_short_sector function in\n cdf.c in file as used in the Fileinfo component in PHP\n allowed remote attackers to cause a denial of service\n (assertion failure and application exit) via a crafted\n CDF file (bsc#884986).\n\n - CVE-2014-3478: Buffer overflow in the mconvert function\n in softmagic.c in file as used in the Fileinfo component\n in PHP allowed remote attackers to cause a denial of\n service (application crash) via a crafted Pascal string\n in a FILE_PSTRING conversion (bsc#884987).\n\n - CVE-2014-3479: The cdf_check_stream_offset function in\n cdf.c in file as used in the Fileinfo component in PHP\n relies on incorrect sector-size data, which allowed\n remote attackers to cause a denial of service\n (application crash) via a crafted stream offset in a CDF\n file (bsc#884989).\n\n - CVE-2014-3480: The cdf_count_chain function in cdf.c in\n file as used in the Fileinfo component in PHP did not\n properly validate sector-count data, which allowed\n remote attackers to cause a denial of service\n (application crash) via a crafted CDF file (bsc#884990).\n\n - CVE-2014-3487: The cdf_read_property_info function in\n file as used in the Fileinfo component in PHP did not\n properly validate a stream offset, which allowed remote\n attackers to cause a denial of service (application\n crash) via a crafted CDF file (bsc#884991).\n\n - CVE-2014-3515: The SPL component in PHP incorrectly\n anticipates that certain data structures will have the\n array data type after unserialization, which allowed\n remote attackers to execute arbitrary code via a crafted\n string that triggers use of a Hashtable destructor,\n related to 'type confusion' issues in (1) ArrayObject\n and (2) SPLObjectStorage (bsc#884992).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=884986\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=884987\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=884989\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=884990\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=884991\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=884992\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=885961\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=886059\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=886060\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=893849\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=893853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=902357\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=902360\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=902368\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=910659\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=914690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=917150\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=918768\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=919080\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=921950\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=922451\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=922452\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=923945\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=924972\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=925109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=928506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=928511\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=931421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=931769\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=931772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=931776\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=933227\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935074\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935226\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935227\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935229\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935234\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935274\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=935275\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=938719\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=938721\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942291\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=942296\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945412\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949961\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=969821\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=971611\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=971612\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=971912\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=973351\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=973792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976996\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=976997\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977005\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977991\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=977994\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=978827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=978828\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=978829\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=978830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=980366\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=980373\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=980375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=981050\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=982010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=982011\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=982012\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=982013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=982162\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2004-1019/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2006-7243/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-0207/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-3478/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-3479/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-3480/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-3487/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-3515/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-3597/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-3668/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-3669/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-3670/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-4049/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-4670/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-4698/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-4721/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-5459/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8142/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9652/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9705/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9709/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9767/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0231/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0232/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-0273/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-1352/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2301/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2305/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2783/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-2787/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3152/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3329/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3411/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3412/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4021/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4022/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4024/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4026/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4116/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4148/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4598/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4599/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4600/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4601/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4602/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4603/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4643/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-4644/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5161/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5589/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5590/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-6831/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-6833/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-6836/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-6837/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-6838/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-7803/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8835/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8838/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8866/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8867/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8873/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8874/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8879/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2554/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3141/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3142/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3185/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4070/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4073/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4342/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4346/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4537/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4538/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4539/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4540/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4541/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4542/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4543/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-4544/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5093/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5094/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5095/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5096/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5114/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20161638-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dc947fb9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP2-LTSS :\n\nzypper in -t patch slessp2-php53-12621=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-mod_php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:php53-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/29\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"apache2-mod_php53-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-bcmath-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-bz2-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-calendar-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-ctype-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-curl-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-dba-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-dom-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-exif-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-fastcgi-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-fileinfo-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-ftp-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-gd-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-gettext-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-gmp-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-iconv-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-intl-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-json-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-ldap-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-mbstring-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-mcrypt-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-mysql-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-odbc-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-openssl-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-pcntl-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-pdo-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-pear-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-pgsql-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-pspell-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-shmop-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-snmp-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-soap-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-suhosin-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-sysvmsg-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-sysvsem-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-sysvshm-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-tokenizer-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-wddx-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-xmlreader-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-xmlrpc-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-xmlwriter-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-xsl-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-zip-5.3.17-47.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"php53-zlib-5.3.17-47.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2021-06-08T19:08:48", "description": "exif_thumbnail&#40;&#41; memory corruption on JPEG parsing. XMLRPC buffer overflow. object_custom function&#40;&#41; integer overflow.", "edition": 2, "cvss3": {}, "published": "2014-11-03T00:00:00", "title": "PHP memory corruption", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2014-11-03T00:00:00", "id": "SECURITYVULNS:VULN:14056", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14056", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:55", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2391-1\r\nOctober 30, 2014\r\n\r\nphp5 vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 14.10\r\n- Ubuntu 14.04 LTS\r\n- Ubuntu 12.04 LTS\r\n- Ubuntu 10.04 LTS\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in PHP.\r\n\r\nSoftware Description:\r\n- php5: HTML-embedded scripting language interpreter\r\n\r\nDetails:\r\n\r\nSymeon Paraschoudis discovered that PHP incorrectly handled the mkgmtime\r\nfunction. A remote attacker could possibly use this issue to cause PHP to\r\ncrash, resulting in a denial of service. &#40;CVE-2014-3668&#41;\r\n\r\nSymeon Paraschoudis discovered that PHP incorrectly handled unserializing\r\nobjects. A remote attacker could possibly use this issue to cause PHP to\r\ncrash, resulting in a denial of service. &#40;CVE-2014-3669&#41;\r\n\r\nOtto Ebeling discovered that PHP incorrectly handled the exif_thumbnail\r\nfunction. A remote attacker could use this issue to cause PHP to crash,\r\nresulting in a denial of service, or possibly execute arbitrary code.\r\n&#40;CVE-2014-3670&#41;\r\n\r\nFrancisco Alonso that PHP incorrectly handled ELF files in the fileinfo\r\nextension. A remote attacker could possibly use this issue to cause PHP to\r\ncrash, resulting in a denial of service. &#40;CVE-2014-3710&#41;\r\n\r\nIt was discovered that PHP incorrectly handled NULL bytes when processing\r\ncertain URLs with the curl functions. A remote attacker could possibly use\r\nthis issue to bypass filename restrictions and obtain access to sensitive\r\nfiles. &#40;No CVE number&#41;\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 14.10:\r\n libapache2-mod-php5 5.5.12+dfsg-2ubuntu4.1\r\n php5-cgi 5.5.12+dfsg-2ubuntu4.1\r\n php5-cli 5.5.12+dfsg-2ubuntu4.1\r\n php5-curl 5.5.12+dfsg-2ubuntu4.1\r\n php5-fpm 5.5.12+dfsg-2ubuntu4.1\r\n php5-xmlrpc 5.5.12+dfsg-2ubuntu4.1\r\n\r\nUbuntu 14.04 LTS:\r\n libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.5\r\n php5-cgi 5.5.9+dfsg-1ubuntu4.5\r\n php5-cli 5.5.9+dfsg-1ubuntu4.5\r\n php5-curl 5.5.9+dfsg-1ubuntu4.5\r\n php5-fpm 5.5.9+dfsg-1ubuntu4.5\r\n php5-xmlrpc 5.5.9+dfsg-1ubuntu4.5\r\n\r\nUbuntu 12.04 LTS:\r\n libapache2-mod-php5 5.3.10-1ubuntu3.15\r\n php5-cgi 5.3.10-1ubuntu3.15\r\n php5-cli 5.3.10-1ubuntu3.15\r\n php5-curl 5.3.10-1ubuntu3.15\r\n php5-fpm 5.3.10-1ubuntu3.15\r\n php5-xmlrpc 5.3.10-1ubuntu3.15\r\n\r\nUbuntu 10.04 LTS:\r\n libapache2-mod-php5 5.3.2-1ubuntu4.28\r\n php5-cgi 5.3.2-1ubuntu4.28\r\n php5-cli 5.3.2-1ubuntu4.28\r\n php5-curl 5.3.2-1ubuntu4.28\r\n php5-xmlrpc 5.3.2-1ubuntu4.28\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2391-1\r\n CVE-2014-3668, CVE-2014-3669, CVE-2014-3670, CVE-2014-3710\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/php5/5.5.12+dfsg-2ubuntu4.1\r\n https://launchpad.net/ubuntu/+source/php5/5.5.9+dfsg-1ubuntu4.5\r\n https://launchpad.net/ubuntu/+source/php5/5.3.10-1ubuntu3.15\r\n https://launchpad.net/ubuntu/+source/php5/5.3.2-1ubuntu4.28\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2014-11-03T00:00:00", "title": "[USN-2391-1] php5 vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3710", "CVE-2014-3670"], "modified": "2014-11-03T00:00:00", "id": "SECURITYVULNS:DOC:31326", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31326", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:55", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2014:202\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : php\r\n Date : October 23, 2014\r\n Affected: Business Server 1.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability has been discovered and corrected in php:\r\n \r\n A heap corruption issue was reported in PHP&#039;s exif_thumbnail&#40;&#41;\r\n function. A specially-crafted JPEG image could cause the PHP\r\n interpreter to crash or, potentially, execute arbitrary code\r\n &#40;CVE-2014-3670&#41;.\r\n \r\n The updated php packages have been upgraded to the 5.5.18 version\r\n resolve this security flaw.\r\n \r\n Additionally, php-apc has been rebuilt against the updated php\r\n packages.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670\r\n http://php.net/ChangeLog-5.php#5.5.18\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 1/X86_64:\r\n b84db9e325102ccc20006f5e6ccb74a1 mbs1/x86_64/apache-mod_php-5.5.18-1.mbs1.x86_64.rpm\r\n 3ae59a3a698c2739ec14f1f148b92f29 mbs1/x86_64/lib64php5_common5-5.5.18-1.mbs1.x86_64.rpm\r\n ade8aaab55f610c54bc39aa68e56d153 mbs1/x86_64/php-apc-3.1.15-1.12.mbs1.x86_64.rpm\r\n 78169707954ef896c52611c354b79368 mbs1/x86_64/php-apc-admin-3.1.15-1.12.mbs1.x86_64.rpm\r\n ab9faf90ad2cbee0d595c3536757b1b2 mbs1/x86_64/php-bcmath-5.5.18-1.mbs1.x86_64.rpm\r\n bc0cc28f753e3d389b49974795ce2ccc mbs1/x86_64/php-bz2-5.5.18-1.mbs1.x86_64.rpm\r\n 1162526089cb1fb9fce42c26646e605d mbs1/x86_64/php-calendar-5.5.18-1.mbs1.x86_64.rpm\r\n 5760732b5f73910e6465e8ccbb765c1d mbs1/x86_64/php-cgi-5.5.18-1.mbs1.x86_64.rpm\r\n 6e38ac768c2085960c3aa0dc39e4d7a0 mbs1/x86_64/php-cli-5.5.18-1.mbs1.x86_64.rpm\r\n 985a2cae71704a360f607b4c2850eb2c mbs1/x86_64/php-ctype-5.5.18-1.mbs1.x86_64.rpm\r\n c8d1546ad51a8a5cd74d578333d89e0f mbs1/x86_64/php-curl-5.5.18-1.mbs1.x86_64.rpm\r\n 366687605290ff08a905f7b4ae67e5ca mbs1/x86_64/php-dba-5.5.18-1.mbs1.x86_64.rpm\r\n 0ae24b75bb2c73d57455610579ca6438 mbs1/x86_64/php-devel-5.5.18-1.mbs1.x86_64.rpm\r\n 18c5288d2420077c3d472c0eff231372 mbs1/x86_64/php-doc-5.5.18-1.mbs1.noarch.rpm\r\n 53fe9ddfe1ecc35b09da6ab4042844cb mbs1/x86_64/php-dom-5.5.18-1.mbs1.x86_64.rpm\r\n 78b98a326094e361314deba320d73584 mbs1/x86_64/php-enchant-5.5.18-1.mbs1.x86_64.rpm\r\n 8746b68c71c917878ec07c9891672c80 mbs1/x86_64/php-exif-5.5.18-1.mbs1.x86_64.rpm\r\n 8c998a6b4af589404d9d34a6a3cb8784 mbs1/x86_64/php-fileinfo-5.5.18-1.mbs1.x86_64.rpm\r\n a9215efa31cdcd8ca97e33f189aad25b mbs1/x86_64/php-filter-5.5.18-1.mbs1.x86_64.rpm\r\n 6dc0b37ef6ecf4f72176457a412d971b mbs1/x86_64/php-fpm-5.5.18-1.mbs1.x86_64.rpm\r\n 141583776c38c25fe198f42fe99ee2c4 mbs1/x86_64/php-ftp-5.5.18-1.mbs1.x86_64.rpm\r\n 3f3f9dea5d6e1ec1561d0b108ec6a0ba mbs1/x86_64/php-gd-5.5.18-1.mbs1.x86_64.rpm\r\n a9951b26680e9e4652101113007febf2 mbs1/x86_64/php-gettext-5.5.18-1.mbs1.x86_64.rpm\r\n 29c8abcd2df356cac390194290ce7c3b mbs1/x86_64/php-gmp-5.5.18-1.mbs1.x86_64.rpm\r\n 3194410dd2d76511732211bb40d5d9b0 mbs1/x86_64/php-hash-5.5.18-1.mbs1.x86_64.rpm\r\n 2e3953de46a8334dbcec5264a4f0a12e mbs1/x86_64/php-iconv-5.5.18-1.mbs1.x86_64.rpm\r\n 2928e4e3fe91bb55562b6b65aaba3ae7 mbs1/x86_64/php-imap-5.5.18-1.mbs1.x86_64.rpm\r\n d7d3c35bfbccca665919bc5943397bb5 mbs1/x86_64/php-ini-5.5.18-1.mbs1.x86_64.rpm\r\n 0913099a2defd61e8398fe0e20f66c4d mbs1/x86_64/php-intl-5.5.18-1.mbs1.x86_64.rpm\r\n 8ba4ebc4f791d030de275468938617df mbs1/x86_64/php-json-5.5.18-1.mbs1.x86_64.rpm\r\n 141fcf13af5eab6ca869017a7d59c8c9 mbs1/x86_64/php-ldap-5.5.18-1.mbs1.x86_64.rpm\r\n 961df415435d9b4b38693119edabcd0b mbs1/x86_64/php-mbstring-5.5.18-1.mbs1.x86_64.rpm\r\n 60ffb2d50b6c5ed1abaa5654ef259c9e mbs1/x86_64/php-mcrypt-5.5.18-1.mbs1.x86_64.rpm\r\n ab32e34ee6f479669be75492b62b1f82 mbs1/x86_64/php-mssql-5.5.18-1.mbs1.x86_64.rpm\r\n 7681ccf2b0a6111cb104be83467b260e mbs1/x86_64/php-mysql-5.5.18-1.mbs1.x86_64.rpm\r\n 9de3dec1b62dc2044861723730167bc4 mbs1/x86_64/php-mysqli-5.5.18-1.mbs1.x86_64.rpm\r\n 11c665b60f7e37c08d93d4b6b8f5cfcf mbs1/x86_64/php-mysqlnd-5.5.18-1.mbs1.x86_64.rpm\r\n c4fed88774a92ce914db7abe80a9a61d mbs1/x86_64/php-odbc-5.5.18-1.mbs1.x86_64.rpm\r\n c14cb622659a9931e2700ed236e68ae9 mbs1/x86_64/php-opcache-5.5.18-1.mbs1.x86_64.rpm\r\n fcd7e445e2212b08a8383f954a1df018 mbs1/x86_64/php-openssl-5.5.18-1.mbs1.x86_64.rpm\r\n 5d47874839404826e411554318711555 mbs1/x86_64/php-pcntl-5.5.18-1.mbs1.x86_64.rpm\r\n 0866b98e77b01c6f76618e9f3d76306d mbs1/x86_64/php-pdo-5.5.18-1.mbs1.x86_64.rpm\r\n 0a0f637484a3ddadccdfb11057f1fb5a mbs1/x86_64/php-pdo_dblib-5.5.18-1.mbs1.x86_64.rpm\r\n e357a83cbf035c367440c873d25ba4f2 mbs1/x86_64/php-pdo_mysql-5.5.18-1.mbs1.x86_64.rpm\r\n 0f1836cc0696ee375249aef058f0f245 mbs1/x86_64/php-pdo_odbc-5.5.18-1.mbs1.x86_64.rpm\r\n 98bc2715b3c1bf0cdcad9f492227abae mbs1/x86_64/php-pdo_pgsql-5.5.18-1.mbs1.x86_64.rpm\r\n 41c360d01b68b3bc77a21a6086ef194e mbs1/x86_64/php-pdo_sqlite-5.5.18-1.mbs1.x86_64.rpm\r\n 299d6a500a7e011b3b5be40c1a7735f5 mbs1/x86_64/php-pgsql-5.5.18-1.mbs1.x86_64.rpm\r\n da24102ba2f7a63eaaef0fecaa55beb5 mbs1/x86_64/php-phar-5.5.18-1.mbs1.x86_64.rpm\r\n efc3c6b8de4b15d79ea4bdc519fc8a8a mbs1/x86_64/php-posix-5.5.18-1.mbs1.x86_64.rpm\r\n d79178dae1c847185d8f7a5051a44825 mbs1/x86_64/php-readline-5.5.18-1.mbs1.x86_64.rpm\r\n 368cea97143ba8c8d72c9e59e1c50913 mbs1/x86_64/php-recode-5.5.18-1.mbs1.x86_64.rpm\r\n 68a93e38ecad3eaa241bc3cb2c0347cf mbs1/x86_64/php-session-5.5.18-1.mbs1.x86_64.rpm\r\n 9a0029d4250c30677ead8089acaf0c51 mbs1/x86_64/php-shmop-5.5.18-1.mbs1.x86_64.rpm\r\n 8c76cd1bf9e440e9648c619724417371 mbs1/x86_64/php-snmp-5.5.18-1.mbs1.x86_64.rpm\r\n 8f5693203a0d60f48e5619dbab2db416 mbs1/x86_64/php-soap-5.5.18-1.mbs1.x86_64.rpm\r\n 01790d54888a2d87b15bd3331c571449 mbs1/x86_64/php-sockets-5.5.18-1.mbs1.x86_64.rpm\r\n 85e4e04669bbe9c6e9de1ff78ff49274 mbs1/x86_64/php-sqlite3-5.5.18-1.mbs1.x86_64.rpm\r\n fc2bd0f9b54861470671f37a580a1d46 mbs1/x86_64/php-sybase_ct-5.5.18-1.mbs1.x86_64.rpm\r\n c3610251005ac7b319ed8f7bed344486 mbs1/x86_64/php-sysvmsg-5.5.18-1.mbs1.x86_64.rpm\r\n 4b82dbc9eaeaa45cbf32ce5756b5c3d0 mbs1/x86_64/php-sysvsem-5.5.18-1.mbs1.x86_64.rpm\r\n 3374366b7ea2ccc20308ed2adc8ec221 mbs1/x86_64/php-sysvshm-5.5.18-1.mbs1.x86_64.rpm\r\n 636bc7a540ccd06282de2d7ed0ab3690 mbs1/x86_64/php-tidy-5.5.18-1.mbs1.x86_64.rpm\r\n 16a11f259002930ee920440669445ff9 mbs1/x86_64/php-tokenizer-5.5.18-1.mbs1.x86_64.rpm\r\n a512fe6c82be2f4432b1ded3489edcbd mbs1/x86_64/php-wddx-5.5.18-1.mbs1.x86_64.rpm\r\n ef4e52504eb75fae14f3cc3c38bd4603 mbs1/x86_64/php-xml-5.5.18-1.mbs1.x86_64.rpm\r\n 4dea2a8396ac039df6d5959b9c39b63a mbs1/x86_64/php-xmlreader-5.5.18-1.mbs1.x86_64.rpm\r\n 947eb1384492d4aad886727ec8d9389c mbs1/x86_64/php-xmlrpc-5.5.18-1.mbs1.x86_64.rpm\r\n b2ebbda90c808ae5fe8d842f94fe8364 mbs1/x86_64/php-xmlwriter-5.5.18-1.mbs1.x86_64.rpm\r\n a8412459476cc34131aad1002580c909 mbs1/x86_64/php-xsl-5.5.18-1.mbs1.x86_64.rpm\r\n cc4d955eb39fb64cc5206d24aab0acaa mbs1/x86_64/php-zip-5.5.18-1.mbs1.x86_64.rpm\r\n 0da49615c744294db6a8e603b833a91a mbs1/x86_64/php-zlib-5.5.18-1.mbs1.x86_64.rpm \r\n a6e71411ed5b80fa7e5b428eefb0cc4d mbs1/SRPMS/php-5.5.18-1.mbs1.src.rpm\r\n b62ae9619949646fb87897dd48a59142 mbs1/SRPMS/php-apc-3.1.15-1.12.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFUSMrXmqjQ0CJFipgRAplJAJsHiEWftELp+nDph3P7sO+yESmQiQCfb02E\r\nOQ8AXlipI1KEvmS9qbcotMs=\r\n=xNV7\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2014-10-27T00:00:00", "title": "[ MDVSA-2014:202 ] php", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-3670"], "modified": "2014-10-27T00:00:00", "id": "SECURITYVULNS:DOC:31310", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31310", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:58", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004\r\n\r\nOS X Yosemite 10.10.3 and Security Update 2015-004 are now available\r\nand address the following:\r\n\r\nAdmin Framework\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A process may gain admin privileges without properly\r\nauthenticating\r\nDescription: An issue existed when checking XPC entitlements. This\r\nissue was addressed with improved entitlement checking.\r\nCVE-ID\r\nCVE-2015-1130 : Emil Kvarnhammar at TrueSec\r\n\r\napache\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Multiple vulnerabilities in Apache\r\nDescription: Multiple vulnerabilities existed in Apache versions\r\nprior to 2.4.10 and 2.2.29, including one that may allow a remote\r\nattacker to execute arbitrary code. These issues were addressed by\r\nupdating Apache to versions 2.4.10 and 2.2.29\r\nCVE-ID\r\nCVE-2013-0118\r\nCVE-2013-5704\r\nCVE-2013-6438\r\nCVE-2014-0098\r\nCVE-2014-0117\r\nCVE-2014-0118\r\nCVE-2014-0226\r\nCVE-2014-0231\r\nCVE-2014-3523\r\n\r\nATS\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: Multiple input validation issues existed in fontd.\r\nThese issues were addressed through improved input validation.\r\nCVE-ID\r\nCVE-2015-1131 : Ian Beer of Google Project Zero\r\nCVE-2015-1132 : Ian Beer of Google Project Zero\r\nCVE-2015-1133 : Ian Beer of Google Project Zero\r\nCVE-2015-1134 : Ian Beer of Google Project Zero\r\nCVE-2015-1135 : Ian Beer of Google Project Zero\r\n\r\nCertificate Trust Policy\r\nImpact: Update to the certificate trust policy\r\nDescription: The certificate trust policy was updated. The complete\r\nlist of certificates may be viewed at https://support.apple.com/en-\r\nus/HT202858.\r\n\r\nCFNetwork HTTPProtocol\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: Cookies belonging to one origin may be sent to another\r\norigin\r\nDescription: A cross-domain cookie issue existed in redirect\r\nhandling. Cookies set in a redirect response could be passed on to a\r\nredirect target belonging to another origin. The issue was address\r\nthrough improved handling of redirects.\r\nCVE-ID\r\nCVE-2015-1089 : Niklas Keller\r\n\r\nCFNetwork Session\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: Authentication credentials may be sent to a server on\r\nanother origin\r\nDescription: A cross-domain HTTP request headers issue existed in\r\nredirect handling. HTTP request headers sent in a redirect response\r\ncould be passed on to another origin. The issue was addressed through\r\nimproved handling of redirects.\r\nCVE-ID\r\nCVE-2015-1091 : Diego Torres &#40;http://dtorres.me&#41;\r\n\r\nCFURL\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: An input validation issue existed within URL\r\nprocessing. This issue was addressed through improved URL validation.\r\nCVE-ID\r\nCVE-2015-1088 : Luigi Galli\r\n\r\nCoreAnimation\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: A use-after-free issue existed in CoreAnimation. This\r\nissue was addressed through improved mutex management.\r\nCVE-ID\r\nCVE-2015-1136 : Apple\r\n\r\nFontParser\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Processing a maliciously crafted font file may lead to\r\narbitrary code execution\r\nDescription: Multiple memory corruption issues existed in the\r\nprocessing of font files. These issues were addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2015-1093 : Marc Schoenefeld\r\n\r\nGraphics Driver\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A NULL pointer dereference existed in NVIDIA graphics\r\ndriver&#39;s handling of certain IOService userclient types. This issue\r\nwas addressed through additional context validation.\r\nCVE-ID\r\nCVE-2015-1137 :\r\nFrank Graziano and John Villamil of the Yahoo Pentest Team\r\n\r\nHypervisor\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A local application may be able to cause a denial of service\r\nDescription: An input validation issue existed in the hypervisor\r\nframework. This issue was addressed through improved input\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-1138 : Izik Eidus and Alex Fishman\r\n\r\nImageIO\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Processing a maliciously crafted .sgi file may lead to\r\narbitrary code execution\r\nDescription: A memory corruption issue existed in the handling of\r\n.sgi files. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-1139 : Apple\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A malicious HID device may be able to cause arbitrary code\r\nexecution\r\nDescription: A memory corruption issue existed in an IOHIDFamily\r\nAPI. This issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1095 : Andrew Church\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A buffer overflow issue existed in IOHIDFamily. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1140 : lokihardt@ASRT working with HP&#39;s Zero Day Initiative,\r\nLuca Todesco\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to determine kernel memory layout\r\nDescription: An issue existed in IOHIDFamily that led to the\r\ndisclosure of kernel memory content. This issue was addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2015-1096 : Ilja van Sprundel of IOActive\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A heap buffer overflow existed in IOHIDFamily&#39;s\r\nhandling of key-mapping properties. This issue was addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2014-4404 : Ian Beer of Google Project Zero\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A null pointer dereference existed in IOHIDFamily&#39;s\r\nhandling of key-mapping properties. This issue was addressed through\r\nimproved validation of IOHIDFamily key-mapping properties.\r\nCVE-ID\r\nCVE-2014-4405 : Ian Beer of Google Project Zero\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5\r\nImpact: A user may be able to execute arbitrary code with system\r\nprivileges\r\nDescription: An out-of-bounds write issue exited in the IOHIDFamily\r\ndriver. The issue was addressed through improved input validation.\r\nCVE-ID\r\nCVE-2014-4380 : cunzhang from Adlab of Venustech\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to cause unexpected system shutdown\r\nDescription: An issue existed in the handling of virtual memory\r\noperations within the kernel. The issue is fixed through improved\r\nhandling of the mach_vm_read operation.\r\nCVE-ID\r\nCVE-2015-1141 : Ole Andre Vadla Ravnas of www.frida.re\r\n\r\nKernel\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to cause a system denial of service\r\nDescription: A race condition existed in the kernel&#39;s setreuid\r\nsystem call. This issue was addressed through improved state\r\nmanagement.\r\nCVE-ID\r\nCVE-2015-1099 : Mark Mentovai of Google Inc.\r\n\r\nKernel\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local application may escalate privileges using a\r\ncompromised service intended to run with reduced privileges\r\nDescription: setreuid and setregid system calls failed to drop\r\nprivileges permanently. This issue was addressed by correctly\r\ndropping privileges.\r\nCVE-ID\r\nCVE-2015-1117 : Mark Mentovai of Google Inc.\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: An attacker with a privileged network position may be able\r\nto redirect user traffic to arbitrary hosts\r\nDescription: ICMP redirects were enabled by default on OS X. This\r\nissue was addressed by disabling ICMP redirects.\r\nCVE-ID\r\nCVE-2015-1103 : Zimperium Mobile Security Labs\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: An attacker with a privileged network position may be able\r\nto cause a denial of service\r\nDescription: A state inconsistency existed in the processing of TCP\r\nheaders. This issue was addressed through improved state handling.\r\nCVE-ID\r\nCVE-2015-1102 : Andrey Khudyakov and Maxim Zhuravlev of Kaspersky Lab\r\n\r\nKernel\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to cause unexpected system\r\ntermination or read kernel memory\r\nDescription: A out of bounds memory access issue existed in the\r\nkernel. This issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1100 : Maxime Villard of m00nbsd\r\n\r\nKernel\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A remote attacker may be able to bypass network filters\r\nDescription: The system would treat some IPv6 packets from remote\r\nnetwork interfaces as local packets. The issue was addressed by\r\nrejecting these packets.\r\nCVE-ID\r\nCVE-2015-1104 : Stephen Roettger of the Google Security Team\r\n\r\nKernel\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to execute arbitrary code with\r\nkernel privileges\r\nDescription: A memory corruption issue existed in the kernel. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1101 : lokihardt@ASRT working with HP&#39;s Zero Day Initiative\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A remote attacker may be able to cause a denial of service\r\nDescription: A state inconsistency issue existed in the handling of\r\nTCP out of band data. This issue was addressed through improved state\r\nmanagement.\r\nCVE-ID\r\nCVE-2015-1105 : Kenton Varda of Sandstorm.io\r\n\r\nLaunchServices\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to cause the Finder to crash\r\nDescription: An input validation issue existed in LaunchServices&#39;s\r\nhandling of application localization data. This issue was addressed\r\nthrough improved validation of localization data.\r\nCVE-ID\r\nCVE-2015-1142\r\n\r\nLaunchServices\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A type confusion issue existed in LaunchServices&#39;s\r\nhandling of localized strings. This issue was addressed through\r\nadditional bounds checking.\r\nCVE-ID\r\nCVE-2015-1143 : Apple\r\n\r\nlibnetcore\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: Processing a maliciously crafted configuration profile may\r\nlead to unexpected application termination\r\nDescription: A memory corruption issue existed in the handling of\r\nconfiguration profiles. This issue was addressed through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-1118 : Zhaofeng Chen, Hui Xue, Yulong Zhang, and Tao Wei of\r\nFireEye, Inc.\r\n\r\nntp\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A remote attacker may brute force ntpd authentication keys\r\nDescription: The config_auth function in ntpd generated a weak key\r\nwhen an authentication key was not configured. This issue was\r\naddressed by improved key generation.\r\nCVE-ID\r\nCVE-2014-9298\r\n\r\nOpenLDAP\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A remote unauthenticated client may be able to cause a\r\ndenial of service\r\nDescription: Multiple input validation issues existed in OpenLDAP.\r\nThese issues were addressed by improved input validation.\r\nCVE-ID\r\nCVE-2015-1545 : Ryan Tandy\r\nCVE-2015-1546 : Ryan Tandy\r\n\r\nOpenSSL\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Multiple vulnerabilities in OpenSSL\r\nDescription: Multiple vulnerabilities existed in OpenSSL 0.9.8zc,\r\nincluding one that may allow an attacker to intercept connections to\r\na server that supports export-grade ciphers. These issues were\r\naddressed by updating OpenSSL to version 0.9.8zd.\r\nCVE-ID\r\nCVE-2014-3569\r\nCVE-2014-3570\r\nCVE-2014-3571\r\nCVE-2014-3572\r\nCVE-2014-8275\r\nCVE-2015-0204\r\n\r\nOpen Directory Client\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A password might be sent unencrypted over the network when\r\nusing Open Directory from OS X Server\r\nDescription: If an Open Directory client was bound to an OS X Server\r\nbut did not install the certificates of the OS X Server, and then a\r\nuser on that client changed their password, the password change\r\nrequest was sent over the network without encryption. This issue was\r\naddressed by having the client require encryption for this case.\r\nCVE-ID\r\nCVE-2015-1147 : Apple\r\n\r\nPHP\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Multiple vulnerabilities in PHP\r\nDescription: Multiple vulnerabilities existed in PHP versions prior\r\nto 5.3.29, 5.4.38, and 5.5.20, including one which may have led to\r\narbitrary code execution. This update addresses the issues by\r\nupdating PHP to versions 5.3.29, 5.4.38, and 5.5.20.\r\nCVE-ID\r\nCVE-2013-6712\r\nCVE-2014-0207\r\nCVE-2014-0237\r\nCVE-2014-0238\r\nCVE-2014-2497\r\nCVE-2014-3478\r\nCVE-2014-3479\r\nCVE-2014-3480\r\nCVE-2014-3487\r\nCVE-2014-3538\r\nCVE-2014-3587\r\nCVE-2014-3597\r\nCVE-2014-3668\r\nCVE-2014-3669\r\nCVE-2014-3670\r\nCVE-2014-3710\r\nCVE-2014-3981\r\nCVE-2014-4049\r\nCVE-2014-4670\r\nCVE-2014-4698\r\nCVE-2014-5120\r\n\r\nQuickLook\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Opening a maliciously crafted iWork file may lead to\r\narbitrary code execution\r\nDescription: A memory corruption issue existed in the handling of\r\niWork files. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-1098 : Christopher Hickstein\r\n\r\nSceneKit\r\nAvailable for: OS X Mountain Lion v10.8.5\r\nImpact: Viewing a maliciously crafted Collada file may lead to\r\narbitrary code execution\r\nDescription: A heap buffer overflow existed in SceneKit&#39;s handling\r\nof Collada files. Viewing a maliciously crafted Collada file may have\r\nled to arbitrary code execution. This issue was addressed through\r\nimproved validation of accessor elements.\r\nCVE-ID\r\nCVE-2014-8830 : Jose Duart of Google Security Team\r\n\r\nScreen Sharing\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: A user&#39;s password may be logged to a local file\r\nDescription: In some circumstances, Screen Sharing may log a user&#39;s\r\npassword that is not readable by other users on the system. This\r\nissue was addressed by removing logging of credential.\r\nCVE-ID\r\nCVE-2015-1148 : Apple\r\n\r\nSecurity - Code Signing\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: Tampered applications may not be prevented from launching\r\nDescription: Applications containing specially crafted bundles may\r\nhave been able to launch without a completely valid signature. This\r\nissue was addressed by adding additional checks.\r\nCVE-ID\r\nCVE-2015-1145\r\nCVE-2015-1146\r\n\r\nUniformTypeIdentifiers\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.2\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A buffer overflow existed in the way Uniform Type\r\nIdentifiers were handled. This issue was addressed with improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-1144 : Apple\r\n\r\nWebKit\r\nAvailable for: OS X Yosemite v10.10 to v10.10.2\r\nImpact: Visiting a maliciously crafted website may lead to arbitrary\r\ncode execution\r\nDescription: A memory corruption issue existed in WebKit. This\r\nissues was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-1069 : lokihardt@ASRT working with HP&#39;s Zero Day Initiative\r\n\r\nSecurity Update 2015-004 &#40;available for OS X Mountain Lion v10.8.5\r\nand OS X Mavericks v10.9.5&#41; also addresses an issue caused by the fix\r\nfor CVE-2015-1067 in Security Update 2015-002. This issue prevented\r\nRemote Apple Events clients on any version from connecting to the\r\nRemote Apple Events server. In default configurations, Remote Apple\r\nEvents is not enabled.\r\n\r\nOS X Yosemite 10.10.3 includes the security content of Safari 8.0.5.\r\nhttps://support.apple.com/en-us/HT204658\r\n\r\nOS X Yosemite 10.10.3 and Security Update 2015-004 may be obtained\r\nfrom the Mac App Store or Apple&#39;s Software Downloads web site:\r\nhttp://www.apple.com/support/downloads/\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple&#39;s Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.22 &#40;Darwin&#41;\r\nComment: GPGTools - http://gpgtools.org\r\n\r\niQIcBAEBAgAGBQJVJKj2AAoJEBcWfLTuOo7tDh4QAK0LxfwMRKcdOXOKpXsRz6lg\r\nlhZ+CLVcSepq8qBkFQ74f3B5CuhxD0IGQPaAuSXl51tWYdfN+92tkbmyZ9k8901l\r\n+I0vw6upeE+oqRnGtSRzq68UhcARbdV8V1+C0Xl3IIuuHc+xlEgvklDhF9Pc8XM6\r\nDudGiVNqt6MOqd5Oc4s4FFF0nnpnyG9+UJem3mi4Ee88PwI4x1Hev7utPPmaPDzj\r\ncjkVeislko3QArNJxtBpkYudErA4eR5OX8Tdf12jAmPTtjrXUb3VigEf78Nna0RW\r\nkHTOGdB5EZ+YFZ8KlyIQlENBjTtI8CGdCF4/S/2xDN83NTRsimd5Y7LSjdd0uANo\r\npqxAc3Gzn5xngWF1Qbb6V+XZBfz5NoeTq5BXBB5OHz4PSGaQuMsBA2RYFMzNLqWv\r\nD/T5U1JtzRLALt0lYAz63B0OhW7KXeLI9oer1Vo4wWF9O9cUFyuSI4JU5uYLQpJX\r\nkEpSFt4YPFFxMnlzCLzLkmVGax4w9M/tRHYeSKAnRlnsoPBtIGFItlNZE2RduD/R\r\n5n2APoJa3banQ8miycGORYP3WsktDRZzBy+2QPWuz8sE3AvAkO9xWp8PrQBkqf/b\r\n6CIG5UkCYITG2uzBXqnGbfDiEDvBLNN1Yq0ZZI23iYRxrdW0I0pv1CHio354q12G\r\nvVE37tYUU4PnLfwlcazq\r\n=MOsT\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-04-09T00:00:00", "title": "APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-1144", "CVE-2015-1117", "CVE-2015-1102", "CVE-2014-4405", "CVE-2015-1096", "CVE-2014-3478", "CVE-2014-0231", "CVE-2014-3572", "CVE-2014-0237", "CVE-2014-3571", "CVE-2013-5704", "CVE-2014-3587", "CVE-2015-1132", "CVE-2014-3479", "CVE-2014-4670", "CVE-2015-1091", "CVE-2015-1067", "CVE-2015-1148", "CVE-2015-1143", "CVE-2014-9298", "CVE-2014-3668", "CVE-2014-8830", "CVE-2015-1145", "CVE-2014-0098", "CVE-2014-3480", "CVE-2015-1138", "CVE-2014-3981", "CVE-2015-1140", "CVE-2013-0118", "CVE-2014-0207", "CVE-2014-8275", "CVE-2014-3570", "CVE-2013-6438", "CVE-2015-1147", "CVE-2014-3669", "CVE-2015-1093", "CVE-2015-1545", "CVE-2014-3487", "CVE-2014-3538", "CVE-2014-5120", "CVE-2014-3597", "CVE-2015-1130", "CVE-2015-1136", "CVE-2015-1142", "CVE-2014-3710", "CVE-2015-1139", "CVE-2014-4698", "CVE-2014-3523", "CVE-2014-4049", "CVE-2014-3670", "CVE-2015-1546", "CVE-2015-0204", "CVE-2015-1105", "CVE-2015-1099", "CVE-2015-1146", "CVE-2015-1135", "CVE-2014-2497", "CVE-2015-1118", "CVE-2014-0118", "CVE-2015-1131", "CVE-2015-1137", "CVE-2015-1101", "CVE-2015-1103", "CVE-2015-1104", "CVE-2014-4404", "CVE-2015-1089", "CVE-2015-1133", "CVE-2015-1141", "CVE-2014-0117", "CVE-2015-1088", "CVE-2013-6712", "CVE-2015-1069", "CVE-2014-4380", "CVE-2015-1095", "CVE-2015-1098", "CVE-2014-3569", "CVE-2015-1100", "CVE-2014-0238", "CVE-2014-0226", "CVE-2015-1134"], "modified": "2015-04-09T00:00:00", "id": "SECURITYVULNS:DOC:31890", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31890", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:03:08", "description": "80 different vulnerabilities.", "edition": 2, "cvss3": {}, "published": "2015-04-13T00:00:00", "title": "Apple Mac OS X multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-1144", "CVE-2015-1117", "CVE-2015-1102", "CVE-2014-4405", "CVE-2015-1096", "CVE-2014-3478", "CVE-2014-0231", "CVE-2014-3572", "CVE-2014-0237", "CVE-2014-3571", "CVE-2013-5704", "CVE-2014-3587", "CVE-2015-1132", "CVE-2014-3479", "CVE-2014-4670", "CVE-2015-1091", "CVE-2015-1148", "CVE-2015-1143", "CVE-2014-9298", "CVE-2014-3668", "CVE-2015-1149", "CVE-2014-8830", "CVE-2015-1145", "CVE-2014-0098", "CVE-2014-3480", "CVE-2015-1138", "CVE-2014-3981", "CVE-2015-1140", "CVE-2013-0118", "CVE-2014-0207", "CVE-2014-8275", "CVE-2014-3570", "CVE-2013-6438", "CVE-2015-1147", "CVE-2014-3669", "CVE-2015-1093", "CVE-2015-1545", "CVE-2014-3487", "CVE-2014-3538", "CVE-2014-5120", "CVE-2014-3597", "CVE-2015-1130", "CVE-2015-1136", "CVE-2015-1142", "CVE-2014-3710", "CVE-2015-1139", "CVE-2014-4698", "CVE-2014-3523", "CVE-2014-4049", "CVE-2014-3670", "CVE-2015-1546", "CVE-2015-0204", "CVE-2015-1105", "CVE-2015-1099", "CVE-2015-1146", "CVE-2015-1135", "CVE-2014-2497", "CVE-2015-1118", "CVE-2014-0118", "CVE-2015-1131", "CVE-2015-1137", "CVE-2015-1101", "CVE-2015-1103", "CVE-2015-1104", "CVE-2014-4404", "CVE-2015-1089", "CVE-2015-1133", "CVE-2015-1141", "CVE-2014-0117", "CVE-2015-1088", "CVE-2013-6712", "CVE-2015-1069", "CVE-2014-4380", "CVE-2015-1095", "CVE-2015-1098", "CVE-2014-3569", "CVE-2015-1100", "CVE-2014-0238", "CVE-2014-0226", "CVE-2015-1134"], "modified": "2015-04-13T00:00:00", "id": "SECURITYVULNS:VULN:14366", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14366", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2022-01-17T19:07:43", "description": "### Background\n\nPHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. \n\n### Description\n\nMultiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA context-dependent attacker can possibly execute arbitrary code or create a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll PHP 5.5 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-5.5.18\"\n \n\nAll PHP 5.4 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-5.4.34\"\n \n\nAll PHP 5.3 users should upgrade to the latest version. This release marks the end of life of the PHP 5.3 series. Future releases of this series are not planned. All PHP 5.3 users are encouraged to upgrade to the current stable version of PHP 5.5 or previous stable version of PHP 5.4, which are supported till at least 2016 and 2015 respectively. \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-5.3.29\"", "cvss3": {}, "published": "2014-11-09T00:00:00", "type": "gentoo", "title": "PHP: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2015-08-22T00:00:00", "id": "GLSA-201411-04", "href": "https://security.gentoo.org/glsa/201411-04", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:37:33", "description": "Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. It has been\ndecided to follow the stable 5.4.x releases for the Wheezy PHP packages.\nConsequently the vulnerabilities are addressed by upgrading PHP to a new\nupstream version 5.4.34, which includes additional bug fixes, new\nfeatures and possibly incompatible changes.", "cvss3": {}, "published": "2014-11-04T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3064-1 (php5 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310703064", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703064", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3064.nasl 14302 2019-03-19 08:28:48Z cfischer $\n# Auto-generated from advisory DSA 3064-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703064\");\n script_version(\"$Revision: 14302 $\");\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n script_name(\"Debian Security Advisory DSA 3064-1 (php5 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 09:28:48 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-04 00:00:00 +0100 (Tue, 04 Nov 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-3064.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"php5 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), these problems have been fixed in\nversion 5.4.34-0+deb7u1.\n\nWe recommend that you upgrade your php5 packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. It has been\ndecided to follow the stable 5.4.x releases for the Wheezy PHP packages.\nConsequently the vulnerabilities are addressed by upgrading PHP to a new\nupstream version 5.4.34, which includes additional bug fixes, new\nfeatures and possibly incompatible changes.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-28T10:48:52", "description": "Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. It has been\ndecided to follow the stable 5.4.x releases for the Wheezy PHP packages.\nConsequently the vulnerabilities are addressed by upgrading PHP to a new\nupstream version 5.4.34, which includes additional bug fixes, new\nfeatures and possibly incompatible changes. Please refer to the upstream\nchangelog for more information:\n\nhttp://php.net/ChangeLog-5.php#5.4.34", "cvss3": {}, "published": "2014-11-04T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3064-1 (php5 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2017-07-13T00:00:00", "id": "OPENVAS:703064", "href": "http://plugins.openvas.org/nasl.php?oid=703064", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3064.nasl 6715 2017-07-13 09:57:40Z teissa $\n# Auto-generated from advisory DSA 3064-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703064);\n script_version(\"$Revision: 6715 $\");\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n script_name(\"Debian Security Advisory DSA 3064-1 (php5 - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-13 11:57:40 +0200 (Thu, 13 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-11-04 00:00:00 +0100 (Tue, 04 Nov 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-3064.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"php5 on Debian Linux\");\n script_tag(name: \"insight\", value: \"This package is a metapackage that, when installed, guarantees that you\nhave at least one of the four server-side versions of the PHP5 interpreter\ninstalled. Removing this package won't remove PHP5 from your system, however\nit may remove other packages that depend on this one.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy), these problems have been fixed in\nversion 5.4.34-0+deb7u1.\n\nWe recommend that you upgrade your php5 packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities were found in PHP, a general-purpose scripting\nlanguage commonly used for web application development. It has been\ndecided to follow the stable 5.4.x releases for the Wheezy PHP packages.\nConsequently the vulnerabilities are addressed by upgrading PHP to a new\nupstream version 5.4.34, which includes additional bug fixes, new\nfeatures and possibly incompatible changes. Please refer to the upstream\nchangelog for more information:\n\nhttp://php.net/ChangeLog-5.php#5.4.34\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.34-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-03-17T23:01:10", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2014-434)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120347", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120347", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120347\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:24:18 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2014-434)\");\n script_tag(name:\"insight\", value:\"An out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. (CVE-2014-3668 )An integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669 )A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2014-3670 )\");\n script_tag(name:\"solution\", value:\"Run yum update php54 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-434.html\");\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3668\", \"CVE-2014-3670\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php54-debuginfo\", rpm:\"php54-debuginfo~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mbstring\", rpm:\"php54-mbstring~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54\", rpm:\"php54~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-xml\", rpm:\"php54-xml~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-devel\", rpm:\"php54-devel~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-bcmath\", rpm:\"php54-bcmath~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-odbc\", rpm:\"php54-odbc~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-snmp\", rpm:\"php54-snmp~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-gd\", rpm:\"php54-gd~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-soap\", rpm:\"php54-soap~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-xmlrpc\", rpm:\"php54-xmlrpc~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-intl\", rpm:\"php54-intl~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-fpm\", rpm:\"php54-fpm~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-pdo\", rpm:\"php54-pdo~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mssql\", rpm:\"php54-mssql~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-imap\", rpm:\"php54-imap~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mysql\", rpm:\"php54-mysql~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-pgsql\", rpm:\"php54-pgsql~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-embedded\", rpm:\"php54-embedded~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-pspell\", rpm:\"php54-pspell~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-enchant\", rpm:\"php54-enchant~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-common\", rpm:\"php54-common~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-recode\", rpm:\"php54-recode~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-dba\", rpm:\"php54-dba~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-ldap\", rpm:\"php54-ldap~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-cli\", rpm:\"php54-cli~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-tidy\", rpm:\"php54-tidy~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mcrypt\", rpm:\"php54-mcrypt~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-mysqlnd\", rpm:\"php54-mysqlnd~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php54-process\", rpm:\"php54-process~5.4.34~1.62.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T23:00:51", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2014-435)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120348", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120348", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120348\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:24:20 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2014-435)\");\n script_tag(name:\"insight\", value:\"An out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. (CVE-2014-3668 )An integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669 )A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2014-3670 )\");\n script_tag(name:\"solution\", value:\"Run yum update php55 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-435.html\");\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3668\", \"CVE-2014-3670\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php55-pdo\", rpm:\"php55-pdo~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-embedded\", rpm:\"php55-embedded~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mcrypt\", rpm:\"php55-mcrypt~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-ldap\", rpm:\"php55-ldap~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-common\", rpm:\"php55-common~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-process\", rpm:\"php55-process~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-devel\", rpm:\"php55-devel~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-bcmath\", rpm:\"php55-bcmath~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-xmlrpc\", rpm:\"php55-xmlrpc~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-recode\", rpm:\"php55-recode~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-pgsql\", rpm:\"php55-pgsql~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-imap\", rpm:\"php55-imap~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-fpm\", rpm:\"php55-fpm~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-cli\", rpm:\"php55-cli~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mysqlnd\", rpm:\"php55-mysqlnd~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55\", rpm:\"php55~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-gd\", rpm:\"php55-gd~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mssql\", rpm:\"php55-mssql~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-odbc\", rpm:\"php55-odbc~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-pspell\", rpm:\"php55-pspell~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-xml\", rpm:\"php55-xml~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-gmp\", rpm:\"php55-gmp~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-snmp\", rpm:\"php55-snmp~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-mbstring\", rpm:\"php55-mbstring~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-tidy\", rpm:\"php55-tidy~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-opcache\", rpm:\"php55-opcache~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-debuginfo\", rpm:\"php55-debuginfo~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-intl\", rpm:\"php55-intl~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-soap\", rpm:\"php55-soap~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-dba\", rpm:\"php55-dba~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php55-enchant\", rpm:\"php55-enchant~5.5.18~1.92.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:30", "description": "This host is installed with PHP and is\n prone to multiple vulnerabilities.", "cvss3": {}, "published": "2015-01-06T00:00:00", "type": "openvas", "title": "PHP Multiple Vulnerabilities - 01 - Jan15", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310805409", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805409", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_mult_vuln01_jan15.nasl 11872 2018-10-12 11:22:41Z cfischer $\n#\n# PHP Multiple Vulnerabilities - 01 - Jan15\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805409\");\n script_version(\"$Revision: 11872 $\");\n script_cve_id(\"CVE-2014-3670\", \"CVE-2014-3669\", \"CVE-2014-3668\");\n script_bugtraq_id(70611, 70665, 70666);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 13:22:41 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-06 17:18:33 +0530 (Tue, 06 Jan 2015)\");\n script_name(\"PHP Multiple Vulnerabilities - 01 - Jan15\");\n\n script_tag(name:\"summary\", value:\"This host is installed with PHP and is\n prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - The exif_ifd_make_value function in exif.c in the EXIF extension in PHP\n operates on floating-point arrays incorrectly.\n\n - Integer overflow in the object_custom function in ext/standard/var\n _unserializer.c in PHP.\n\n - Buffer overflow in the date_from_ISO8601 function in the mkgmtime\n implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause a denial of service or possibly execute arbitrary code\n via different crafted dimensions.\");\n\n script_tag(name:\"affected\", value:\"PHP versions 5.4.x before 5.4.34, 5.5.x\n before 5.5.18, and 5.6.x before 5.6.2\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP version 5.4.34 or 5.5.18\n or 5.6.2 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name:\"URL\", value:\"https://bugs.php.net/bug.php?id=68044\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_php_detect.nasl\");\n script_mandatory_keys(\"php/installed\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(phpVer =~ \"^5\\.[4-6]\")\n{\n if(version_in_range(version:phpVer, test_version:\"5.4.0\", test_version2:\"5.4.33\")||\n version_in_range(version:phpVer, test_version:\"5.5.0\", test_version2:\"5.5.17\")||\n version_in_range(version:phpVer, test_version:\"5.6.0\", test_version2:\"5.6.1\")) {\n report = report_fixed_ver(installed_version:phpVer, fixed_version:\"5.4.34/5.5.18/5.6.2\");\n security_message(data:report, port:phpPort);\n exit(0);\n }\n}\n\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:16", "description": "Gentoo Linux Local Security Checks GLSA 201411-04", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201411-04", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121279", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121279", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201411-04.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121279\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:27:58 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201411-04\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201411-04\");\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201411-04\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.5.18\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.34\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.3.29\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.36\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.37\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.38\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.39\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.35\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.40\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.41\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.42\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.43\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.44\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.45\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.4.46\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(), vulnerable: make_list(\"lt 5.5.18\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:35", "description": "Oracle Linux Local Security Checks ELSA-2014-1767", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-1767", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3710", "CVE-2014-3670"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123264", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123264", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-1767.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123264\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:01:28 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-1767\");\n script_tag(name:\"insight\", value:\"ELSA-2014-1767 - php security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-1767\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-1767.html\");\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(7|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-embedded\", rpm:\"php-embedded~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mysqlnd\", rpm:\"php-mysqlnd~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-process\", rpm:\"php-process~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.4.16~23.el7_0.3\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-embedded\", rpm:\"php-embedded~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-process\", rpm:\"php-process~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-zts\", rpm:\"php-zts~5.3.3~40.el6_6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-10-31T00:00:00", "type": "openvas", "title": "RedHat Update for php53 RHSA-2014:1768-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3710", "CVE-2014-3670"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871283", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871283", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php53 RHSA-2014:1768-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871283\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-31 05:45:01 +0100 (Fri, 31 Oct 2014)\");\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Update for php53 RHSA-2014:1768-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php53'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code with the privileges\nof the user running that PHP application. (CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information\n(fileinfo) extension parsed Executable and Linkable Format (ELF) files.\nA remote attacker could use this flaw to crash a PHP application using\nfileinfo via a specially crafted ELF file. (CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed\ndates in the ISO 8601 format. A specially crafted XML-RPC request or\nresponse could possibly cause a PHP application to crash. (CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat\nProduct Security.\n\nAll php53 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\");\n script_tag(name:\"affected\", value:\"php53 on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2014:1768-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-October/msg00062.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-cli\", rpm:\"php53-cli~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-common\", rpm:\"php53-common~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-debuginfo\", rpm:\"php53-debuginfo~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-devel\", rpm:\"php53-devel~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-imap\", rpm:\"php53-imap~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-process\", rpm:\"php53-process~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xml\", rpm:\"php53-xml~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.3~26.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:38", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-10-31T00:00:00", "type": "openvas", "title": "Ubuntu Update for php5 USN-2391-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3710", "CVE-2014-3670"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842016", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842016", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2391_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for php5 USN-2391-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842016\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-31 05:45:32 +0100 (Fri, 31 Oct 2014)\");\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu Update for php5 USN-2391-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php5'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Symeon Paraschoudis discovered that PHP\nincorrectly handled the mkgmtime function. A remote attacker could possibly use\nthis issue to cause PHP to crash, resulting in a denial of service. (CVE-2014-3668)\n\nSymeon Paraschoudis discovered that PHP incorrectly handled unserializing\nobjects. A remote attacker could possibly use this issue to cause PHP to\ncrash, resulting in a denial of service. (CVE-2014-3669)\n\nOtto Ebeling discovered that PHP incorrectly handled the exif_thumbnail\nfunction. A remote attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n(CVE-2014-3670)\n\nFrancisco Alonso that PHP incorrectly handled ELF files in the fileinfo\nextension. A remote attacker could possibly use this issue to cause PHP to\ncrash, resulting in a denial of service. (CVE-2014-3710)\n\nIt was discovered that PHP incorrectly handled NULL bytes when processing\ncertain URLs with the curl functions. A remote attacker could possibly use\nthis issue to bypass filename restrictions and obtain access to sensitive\nfiles. (No CVE number)\");\n script_tag(name:\"affected\", value:\"php5 on Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2391-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2391-1/\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|10\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.5.9+dfsg-1ubuntu4.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.5.9+dfsg-1ubuntu4.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.5.9+dfsg-1ubuntu4.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.5.9+dfsg-1ubuntu4.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.5.9+dfsg-1ubuntu4.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.5.9+dfsg-1ubuntu4.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.10-1ubuntu3.15\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.10-1ubuntu3.15\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.10-1ubuntu3.15\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.10-1ubuntu3.15\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.3.10-1ubuntu3.15\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.10-1ubuntu3.15\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.2-1ubuntu4.28\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.2-1ubuntu4.28\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.2-1ubuntu4.28\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.2-1ubuntu4.28\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.2-1ubuntu4.28\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:45", "description": "Check the version of php", "cvss3": {}, "published": "2014-11-01T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2014:1767 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3710", "CVE-2014-3670"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882074", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882074", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2014:1767 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882074\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-01 05:44:28 +0100 (Sat, 01 Nov 2014)\");\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for php CESA-2014:1767 centos6\");\n\n script_tag(name:\"summary\", value:\"Check the version of php\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language\ncommonly used with the Apache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code with the privileges\nof the user running that PHP application. (CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information\n(fileinfo) extension parsed Executable and Linkable Format (ELF) files.\nA remote attacker could use this flaw to crash a PHP application using\nfileinfo via a specially crafted ELF file. (CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed\ndates in the ISO 8601 format. A specially crafted XML-RPC request or\nresponse could possibly cause a PHP application to crash. (CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat\nProduct Security.\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\");\n script_tag(name:\"affected\", value:\"php on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2014:1767\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-October/020723.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-embedded\", rpm:\"php-embedded~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-process\", rpm:\"php-process~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zts\", rpm:\"php-zts~5.3.3~40.el6_6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:29", "description": "Check the version of php", "cvss3": {}, "published": "2014-11-01T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2014:1767 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3710", "CVE-2014-3670"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882073", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882073", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2014:1767 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882073\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-01 05:44:24 +0100 (Sat, 01 Nov 2014)\");\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for php CESA-2014:1767 centos7\");\n\n script_tag(name:\"summary\", value:\"Check the version of php\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language\ncommonly used with the Apache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code with the privileges\nof the user running that PHP application. (CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information\n(fileinfo) extension parsed Executable and Linkable Format (ELF) files.\nA remote attacker could use this flaw to crash a PHP application using\nfileinfo via a specially crafted ELF file. (CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed\ndates in the ISO 8601 format. A specially crafted XML-RPC request or\nresponse could possibly cause a PHP application to crash. (CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat\nProduct Security.\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\");\n script_tag(name:\"affected\", value:\"php on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2014:1767\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-October/020726.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-embedded\", rpm:\"php-embedded~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqlnd\", rpm:\"php-mysqlnd~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-process\", rpm:\"php-process~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.4.16~23.el7_0.3\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:03", "description": "Oracle Linux Local Security Checks ELSA-2014-1768", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-1768", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3710", "CVE-2014-3670"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123262", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123262", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-1768.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123262\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:01:26 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-1768\");\n script_tag(name:\"insight\", value:\"ELSA-2014-1768 - php53 security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-1768\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-1768.html\");\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-cli\", rpm:\"php53-cli~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-common\", rpm:\"php53-common~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-devel\", rpm:\"php53-devel~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-imap\", rpm:\"php53-imap~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-process\", rpm:\"php53-process~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-xml\", rpm:\"php53-xml~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.3~26.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:25", "description": "Check the version of php53", "cvss3": {}, "published": "2014-11-01T00:00:00", "type": "openvas", "title": "CentOS Update for php53 CESA-2014:1768 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3710", "CVE-2014-3670"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882072", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882072", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php53 CESA-2014:1768 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882072\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-01 05:44:15 +0100 (Sat, 01 Nov 2014)\");\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for php53 CESA-2014:1768 centos5\");\n\n script_tag(name:\"summary\", value:\"Check the version of php53\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language\ncommonly used with the Apache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code with the privileges\nof the user running that PHP application. (CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information\n(fileinfo) extension parsed Executable and Linkable Format (ELF) files.\nA remote attacker could use this flaw to crash a PHP application using\nfileinfo via a specially crafted ELF file. (CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed\ndates in the ISO 8601 format. A specially crafted XML-RPC request or\nresponse could possibly cause a PHP application to crash. (CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat\nProduct Security.\n\nAll php53 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\");\n script_tag(name:\"affected\", value:\"php53 on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2014:1768\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-October/020724.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php53\", rpm:\"php53~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-bcmath\", rpm:\"php53-bcmath~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-cli\", rpm:\"php53-cli~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-common\", rpm:\"php53-common~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-dba\", rpm:\"php53-dba~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-devel\", rpm:\"php53-devel~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-gd\", rpm:\"php53-gd~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-imap\", rpm:\"php53-imap~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-intl\", rpm:\"php53-intl~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-ldap\", rpm:\"php53-ldap~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mbstring\", rpm:\"php53-mbstring~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-mysql\", rpm:\"php53-mysql~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-odbc\", rpm:\"php53-odbc~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pdo\", rpm:\"php53-pdo~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pgsql\", rpm:\"php53-pgsql~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-process\", rpm:\"php53-process~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-pspell\", rpm:\"php53-pspell~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-snmp\", rpm:\"php53-snmp~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-soap\", rpm:\"php53-soap~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xml\", rpm:\"php53-xml~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php53-xmlrpc\", rpm:\"php53-xmlrpc~5.3.3~26.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-10-31T00:00:00", "type": "openvas", "title": "RedHat Update for php RHSA-2014:1767-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3710", "CVE-2014-3670"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871281", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871281", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php RHSA-2014:1767-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871281\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-31 05:44:55 +0100 (Fri, 31 Oct 2014)\");\n script_cve_id(\"CVE-2014-3668\", \"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3710\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Update for php RHSA-2014:1767-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code with the privileges\nof the user running that PHP application. (CVE-2014-3670)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAn out-of-bounds read flaw was found in the way the File Information\n(fileinfo) extension parsed Executable and Linkable Format (ELF) files.\nA remote attacker could use this flaw to crash a PHP application using\nfileinfo via a specially crafted ELF file. (CVE-2014-3710)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed\ndates in the ISO 8601 format. A specially crafted XML-RPC request or\nresponse could possibly cause a PHP application to crash. (CVE-2014-3668)\n\nThe CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat\nProduct Security.\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\");\n script_tag(name:\"affected\", value:\"php on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2014:1767-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-October/msg00061.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.16~23.el7_0.3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.4.16~23.el7_0.3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.4.16~23.el7_0.3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.4.16~23.el7_0.3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.4.16~23.el7_0.3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.4.16~23.el7_0.3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.4.16~23.el7_0.3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.4.16~23.el7_0.3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.4.16~23.el7_0.3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.4.16~23.el7_0.3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-process\", rpm:\"php-process~5.4.16~23.el7_0.3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.4.16~23.el7_0.3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.4.16~23.el7_0.3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.4.16~23.el7_0.3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.4.16~23.el7_0.3\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.3~40.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.3~40.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.3.3~40.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.3.3~40.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.3~40.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.3~40.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.3~40.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.3~40.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.3~40.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.3~40.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.3~40.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.3~40.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.3~40.el6_6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:40", "description": "Check the version of php", "cvss3": {}, "published": "2014-10-24T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2014-13013", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2013-6420", "CVE-2014-0185"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868424", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868424", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2014-13013\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868424\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-24 06:01:41 +0200 (Fri, 24 Oct 2014)\");\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3668\", \"CVE-2014-0185\", \"CVE-2013-6420\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for php FEDORA-2014-13013\");\n script_tag(name:\"summary\", value:\"Check the version of php\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"php on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-13013\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-October/141349.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.5.18~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:12", "description": "Oracle Linux Local Security Checks ELSA-2014-1824", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-1824", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3669", "CVE-2014-8626", "CVE-2014-3670"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123257", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123257", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-1824.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123257\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:01:22 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-1824\");\n script_tag(name:\"insight\", value:\"ELSA-2014-1824 - php security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-1824\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-1824.html\");\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-8626\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~45.el5_11\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:44", "description": "Check the version of php", "cvss3": {}, "published": "2014-11-07T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2014:1824 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3669", "CVE-2014-8626", "CVE-2014-3670"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882077", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882077", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2014:1824 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882077\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-07 06:18:06 +0100 (Fri, 07 Nov 2014)\");\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-8626\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Update for php CESA-2014:1824 centos5\");\n\n script_tag(name:\"summary\", value:\"Check the version of php\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language\ncommonly used with the Apache HTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code with the privileges\nof the user running that PHP application. (CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc\nextension parsed dates in the ISO 8601 format. A specially crafted XML-RPC\nrequest or response could possibly cause a PHP application to crash.\n(CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\");\n script_tag(name:\"affected\", value:\"php on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2014:1824\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-November/020743.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~45.el5_11\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-11-07T00:00:00", "type": "openvas", "title": "RedHat Update for php RHSA-2014:1824-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3669", "CVE-2014-8626", "CVE-2014-3670"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871287", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871287", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php RHSA-2014:1824-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871287\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-07 06:17:40 +0100 (Fri, 07 Nov 2014)\");\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-8626\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Update for php RHSA-2014:1824-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server.\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted\nJPEG or TIFF file could cause a PHP application using the exif_thumbnail()\nfunction to crash or, possibly, execute arbitrary code with the privileges\nof the user running that PHP application. (CVE-2014-3670)\n\nA stack-based buffer overflow flaw was found in the way the xmlrpc\nextension parsed dates in the ISO 8601 format. A specially crafted XML-RPC\nrequest or response could possibly cause a PHP application to crash.\n(CVE-2014-8626)\n\nAn integer overflow flaw was found in the way custom objects were\nunserialized. Specially crafted input processed by the unserialize()\nfunction could cause a PHP application to crash. (CVE-2014-3669)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\");\n script_tag(name:\"affected\", value:\"php on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2014:1824-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-November/msg00018.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~45.el5_11\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:17", "description": "Check the version of php", "cvss3": {}, "published": "2014-10-29T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2014-13031", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4113", "CVE-2011-4718", "CVE-2013-4248", "CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670", "CVE-2013-6420", "CVE-2014-0185"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868436", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868436", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2014-13031\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868436\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-29 05:51:39 +0100 (Wed, 29 Oct 2014)\");\n script_cve_id(\"CVE-2014-3669\", \"CVE-2014-3670\", \"CVE-2014-3668\", \"CVE-2014-0185\",\n \"CVE-2013-6420\", \"CVE-2011-4718\", \"CVE-2013-4248\", \"CVE-2013-4113\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for php FEDORA-2014-13031\");\n script_tag(name:\"summary\", value:\"Check the version of php\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"php on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-13031\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-October/141404.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.5.18~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:38:59", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1544)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9705", "CVE-2014-9427", "CVE-2013-4248", "CVE-2014-3515", "CVE-2014-3668", "CVE-2018-10546", "CVE-2015-4148", "CVE-2015-4605", "CVE-2009-2408", "CVE-2015-4024", "CVE-2015-4021", "CVE-2015-4602", "CVE-2018-10548", "CVE-2015-4604", "CVE-2014-3670", "CVE-2015-3412", "CVE-2014-2497", "CVE-2015-4603", "CVE-2015-4599", "CVE-2015-4598", "CVE-2015-0231"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191544", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191544", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1544\");\n script_version(\"2020-01-23T12:10:18+0000\");\n script_cve_id(\"CVE-2013-4248\", \"CVE-2014-2497\", \"CVE-2014-3515\", \"CVE-2014-3668\", \"CVE-2014-3670\", \"CVE-2014-9427\", \"CVE-2014-9705\", \"CVE-2015-0231\", \"CVE-2015-3412\", \"CVE-2015-4021\", \"CVE-2015-4024\", \"CVE-2015-4148\", \"CVE-2015-4598\", \"CVE-2015-4599\", \"CVE-2015-4602\", \"CVE-2015-4603\", \"CVE-2015-4604\", \"CVE-2015-4605\", \"CVE-2018-10546\", \"CVE-2018-10548\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:10:18 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:10:18 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1544)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1544\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1544\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'php' package(s) announced via the EulerOS-SA-2019-1544 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An integer underflow flaw leading to out-of-bounds memory access was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened.(CVE-2015-4021)\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash.(CVE-2014-3668)\n\nIt was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions.(CVE-2015-4598)\n\nA flaw was found in the way PHP handled malformed source files when running in CGI mode. A specially crafted PHP file could cause PHP CGI to crash.(CVE-2014-9427)\n\nAn issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.(CVE-2018-10548)\n\nAn infinite loop vulnerability was found in ext/iconv/iconv.c in PHP due to the iconv stream not rejecting invalid multibyte sequences. A remote attacker could use this vulnerability to hang the php process and consume resources.(CVE-2018-10546)\n\nThe openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\\\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.(CVE-2013-4248)\n\nA use-after-free flaw was found in the way PHP's unserialize() function processed data. If a remote attacker was able to pass crafted input to PHP's unserialize() function, they could cause the PHP interpreter to crash or, possibly, execute arbitrary code.(CVE-2015-0231)\n\nA flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code.(CVE-2015-4602)\n\nIt was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictio ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'php' package(s) on Huawei EulerOS Virtualization 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.16~45.h9\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.4.16~45.h9\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.4.16~45.h9\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:34:23", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1543)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-2348", "CVE-2015-2787", "CVE-2015-0232", "CVE-2015-2783", "CVE-2015-8873", "CVE-2015-3329", "CVE-2015-6834", "CVE-2015-0273", "CVE-2014-8142", "CVE-2015-4025", "CVE-2014-3669", "CVE-2014-5120", "CVE-2014-3597", "CVE-2015-6836", "CVE-2015-4026", "CVE-2014-4721", "CVE-2015-4022", "CVE-2015-6837", "CVE-2015-6835", "CVE-2015-4643"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191543", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191543", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1543\");\n script_version(\"2020-01-23T12:09:56+0000\");\n script_cve_id(\"CVE-2014-3597\", \"CVE-2014-3669\", \"CVE-2014-4721\", \"CVE-2014-5120\", \"CVE-2014-8142\", \"CVE-2015-0232\", \"CVE-2015-0273\", \"CVE-2015-2348\", \"CVE-2015-2783\", \"CVE-2015-2787\", \"CVE-2015-3329\", \"CVE-2015-4022\", \"CVE-2015-4025\", \"CVE-2015-4026\", \"CVE-2015-4643\", \"CVE-2015-6834\", \"CVE-2015-6835\", \"CVE-2015-6836\", \"CVE-2015-6837\", \"CVE-2015-8873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:09:56 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:09:56 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1543)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1543\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1543\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'php' package(s) announced via the EulerOS-SA-2019-1543 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A flaws was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code.(CVE-2014-8142)\n\nIt was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions.(CVE-2015-4026)\n\nA flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code.(CVE-2015-6834)\n\nIt was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions.(CVE-2015-4025)\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash.(CVE-2014-3669)\n\nIt was found that PHP move_uploaded_file() function did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions.(CVE-2015-2348)\n\nAn integer overflow flaw leading to a heap-based buffer overflow was found in the way PHP's FTP extension parsed file listing FTP server responses. A malicious FTP server could use this flaw to cause a PHP application to crash or, possibly, execute arbitrary code.(CVE-2015-4022)\n\nA flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code.(CVE-2015-6836)\n\nA NULL pointer dereference flaw was found in the XSLTProcessor class in PHP. An attacker could use this flaw to cause a PHP application to crash if it performed Extensible Stylesheet Language (XSL) transformations using untrusted XSLT files and allowed the use of PHP functions to be used as XSLT functions within XSL stylesheets.(CVE-2015-6837)\n\nIt was found that PHP's gd extension did not properly handle file names with a null character. A remote attacker could possibly use this flaw to make a PHP application access unexpected files and bypass intended file system access restrictions.(CVE-2014-5120)\n\nA flaw was discovered in the way PHP performed obj ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'php' package(s) on Huawei EulerOS Virtualization 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.16~45.h9\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.4.16~45.h9\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.4.16~45.h9\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2021-07-25T19:30:52", "description": "**Issue Overview:**\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. (CVE-2014-3668)\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669)\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2014-3670)\n\n \n**Affected Packages:** \n\n\nphp54\n\n \n**Issue Correction:** \nRun _yum update php54_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 php54-debuginfo-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-mbstring-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-xml-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-devel-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-bcmath-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-odbc-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-snmp-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-gd-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-soap-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-xmlrpc-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-intl-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-fpm-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-pdo-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-mssql-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-imap-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-mysql-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-pgsql-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-embedded-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-pspell-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-enchant-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-common-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-recode-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-dba-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-ldap-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-cli-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-tidy-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-mcrypt-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-mysqlnd-5.4.34-1.62.amzn1.i686 \n \u00a0\u00a0\u00a0 php54-process-5.4.34-1.62.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 php54-5.4.34-1.62.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 php54-fpm-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-mssql-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-debuginfo-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-gd-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-imap-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-embedded-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-mcrypt-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-pdo-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-pgsql-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-common-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-dba-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-tidy-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-bcmath-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-odbc-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-mysql-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-cli-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-ldap-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-process-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-snmp-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-devel-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-mbstring-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-soap-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-enchant-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-pspell-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-mysqlnd-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-intl-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-xml-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-xmlrpc-5.4.34-1.62.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php54-recode-5.4.34-1.62.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {}, "published": "2014-10-28T17:09:00", "type": "amazon", "title": "Important: php54", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2014-11-01T14:04:00", "id": "ALAS-2014-434", "href": "https://alas.aws.amazon.com/ALAS-2014-434.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-25T19:30:51", "description": "**Issue Overview:**\n\nAn out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. (CVE-2014-3668)\n\nAn integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669)\n\nA buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2014-3670)\n\n \n**Affected Packages:** \n\n\nphp55\n\n \n**Issue Correction:** \nRun _yum update php55_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 php55-pdo-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-embedded-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-mcrypt-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-ldap-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-common-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-process-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-devel-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-bcmath-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-xmlrpc-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-recode-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-pgsql-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-imap-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-fpm-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-cli-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-mysqlnd-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-gd-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-mssql-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-odbc-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-pspell-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-xml-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-gmp-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-snmp-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-mbstring-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-tidy-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-opcache-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-debuginfo-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-intl-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-soap-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-dba-5.5.18-1.92.amzn1.i686 \n \u00a0\u00a0\u00a0 php55-enchant-5.5.18-1.92.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 php55-5.5.18-1.92.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 php55-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-soap-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-enchant-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-pspell-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-ldap-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-debuginfo-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-xml-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-opcache-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-cli-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-mbstring-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-gmp-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-process-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-pgsql-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-intl-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-fpm-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-embedded-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-devel-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-tidy-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-gd-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-recode-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-xmlrpc-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-bcmath-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-dba-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-mysqlnd-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-odbc-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-mssql-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-imap-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-common-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-snmp-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-mcrypt-5.5.18-1.92.amzn1.x86_64 \n \u00a0\u00a0\u00a0 php55-pdo-5.5.18-1.92.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {}, "published": "2014-10-28T17:10:00", "type": "amazon", "title": "Important: php55", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3668", "CVE-2014-3669", "CVE-2014-3670"], "modified": "2014-11-01T14:04:00", "id": "ALAS-2014-435", "href": "https://alas.aws.amazon.com/ALAS-2014-435.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "threatpost": [{"lastseen": "2018-10-06T22:57:58", "description": "**UPDATE** Developers at PHP recently pushed out a series of patches to fix a handful of vulnerabilities, including one that can lead to a heap-based buffer overflow.\n\nResearchers at the Swiss firm High-Tech Bridge dug up the vulnerabilities in versions 5.6.1, 5.5.17, and 5.4.33 of the framework.\n\nThe biggest and most serious bug, CVE-2014-3669, deals with the unserialize() function in 32-bit systems. While PHP was quick to patch the issue in late September, it wasn\u2019t until this week that High-Tech Bridge delved deeper into the flaw and published a step-by-step walkthrough of their proof of concept.\n\nLooking at code snippets from PHP through a debugger, researchers got PHP to crash when it came across \u201cthe frame zero line 356, followed by its caller at line 387.\u201d\n\nPlaying around with values, they were able to overflow the integer, which in turn got the code to point to an invalid memory address.\n\nIn [his write-up of the bug](<https://www.htbridge.com/blog/cve_2014_3669_integer_overflow_in_unserialize_php_function.html>), Symeon Paraschoudis, a researcher at the firm, dubs it a read access violation but admits that it\u2019s probably not exploitable.\n\nStefan Esser, an independent security consultant and PHP expert, echoed those thoughts, and concurred that this particular integer overflow is not exploitable as there are no writes inside unserialize() to that buffer.\n\nRegardless, the bug must have been a cause for concern for PHP developers; Paraschoudis disclosed the bug on Sept. 25 and [PHP pushed a patch just three days later](<https://bugs.php.net/bug.php?id=68044>).\n\nStanislav Malyshev, a PHP developer, called it a \u201creal bug,\u201d [at the time](<https://bugs.php.net/bug.php?id=68044>) and claimed that it could be leveraged to trigger at least crash, theoretically info disclosure.\u201d\n\nThe patch, which was included alongside two other issues (CVE-2014-3668 and CVE-2014-3670) in the framework for versions [5.6.2](<http://php.net/archive/2014.php#id2014-10-16-3>), [5.5.18](<http://php.net/archive/2014.php#id2014-10-16-1>) and [