Search...

Amazon Linux AMI : php (ALAS-2012-95)

2013-09-04T00:00:00

ID ALA_ALAS-2012-95.NASL
Type nessus
Reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
Modified 2018-04-18T00:00:00

Description

Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow.

The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2012-95.
#

include("compat.inc");

if (description)
{
  script_id(69702);
  script_version("1.6");
  script_cvs_date("Date: 2018/04/18 15:09:34");

  script_cve_id("CVE-2012-2143", "CVE-2012-2386");
  script_xref(name:"ALAS", value:"2012-95");

  script_name(english:"Amazon Linux AMI : php (ALAS-2012-95)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Amazon Linux AMI host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Integer overflow in the phar_parse_tarfile function in tar.c in the
phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows
remote attackers to cause a denial of service (application crash) or
possibly execute arbitrary code via a crafted tar file that triggers a
heap-based buffer overflow.

The crypt_des (aka DES-based crypt) function in FreeBSD before
9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does
not process the complete cleartext password if this password contains
a 0x80 character, which makes it easier for context-dependent
attackers to obtain access via an authentication attempt with an
initial substring of the intended password, as demonstrated by a
Unicode password."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://alas.aws.amazon.com/ALAS-2012-95.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Run 'yum update php' to update your system."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-bcmath");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-cli");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-dba");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-embedded");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-fpm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-gd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-imap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-intl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-mbstring");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-mcrypt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-mssql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-mysql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-mysqlnd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-odbc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-pdo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-pgsql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-process");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-pspell");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-recode");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-snmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-soap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-tidy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-xml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php-xmlrpc");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2012/07/05");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/04");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.");
  script_family(english:"Amazon Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (rpm_check(release:"ALA", reference:"php-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-bcmath-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-cli-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-common-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-dba-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-debuginfo-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-devel-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-embedded-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-fpm-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-gd-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-imap-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-intl-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-ldap-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-mbstring-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-mcrypt-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-mssql-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-mysql-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-mysqlnd-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-odbc-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-pdo-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-pgsql-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-process-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-pspell-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-recode-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-snmp-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-soap-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-tidy-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-xml-5.3.14-2.21.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"php-xmlrpc-5.3.14-2.21.amzn1")) flag++;

if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php / php-bcmath / php-cli / php-common / php-dba / php-debuginfo / etc");
}

JSON Vulners Source

Initial Source

{"id": "ALA_ALAS-2012-95.NASL", "type": "nessus", "bulletinFamily": "scanner", "title": "Amazon Linux AMI : php (ALAS-2012-95)", "description": "Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow.\n\nThe crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password.", "published": "2013-09-04T00:00:00", "modified": "2018-04-18T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/69702", "reporter": "This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2386", "https://alas.aws.amazon.com/ALAS-2012-95.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2143"], "cvelist": ["CVE-2012-2143", "CVE-2012-2386"], "immutableFields": [], "lastseen": "2021-10-16T02:06:35", "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2012-091", "ALAS-2012-094", "ALAS-2012-095"]}, {"type": "centos", "idList": ["CESA-2012:1036", "CESA-2012:1037", "CESA-2012:1046", "CESA-2012:1047"]}, {"type": "checkpoint_security", "idList": ["CPS:SK75640"]}, {"type": "cve", "idList": ["CVE-2012-2143", "CVE-2012-2386"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2491-1:287EE", "DEBIAN:DSA-2492-1:DD673"]}, {"type": "f5", "idList": ["F5:K15478", "SOL15478", "SOL15903"]}, {"type": "fedora", "idList": ["FEDORA:0838320B29", "FEDORA:2FE26212BB", "FEDORA:38CAF2140B", "FEDORA:395CD20919", "FEDORA:4059D217E2", "FEDORA:42AD9212FB", "FEDORA:4B8F221312", "FEDORA:538CF2191D", "FEDORA:695182240A", "FEDORA:6EE0A21254", "FEDORA:8819720FCC", "FEDORA:8ECC221371", "FEDORA:9467F210F8", "FEDORA:BAE1220E52", "FEDORA:D603620A52", "FEDORA:DCB782141F", "FEDORA:E08992126A"]}, {"type": "freebsd", "idList": ["185FF22E-C066-11E1-B5E0-000C299B62E1", "A8864F8F-AA9E-11E1-A284-0023AE8E59F0"]}, {"type": "gentoo", "idList": ["GLSA-201209-03", "GLSA-201209-24"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/LINUXRPM-RHSA-2012-1046/", "MSF:ILITIES/LINUXRPM-RHSA-2012-1047/"]}, {"type": "nessus", "idList": ["6583.PRM", "6584.PRM", "6816.PRM", "9097.PRM", "ALA_ALAS-2012-91.NASL", "ALA_ALAS-2012-94.NASL", "CENTOS_RHSA-2012-1036.NASL", "CENTOS_RHSA-2012-1037.NASL", "CENTOS_RHSA-2012-1046.NASL", "CENTOS_RHSA-2012-1047.NASL", "DEBIAN_DSA-2491.NASL", "DEBIAN_DSA-2492.NASL", "FEDORA_2012-8893.NASL", "FEDORA_2012-8915.NASL", "FEDORA_2012-8924.NASL", "FEDORA_2012-9490.NASL", "FEDORA_2012-9762.NASL", "FREEBSD_PKG_185FF22EC06611E1B5E0000C299B62E1.NASL", "FREEBSD_PKG_A8864F8FAA9E11E1A2840023AE8E59F0.NASL", "GENTOO_GLSA-201209-03.NASL", "GENTOO_GLSA-201209-24.NASL", "MACOSX_10_7_5.NASL", "MACOSX_10_8_2.NASL", "MACOSX_SECUPD2012-004.NASL", "MANDRIVA_MDVSA-2012-092.NASL", "MANDRIVA_MDVSA-2012-093.NASL", "OPENSUSE-2012-311.NASL", "OPENSUSE-2012-365.NASL", "OPENSUSE-2012-650.NASL", "OPENSUSE-2012-667.NASL", "OPENSUSE-2012-675.NASL", "ORACLELINUX_ELSA-2012-1036.NASL", "ORACLELINUX_ELSA-2012-1037.NASL", "ORACLELINUX_ELSA-2012-1046.NASL", "ORACLELINUX_ELSA-2012-1047.NASL", "PHP_5_3_14.NASL", "PHP_5_4_4.NASL", "POSTGRESQL_20120604.NASL", "REDHAT-RHSA-2012-1036.NASL", "REDHAT-RHSA-2012-1037.NASL", "REDHAT-RHSA-2012-1046.NASL", "REDHAT-RHSA-2012-1047.NASL", "SL_20120625_POSTGRESQL_AND_POSTGRESQL84_ON_SL5_X.NASL", "SL_20120625_POSTGRESQL_AND_POSTGRESQL84_ON_SL6_X.NASL", "SL_20120625_POSTGRESQL_ON_SL5_X.NASL", "SL_20120627_PHP53_ON_SL5_X.NASL", "SL_20120627_PHP_ON_SL6_X.NASL", "SUSE_11_APACHE2-MOD_PHP53-120618.NASL", "SUSE_11_POSTGRESQL-120820.NASL", "UBUNTU_USN-1461-1.NASL", "UBUNTU_USN-1481-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120098", "OPENVAS:1361412562310120099", "OPENVAS:1361412562310120298", "OPENVAS:1361412562310123874", "OPENVAS:1361412562310123883", "OPENVAS:1361412562310123896", "OPENVAS:1361412562310123897", "OPENVAS:136141256231071362", "OPENVAS:136141256231071469", "OPENVAS:136141256231071470", "OPENVAS:136141256231071532", "OPENVAS:136141256231072420", "OPENVAS:136141256231072458", "OPENVAS:1361412562310802968", "OPENVAS:1361412562310803342", "OPENVAS:1361412562310831576", "OPENVAS:1361412562310831605", "OPENVAS:1361412562310841032", "OPENVAS:1361412562310841052", "OPENVAS:1361412562310864463", "OPENVAS:1361412562310864465", "OPENVAS:1361412562310864467", "OPENVAS:1361412562310864516", "OPENVAS:1361412562310864517", "OPENVAS:1361412562310864518", "OPENVAS:1361412562310864523", "OPENVAS:1361412562310864528", "OPENVAS:1361412562310864590", "OPENVAS:1361412562310864593", "OPENVAS:1361412562310864658", "OPENVAS:1361412562310864663", "OPENVAS:1361412562310865363", "OPENVAS:1361412562310865520", "OPENVAS:1361412562310865544", "OPENVAS:1361412562310866019", "OPENVAS:1361412562310866144", "OPENVAS:1361412562310870779", "OPENVAS:1361412562310870781", "OPENVAS:1361412562310870782", "OPENVAS:1361412562310870783", "OPENVAS:1361412562310881062", "OPENVAS:1361412562310881080", "OPENVAS:1361412562310881144", "OPENVAS:1361412562310881174", "OPENVAS:1361412562310881195", "OPENVAS:71362", "OPENVAS:71469", "OPENVAS:71470", "OPENVAS:71532", "OPENVAS:72420", "OPENVAS:72458", "OPENVAS:802968", "OPENVAS:831576", "OPENVAS:831605", "OPENVAS:841032", "OPENVAS:841052", "OPENVAS:864463", "OPENVAS:864465", "OPENVAS:864467", "OPENVAS:864516", "OPENVAS:864517", "OPENVAS:864518", "OPENVAS:864523", "OPENVAS:864528", "OPENVAS:864590", "OPENVAS:864593", "OPENVAS:864658", "OPENVAS:864663", "OPENVAS:865363", "OPENVAS:865520", "OPENVAS:865544", "OPENVAS:866019", "OPENVAS:866144", "OPENVAS:870779", "OPENVAS:870781", "OPENVAS:870782", "OPENVAS:870783", "OPENVAS:881062", "OPENVAS:881080", "OPENVAS:881144", "OPENVAS:881174", "OPENVAS:881195"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-1036", "ELSA-2012-1037", "ELSA-2012-1046", "ELSA-2012-1047"]}, {"type": "postgresql", "idList": ["POSTGRESQL:CVE-2012-2143"]}, {"type": "redhat", "idList": ["RHSA-2012:1036", "RHSA-2012:1037", "RHSA-2012:1046", "RHSA-2012:1047"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:28095", "SECURITYVULNS:DOC:28132", "SECURITYVULNS:DOC:28133", "SECURITYVULNS:DOC:28577", "SECURITYVULNS:VULN:12391", "SECURITYVULNS:VULN:12413", "SECURITYVULNS:VULN:12414"]}, {"type": "suse", "idList": ["SUSE-SU-2012:0840-1"]}, {"type": "ubuntu", "idList": ["USN-1461-1", "USN-1481-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2012-2143", "UB:CVE-2012-2386"]}]}, "score": {"value": 7.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2012-094"]}, {"type": "centos", "idList": ["CESA-2012:1036", "CESA-2012:1037", "CESA-2012:1046", "CESA-2012:1047"]}, {"type": "checkpoint_security", "idList": ["CPS:SK75640"]}, {"type": "cve", "idList": ["CVE-2012-2143", "CVE-2012-2386"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2491-1:287EE"]}, {"type": "f5", "idList": ["SOL15478", "SOL15903"]}, {"type": "fedora", "idList": ["FEDORA:538CF2191D", "FEDORA:BAE1220E52"]}, {"type": "freebsd", "idList": ["185FF22E-C066-11E1-B5E0-000C299B62E1", "A8864F8F-AA9E-11E1-A284-0023AE8E59F0"]}, {"type": "gentoo", "idList": ["GLSA-201209-03"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/LINUXRPM-RHSA-2012-1047/"]}, {"type": "nessus", "idList": ["6816.PRM", "ALA_ALAS-2012-91.NASL", "DEBIAN_DSA-2492.NASL", "FEDORA_2012-9490.NASL", "FREEBSD_PKG_A8864F8FAA9E11E1A2840023AE8E59F0.NASL", "OPENSUSE-2012-667.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231071362", "OPENVAS:136141256231071532", "OPENVAS:1361412562310864517", "OPENVAS:1361412562310865363", "OPENVAS:1361412562310870779", "OPENVAS:864516"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-1037"]}, {"type": "redhat", "idList": ["RHSA-2012:1036", "RHSA-2012:1047"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12391"]}, {"type": "suse", "idList": ["SUSE-SU-2012:0840-1"]}, {"type": "ubuntu", "idList": ["USN-1481-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2012-2143"]}]}, "exploitation": null, "vulnersScore": 7.2}, "pluginID": "69702", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-95.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69702);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\");\n script_xref(name:\"ALAS\", value:\"2012-95\");\n\n script_name(english:\"Amazon Linux AMI : php (ALAS-2012-95)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Integer overflow in the phar_parse_tarfile function in tar.c in the\nphar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows\nremote attackers to cause a denial of service (application crash) or\npossibly execute arbitrary code via a crafted tar file that triggers a\nheap-based buffer overflow.\n\nThe crypt_des (aka DES-based crypt) function in FreeBSD before\n9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does\nnot process the complete cleartext password if this password contains\na 0x80 character, which makes it easier for context-dependent\nattackers to obtain access via an authentication attempt with an\ninitial substring of the intended password, as demonstrated by a\nUnicode password.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-95.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update php' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"php-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-bcmath-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-cli-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-common-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-dba-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-debuginfo-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-devel-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-embedded-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-fpm-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-gd-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-imap-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-intl-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-ldap-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-mbstring-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-mcrypt-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-mssql-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-mysql-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-mysqlnd-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-odbc-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-pdo-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-pgsql-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-process-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-pspell-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-recode-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-snmp-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-soap-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-tidy-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-xml-5.3.14-2.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"php-xmlrpc-5.3.14-2.21.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-debuginfo / etc\");\n}\n", "naslFamily": "Amazon Linux Local Security Checks", "cpe": ["p-cpe:/a:amazon:linux:php", "p-cpe:/a:amazon:linux:php-bcmath", "p-cpe:/a:amazon:linux:php-cli", "p-cpe:/a:amazon:linux:php-common", "p-cpe:/a:amazon:linux:php-dba", "p-cpe:/a:amazon:linux:php-debuginfo", "p-cpe:/a:amazon:linux:php-devel", "p-cpe:/a:amazon:linux:php-embedded", "p-cpe:/a:amazon:linux:php-fpm", "p-cpe:/a:amazon:linux:php-gd", "p-cpe:/a:amazon:linux:php-imap", "p-cpe:/a:amazon:linux:php-intl", "p-cpe:/a:amazon:linux:php-ldap", "p-cpe:/a:amazon:linux:php-mbstring", "p-cpe:/a:amazon:linux:php-mcrypt", "p-cpe:/a:amazon:linux:php-mssql", "p-cpe:/a:amazon:linux:php-mysql", "p-cpe:/a:amazon:linux:php-mysqlnd", "p-cpe:/a:amazon:linux:php-odbc", "p-cpe:/a:amazon:linux:php-pdo", "p-cpe:/a:amazon:linux:php-pgsql", "p-cpe:/a:amazon:linux:php-process", "p-cpe:/a:amazon:linux:php-pspell", "p-cpe:/a:amazon:linux:php-recode", "p-cpe:/a:amazon:linux:php-snmp", "p-cpe:/a:amazon:linux:php-soap", "p-cpe:/a:amazon:linux:php-tidy", "p-cpe:/a:amazon:linux:php-xml", "p-cpe:/a:amazon:linux:php-xmlrpc", "cpe:/o:amazon:linux"], "solution": "Run 'yum update php' to update your system.", "nessusSeverity": "High", "cvssScoreSource": "", "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": "2012-07-05T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": [], "_state": {"dependencies": 1647589307, "score": 0}}

{"nessus": [{"lastseen": "2021-08-19T12:58:07", "description": "The PHP development team would like to announce the immediate availability of PHP 5.4.4. All users of PHP are encouraged to upgrade to PHP 5.4.4.\n\nThe release fixes multiple security issues: A weakness in the DES implementation of crypt and a heap overflow issue in the phar extension.\n\nPHP 5.4.4 fixes over 30 bugs. Please note that the use of php://fd streams is now restricted to the CLI SAPI\n\nChangelog: http://www.php.net/ChangeLog-5.php#5.4.4\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-07-01T00:00:00", "type": "nessus", "title": "Fedora 17 : maniadrive-1.2-41.fc17 / php-5.4.4-1.fc17 (2012-9490)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2386"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:maniadrive", "p-cpe:/a:fedoraproject:fedora:php", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2012-9490.NASL", "href": "https://www.tenable.com/plugins/nessus/59801", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-9490.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59801);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\");\n script_xref(name:\"FEDORA\", value:\"2012-9490\");\n\n script_name(english:\"Fedora 17 : maniadrive-1.2-41.fc17 / php-5.4.4-1.fc17 (2012-9490)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The PHP development team would like to announce the immediate\navailability of PHP 5.4.4. All users of PHP are encouraged to upgrade\nto PHP 5.4.4.\n\nThe release fixes multiple security issues: A weakness in the DES\nimplementation of crypt and a heap overflow issue in the phar\nextension.\n\nPHP 5.4.4 fixes over 30 bugs. Please note that the use of php://fd\nstreams is now restricted to the CLI SAPI\n\nChangelog: http://www.php.net/ChangeLog-5.php#5.4.4\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/ChangeLog-5.php#5.4.4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=816956\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=823594\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/083317.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?23637f90\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/083318.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?390af9fa\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected maniadrive and / or php packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:maniadrive\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"maniadrive-1.2-41.fc17\")) flag++;\nif (rpm_check(release:\"FC17\", reference:\"php-5.4.4-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"maniadrive / php\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:58:22", "description": "Multiple vulnerabilities has been identified and fixed in php :\n\nThere is a programming error in the DES implementation used in crypt() in ext/standard/crypt_freesec.c when handling input which contains characters that can not be represented with 7-bit ASCII. When the input contains characters with only the most significant bit set (0x80), that character and all characters after it will be ignored (CVE-2012-2143).\n\nAn integer overflow, leading to heap-based buffer overflow was found in the way Phar extension of the PHP scripting language processed certain fields by manipulating TAR files. A remote attacker could provide a specially crafted TAR archive file, which once processed in an PHP application using the Phar extension could lead to denial of service (application crash), or, potentially arbitary code execution with the privileges of the user running the application (CVE-2012-2386).\n\nThe updated php packages have been upgraded to the 5.3.14 version which is not vulnerable to these issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-15T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : php (MDVSA-2012:093)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2386"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:apache-mod_php", "p-cpe:/a:mandriva:linux:lib64php5_common5", "p-cpe:/a:mandriva:linux:libphp5_common5", "p-cpe:/a:mandriva:linux:php-bcmath", "p-cpe:/a:mandriva:linux:php-bz2", "p-cpe:/a:mandriva:linux:php-calendar", "p-cpe:/a:mandriva:linux:php-cgi", "p-cpe:/a:mandriva:linux:php-cli", "p-cpe:/a:mandriva:linux:php-ctype", "p-cpe:/a:mandriva:linux:php-curl", "p-cpe:/a:mandriva:linux:php-dba", "p-cpe:/a:mandriva:linux:php-devel", "p-cpe:/a:mandriva:linux:php-doc", "p-cpe:/a:mandriva:linux:php-dom", "p-cpe:/a:mandriva:linux:php-enchant", "p-cpe:/a:mandriva:linux:php-exif", "p-cpe:/a:mandriva:linux:php-fileinfo", "p-cpe:/a:mandriva:linux:php-filter", "p-cpe:/a:mandriva:linux:php-fpm", "p-cpe:/a:mandriva:linux:php-ftp", "p-cpe:/a:mandriva:linux:php-gd", "p-cpe:/a:mandriva:linux:php-gettext", "p-cpe:/a:mandriva:linux:php-gmp", "p-cpe:/a:mandriva:linux:php-hash", "p-cpe:/a:mandriva:linux:php-iconv", "p-cpe:/a:mandriva:linux:php-imap", "p-cpe:/a:mandriva:linux:php-ini", "p-cpe:/a:mandriva:linux:php-intl", "p-cpe:/a:mandriva:linux:php-json", "p-cpe:/a:mandriva:linux:php-ldap", "p-cpe:/a:mandriva:linux:php-mbstring", "p-cpe:/a:mandriva:linux:php-mcrypt", "p-cpe:/a:mandriva:linux:php-mssql", "p-cpe:/a:mandriva:linux:php-mysql", "p-cpe:/a:mandriva:linux:php-mysqli", "p-cpe:/a:mandriva:linux:php-mysqlnd", "p-cpe:/a:mandriva:linux:php-odbc", "p-cpe:/a:mandriva:linux:php-openssl", "p-cpe:/a:mandriva:linux:php-pcntl", "p-cpe:/a:mandriva:linux:php-pdo", "p-cpe:/a:mandriva:linux:php-pdo_dblib", "p-cpe:/a:mandriva:linux:php-pdo_mysql", "p-cpe:/a:mandriva:linux:php-pdo_odbc", "p-cpe:/a:mandriva:linux:php-pdo_pgsql", "p-cpe:/a:mandriva:linux:php-pdo_sqlite", "p-cpe:/a:mandriva:linux:php-pgsql", "p-cpe:/a:mandriva:linux:php-phar", "p-cpe:/a:mandriva:linux:php-posix", "p-cpe:/a:mandriva:linux:php-pspell", "p-cpe:/a:mandriva:linux:php-readline", "p-cpe:/a:mandriva:linux:php-recode", "p-cpe:/a:mandriva:linux:php-session", "p-cpe:/a:mandriva:linux:php-shmop", "p-cpe:/a:mandriva:linux:php-snmp", "p-cpe:/a:mandriva:linux:php-soap", "p-cpe:/a:mandriva:linux:php-sockets", "p-cpe:/a:mandriva:linux:php-sqlite", "p-cpe:/a:mandriva:linux:php-sqlite3", "p-cpe:/a:mandriva:linux:php-sybase_ct", "p-cpe:/a:mandriva:linux:php-sysvmsg", "p-cpe:/a:mandriva:linux:php-sysvsem", "p-cpe:/a:mandriva:linux:php-sysvshm", "p-cpe:/a:mandriva:linux:php-tidy", "p-cpe:/a:mandriva:linux:php-tokenizer", "p-cpe:/a:mandriva:linux:php-wddx", "p-cpe:/a:mandriva:linux:php-xml", "p-cpe:/a:mandriva:linux:php-xmlreader", "p-cpe:/a:mandriva:linux:php-xmlrpc", "p-cpe:/a:mandriva:linux:php-xmlwriter", "p-cpe:/a:mandriva:linux:php-xsl", "p-cpe:/a:mandriva:linux:php-zip", "p-cpe:/a:mandriva:linux:php-zlib", "cpe:/o:mandriva:linux:2010.1", "cpe:/o:mandriva:linux:2011"], "id": "MANDRIVA_MDVSA-2012-093.NASL", "href": "https://www.tenable.com/plugins/nessus/59519", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:093. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59519);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\");\n script_bugtraq_id(47545, 53729);\n script_xref(name:\"MDVSA\", value:\"2012:093\");\n\n script_name(english:\"Mandriva Linux Security Advisory : php (MDVSA-2012:093)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been identified and fixed in php :\n\nThere is a programming error in the DES implementation used in crypt()\nin ext/standard/crypt_freesec.c when handling input which contains\ncharacters that can not be represented with 7-bit ASCII. When the\ninput contains characters with only the most significant bit set\n(0x80), that character and all characters after it will be ignored\n(CVE-2012-2143).\n\nAn integer overflow, leading to heap-based buffer overflow was found\nin the way Phar extension of the PHP scripting language processed\ncertain fields by manipulating TAR files. A remote attacker could\nprovide a specially crafted TAR archive file, which once processed in\nan PHP application using the Phar extension could lead to denial of\nservice (application crash), or, potentially arbitary code execution\nwith the privileges of the user running the application\n(CVE-2012-2386).\n\nThe updated php packages have been upgraded to the 5.3.14 version\nwhich is not vulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://secuniaresearch.flexerasoftware.com/advisories/44335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/ChangeLog-5.php#5.3.14\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:apache-mod_php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64php5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libphp5_common5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-mysqlnd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_dblib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pdo_sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sybase_ct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", reference:\"apache-mod_php-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libphp5_common5-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-bcmath-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-bz2-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-calendar-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-cgi-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-cli-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-ctype-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-curl-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-dba-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-devel-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-doc-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-dom-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-enchant-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-exif-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-fileinfo-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-filter-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-fpm-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-ftp-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-gd-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-gettext-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-gmp-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-hash-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-iconv-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-imap-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-ini-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-intl-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-json-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-ldap-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mbstring-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mcrypt-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mssql-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mysql-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mysqli-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-mysqlnd-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-odbc-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-openssl-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pcntl-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_dblib-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_mysql-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_odbc-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_pgsql-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pdo_sqlite-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pgsql-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-phar-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-posix-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-pspell-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-readline-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-recode-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-session-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-shmop-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-snmp-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-soap-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sockets-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sqlite-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sqlite3-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sybase_ct-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sysvmsg-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sysvsem-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-sysvshm-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-tidy-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-tokenizer-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-wddx-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xml-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xmlreader-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xmlrpc-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xmlwriter-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-xsl-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-zip-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-zlib-5.3.14-0.1mdv2010.2\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2011\", reference:\"apache-mod_php-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64php5_common5-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libphp5_common5-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-bcmath-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-bz2-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-calendar-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-cgi-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-cli-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-ctype-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-curl-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-dba-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-devel-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-doc-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-dom-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-enchant-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-exif-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-fileinfo-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-filter-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-fpm-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-ftp-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-gd-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-gettext-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-gmp-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-hash-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-iconv-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-imap-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-ini-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-intl-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-json-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-ldap-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-mbstring-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-mcrypt-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-mssql-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-mysql-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-mysqli-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-mysqlnd-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-odbc-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-openssl-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-pcntl-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-pdo-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-pdo_dblib-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-pdo_mysql-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-pdo_odbc-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-pdo_pgsql-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-pdo_sqlite-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-pgsql-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-phar-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-posix-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-pspell-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-readline-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-recode-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-session-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-shmop-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-snmp-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-soap-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-sockets-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-sqlite-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-sqlite3-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-sybase_ct-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-sysvmsg-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-sysvsem-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-sysvshm-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-tidy-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-tokenizer-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-wddx-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-xml-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-xmlreader-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-xmlrpc-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-xmlwriter-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-xsl-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-zip-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-zlib-5.3.14-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:58:07", "description": "The PHP development team would like to announce the immediate availability of PHP 5.3.14. All users of PHP are encouraged to upgrade to PHP 5.3.14.\n\nThe release fixes multiple security issues: A weakness in the DES implementation of crypt and a heap overflow issue in the phar extension.\n\nPHP 5.3.14 fixes over 30 bugs. Please note that the use of php://fd streams is now restricted to the CLI SAPI\n\nChangelog: http://www.php.net/ChangeLog-5.php#5.3.14\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-07-03T00:00:00", "type": "nessus", "title": "Fedora 16 : maniadrive-1.2-32.fc16.6 / php-5.3.14-1.fc16 / php-eaccelerator-0.9.6.1-9.fc16.6 (2012-9762)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2386"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:maniadrive", "p-cpe:/a:fedoraproject:fedora:php", "p-cpe:/a:fedoraproject:fedora:php-eaccelerator", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-9762.NASL", "href": "https://www.tenable.com/plugins/nessus/59827", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-9762.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59827);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\");\n script_bugtraq_id(47545, 53729);\n script_xref(name:\"FEDORA\", value:\"2012-9762\");\n\n script_name(english:\"Fedora 16 : maniadrive-1.2-32.fc16.6 / php-5.3.14-1.fc16 / php-eaccelerator-0.9.6.1-9.fc16.6 (2012-9762)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The PHP development team would like to announce the immediate\navailability of PHP 5.3.14. All users of PHP are encouraged to upgrade\nto PHP 5.3.14.\n\nThe release fixes multiple security issues: A weakness in the DES\nimplementation of crypt and a heap overflow issue in the phar\nextension.\n\nPHP 5.3.14 fixes over 30 bugs. Please note that the use of php://fd\nstreams is now restricted to the CLI SAPI\n\nChangelog: http://www.php.net/ChangeLog-5.php#5.3.14\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.php.net/ChangeLog-5.php#5.3.14\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=816956\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=823594\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-July/083374.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3ee1a615\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-July/083375.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0934de6c\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-July/083376.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2a1472c3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected maniadrive, php and / or php-eaccelerator\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:maniadrive\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:php-eaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"maniadrive-1.2-32.fc16.6\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"php-5.3.14-1.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"php-eaccelerator-0.9.6.1-9.fc16.6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"maniadrive / php / php-eaccelerator\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-12T15:04:42", "description": "According to its banner, the version of PHP installed on the remote host is 5.4.x earlier than 5.4.4, and as such is potentially affected the following vulnerabilities :\n\n - An integer overflow error exists in the function 'phar_parse_tarfile' in the file 'ext/phar/tar.c'. This error can lead to a heap-based buffer overflow when handling a maliciously crafted TAR files. Arbitrary code execution is possible due to this error. (CVE-2012-2386)\n\n - A weakness exists in the 'crypt' function related to the DES implementation that can allow brute-force attacks. (CVE-2012-2143)\n\n - Several design errors involving the incorrect parsing of PHP PDO prepared statements could lead to disclosure of sensitive information or denial of service.\n (CVE-2012-3450)", "cvss3": {"score": null, "vector": null}, "published": "2012-06-15T00:00:00", "type": "nessus", "title": "PHP 5.4.x < 5.4.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2386", "CVE-2012-3450"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_4_4.NASL", "href": "https://www.tenable.com/plugins/nessus/59530", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59530);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\", \"CVE-2012-3450\");\n script_bugtraq_id(47545, 53729, 54777);\n script_xref(name:\"EDB-ID\", value:\"17201\");\n\n script_name(english:\"PHP 5.4.x < 5.4.4 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP installed on the remote\nhost is 5.4.x earlier than 5.4.4, and as such is potentially\naffected the following vulnerabilities :\n\n - An integer overflow error exists in the function\n 'phar_parse_tarfile' in the file 'ext/phar/tar.c'. This\n error can lead to a heap-based buffer overflow when\n handling a maliciously crafted TAR files. Arbitrary code\n execution is possible due to this error. (CVE-2012-2386)\n\n - A weakness exists in the 'crypt' function related to\n the DES implementation that can allow brute-force\n attacks. (CVE-2012-2143)\n\n - Several design errors involving the incorrect parsing\n of PHP PDO prepared statements could lead to disclosure\n of sensitive information or denial of service.\n (CVE-2012-3450)\");\n # https://packetstormsecurity.com/files/113551/PHP-5.4.3-PDO-Access-Violation.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ec6f812f\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=61755\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/ChangeLog-5.php#5.4.4\");\n # http://0x1byte.blogspot.com/2011/04/php-phar-extension-heap-overflow.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?99140286\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.4.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-2386\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/04/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported)\n audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\nif (version !~ \"^5\\.4\\.\") exit(0, \"The web server listening on port \"+port+\" does not use PHP version 5.4.x.\");\nif (version =~ \"^5\\.4\\.[0-3]($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version+\n '\\n Fixed version : 5.4.4\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:42:40", "description": "Versions of PHP 5.3.x prior to 5.3.14, or 5.4.x prior to 5.4.4 are affected by the following vulnerabilities :\n\n - An integer overflow error exists in the function 'phar_parse_tarfile' in the file 'ext/phar/tar.c'. This error can lead to a heap-based buffer overflow when handling a maliciously crafted TAR file. Arbitrary code execution is possible due to this error. (CVE-2012-2386)\n - A weakness exists in the 'crypt' function related to the DES implementation that can allow brute-force attacks. (CVE-2012-2143)\n - Several design errors exist involving the incorrect parsing of PHP PDO prepared statements could lead to disclosure of sensitive information or denial of service. (CVE-2012-3450)\n - A variable initialization error exists in the file 'ext/openssl/openssl.c' that can allow process memory contents to be disclosed when input data is of length zero. (CVE-2012-6113)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-02-25T00:00:00", "type": "nessus", "title": "PHP 5.3.x < 5.3.14 / 5.4.x < 5.4.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2386", "CVE-2012-3450", "CVE-2012-6113"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"], "id": "9097.PRM", "href": "https://www.tenable.com/plugins/nnm/9097", "sourceData": "Binary data 9097.prm", "cvss": {"score": 8.5, "vector": "CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:56:00", "description": "PHP5 was updated with incremental fixes to the previous update.\n\n - Additional unsafe cgi wrapper scripts are also fixed now. (CVE-2012-2335)\n\n - Even more commandline option handling is filtered, which could lead to crashes of the php interpreter.\n (CVE-2012-2336)\n\n - heap-based buffer overflow in php's phar extension.\n (CVE-2012-2386)\n\n - The crypt() implementation ignored wide characters, leading to shorter effective password lengths. Note:\n With this update applied affected passwords will no longer work and need to be set again. (CVE-2012-2143)", "cvss3": {"score": null, "vector": null}, "published": "2013-01-25T00:00:00", "type": "nessus", "title": "SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6440)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2335", "CVE-2012-2336", "CVE-2012-2386"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:apache2-mod_php53", "p-cpe:/a:novell:suse_linux:11:php53", "p-cpe:/a:novell:suse_linux:11:php53-bcmath", "p-cpe:/a:novell:suse_linux:11:php53-bz2", "p-cpe:/a:novell:suse_linux:11:php53-calendar", "p-cpe:/a:novell:suse_linux:11:php53-ctype", "p-cpe:/a:novell:suse_linux:11:php53-curl", "p-cpe:/a:novell:suse_linux:11:php53-dba", "p-cpe:/a:novell:suse_linux:11:php53-dom", "p-cpe:/a:novell:suse_linux:11:php53-exif", "p-cpe:/a:novell:suse_linux:11:php53-fastcgi", "p-cpe:/a:novell:suse_linux:11:php53-fileinfo", "p-cpe:/a:novell:suse_linux:11:php53-ftp", "p-cpe:/a:novell:suse_linux:11:php53-gd", "p-cpe:/a:novell:suse_linux:11:php53-gettext", "p-cpe:/a:novell:suse_linux:11:php53-gmp", "p-cpe:/a:novell:suse_linux:11:php53-iconv", "p-cpe:/a:novell:suse_linux:11:php53-intl", "p-cpe:/a:novell:suse_linux:11:php53-json", "p-cpe:/a:novell:suse_linux:11:php53-ldap", "p-cpe:/a:novell:suse_linux:11:php53-mbstring", "p-cpe:/a:novell:suse_linux:11:php53-mcrypt", "p-cpe:/a:novell:suse_linux:11:php53-mysql", "p-cpe:/a:novell:suse_linux:11:php53-odbc", "p-cpe:/a:novell:suse_linux:11:php53-openssl", "p-cpe:/a:novell:suse_linux:11:php53-pcntl", "p-cpe:/a:novell:suse_linux:11:php53-pdo", "p-cpe:/a:novell:suse_linux:11:php53-pear", "p-cpe:/a:novell:suse_linux:11:php53-pgsql", "p-cpe:/a:novell:suse_linux:11:php53-pspell", "p-cpe:/a:novell:suse_linux:11:php53-shmop", "p-cpe:/a:novell:suse_linux:11:php53-snmp", "p-cpe:/a:novell:suse_linux:11:php53-soap", "p-cpe:/a:novell:suse_linux:11:php53-suhosin", "p-cpe:/a:novell:suse_linux:11:php53-sysvmsg", "p-cpe:/a:novell:suse_linux:11:php53-sysvsem", "p-cpe:/a:novell:suse_linux:11:php53-sysvshm", "p-cpe:/a:novell:suse_linux:11:php53-tokenizer", "p-cpe:/a:novell:suse_linux:11:php53-wddx", "p-cpe:/a:novell:suse_linux:11:php53-xmlreader", "p-cpe:/a:novell:suse_linux:11:php53-xmlrpc", "p-cpe:/a:novell:suse_linux:11:php53-xmlwriter", "p-cpe:/a:novell:suse_linux:11:php53-xsl", "p-cpe:/a:novell:suse_linux:11:php53-zip", "p-cpe:/a:novell:suse_linux:11:php53-zlib", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_APACHE2-MOD_PHP53-120618.NASL", "href": "https://www.tenable.com/plugins/nessus/64104", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64104);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2335\", \"CVE-2012-2336\", \"CVE-2012-2386\");\n\n script_name(english:\"SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6440)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PHP5 was updated with incremental fixes to the previous update.\n\n - Additional unsafe cgi wrapper scripts are also fixed\n now. (CVE-2012-2335)\n\n - Even more commandline option handling is filtered, which\n could lead to crashes of the php interpreter.\n (CVE-2012-2336)\n\n - heap-based buffer overflow in php's phar extension.\n (CVE-2012-2386)\n\n - The crypt() implementation ignored wide characters,\n leading to shorter effective password lengths. Note:\n With this update applied affected passwords will no\n longer work and need to be set again. (CVE-2012-2143)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=761631\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=763814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=766798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-2143.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-2335.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-2336.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-2386.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 6440.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-mod_php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:php53-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"apache2-mod_php53-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-bcmath-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-bz2-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-calendar-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-ctype-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-curl-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-dba-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-dom-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-exif-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-fastcgi-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-fileinfo-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-ftp-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-gd-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-gettext-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-gmp-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-iconv-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-intl-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-json-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-ldap-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-mbstring-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-mcrypt-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-mysql-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-odbc-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-openssl-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-pcntl-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-pdo-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-pear-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-pgsql-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-pspell-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-shmop-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-snmp-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-soap-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-suhosin-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-sysvmsg-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-sysvsem-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-sysvshm-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-tokenizer-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-wddx-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-xmlreader-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-xmlrpc-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-xmlwriter-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-xsl-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-zip-5.3.8-0.33.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"php53-zlib-5.3.8-0.33.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-12T15:04:24", "description": "According to its banner, the version of PHP installed on the remote host is 5.3.x earlier than 5.3.14, and is, therefore, potentially affected the following vulnerabilities :\n\n - An integer overflow error exists in the function 'phar_parse_tarfile' in the file 'ext/phar/tar.c'. This error can lead to a heap-based buffer overflow when handling a maliciously crafted TAR file. Arbitrary code execution is possible due to this error. (CVE-2012-2386)\n\n - A weakness exists in the 'crypt' function related to the DES implementation that can allow brute-force attacks. (CVE-2012-2143)\n\n - Several design errors involving the incorrect parsing of PHP PDO prepared statements could lead to disclosure of sensitive information or denial of service.\n (CVE-2012-3450)\n\n - A variable initialization error exists in the file 'ext/openssl/openssl.c' that can allow process memory contents to be disclosed when input data is of length zero. (CVE-2012-6113)", "cvss3": {"score": null, "vector": null}, "published": "2012-06-15T00:00:00", "type": "nessus", "title": "PHP 5.3.x < 5.3.14 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2386", "CVE-2012-3450", "CVE-2012-6113"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_3_14.NASL", "href": "https://www.tenable.com/plugins/nessus/59529", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59529);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2012-2143\",\n \"CVE-2012-2386\",\n \"CVE-2012-3450\",\n \"CVE-2012-6113\"\n );\n script_bugtraq_id(\n 47545,\n 53729,\n 54777,\n 57462\n );\n script_xref(name:\"EDB-ID\", value:\"17201\");\n\n script_name(english:\"PHP 5.3.x < 5.3.14 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP installed on the remote\nhost is 5.3.x earlier than 5.3.14, and is, therefore, potentially\naffected the following vulnerabilities :\n\n - An integer overflow error exists in the function\n 'phar_parse_tarfile' in the file 'ext/phar/tar.c'. This\n error can lead to a heap-based buffer overflow when\n handling a maliciously crafted TAR file. Arbitrary code\n execution is possible due to this error. (CVE-2012-2386)\n\n - A weakness exists in the 'crypt' function related to\n the DES implementation that can allow brute-force\n attacks. (CVE-2012-2143)\n\n - Several design errors involving the incorrect parsing\n of PHP PDO prepared statements could lead to disclosure\n of sensitive information or denial of service.\n (CVE-2012-3450)\n\n - A variable initialization error exists in the file\n 'ext/openssl/openssl.c' that can allow process memory\n contents to be disclosed when input data is of length\n zero. (CVE-2012-6113)\");\n # https://packetstormsecurity.com/files/113551/PHP-5.4.3-PDO-Access-Violation.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ec6f812f\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=61755\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/ChangeLog-5.php#5.3.14\");\n # http://0x1byte.blogspot.com/2011/04/php-phar-extension-heap-overflow.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?99140286\");\n # http://git.php.net/?p=php-src.git;a=commitdiff;h=270a406ac94b5fc5cc9ef59fc61e3b4b95648a3e\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a42ad63a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.3.14 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-2386\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/04/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported)\n audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\n# Check that it is the correct version of PHP\nif (version =~ \"^5(\\.3)?$\") exit(1, \"The banner from the PHP install associated with port \"+port+\" - \"+version+\" - is not granular enough to make a determination.\");\nif (version !~ \"^5\\.3\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.3.x\", port);\n\nif (version =~ \"^5\\.3\\.([0-9]|1[0-3])($|[^0-9])\")\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version+\n '\\n Fixed version : 5.3.14\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:49:57", "description": "Specially crafted tar archives could cause an integer overflow in the phar extension", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : php5 (openSUSE-SU-2012:0695-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2386"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:php5-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:php5-curl-debuginfo", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-dba-debuginfo", "p-cpe:/a:novell:opensuse:php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-debugsource", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-dom-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-exif-debuginfo", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php5-fpm", "p-cpe:/a:novell:opensuse:php5-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-gd-debuginfo", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-imap-debuginfo", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-intl-debuginfo", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-json-debuginfo", "p-cpe:/a:novell:opensuse:php5-ldap", "p-cpe:/a:novell:opensuse:php5-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo", "p-cpe:/a:novell:opensuse:php5-mssql", "p-cpe:/a:novell:opensuse:php5-mssql-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-pdo-debuginfo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-phar-debuginfo", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-posix-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-pspell-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-readline-debuginfo", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-soap-debuginfo", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-zip-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib", "p-cpe:/a:novell:opensuse:php5-zlib-debuginfo", "cpe:/o:novell:opensuse:12.1"], "id": "OPENSUSE-2012-311.NASL", "href": "https://www.tenable.com/plugins/nessus/74645", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-311.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74645);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-2386\");\n\n script_name(english:\"openSUSE Security Update : php5 (openSUSE-SU-2012:0695-1)\");\n script_summary(english:\"Check for the openSUSE-2012-311 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted tar archives could cause an integer overflow in the\nphar extension\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=763814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-06/msg00002.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-mod_php5-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-mod_php5-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-bcmath-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-bcmath-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-bz2-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-bz2-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-calendar-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-calendar-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-ctype-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-ctype-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-curl-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-curl-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-dba-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-dba-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-debugsource-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-devel-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-dom-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-dom-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-enchant-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-enchant-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-exif-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-exif-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-fastcgi-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-fastcgi-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-fileinfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-fileinfo-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-fpm-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-fpm-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-ftp-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-ftp-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-gd-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-gd-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-gettext-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-gettext-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-gmp-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-gmp-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-iconv-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-iconv-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-imap-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-imap-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-intl-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-intl-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-json-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-json-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-ldap-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-ldap-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-mbstring-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-mbstring-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-mcrypt-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-mcrypt-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-mssql-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-mssql-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-mysql-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-mysql-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-odbc-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-odbc-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-openssl-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-openssl-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-pcntl-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-pcntl-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-pdo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-pdo-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-pear-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-pgsql-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-pgsql-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-phar-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-phar-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-posix-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-posix-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-pspell-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-pspell-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-readline-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-readline-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-shmop-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-shmop-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-snmp-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-snmp-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-soap-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-soap-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sockets-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sockets-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sqlite-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sqlite-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-suhosin-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-suhosin-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sysvmsg-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sysvmsg-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sysvsem-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sysvsem-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sysvshm-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sysvshm-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-tidy-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-tidy-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-tokenizer-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-tokenizer-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-wddx-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-wddx-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-xmlreader-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-xmlreader-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-xmlrpc-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-xmlrpc-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-xmlwriter-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-xmlwriter-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-xsl-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-xsl-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-zip-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-zip-debuginfo-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-zlib-5.3.8-4.21.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-zlib-debuginfo-5.3.8-4.21.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:58:03", "description": "The Phar extension for PHP does not properly handle crafted tar files, leading to a heap-based buffer overflow. PHP applications processing tar files could crash or, potentially, execute arbitrary code.\n\nIn addition, this update addresses a regression which caused a crash when accessing a global object that is returned as $this from __get.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-29T00:00:00", "type": "nessus", "title": "Debian DSA-2492-1 : php5 - buffer overflow", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2386"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:php5", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2492.NASL", "href": "https://www.tenable.com/plugins/nessus/59770", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2492. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59770);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2386\");\n script_bugtraq_id(47545);\n script_xref(name:\"DSA\", value:\"2492\");\n\n script_name(english:\"Debian DSA-2492-1 : php5 - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Phar extension for PHP does not properly handle crafted tar files,\nleading to a heap-based buffer overflow. PHP applications processing\ntar files could crash or, potentially, execute arbitrary code.\n\nIn addition, this update addresses a regression which caused a crash\nwhen accessing a global object that is returned as $this from __get.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/php5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2492\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the php5 packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 5.3.3-7+squeeze13.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libapache2-mod-php5\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php-pear\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-cgi\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-cli\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-common\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-curl\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-dbg\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-dev\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-enchant\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-gd\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-gmp\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-imap\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-interbase\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-intl\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-ldap\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-mcrypt\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-mysql\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-odbc\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-pgsql\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-pspell\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-recode\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-snmp\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-sqlite\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-sybase\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-tidy\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-xmlrpc\", reference:\"5.3.3-7+squeeze13\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"php5-xsl\", reference:\"5.3.3-7+squeeze13\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:58:19", "description": "The PostgreSQL Global Development Group reports :\n\nToday the PHP, OpenBSD and FreeBSD communities announced updates to patch a security hole involving their crypt() hashing algorithms. This issue is described in CVE-2012-2143. This vulnerability also affects a minority of PostgreSQL users, and will be fixed in an update release on June 4, 2012.\n\nAffected users are those who use the crypt(text, text) function with DES encryption in the optional pg_crypto module. Passwords affected are those that contain characters that cannot be represented with 7-bit ASCII. If a password contains a character that has the most significant bit set (0x80), and DES encryption is used, that character and all characters after it will be ignored.", "cvss3": {"score": null, "vector": null}, "published": "2012-05-31T00:00:00", "type": "nessus", "title": "FreeBSD : databases/postgresql*-server -- crypt vulnerabilities (a8864f8f-aa9e-11e1-a284-0023ae8e59f0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:postgresql-server", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_A8864F8FAA9E11E1A2840023AE8E59F0.NASL", "href": "https://www.tenable.com/plugins/nessus/59314", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59314);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-2143\");\n\n script_name(english:\"FreeBSD : databases/postgresql*-server -- crypt vulnerabilities (a8864f8f-aa9e-11e1-a284-0023ae8e59f0)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The PostgreSQL Global Development Group reports :\n\nToday the PHP, OpenBSD and FreeBSD communities announced updates to\npatch a security hole involving their crypt() hashing algorithms. This\nissue is described in CVE-2012-2143. This vulnerability also affects a\nminority of PostgreSQL users, and will be fixed in an update release\non June 4, 2012.\n\nAffected users are those who use the crypt(text, text) function with\nDES encryption in the optional pg_crypto module. Passwords affected\nare those that contain characters that cannot be represented with\n7-bit ASCII. If a password contains a character that has the most\nsignificant bit set (0x80), and DES encryption is used, that character\nand all characters after it will be ignored.\"\n );\n # http://www.postgresql.org/about/news/1397/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1397/\"\n );\n # http://git.postgresql.org/gitweb/?p=postgresql.git;a=patch;h=932ded2ed51e8333852e370c7a6dad75d9f236f9\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?04861d64\"\n );\n # https://vuxml.freebsd.org/freebsd/a8864f8f-aa9e-11e1-a284-0023ae8e59f0.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?831ede81\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"postgresql-server>8.3.*<8.3.18_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"postgresql-server>8.4.*<8.4.11_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"postgresql-server>9.0.*<9.0.7_2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"postgresql-server>9.1.*<9.1.3_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"postgresql-server>9.2.*<9.2.b1_1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:54:15", "description": "From Red Hat Security Advisory 2012:1036 :\n\nUpdated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nA flaw was found in the way the crypt() password hashing function from the optional PostgreSQL pgcrypto contrib module performed password transformation when used with the DES algorithm. If the password string to be hashed contained the 0x80 byte value, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. This made brute-force guessing more efficient as the whole password was not required to gain access to protected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in the DES hash; therefore, any previously stored password values that are affected by this issue will no longer match. In such cases, it will be necessary for those stored password hashes to be updated.\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters of this issue.\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : postgresql (ELSA-2012-1036)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:postgresql", "p-cpe:/a:oracle:linux:postgresql-contrib", "p-cpe:/a:oracle:linux:postgresql-devel", "p-cpe:/a:oracle:linux:postgresql-docs", "p-cpe:/a:oracle:linux:postgresql-libs", "p-cpe:/a:oracle:linux:postgresql-pl", "p-cpe:/a:oracle:linux:postgresql-python", "p-cpe:/a:oracle:linux:postgresql-server", "p-cpe:/a:oracle:linux:postgresql-tcl", "p-cpe:/a:oracle:linux:postgresql-test", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2012-1036.NASL", "href": "https://www.tenable.com/plugins/nessus/68567", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1036 and \n# Oracle Linux Security Advisory ELSA-2012-1036 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68567);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-2143\");\n script_bugtraq_id(53729);\n script_xref(name:\"RHSA\", value:\"2012:1036\");\n\n script_name(english:\"Oracle Linux 5 : postgresql (ELSA-2012-1036)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:1036 :\n\nUpdated postgresql packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA flaw was found in the way the crypt() password hashing function from\nthe optional PostgreSQL pgcrypto contrib module performed password\ntransformation when used with the DES algorithm. If the password\nstring to be hashed contained the 0x80 byte value, the remainder of\nthe string was ignored when calculating the hash, significantly\nreducing the password strength. This made brute-force guessing more\nefficient as the whole password was not required to gain access to\nprotected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in\nthe DES hash; therefore, any previously stored password values that\nare affected by this issue will no longer match. In such cases, it\nwill be necessary for those stored password hashes to be updated.\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original\nreporters of this issue.\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. If the\npostgresql service is running, it will be automatically restarted\nafter installing this update.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-June/002876.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-contrib-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-devel-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-docs-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-libs-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-pl-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-python-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-server-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-tcl-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-test-8.1.23-5.el5_8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:58:03", "description": "Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nA flaw was found in the way the crypt() password hashing function from the optional PostgreSQL pgcrypto contrib module performed password transformation when used with the DES algorithm. If the password string to be hashed contained the 0x80 byte value, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. This made brute-force guessing more efficient as the whole password was not required to gain access to protected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in the DES hash; therefore, any previously stored password values that are affected by this issue will no longer match. In such cases, it will be necessary for those stored password hashes to be updated.\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters of this issue.\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-26T00:00:00", "type": "nessus", "title": "CentOS 5 : postgresql (CESA-2012:1036)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:postgresql", "p-cpe:/a:centos:centos:postgresql-contrib", "p-cpe:/a:centos:centos:postgresql-devel", "p-cpe:/a:centos:centos:postgresql-docs", "p-cpe:/a:centos:centos:postgresql-libs", "p-cpe:/a:centos:centos:postgresql-pl", "p-cpe:/a:centos:centos:postgresql-python", "p-cpe:/a:centos:centos:postgresql-server", "p-cpe:/a:centos:centos:postgresql-tcl", "p-cpe:/a:centos:centos:postgresql-test", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-1036.NASL", "href": "https://www.tenable.com/plugins/nessus/59687", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1036 and \n# CentOS Errata and Security Advisory 2012:1036 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59687);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-2143\");\n script_bugtraq_id(53729);\n script_xref(name:\"RHSA\", value:\"2012:1036\");\n\n script_name(english:\"CentOS 5 : postgresql (CESA-2012:1036)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated postgresql packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA flaw was found in the way the crypt() password hashing function from\nthe optional PostgreSQL pgcrypto contrib module performed password\ntransformation when used with the DES algorithm. If the password\nstring to be hashed contained the 0x80 byte value, the remainder of\nthe string was ignored when calculating the hash, significantly\nreducing the password strength. This made brute-force guessing more\nefficient as the whole password was not required to gain access to\nprotected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in\nthe DES hash; therefore, any previously stored password values that\nare affected by this issue will no longer match. In such cases, it\nwill be necessary for those stored password hashes to be updated.\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original\nreporters of this issue.\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. If the\npostgresql service is running, it will be automatically restarted\nafter installing this update.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-June/018698.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?baf9c00c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-2143\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-contrib-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-devel-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-docs-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-libs-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-pl-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-python-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-server-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-tcl-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-test-8.1.23-5.el5_8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:58:09", "description": "Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nA flaw was found in the way the crypt() password hashing function from the optional PostgreSQL pgcrypto contrib module performed password transformation when used with the DES algorithm. If the password string to be hashed contained the 0x80 byte value, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. This made brute-force guessing more efficient as the whole password was not required to gain access to protected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in the DES hash; therefore, any previously stored password values that are affected by this issue will no longer match. In such cases, it will be necessary for those stored password hashes to be updated.\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters of this issue.\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-26T00:00:00", "type": "nessus", "title": "RHEL 5 : postgresql (RHSA-2012:1036)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:postgresql", "p-cpe:/a:redhat:enterprise_linux:postgresql-contrib", "p-cpe:/a:redhat:enterprise_linux:postgresql-debuginfo", "p-cpe:/a:redhat:enterprise_linux:postgresql-devel", "p-cpe:/a:redhat:enterprise_linux:postgresql-docs", "p-cpe:/a:redhat:enterprise_linux:postgresql-libs", "p-cpe:/a:redhat:enterprise_linux:postgresql-pl", "p-cpe:/a:redhat:enterprise_linux:postgresql-python", "p-cpe:/a:redhat:enterprise_linux:postgresql-server", "p-cpe:/a:redhat:enterprise_linux:postgresql-tcl", "p-cpe:/a:redhat:enterprise_linux:postgresql-test", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2012-1036.NASL", "href": "https://www.tenable.com/plugins/nessus/59711", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1036. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59711);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-2143\");\n script_bugtraq_id(53729);\n script_xref(name:\"RHSA\", value:\"2012:1036\");\n\n script_name(english:\"RHEL 5 : postgresql (RHSA-2012:1036)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated postgresql packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA flaw was found in the way the crypt() password hashing function from\nthe optional PostgreSQL pgcrypto contrib module performed password\ntransformation when used with the DES algorithm. If the password\nstring to be hashed contained the 0x80 byte value, the remainder of\nthe string was ignored when calculating the hash, significantly\nreducing the password strength. This made brute-force guessing more\nefficient as the whole password was not required to gain access to\nprotected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in\nthe DES hash; therefore, any previously stored password values that\nare affected by this issue will no longer match. In such cases, it\nwill be necessary for those stored password hashes to be updated.\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original\nreporters of this issue.\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. If the\npostgresql service is running, it will be automatically restarted\nafter installing this update.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1036\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2143\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1036\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-contrib-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-contrib-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-contrib-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"postgresql-debuginfo-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"postgresql-devel-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-docs-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-docs-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-docs-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"postgresql-libs-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-pl-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-pl-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-pl-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-python-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-python-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-python-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-server-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-server-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-server-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-tcl-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-tcl-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-tcl-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-test-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-test-8.1.23-5.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-test-8.1.23-5.el5_8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:49:48", "description": "- security update :\n\n - Fix BSD crypt 8bit character mishandling (CVE-2012-2143) [bnc#766798]", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : php5 (openSUSE-SU-2012:0826-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:php5-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:php5-curl-debuginfo", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-dba-debuginfo", "p-cpe:/a:novell:opensuse:php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-debugsource", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-dom-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-exif-debuginfo", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php5-fpm", "p-cpe:/a:novell:opensuse:php5-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-gd-debuginfo", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-imap-debuginfo", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-intl-debuginfo", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-json-debuginfo", "p-cpe:/a:novell:opensuse:php5-ldap", "p-cpe:/a:novell:opensuse:php5-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo", "p-cpe:/a:novell:opensuse:php5-mssql", "p-cpe:/a:novell:opensuse:php5-mssql-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-pdo-debuginfo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-phar-debuginfo", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-posix-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-pspell-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-readline-debuginfo", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-soap-debuginfo", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-zip-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib", "p-cpe:/a:novell:opensuse:php5-zlib-debuginfo", "cpe:/o:novell:opensuse:12.1"], "id": "OPENSUSE-2012-365.NASL", "href": "https://www.tenable.com/plugins/nessus/74667", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-365.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74667);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-2143\");\n\n script_name(english:\"openSUSE Security Update : php5 (openSUSE-SU-2012:0826-1)\");\n script_summary(english:\"Check for the openSUSE-2012-365 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - security update :\n\n - Fix BSD crypt 8bit character mishandling (CVE-2012-2143)\n [bnc#766798]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=766798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-07/msg00006.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php5 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mssql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-mod_php5-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"apache2-mod_php5-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-bcmath-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-bcmath-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-bz2-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-bz2-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-calendar-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-calendar-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-ctype-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-ctype-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-curl-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-curl-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-dba-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-dba-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-debugsource-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-devel-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-dom-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-dom-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-enchant-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-enchant-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-exif-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-exif-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-fastcgi-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-fastcgi-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-fileinfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-fileinfo-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-fpm-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-fpm-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-ftp-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-ftp-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-gd-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-gd-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-gettext-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-gettext-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-gmp-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-gmp-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-iconv-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-iconv-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-imap-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-imap-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-intl-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-intl-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-json-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-json-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-ldap-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-ldap-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-mbstring-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-mbstring-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-mcrypt-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-mcrypt-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-mssql-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-mssql-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-mysql-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-mysql-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-odbc-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-odbc-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-openssl-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-openssl-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-pcntl-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-pcntl-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-pdo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-pdo-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-pear-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-pgsql-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-pgsql-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-phar-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-phar-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-posix-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-posix-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-pspell-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-pspell-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-readline-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-readline-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-shmop-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-shmop-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-snmp-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-snmp-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-soap-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-soap-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sockets-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sockets-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sqlite-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sqlite-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-suhosin-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-suhosin-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sysvmsg-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sysvmsg-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sysvsem-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sysvsem-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sysvshm-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-sysvshm-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-tidy-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-tidy-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-tokenizer-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-tokenizer-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-wddx-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-wddx-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-xmlreader-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-xmlreader-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-xmlrpc-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-xmlrpc-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-xmlwriter-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-xmlwriter-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-xsl-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-xsl-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-zip-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-zip-debuginfo-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-zlib-5.3.8-4.24.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"php5-zlib-debuginfo-5.3.8-4.24.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / apache2-mod_php5-debuginfo / php5 / php5-bcmath / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-10-16T02:05:57", "description": "The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password.", "cvss3": {"score": null, "vector": null}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : postgresql9 (ALAS-2012-91)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:postgresql9", "p-cpe:/a:amazon:linux:postgresql9-contrib", "p-cpe:/a:amazon:linux:postgresql9-debuginfo", "p-cpe:/a:amazon:linux:postgresql9-devel", "p-cpe:/a:amazon:linux:postgresql9-docs", "p-cpe:/a:amazon:linux:postgresql9-libs", "p-cpe:/a:amazon:linux:postgresql9-plperl", "p-cpe:/a:amazon:linux:postgresql9-plpython", "p-cpe:/a:amazon:linux:postgresql9-pltcl", "p-cpe:/a:amazon:linux:postgresql9-server", "p-cpe:/a:amazon:linux:postgresql9-test", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-91.NASL", "href": "https://www.tenable.com/plugins/nessus/69698", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-91.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69698);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-2143\");\n script_xref(name:\"ALAS\", value:\"2012-91\");\n\n script_name(english:\"Amazon Linux AMI : postgresql9 (ALAS-2012-91)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The crypt_des (aka DES-based crypt) function in FreeBSD before\n9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does\nnot process the complete cleartext password if this password contains\na 0x80 character, which makes it easier for context-dependent\nattackers to obtain access via an authentication attempt with an\ninitial substring of the intended password, as demonstrated by a\nUnicode password.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-91.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update postgresql9' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql9-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql9-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql9-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql9-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql9-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql9-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql9-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql9-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql9-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql9-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"postgresql9-9.1.4-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql9-contrib-9.1.4-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql9-debuginfo-9.1.4-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql9-devel-9.1.4-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql9-docs-9.1.4-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql9-libs-9.1.4-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql9-plperl-9.1.4-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql9-plpython-9.1.4-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql9-pltcl-9.1.4-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql9-server-9.1.4-1.21.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql9-test-9.1.4-1.21.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql9 / postgresql9-contrib / postgresql9-debuginfo / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:58:03", "description": "Problem description :\n\nThere is a programming error in the DES implementation used in crypt() when handling input which contains characters that cannot be represented with 7-bit ASCII.\n\nWhen the input contains characters with only the most significant bit set (0x80), that character and all characters after it will be ignored.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-28T00:00:00", "type": "nessus", "title": "FreeBSD : FreeBSD -- Incorrect crypt() hashing (185ff22e-c066-11e1-b5e0-000c299b62e1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:FreeBSD", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_185FF22EC06611E1B5E0000C299B62E1.NASL", "href": "https://www.tenable.com/plugins/nessus/59746", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59746);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-2143\");\n script_xref(name:\"FreeBSD\", value:\"SA-12:02.crypt\");\n\n script_name(english:\"FreeBSD : FreeBSD -- Incorrect crypt() hashing (185ff22e-c066-11e1-b5e0-000c299b62e1)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Problem description :\n\nThere is a programming error in the DES implementation used in crypt()\nwhen handling input which contains characters that cannot be\nrepresented with 7-bit ASCII.\n\nWhen the input contains characters with only the most significant bit\nset (0x80), that character and all characters after it will be\nignored.\"\n );\n # https://vuxml.freebsd.org/freebsd/185ff22e-c066-11e1-b5e0-000c299b62e1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e633952c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:FreeBSD\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"FreeBSD>=7.4<7.4_8\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"FreeBSD>=8.1<8.1_10\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"FreeBSD>=8.2<8.2_8\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"FreeBSD>=8.3<8.3_2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"FreeBSD>=9.0<9.0_2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:57:43", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nA flaw was found in the way the crypt() password hashing function from the optional PostgreSQL pgcrypto contrib module performed password transformation when used with the DES algorithm. If the password string to be hashed contained the 0x80 byte value, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. This made brute-force guessing more efficient as the whole password was not required to gain access to protected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in the DES hash; therefore, any previously stored password values that are affected by this issue will no longer match. In such cases, it will be necessary for those stored password hashes to be updated.\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : postgresql on SL5.x i386/x86_64 (20120625)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:postgresql", "p-cpe:/a:fermilab:scientific_linux:postgresql-contrib", "p-cpe:/a:fermilab:scientific_linux:postgresql-debuginfo", "p-cpe:/a:fermilab:scientific_linux:postgresql-devel", "p-cpe:/a:fermilab:scientific_linux:postgresql-docs", "p-cpe:/a:fermilab:scientific_linux:postgresql-libs", "p-cpe:/a:fermilab:scientific_linux:postgresql-pl", "p-cpe:/a:fermilab:scientific_linux:postgresql-python", "p-cpe:/a:fermilab:scientific_linux:postgresql-server", "p-cpe:/a:fermilab:scientific_linux:postgresql-tcl", "p-cpe:/a:fermilab:scientific_linux:postgresql-test", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120625_POSTGRESQL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61354", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61354);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-2143\");\n\n script_name(english:\"Scientific Linux Security Update : postgresql on SL5.x i386/x86_64 (20120625)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA flaw was found in the way the crypt() password hashing function from\nthe optional PostgreSQL pgcrypto contrib module performed password\ntransformation when used with the DES algorithm. If the password\nstring to be hashed contained the 0x80 byte value, the remainder of\nthe string was ignored when calculating the hash, significantly\nreducing the password strength. This made brute-force guessing more\nefficient as the whole password was not required to gain access to\nprotected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in\nthe DES hash; therefore, any previously stored password values that\nare affected by this issue will no longer match. In such cases, it\nwill be necessary for those stored password hashes to be updated.\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. If the\npostgresql service is running, it will be automatically restarted\nafter installing this update.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1207&L=scientific-linux-errata&T=0&P=209\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2a582234\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-contrib-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-debuginfo-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-devel-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-docs-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-libs-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-pl-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-python-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-server-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-tcl-8.1.23-5.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-test-8.1.23-5.el5_8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-debuginfo / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:58:02", "description": "It was discovered that PHP incorrectly handled certain Tidy::diagnose operations on invalid objects. A remote attacker could use this flaw to cause PHP to crash, leading to a denial of service. (CVE-2012-0781)\n\nIt was discovered that PHP incorrectly handled certain multi-file upload filenames. A remote attacker could use this flaw to cause a denial of service, or to perform a directory traversal attack.\n(CVE-2012-1172)\n\nRubin Xu and Joseph Bonneau discovered that PHP incorrectly handled certain Unicode characters in passwords passed to the crypt() function. A remote attacker could possibly use this flaw to bypass authentication. (CVE-2012-2143)\n\nIt was discovered that a Debian/Ubuntu specific patch caused PHP to incorrectly handle empty salt strings. A remote attacker could possibly use this flaw to bypass authentication. This issue only affected Ubuntu 10.04 LTS and Ubuntu 11.04. (CVE-2012-2317)\n\nIt was discovered that PHP, when used as a stand alone CGI processor for the Apache Web Server, did not properly parse and filter query strings. This could allow a remote attacker to execute arbitrary code running with the privilege of the web server, or to perform a denial of service. Configurations using mod_php5 and FastCGI were not vulnerable. (CVE-2012-2335, CVE-2012-2336)\n\nAlexander Gavrun discovered that the PHP Phar extension incorrectly handled certain malformed TAR files. A remote attacker could use this flaw to perform a denial of service, or possibly execute arbitrary code. (CVE-2012-2386).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-20T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : php5 vulnerabilities (USN-1481-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0781", "CVE-2012-1172", "CVE-2012-2143", "CVE-2012-2317", "CVE-2012-2335", "CVE-2012-2336", "CVE-2012-2386"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:php5", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-1481-1.NASL", "href": "https://www.tenable.com/plugins/nessus/59603", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1481-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59603);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-0781\", \"CVE-2012-1172\", \"CVE-2012-2143\", \"CVE-2012-2317\", \"CVE-2012-2335\", \"CVE-2012-2336\", \"CVE-2012-2386\");\n script_bugtraq_id(47545, 51992, 53388, 53403, 53729, 54875);\n script_xref(name:\"USN\", value:\"1481-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : php5 vulnerabilities (USN-1481-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that PHP incorrectly handled certain Tidy::diagnose\noperations on invalid objects. A remote attacker could use this flaw\nto cause PHP to crash, leading to a denial of service. (CVE-2012-0781)\n\nIt was discovered that PHP incorrectly handled certain multi-file\nupload filenames. A remote attacker could use this flaw to cause a\ndenial of service, or to perform a directory traversal attack.\n(CVE-2012-1172)\n\nRubin Xu and Joseph Bonneau discovered that PHP incorrectly handled\ncertain Unicode characters in passwords passed to the crypt()\nfunction. A remote attacker could possibly use this flaw to bypass\nauthentication. (CVE-2012-2143)\n\nIt was discovered that a Debian/Ubuntu specific patch caused PHP to\nincorrectly handle empty salt strings. A remote attacker could\npossibly use this flaw to bypass authentication. This issue only\naffected Ubuntu 10.04 LTS and Ubuntu 11.04. (CVE-2012-2317)\n\nIt was discovered that PHP, when used as a stand alone CGI processor\nfor the Apache Web Server, did not properly parse and filter query\nstrings. This could allow a remote attacker to execute arbitrary code\nrunning with the privilege of the web server, or to perform a denial\nof service. Configurations using mod_php5 and FastCGI were not\nvulnerable. (CVE-2012-2335, CVE-2012-2336)\n\nAlexander Gavrun discovered that the PHP Phar extension incorrectly\nhandled certain malformed TAR files. A remote attacker could use this\nflaw to perform a denial of service, or possibly execute arbitrary\ncode. (CVE-2012-2386).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1481-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php5 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|10\\.04|11\\.04|11\\.10|12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 10.04 / 11.04 / 11.10 / 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"php5\", pkgver:\"5.2.4-2ubuntu5.25\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"php5\", pkgver:\"5.3.2-1ubuntu4.17\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"php5\", pkgver:\"5.3.5-1ubuntu7.10\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"php5\", pkgver:\"5.3.6-13ubuntu3.8\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"php5\", pkgver:\"5.3.10-1ubuntu3.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php5\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:58:16", "description": "Upstream bug fix + security updates, including the fixes for CVE-2012-2143, CVE-2012-2655\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-18T00:00:00", "type": "nessus", "title": "Fedora 17 : postgresql-9.1.4-1.fc17 (2012-8924)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2655"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:postgresql", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2012-8924.NASL", "href": "https://www.tenable.com/plugins/nessus/59539", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-8924.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59539);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2655\");\n script_xref(name:\"FEDORA\", value:\"2012-8924\");\n\n script_name(english:\"Fedora 17 : postgresql-9.1.4-1.fc17 (2012-8924)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upstream bug fix + security updates, including the fixes for\nCVE-2012-2143, CVE-2012-2655\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=826606\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082292.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?29d6b86c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"postgresql-9.1.4-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:58:07", "description": "Updated postgresql84 and postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nA flaw was found in the way the crypt() password hashing function from the optional PostgreSQL pgcrypto contrib module performed password transformation when used with the DES algorithm. If the password string to be hashed contained the 0x80 byte value, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. This made brute-force guessing more efficient as the whole password was not required to gain access to protected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in the DES hash; therefore, any previously stored password values that are affected by this issue will no longer match. In such cases, it will be necessary for those stored password hashes to be updated.\n\nA denial of service flaw was found in the way the PostgreSQL server performed a user privileges check when applying SECURITY DEFINER or SET attributes to a procedural language's (such as PL/Perl or PL/Python) call handler function. A non-superuser database owner could use this flaw to cause the PostgreSQL server to crash due to infinite recursion. (CVE-2012-2655)\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters of the CVE-2012-2143 issue.\n\nThese updated packages upgrade PostgreSQL to version 8.4.12, which fixes these issues as well as several non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-27T00:00:00", "type": "nessus", "title": "CentOS 5 / 6 : postgresql / postgresql84 (CESA-2012:1037)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2655"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:postgresql", "p-cpe:/a:centos:centos:postgresql-contrib", "p-cpe:/a:centos:centos:postgresql-devel", "p-cpe:/a:centos:centos:postgresql-docs", "p-cpe:/a:centos:centos:postgresql-libs", "p-cpe:/a:centos:centos:postgresql-plperl", "p-cpe:/a:centos:centos:postgresql-plpython", "p-cpe:/a:centos:centos:postgresql-pltcl", "p-cpe:/a:centos:centos:postgresql-server", "p-cpe:/a:centos:centos:postgresql-test", "p-cpe:/a:centos:centos:postgresql84", "p-cpe:/a:centos:centos:postgresql84-contrib", "p-cpe:/a:centos:centos:postgresql84-devel", "p-cpe:/a:centos:centos:postgresql84-docs", "p-cpe:/a:centos:centos:postgresql84-libs", "p-cpe:/a:centos:centos:postgresql84-plperl", "p-cpe:/a:centos:centos:postgresql84-plpython", "p-cpe:/a:centos:centos:postgresql84-pltcl", "p-cpe:/a:centos:centos:postgresql84-python", "p-cpe:/a:centos:centos:postgresql84-server", "p-cpe:/a:centos:centos:postgresql84-tcl", "p-cpe:/a:centos:centos:postgresql84-test", "cpe:/o:centos:centos:5", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2012-1037.NASL", "href": "https://www.tenable.com/plugins/nessus/59719", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1037 and \n# CentOS Errata and Security Advisory 2012:1037 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59719);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2655\");\n script_bugtraq_id(53729, 53812);\n script_xref(name:\"RHSA\", value:\"2012:1037\");\n\n script_name(english:\"CentOS 5 / 6 : postgresql / postgresql84 (CESA-2012:1037)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated postgresql84 and postgresql packages that fix two security\nissues are now available for Red Hat Enterprise Linux 5 and 6\nrespectively.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA flaw was found in the way the crypt() password hashing function from\nthe optional PostgreSQL pgcrypto contrib module performed password\ntransformation when used with the DES algorithm. If the password\nstring to be hashed contained the 0x80 byte value, the remainder of\nthe string was ignored when calculating the hash, significantly\nreducing the password strength. This made brute-force guessing more\nefficient as the whole password was not required to gain access to\nprotected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in\nthe DES hash; therefore, any previously stored password values that\nare affected by this issue will no longer match. In such cases, it\nwill be necessary for those stored password hashes to be updated.\n\nA denial of service flaw was found in the way the PostgreSQL server\nperformed a user privileges check when applying SECURITY DEFINER or\nSET attributes to a procedural language's (such as PL/Perl or\nPL/Python) call handler function. A non-superuser database owner could\nuse this flaw to cause the PostgreSQL server to crash due to infinite\nrecursion. (CVE-2012-2655)\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original\nreporters of the CVE-2012-2143 issue.\n\nThese updated packages upgrade PostgreSQL to version 8.4.12, which\nfixes these issues as well as several non-security issues. Refer to\nthe PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct these issues. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-July/018728.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?133612bb\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-June/018699.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d517e20b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql and / or postgresql84 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-2143\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-contrib-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-devel-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-docs-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-libs-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-plperl-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-plpython-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-pltcl-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-python-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-server-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-tcl-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-test-8.4.12-1.el5_8\")) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-contrib-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-devel-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-docs-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-libs-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-plperl-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-plpython-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-pltcl-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-server-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-test-8.4.12-1.el6_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:54:55", "description": "Versions of PostgreSQL earlier than 8.3.19/ 8.4.12 / 9.0.8 / 9.1.4 are potentially affected by multiple vulnerabilities. It therefore is affected by the following vulnerabilities : \n\n - Passwords containing the byte 0x80 passed to the crypt() function in pgcrypto are incorrectly truncated if DES encryption was used. (CVE-2012-2143)\n\n - SECURITY_DEFINER and SET attributes on procedural call handlers are not ignored and can be used to crash the server. (CVE-2012-2655)", "cvss3": {"score": 6.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2013-05-14T00:00:00", "type": "nessus", "title": "PostgreSQL < 8.3.19 / 8.4.12 / 9.0.8 / 9.1.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2655"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*"], "id": "6816.PRM", "href": "https://www.tenable.com/plugins/nnm/6816", "sourceData": "Binary data 6816.prm", "cvss": {"score": 6.8, "vector": "CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:53:33", "description": "From Red Hat Security Advisory 2012:1037 :\n\nUpdated postgresql84 and postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nA flaw was found in the way the crypt() password hashing function from the optional PostgreSQL pgcrypto contrib module performed password transformation when used with the DES algorithm. If the password string to be hashed contained the 0x80 byte value, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. This made brute-force guessing more efficient as the whole password was not required to gain access to protected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in the DES hash; therefore, any previously stored password values that are affected by this issue will no longer match. In such cases, it will be necessary for those stored password hashes to be updated.\n\nA denial of service flaw was found in the way the PostgreSQL server performed a user privileges check when applying SECURITY DEFINER or SET attributes to a procedural language's (such as PL/Perl or PL/Python) call handler function. A non-superuser database owner could use this flaw to cause the PostgreSQL server to crash due to infinite recursion. (CVE-2012-2655)\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters of the CVE-2012-2143 issue.\n\nThese updated packages upgrade PostgreSQL to version 8.4.12, which fixes these issues as well as several non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 / 6 : postgresql / postgresql84 (ELSA-2012-1037)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2655"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:postgresql", "p-cpe:/a:oracle:linux:postgresql-contrib", "p-cpe:/a:oracle:linux:postgresql-devel", "p-cpe:/a:oracle:linux:postgresql-docs", "p-cpe:/a:oracle:linux:postgresql-libs", "p-cpe:/a:oracle:linux:postgresql-plperl", "p-cpe:/a:oracle:linux:postgresql-plpython", "p-cpe:/a:oracle:linux:postgresql-pltcl", "p-cpe:/a:oracle:linux:postgresql-server", "p-cpe:/a:oracle:linux:postgresql-test", "p-cpe:/a:oracle:linux:postgresql84", "p-cpe:/a:oracle:linux:postgresql84-contrib", "p-cpe:/a:oracle:linux:postgresql84-devel", "p-cpe:/a:oracle:linux:postgresql84-docs", "p-cpe:/a:oracle:linux:postgresql84-libs", "p-cpe:/a:oracle:linux:postgresql84-plperl", "p-cpe:/a:oracle:linux:postgresql84-plpython", "p-cpe:/a:oracle:linux:postgresql84-pltcl", "p-cpe:/a:oracle:linux:postgresql84-python", "p-cpe:/a:oracle:linux:postgresql84-server", "p-cpe:/a:oracle:linux:postgresql84-tcl", "p-cpe:/a:oracle:linux:postgresql84-test", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2012-1037.NASL", "href": "https://www.tenable.com/plugins/nessus/68568", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1037 and \n# Oracle Linux Security Advisory ELSA-2012-1037 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68568);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2655\");\n script_bugtraq_id(52188, 53729, 53812);\n script_xref(name:\"RHSA\", value:\"2012:1037\");\n\n script_name(english:\"Oracle Linux 5 / 6 : postgresql / postgresql84 (ELSA-2012-1037)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:1037 :\n\nUpdated postgresql84 and postgresql packages that fix two security\nissues are now available for Red Hat Enterprise Linux 5 and 6\nrespectively.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA flaw was found in the way the crypt() password hashing function from\nthe optional PostgreSQL pgcrypto contrib module performed password\ntransformation when used with the DES algorithm. If the password\nstring to be hashed contained the 0x80 byte value, the remainder of\nthe string was ignored when calculating the hash, significantly\nreducing the password strength. This made brute-force guessing more\nefficient as the whole password was not required to gain access to\nprotected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in\nthe DES hash; therefore, any previously stored password values that\nare affected by this issue will no longer match. In such cases, it\nwill be necessary for those stored password hashes to be updated.\n\nA denial of service flaw was found in the way the PostgreSQL server\nperformed a user privileges check when applying SECURITY DEFINER or\nSET attributes to a procedural language's (such as PL/Perl or\nPL/Python) call handler function. A non-superuser database owner could\nuse this flaw to cause the PostgreSQL server to crash due to infinite\nrecursion. (CVE-2012-2655)\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original\nreporters of the CVE-2012-2143 issue.\n\nThese updated packages upgrade PostgreSQL to version 8.4.12, which\nfixes these issues as well as several non-security issues. Refer to\nthe PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct these issues. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-June/002877.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-June/002893.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql and / or postgresql84 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-contrib-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-devel-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-docs-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-libs-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-plperl-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-plpython-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-pltcl-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-python-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-server-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-tcl-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-test-8.4.12-1.el5_8\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"postgresql-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-contrib-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-devel-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-docs-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-libs-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-plperl-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-plpython-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-pltcl-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-server-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-test-8.4.12-1.el6_2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:57:55", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nA flaw was found in the way the crypt() password hashing function from the optional PostgreSQL pgcrypto contrib module performed password transformation when used with the DES algorithm. If the password string to be hashed contained the 0x80 byte value, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. This made brute-force guessing more efficient as the whole password was not required to gain access to protected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in the DES hash; therefore, any previously stored password values that are affected by this issue will no longer match. In such cases, it will be necessary for those stored password hashes to be updated.\n\nA denial of service flaw was found in the way the PostgreSQL server performed a user privileges check when applying SECURITY DEFINER or SET attributes to a procedural language's (such as PL/Perl or PL/Python) call handler function. A non-superuser database owner could use this flaw to cause the PostgreSQL server to crash due to infinite recursion. (CVE-2012-2655)\n\nThese updated packages upgrade PostgreSQL to version 8.4.12, which fixes these issues as well as several non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : postgresql and postgresql84 on SL6.x i386/x86_64 (20120625)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2655"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:postgresql", "p-cpe:/a:fermilab:scientific_linux:postgresql-contrib", "p-cpe:/a:fermilab:scientific_linux:postgresql-debuginfo", "p-cpe:/a:fermilab:scientific_linux:postgresql-devel", "p-cpe:/a:fermilab:scientific_linux:postgresql-docs", "p-cpe:/a:fermilab:scientific_linux:postgresql-libs", "p-cpe:/a:fermilab:scientific_linux:postgresql-plperl", "p-cpe:/a:fermilab:scientific_linux:postgresql-plpython", "p-cpe:/a:fermilab:scientific_linux:postgresql-pltcl", "p-cpe:/a:fermilab:scientific_linux:postgresql-server", "p-cpe:/a:fermilab:scientific_linux:postgresql-test", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120625_POSTGRESQL_AND_POSTGRESQL84_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61353", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61353);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2655\");\n\n script_name(english:\"Scientific Linux Security Update : postgresql and postgresql84 on SL6.x i386/x86_64 (20120625)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA flaw was found in the way the crypt() password hashing function from\nthe optional PostgreSQL pgcrypto contrib module performed password\ntransformation when used with the DES algorithm. If the password\nstring to be hashed contained the 0x80 byte value, the remainder of\nthe string was ignored when calculating the hash, significantly\nreducing the password strength. This made brute-force guessing more\nefficient as the whole password was not required to gain access to\nprotected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in\nthe DES hash; therefore, any previously stored password values that\nare affected by this issue will no longer match. In such cases, it\nwill be necessary for those stored password hashes to be updated.\n\nA denial of service flaw was found in the way the PostgreSQL server\nperformed a user privileges check when applying SECURITY DEFINER or\nSET attributes to a procedural language's (such as PL/Perl or\nPL/Python) call handler function. A non-superuser database owner could\nuse this flaw to cause the PostgreSQL server to crash due to infinite\nrecursion. (CVE-2012-2655)\n\nThese updated packages upgrade PostgreSQL to version 8.4.12, which\nfixes these issues as well as several non-security issues. Refer to\nthe PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct these issues. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n # http://www.postgresql.org/docs/8.4/static/release.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/8.4/release.html\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1207&L=scientific-linux-errata&T=0&P=1512\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f0c2d293\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-contrib-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-debuginfo-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-devel-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-docs-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-libs-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-plperl-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-plpython-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-pltcl-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-server-8.4.12-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-test-8.4.12-1.el6_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-debuginfo / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-10-16T02:05:53", "description": "A flaw was found in the way the crypt() password hashing function from the optional PostgreSQL pgcrypto contrib module performed password transformation when used with the DES algorithm. If the password string to be hashed contained the 0x80 byte value, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. This made brute-force guessing more efficient as the whole password was not required to gain access to protected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in the DES hash; therefore, any previously stored password values that are affected by this issue will no longer match. In such cases, it will be necessary for those stored password hashes to be updated.\n\nA denial of service flaw was found in the way the PostgreSQL server performed a user privileges check when applying SECURITY DEFINER or SET attributes to a procedural language's (such as PL/Perl or PL/Python) call handler function. A non-superuser database owner could use this flaw to cause the PostgreSQL server to crash due to infinite recursion. (CVE-2012-2655)", "cvss3": {"score": null, "vector": null}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : postgresql8 (ALAS-2012-94)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2655"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:postgresql8", "p-cpe:/a:amazon:linux:postgresql8-contrib", "p-cpe:/a:amazon:linux:postgresql8-debuginfo", "p-cpe:/a:amazon:linux:postgresql8-devel", "p-cpe:/a:amazon:linux:postgresql8-docs", "p-cpe:/a:amazon:linux:postgresql8-libs", "p-cpe:/a:amazon:linux:postgresql8-plperl", "p-cpe:/a:amazon:linux:postgresql8-plpython", "p-cpe:/a:amazon:linux:postgresql8-pltcl", "p-cpe:/a:amazon:linux:postgresql8-server", "p-cpe:/a:amazon:linux:postgresql8-test", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-94.NASL", "href": "https://www.tenable.com/plugins/nessus/69701", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-94.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69701);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2655\");\n script_xref(name:\"ALAS\", value:\"2012-94\");\n script_xref(name:\"RHSA\", value:\"2012:1037\");\n\n script_name(english:\"Amazon Linux AMI : postgresql8 (ALAS-2012-94)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way the crypt() password hashing function from\nthe optional PostgreSQL pgcrypto contrib module performed password\ntransformation when used with the DES algorithm. If the password\nstring to be hashed contained the 0x80 byte value, the remainder of\nthe string was ignored when calculating the hash, significantly\nreducing the password strength. This made brute-force guessing more\nefficient as the whole password was not required to gain access to\nprotected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in\nthe DES hash; therefore, any previously stored password values that\nare affected by this issue will no longer match. In such cases, it\nwill be necessary for those stored password hashes to be updated.\n\nA denial of service flaw was found in the way the PostgreSQL server\nperformed a user privileges check when applying SECURITY DEFINER or\nSET attributes to a procedural language's (such as PL/Perl or\nPL/Python) call handler function. A non-superuser database owner could\nuse this flaw to cause the PostgreSQL server to crash due to infinite\nrecursion. (CVE-2012-2655)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-94.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update postgresql8' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-8.4.12-1.35.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-contrib-8.4.12-1.35.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-debuginfo-8.4.12-1.35.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-devel-8.4.12-1.35.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-docs-8.4.12-1.35.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-libs-8.4.12-1.35.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-plperl-8.4.12-1.35.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-plpython-8.4.12-1.35.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-pltcl-8.4.12-1.35.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-server-8.4.12-1.35.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-test-8.4.12-1.35.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql8 / postgresql8-contrib / postgresql8-debuginfo / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:58:16", "description": "Upstream bug fix + security updates, including the fixes for CVE-2012-2143, CVE-2012-2655\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-18T00:00:00", "type": "nessus", "title": "Fedora 15 : postgresql-9.0.8-1.fc15 (2012-8915)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2655"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:postgresql", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2012-8915.NASL", "href": "https://www.tenable.com/plugins/nessus/59538", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-8915.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59538);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2655\");\n script_xref(name:\"FEDORA\", value:\"2012-8915\");\n\n script_name(english:\"Fedora 15 : postgresql-9.0.8-1.fc15 (2012-8915)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upstream bug fix + security updates, including the fixes for\nCVE-2012-2143, CVE-2012-2655\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=826606\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082294.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?39cfae89\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"postgresql-9.0.8-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:58:14", "description": "Updated postgresql84 and postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nA flaw was found in the way the crypt() password hashing function from the optional PostgreSQL pgcrypto contrib module performed password transformation when used with the DES algorithm. If the password string to be hashed contained the 0x80 byte value, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. This made brute-force guessing more efficient as the whole password was not required to gain access to protected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in the DES hash; therefore, any previously stored password values that are affected by this issue will no longer match. In such cases, it will be necessary for those stored password hashes to be updated.\n\nA denial of service flaw was found in the way the PostgreSQL server performed a user privileges check when applying SECURITY DEFINER or SET attributes to a procedural language's (such as PL/Perl or PL/Python) call handler function. A non-superuser database owner could use this flaw to cause the PostgreSQL server to crash due to infinite recursion. (CVE-2012-2655)\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters of the CVE-2012-2143 issue.\n\nThese updated packages upgrade PostgreSQL to version 8.4.12, which fixes these issues as well as several non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-26T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : postgresql and postgresql84 (RHSA-2012:1037)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2655"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:postgresql", "p-cpe:/a:redhat:enterprise_linux:postgresql-contrib", "p-cpe:/a:redhat:enterprise_linux:postgresql-debuginfo", "p-cpe:/a:redhat:enterprise_linux:postgresql-devel", "p-cpe:/a:redhat:enterprise_linux:postgresql-docs", "p-cpe:/a:redhat:enterprise_linux:postgresql-libs", "p-cpe:/a:redhat:enterprise_linux:postgresql-plperl", "p-cpe:/a:redhat:enterprise_linux:postgresql-plpython", "p-cpe:/a:redhat:enterprise_linux:postgresql-pltcl", "p-cpe:/a:redhat:enterprise_linux:postgresql-server", "p-cpe:/a:redhat:enterprise_linux:postgresql-test", "p-cpe:/a:redhat:enterprise_linux:postgresql84", "p-cpe:/a:redhat:enterprise_linux:postgresql84-contrib", "p-cpe:/a:redhat:enterprise_linux:postgresql84-debuginfo", "p-cpe:/a:redhat:enterprise_linux:postgresql84-devel", "p-cpe:/a:redhat:enterprise_linux:postgresql84-docs", "p-cpe:/a:redhat:enterprise_linux:postgresql84-libs", "p-cpe:/a:redhat:enterprise_linux:postgresql84-plperl", "p-cpe:/a:redhat:enterprise_linux:postgresql84-plpython", "p-cpe:/a:redhat:enterprise_linux:postgresql84-pltcl", "p-cpe:/a:redhat:enterprise_linux:postgresql84-python", "p-cpe:/a:redhat:enterprise_linux:postgresql84-server", "p-cpe:/a:redhat:enterprise_linux:postgresql84-tcl", "p-cpe:/a:redhat:enterprise_linux:postgresql84-test", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.3"], "id": "REDHAT-RHSA-2012-1037.NASL", "href": "https://www.tenable.com/plugins/nessus/59712", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1037. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59712);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2655\");\n script_bugtraq_id(53729, 53812);\n script_xref(name:\"RHSA\", value:\"2012:1037\");\n\n script_name(english:\"RHEL 5 / 6 : postgresql and postgresql84 (RHSA-2012:1037)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated postgresql84 and postgresql packages that fix two security\nissues are now available for Red Hat Enterprise Linux 5 and 6\nrespectively.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA flaw was found in the way the crypt() password hashing function from\nthe optional PostgreSQL pgcrypto contrib module performed password\ntransformation when used with the DES algorithm. If the password\nstring to be hashed contained the 0x80 byte value, the remainder of\nthe string was ignored when calculating the hash, significantly\nreducing the password strength. This made brute-force guessing more\nefficient as the whole password was not required to gain access to\nprotected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in\nthe DES hash; therefore, any previously stored password values that\nare affected by this issue will no longer match. In such cases, it\nwill be necessary for those stored password hashes to be updated.\n\nA denial of service flaw was found in the way the PostgreSQL server\nperformed a user privileges check when applying SECURITY DEFINER or\nSET attributes to a procedural language's (such as PL/Perl or\nPL/Python) call handler function. A non-superuser database owner could\nuse this flaw to cause the PostgreSQL server to crash due to infinite\nrecursion. (CVE-2012-2655)\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original\nreporters of the CVE-2012-2143 issue.\n\nThese updated packages upgrade PostgreSQL to version 8.4.12, which\nfixes these issues as well as several non-security issues. Refer to\nthe PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct these issues. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n # http://www.postgresql.org/docs/8.4/static/release.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/8.4/release.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1037\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2143\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2655\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1037\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-contrib-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-contrib-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-contrib-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"postgresql84-debuginfo-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"postgresql84-devel-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-docs-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-docs-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-docs-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"postgresql84-libs-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-plperl-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-plperl-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-plperl-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-plpython-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-plpython-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-plpython-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-pltcl-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-pltcl-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-pltcl-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-python-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-python-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-python-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-server-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-server-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-server-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-tcl-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-tcl-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-tcl-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-test-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-test-8.4.12-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-test-8.4.12-1.el5_8\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"postgresql-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-contrib-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-contrib-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-contrib-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"postgresql-debuginfo-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"postgresql-devel-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-docs-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-docs-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-docs-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"postgresql-libs-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-plperl-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-plperl-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-plperl-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-plpython-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-plpython-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-plpython-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-pltcl-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-pltcl-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-pltcl-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-server-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-server-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-server-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-test-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-test-8.4.12-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-test-8.4.12-1.el6_2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:57:33", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nA flaw was found in the way the crypt() password hashing function from the optional PostgreSQL pgcrypto contrib module performed password transformation when used with the DES algorithm. If the password string to be hashed contained the 0x80 byte value, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. This made brute-force guessing more efficient as the whole password was not required to gain access to protected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in the DES hash; therefore, any previously stored password values that are affected by this issue will no longer match. In such cases, it will be necessary for those stored password hashes to be updated.\n\nA denial of service flaw was found in the way the PostgreSQL server performed a user privileges check when applying SECURITY DEFINER or SET attributes to a procedural language's (such as PL/Perl or PL/Python) call handler function. A non-superuser database owner could use this flaw to cause the PostgreSQL server to crash due to infinite recursion. (CVE-2012-2655)\n\nThese updated packages upgrade PostgreSQL to version 8.4.12, which fixes these issues as well as several non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : postgresql and postgresql84 on SL5.x i386/x86_64 (20120625)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2655"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:postgresql84", "p-cpe:/a:fermilab:scientific_linux:postgresql84-contrib", "p-cpe:/a:fermilab:scientific_linux:postgresql84-debuginfo", "p-cpe:/a:fermilab:scientific_linux:postgresql84-devel", "p-cpe:/a:fermilab:scientific_linux:postgresql84-docs", "p-cpe:/a:fermilab:scientific_linux:postgresql84-libs", "p-cpe:/a:fermilab:scientific_linux:postgresql84-plperl", "p-cpe:/a:fermilab:scientific_linux:postgresql84-plpython", "p-cpe:/a:fermilab:scientific_linux:postgresql84-pltcl", "p-cpe:/a:fermilab:scientific_linux:postgresql84-python", "p-cpe:/a:fermilab:scientific_linux:postgresql84-server", "p-cpe:/a:fermilab:scientific_linux:postgresql84-tcl", "p-cpe:/a:fermilab:scientific_linux:postgresql84-test", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120625_POSTGRESQL_AND_POSTGRESQL84_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61352", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61352);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2655\");\n\n script_name(english:\"Scientific Linux Security Update : postgresql and postgresql84 on SL5.x i386/x86_64 (20120625)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA flaw was found in the way the crypt() password hashing function from\nthe optional PostgreSQL pgcrypto contrib module performed password\ntransformation when used with the DES algorithm. If the password\nstring to be hashed contained the 0x80 byte value, the remainder of\nthe string was ignored when calculating the hash, significantly\nreducing the password strength. This made brute-force guessing more\nefficient as the whole password was not required to gain access to\nprotected resources. (CVE-2012-2143)\n\nNote: With this update, the rest of the string is properly included in\nthe DES hash; therefore, any previously stored password values that\nare affected by this issue will no longer match. In such cases, it\nwill be necessary for those stored password hashes to be updated.\n\nA denial of service flaw was found in the way the PostgreSQL server\nperformed a user privileges check when applying SECURITY DEFINER or\nSET attributes to a procedural language's (such as PL/Perl or\nPL/Python) call handler function. A non-superuser database owner could\nuse this flaw to cause the PostgreSQL server to crash due to infinite\nrecursion. (CVE-2012-2655)\n\nThese updated packages upgrade PostgreSQL to version 8.4.12, which\nfixes these issues as well as several non-security issues. Refer to\nthe PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct these issues. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n # http://www.postgresql.org/docs/8.4/static/release.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/8.4/release.html\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1207&L=scientific-linux-errata&T=0&P=722\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?66dc7164\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-test\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-contrib-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-debuginfo-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-devel-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-docs-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-libs-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-plperl-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-plpython-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-pltcl-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-python-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-server-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-tcl-8.4.12-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-test-8.4.12-1.el5_8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql84 / postgresql84-contrib / postgresql84-debuginfo / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:58:16", "description": "It was discovered that PostgreSQL incorrectly handled certain bytes passed to the crypt() function when using DES encryption. An attacker could use this flaw to incorrectly handle authentication.\n(CVE-2012-2143)\n\nIt was discovered that PostgreSQL incorrectly handled SECURITY DEFINER and SET attributes on procedural call handlers. An attacker could use this flaw to cause PostgreSQL to crash, leading to a denial of service. (CVE-2012-2655).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-06T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : postgresql-8.3, postgresql-8.4, postgresql-9.1 vulnerabilities (USN-1461-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2655"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:postgresql-8.3", "p-cpe:/a:canonical:ubuntu_linux:postgresql-8.4", "p-cpe:/a:canonical:ubuntu_linux:postgresql-9.1", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-1461-1.NASL", "href": "https://www.tenable.com/plugins/nessus/59385", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1461-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59385);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2655\");\n script_bugtraq_id(53729);\n script_xref(name:\"USN\", value:\"1461-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : postgresql-8.3, postgresql-8.4, postgresql-9.1 vulnerabilities (USN-1461-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that PostgreSQL incorrectly handled certain bytes\npassed to the crypt() function when using DES encryption. An attacker\ncould use this flaw to incorrectly handle authentication.\n(CVE-2012-2143)\n\nIt was discovered that PostgreSQL incorrectly handled SECURITY DEFINER\nand SET attributes on procedural call handlers. An attacker could use\nthis flaw to cause PostgreSQL to crash, leading to a denial of\nservice. (CVE-2012-2655).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1461-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected postgresql-8.3, postgresql-8.4 and / or\npostgresql-9.1 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-8.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|10\\.04|11\\.04|11\\.10|12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 10.04 / 11.04 / 11.10 / 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"postgresql-8.3\", pkgver:\"8.3.19-0ubuntu8.04\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"postgresql-8.4\", pkgver:\"8.4.12-0ubuntu10.04\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"postgresql-8.4\", pkgver:\"8.4.12-0ubuntu11.04\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"postgresql-9.1\", pkgver:\"9.1.4-0ubuntu11.10\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"postgresql-9.1\", pkgver:\"9.1.4-0ubuntu12.04\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql-8.3 / postgresql-8.4 / postgresql-9.1\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-04-12T15:14:19", "description": "The version of PostgreSQL installed on the remote host is 8.3.x prior to 8.3.19, 8.4.x prior to 8.4.12, 9.0.x prior to 9.0.8, or 9.1.x prior to 9.1.4. As such, it is potentially affected by multiple vulnerabilities :\n\n - Passwords containing the byte 0x80 passed to the crypt() function in pgcrypto are incorrectly truncated if DES encryption was used. (CVE-2012-2143)\n\n - SECURITY_DEFINER and SET attributes on procedural call handlers are not ignored and can be used to crash the server. (CVE-2012-2655)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2012-12-28T00:00:00", "type": "nessus", "title": "PostgreSQL 8.3 < 8.3.19 / 8.4 < 8.4.12 / 9.0 < 9.0.8 / 9.1 < 9.1.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2655"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:postgresql:postgresql"], "id": "POSTGRESQL_20120604.NASL", "href": "https://www.tenable.com/plugins/nessus/63353", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63353);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2655\");\n script_bugtraq_id(53729, 53812);\n\n script_name(english:\"PostgreSQL 8.3 < 8.3.19 / 8.4 < 8.4.12 / 9.0 < 9.0.8 / 9.1 < 9.1.4 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of PostgreSQL installed on the remote host is 8.3.x prior\nto 8.3.19, 8.4.x prior to 8.4.12, 9.0.x prior to 9.0.8, or 9.1.x prior\nto 9.1.4. As such, it is potentially affected by multiple\nvulnerabilities :\n\n - Passwords containing the byte 0x80 passed to the crypt() \n function in pgcrypto are incorrectly truncated if DES \n encryption was used. (CVE-2012-2143)\n\n - SECURITY_DEFINER and SET attributes on procedural call \n handlers are not ignored and can be used to crash the \n server. (CVE-2012-2655)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/about/news/1398/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/8.3/release-8-3-19.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/8.4/release-8-4-12.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/9.0/release-9-0-8.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/9.1/release-9-1-4.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PostgreSQL 8.3.19 / 8.4.12 / 9.0.8 / 9.1.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-2143\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:postgresql:postgresql\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"postgresql_version.nbin\");\n script_require_ports(\"Services/postgresql\", 5432);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"backport.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nport = get_service(svc:\"postgresql\", default:5432, exit_on_fail:TRUE);\n\nversion = get_kb_item_or_exit('database/'+port+'/postgresql/version');\nsource = get_kb_item_or_exit('database/'+port+'/postgresql/source');\ndatabase = get_kb_item('database/'+port+'/postgresql/database_name');\n\nget_backport_banner(banner:source);\nif (backported && report_paranoia < 2) audit(AUDIT_BACKPORT_SERVICE, port, 'PostgreSQL server');\n\nver = split(version, sep:'.');\nfor (i=0; i < max_index(ver); i++)\n ver[i] = int(ver[i]);\n\nif (\n (ver[0] == 8 && ver[1] == 3 && ver[2] < 19) ||\n (ver[0] == 8 && ver[1] == 4 && ver[2] < 12) ||\n (ver[0] == 9 && ver[1] == 0 && ver[2] < 8) || \n (ver[0] == 9 && ver[1] == 1 && ver[2] < 4)\n)\n{\n if (report_verbosity > 0)\n {\n report = '';\n if(database)\n report += '\\n Database name : ' + database ;\n report +=\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 8.3.19 / 8.4.12 / 9.0.8 / 9.1.4\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, 'PostgreSQL', port, version);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:58:20", "description": "Upstream bug fix + security updates, including the fixes for CVE-2012-2143, CVE-2012-2655\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-18T00:00:00", "type": "nessus", "title": "Fedora 16 : postgresql-9.1.4-1.fc16 (2012-8893)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2655"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:postgresql", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-8893.NASL", "href": "https://www.tenable.com/plugins/nessus/59534", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-8893.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59534);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2655\");\n script_xref(name:\"FEDORA\", value:\"2012-8893\");\n\n script_name(english:\"Fedora 16 : postgresql-9.1.4-1.fc16 (2012-8893)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upstream bug fix + security updates, including the fixes for\nCVE-2012-2143, CVE-2012-2655\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=826606\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082258.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bac314c3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"postgresql-9.1.4-1.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:58:13", "description": "Two vulnerabilities were discovered in PostgreSQL, a SQL database server :\n\n - CVE-2012-2143 The crypt(text, text) function in the pgcrypto contrib module did not handle certain passwords correctly when producing traditional DES-based hashes. Characters after the first 0x80 byte were ignored.\n\n - CVE-2012-2655 SECURITY DEFINER and SET attributes for a call handler of a procedural language could crash the database server.\n\nIn addition, this update contains reliability and stability fixes from the 8.4.12 upstream release.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-29T00:00:00", "type": "nessus", "title": "Debian DSA-2491-1 : postgresql-8.4 - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2655"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:postgresql-8.4", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2491.NASL", "href": "https://www.tenable.com/plugins/nessus/59769", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2491. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59769);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2655\");\n script_bugtraq_id(53729, 53812);\n script_xref(name:\"DSA\", value:\"2491\");\n\n script_name(english:\"Debian DSA-2491-1 : postgresql-8.4 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two vulnerabilities were discovered in PostgreSQL, a SQL database\nserver :\n\n - CVE-2012-2143\n The crypt(text, text) function in the pgcrypto contrib\n module did not handle certain passwords correctly when\n producing traditional DES-based hashes. Characters after\n the first 0x80 byte were ignored.\n\n - CVE-2012-2655\n SECURITY DEFINER and SET attributes for a call handler\n of a procedural language could crash the database\n server.\n\nIn addition, this update contains reliability and stability fixes from\nthe 8.4.12 upstream release.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-2143\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-2655\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/postgresql-8.4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2491\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the postgresql-8.4 packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 8.4.12-0squeeze1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libecpg-compat3\", reference:\"8.4.12-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libecpg-dev\", reference:\"8.4.12-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libecpg6\", reference:\"8.4.12-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libpgtypes3\", reference:\"8.4.12-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libpq-dev\", reference:\"8.4.12-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libpq5\", reference:\"8.4.12-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql\", reference:\"8.4.12-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-8.4\", reference:\"8.4.12-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-client\", reference:\"8.4.12-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-client-8.4\", reference:\"8.4.12-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-contrib\", reference:\"8.4.12-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-contrib-8.4\", reference:\"8.4.12-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-doc\", reference:\"8.4.12-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-doc-8.4\", reference:\"8.4.12-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-plperl-8.4\", reference:\"8.4.12-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-plpython-8.4\", reference:\"8.4.12-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-pltcl-8.4\", reference:\"8.4.12-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-server-dev-8.4\", reference:\"8.4.12-0squeeze1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-03-27T14:46:23", "description": "Updated php53 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nIt was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user running PHP, if a PHP script processed untrusted eXtensible Style Sheet Language Transformations (XSLT) content. (CVE-2012-0057)\n\nNote: This update disables file writing by default. A new PHP configuration directive, 'xsl.security_prefs', can be used to enable file writing in XSLT.\n\nA flaw was found in the way PHP validated file names in file upload requests. A remote attacker could possibly use this flaw to bypass the sanitization of the uploaded file names, and cause a PHP script to store the uploaded file in an unexpected directory, by using a directory traversal attack. (CVE-2012-1172)\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way the PHP phar extension processed certain fields of tar archive files. A remote attacker could provide a specially crafted tar archive file that, when processed by a PHP application using the phar extension, could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running PHP. (CVE-2012-2386)\n\nA format string flaw was found in the way the PHP phar extension processed certain PHAR files. A remote attacker could provide a specially crafted PHAR file, which once processed in a PHP application using the phar extension, could lead to information disclosure and possibly arbitrary code execution via a crafted phar:// URI.\n(CVE-2010-2950)\n\nA flaw was found in the DES algorithm implementation in the crypt() password hashing function in PHP. If the password string to be hashed contained certain characters, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. (CVE-2012-2143)\n\nNote: With this update, passwords are no longer truncated when performing DES hashing. Therefore, new hashes of the affected passwords will not match stored hashes generated using vulnerable PHP versions, and will need to be updated.\n\nIt was discovered that the fix for CVE-2012-1823, released via RHSA-2012:0547, did not properly filter all php-cgi command line arguments. A specially crafted request to a PHP script could cause the PHP interpreter to execute the script in a loop, or output usage information that triggers an Internal Server Error. (CVE-2012-2336)\n\nA memory leak flaw was found in the PHP strtotime() function call. A remote attacker could possibly use this flaw to cause excessive memory consumption by triggering many strtotime() function calls.\n(CVE-2012-0789)\n\nIt was found that PHP did not check the zend_strndup() function's return value in certain cases. A remote attacker could possibly use this flaw to crash a PHP application. (CVE-2011-4153)\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters of CVE-2012-2143.\n\nAll php53 users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-28T00:00:00", "type": "nessus", "title": "RHEL 5 : php53 (RHSA-2012:1047)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2950", "CVE-2011-4153", "CVE-2012-0057", "CVE-2012-0789", "CVE-2012-1172", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2336", "CVE-2012-2386"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:php53", "p-cpe:/a:redhat:enterprise_linux:php53-bcmath", "p-cpe:/a:redhat:enterprise_linux:php53-cli", "p-cpe:/a:redhat:enterprise_linux:php53-common", "p-cpe:/a:redhat:enterprise_linux:php53-dba", "p-cpe:/a:redhat:enterprise_linux:php53-debuginfo", "p-cpe:/a:redhat:enterprise_linux:php53-devel", "p-cpe:/a:redhat:enterprise_linux:php53-gd", "p-cpe:/a:redhat:enterprise_linux:php53-imap", "p-cpe:/a:redhat:enterprise_linux:php53-intl", "p-cpe:/a:redhat:enterprise_linux:php53-ldap", "p-cpe:/a:redhat:enterprise_linux:php53-mbstring", "p-cpe:/a:redhat:enterprise_linux:php53-mysql", "p-cpe:/a:redhat:enterprise_linux:php53-odbc", "p-cpe:/a:redhat:enterprise_linux:php53-pdo", "p-cpe:/a:redhat:enterprise_linux:php53-pgsql", "p-cpe:/a:redhat:enterprise_linux:php53-process", "p-cpe:/a:redhat:enterprise_linux:php53-pspell", "p-cpe:/a:redhat:enterprise_linux:php53-snmp", "p-cpe:/a:redhat:enterprise_linux:php53-soap", "p-cpe:/a:redhat:enterprise_linux:php53-xml", "p-cpe:/a:redhat:enterprise_linux:php53-xmlrpc", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2012-1047.NASL", "href": "https://www.tenable.com/plugins/nessus/59753", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1047. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59753);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-2950\", \"CVE-2011-4153\", \"CVE-2012-0057\", \"CVE-2012-0789\", \"CVE-2012-1172\", \"CVE-2012-2143\", \"CVE-2012-2336\", \"CVE-2012-2386\");\n script_bugtraq_id(40173, 47545, 53729);\n script_xref(name:\"RHSA\", value:\"2012:1047\");\n script_xref(name:\"TRA\", value:\"TRA-2012-01\");\n\n script_name(english:\"RHEL 5 : php53 (RHSA-2012:1047)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php53 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nIt was discovered that the PHP XSL extension did not restrict the file\nwriting capability of libxslt. A remote attacker could use this flaw\nto create or overwrite an arbitrary file that is writable by the user\nrunning PHP, if a PHP script processed untrusted eXtensible Style\nSheet Language Transformations (XSLT) content. (CVE-2012-0057)\n\nNote: This update disables file writing by default. A new PHP\nconfiguration directive, 'xsl.security_prefs', can be used to enable\nfile writing in XSLT.\n\nA flaw was found in the way PHP validated file names in file upload\nrequests. A remote attacker could possibly use this flaw to bypass the\nsanitization of the uploaded file names, and cause a PHP script to\nstore the uploaded file in an unexpected directory, by using a\ndirectory traversal attack. (CVE-2012-1172)\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in the way the PHP phar extension processed\ncertain fields of tar archive files. A remote attacker could provide a\nspecially crafted tar archive file that, when processed by a PHP\napplication using the phar extension, could cause the application to\ncrash or, potentially, execute arbitrary code with the privileges of\nthe user running PHP. (CVE-2012-2386)\n\nA format string flaw was found in the way the PHP phar extension\nprocessed certain PHAR files. A remote attacker could provide a\nspecially crafted PHAR file, which once processed in a PHP application\nusing the phar extension, could lead to information disclosure and\npossibly arbitrary code execution via a crafted phar:// URI.\n(CVE-2010-2950)\n\nA flaw was found in the DES algorithm implementation in the crypt()\npassword hashing function in PHP. If the password string to be hashed\ncontained certain characters, the remainder of the string was ignored\nwhen calculating the hash, significantly reducing the password\nstrength. (CVE-2012-2143)\n\nNote: With this update, passwords are no longer truncated when\nperforming DES hashing. Therefore, new hashes of the affected\npasswords will not match stored hashes generated using vulnerable PHP\nversions, and will need to be updated.\n\nIt was discovered that the fix for CVE-2012-1823, released via\nRHSA-2012:0547, did not properly filter all php-cgi command line\narguments. A specially crafted request to a PHP script could cause the\nPHP interpreter to execute the script in a loop, or output usage\ninformation that triggers an Internal Server Error. (CVE-2012-2336)\n\nA memory leak flaw was found in the PHP strtotime() function call. A\nremote attacker could possibly use this flaw to cause excessive memory\nconsumption by triggering many strtotime() function calls.\n(CVE-2012-0789)\n\nIt was found that PHP did not check the zend_strndup() function's\nreturn value in certain cases. A remote attacker could possibly use\nthis flaw to crash a PHP application. (CVE-2011-4153)\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original\nreporters of CVE-2012-2143.\n\nAll php53 users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://rhn.redhat.com/errata/RHSA-2012-0547.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1047\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2143\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0057\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0789\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4153\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2950\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2012-01\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1047\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-bcmath-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-bcmath-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-bcmath-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-cli-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-cli-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-cli-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-common-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-common-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-common-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-dba-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-dba-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-dba-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-debuginfo-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-debuginfo-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-debuginfo-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-devel-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-devel-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-devel-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-gd-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-gd-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-gd-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-imap-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-imap-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-imap-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-intl-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-intl-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-intl-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-ldap-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-ldap-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-ldap-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-mbstring-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-mbstring-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-mbstring-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-mysql-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-mysql-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-mysql-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-odbc-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-odbc-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-odbc-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-pdo-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-pdo-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-pdo-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-pgsql-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-pgsql-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-pgsql-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-process-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-process-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-process-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-pspell-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-pspell-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-pspell-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-snmp-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-snmp-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-snmp-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-soap-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-soap-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-soap-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-xml-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-xml-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-xml-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"php53-xmlrpc-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"php53-xmlrpc-5.3.3-13.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"php53-xmlrpc-5.3.3-13.el5_8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53 / php53-bcmath / php53-cli / php53-common / php53-dba / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T18:31:34", "description": "From Red Hat Security Advisory 2012:1047 :\n\nUpdated php53 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nIt was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user running PHP, if a PHP script processed untrusted eXtensible Style Sheet Language Transformations (XSLT) content. (CVE-2012-0057)\n\nNote: This update disables file writing by default. A new PHP configuration directive, 'xsl.security_prefs', can be used to enable file writing in XSLT.\n\nA flaw was found in the way PHP validated file names in file upload requests. A remote attacker could possibly use this flaw to bypass the sanitization of the uploaded file names, and cause a PHP script to store the uploaded file in an unexpected directory, by using a directory traversal attack. (CVE-2012-1172)\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way the PHP phar extension processed certain fields of tar archive files. A remote attacker could provide a specially crafted tar archive file that, when processed by a PHP application using the phar extension, could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running PHP. (CVE-2012-2386)\n\nA format string flaw was found in the way the PHP phar extension processed certain PHAR files. A remote attacker could provide a specially crafted PHAR file, which once processed in a PHP application using the phar extension, could lead to information disclosure and possibly arbitrary code execution via a crafted phar:// URI.\n(CVE-2010-2950)\n\nA flaw was found in the DES algorithm implementation in the crypt() password hashing function in PHP. If the password string to be hashed contained certain characters, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. (CVE-2012-2143)\n\nNote: With this update, passwords are no longer truncated when performing DES hashing. Therefore, new hashes of the affected passwords will not match stored hashes generated using vulnerable PHP versions, and will need to be updated.\n\nIt was discovered that the fix for CVE-2012-1823, released via RHSA-2012:0547, did not properly filter all php-cgi command line arguments. A specially crafted request to a PHP script could cause the PHP interpreter to execute the script in a loop, or output usage information that triggers an Internal Server Error. (CVE-2012-2336)\n\nA memory leak flaw was found in the PHP strtotime() function call. A remote attacker could possibly use this flaw to cause excessive memory consumption by triggering many strtotime() function calls.\n(CVE-2012-0789)\n\nIt was found that PHP did not check the zend_strndup() function's return value in certain cases. A remote attacker could possibly use this flaw to crash a PHP application. (CVE-2011-4153)\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters of CVE-2012-2143.\n\nAll php53 users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : php53 (ELSA-2012-1047)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2950", "CVE-2011-4153", "CVE-2012-0057", "CVE-2012-0789", "CVE-2012-1172", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2336", "CVE-2012-2386"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:php53", "p-cpe:/a:oracle:linux:php53-bcmath", "p-cpe:/a:oracle:linux:php53-cli", "p-cpe:/a:oracle:linux:php53-common", "p-cpe:/a:oracle:linux:php53-dba", "p-cpe:/a:oracle:linux:php53-devel", "p-cpe:/a:oracle:linux:php53-gd", "p-cpe:/a:oracle:linux:php53-imap", "p-cpe:/a:oracle:linux:php53-intl", "p-cpe:/a:oracle:linux:php53-ldap", "p-cpe:/a:oracle:linux:php53-mbstring", "p-cpe:/a:oracle:linux:php53-mysql", "p-cpe:/a:oracle:linux:php53-odbc", "p-cpe:/a:oracle:linux:php53-pdo", "p-cpe:/a:oracle:linux:php53-pgsql", "p-cpe:/a:oracle:linux:php53-process", "p-cpe:/a:oracle:linux:php53-pspell", "p-cpe:/a:oracle:linux:php53-snmp", "p-cpe:/a:oracle:linux:php53-soap", "p-cpe:/a:oracle:linux:php53-xml", "p-cpe:/a:oracle:linux:php53-xmlrpc", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2012-1047.NASL", "href": "https://www.tenable.com/plugins/nessus/68571", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1047 and \n# Oracle Linux Security Advisory ELSA-2012-1047 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68571);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-2950\", \"CVE-2011-4153\", \"CVE-2012-0057\", \"CVE-2012-0789\", \"CVE-2012-1172\", \"CVE-2012-2143\", \"CVE-2012-2336\", \"CVE-2012-2386\");\n script_bugtraq_id(40173, 47545, 51417, 51806, 52043, 53388, 53403, 53729);\n script_xref(name:\"RHSA\", value:\"2012:1047\");\n script_xref(name:\"TRA\", value:\"TRA-2012-01\");\n\n script_name(english:\"Oracle Linux 5 : php53 (ELSA-2012-1047)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:1047 :\n\nUpdated php53 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nIt was discovered that the PHP XSL extension did not restrict the file\nwriting capability of libxslt. A remote attacker could use this flaw\nto create or overwrite an arbitrary file that is writable by the user\nrunning PHP, if a PHP script processed untrusted eXtensible Style\nSheet Language Transformations (XSLT) content. (CVE-2012-0057)\n\nNote: This update disables file writing by default. A new PHP\nconfiguration directive, 'xsl.security_prefs', can be used to enable\nfile writing in XSLT.\n\nA flaw was found in the way PHP validated file names in file upload\nrequests. A remote attacker could possibly use this flaw to bypass the\nsanitization of the uploaded file names, and cause a PHP script to\nstore the uploaded file in an unexpected directory, by using a\ndirectory traversal attack. (CVE-2012-1172)\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in the way the PHP phar extension processed\ncertain fields of tar archive files. A remote attacker could provide a\nspecially crafted tar archive file that, when processed by a PHP\napplication using the phar extension, could cause the application to\ncrash or, potentially, execute arbitrary code with the privileges of\nthe user running PHP. (CVE-2012-2386)\n\nA format string flaw was found in the way the PHP phar extension\nprocessed certain PHAR files. A remote attacker could provide a\nspecially crafted PHAR file, which once processed in a PHP application\nusing the phar extension, could lead to information disclosure and\npossibly arbitrary code execution via a crafted phar:// URI.\n(CVE-2010-2950)\n\nA flaw was found in the DES algorithm implementation in the crypt()\npassword hashing function in PHP. If the password string to be hashed\ncontained certain characters, the remainder of the string was ignored\nwhen calculating the hash, significantly reducing the password\nstrength. (CVE-2012-2143)\n\nNote: With this update, passwords are no longer truncated when\nperforming DES hashing. Therefore, new hashes of the affected\npasswords will not match stored hashes generated using vulnerable PHP\nversions, and will need to be updated.\n\nIt was discovered that the fix for CVE-2012-1823, released via\nRHSA-2012:0547, did not properly filter all php-cgi command line\narguments. A specially crafted request to a PHP script could cause the\nPHP interpreter to execute the script in a loop, or output usage\ninformation that triggers an Internal Server Error. (CVE-2012-2336)\n\nA memory leak flaw was found in the PHP strtotime() function call. A\nremote attacker could possibly use this flaw to cause excessive memory\nconsumption by triggering many strtotime() function calls.\n(CVE-2012-0789)\n\nIt was found that PHP did not check the zend_strndup() function's\nreturn value in certain cases. A remote attacker could possibly use\nthis flaw to crash a PHP application. (CVE-2011-4153)\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original\nreporters of CVE-2012-2143.\n\nAll php53 users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-June/002880.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2012-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php53 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"php53-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-bcmath-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-cli-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-common-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-dba-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-devel-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-gd-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-imap-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-intl-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-ldap-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-mbstring-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-mysql-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-odbc-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-pdo-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-pgsql-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-process-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-pspell-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-snmp-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-soap-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-xml-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"php53-xmlrpc-5.3.3-13.el5_8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53 / php53-bcmath / php53-cli / php53-common / php53-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T18:24:58", "description": "Updated php53 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nIt was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user running PHP, if a PHP script processed untrusted eXtensible Style Sheet Language Transformations (XSLT) content. (CVE-2012-0057)\n\nNote: This update disables file writing by default. A new PHP configuration directive, 'xsl.security_prefs', can be used to enable file writing in XSLT.\n\nA flaw was found in the way PHP validated file names in file upload requests. A remote attacker could possibly use this flaw to bypass the sanitization of the uploaded file names, and cause a PHP script to store the uploaded file in an unexpected directory, by using a directory traversal attack. (CVE-2012-1172)\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way the PHP phar extension processed certain fields of tar archive files. A remote attacker could provide a specially crafted tar archive file that, when processed by a PHP application using the phar extension, could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running PHP. (CVE-2012-2386)\n\nA format string flaw was found in the way the PHP phar extension processed certain PHAR files. A remote attacker could provide a specially crafted PHAR file, which once processed in a PHP application using the phar extension, could lead to information disclosure and possibly arbitrary code execution via a crafted phar:// URI.\n(CVE-2010-2950)\n\nA flaw was found in the DES algorithm implementation in the crypt() password hashing function in PHP. If the password string to be hashed contained certain characters, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. (CVE-2012-2143)\n\nNote: With this update, passwords are no longer truncated when performing DES hashing. Therefore, new hashes of the affected passwords will not match stored hashes generated using vulnerable PHP versions, and will need to be updated.\n\nIt was discovered that the fix for CVE-2012-1823, released via RHSA-2012:0547, did not properly filter all php-cgi command line arguments. A specially crafted request to a PHP script could cause the PHP interpreter to execute the script in a loop, or output usage information that triggers an Internal Server Error. (CVE-2012-2336)\n\nA memory leak flaw was found in the PHP strtotime() function call. A remote attacker could possibly use this flaw to cause excessive memory consumption by triggering many strtotime() function calls.\n(CVE-2012-0789)\n\nIt was found that PHP did not check the zend_strndup() function's return value in certain cases. A remote attacker could possibly use this flaw to crash a PHP application. (CVE-2011-4153)\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters of CVE-2012-2143.\n\nAll php53 users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2013-06-29T00:00:00", "type": "nessus", "title": "CentOS 5 : php53 (CESA-2012:1047)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2950", "CVE-2011-4153", "CVE-2012-0057", "CVE-2012-0789", "CVE-2012-1172", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2336", "CVE-2012-2386"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:php53", "p-cpe:/a:centos:centos:php53-bcmath", "p-cpe:/a:centos:centos:php53-cli", "p-cpe:/a:centos:centos:php53-common", "p-cpe:/a:centos:centos:php53-dba", "p-cpe:/a:centos:centos:php53-devel", "p-cpe:/a:centos:centos:php53-gd", "p-cpe:/a:centos:centos:php53-imap", "p-cpe:/a:centos:centos:php53-intl", "p-cpe:/a:centos:centos:php53-ldap", "p-cpe:/a:centos:centos:php53-mbstring", "p-cpe:/a:centos:centos:php53-mysql", "p-cpe:/a:centos:centos:php53-odbc", "p-cpe:/a:centos:centos:php53-pdo", "p-cpe:/a:centos:centos:php53-pgsql", "p-cpe:/a:centos:centos:php53-process", "p-cpe:/a:centos:centos:php53-pspell", "p-cpe:/a:centos:centos:php53-snmp", "p-cpe:/a:centos:centos:php53-soap", "p-cpe:/a:centos:centos:php53-xml", "p-cpe:/a:centos:centos:php53-xmlrpc", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-1047.NASL", "href": "https://www.tenable.com/plugins/nessus/67089", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1047 and \n# CentOS Errata and Security Advisory 2012:1047 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67089);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-2950\", \"CVE-2011-4153\", \"CVE-2012-0057\", \"CVE-2012-0789\", \"CVE-2012-1172\", \"CVE-2012-2143\", \"CVE-2012-2336\", \"CVE-2012-2386\");\n script_bugtraq_id(40173, 47545, 53729);\n script_xref(name:\"RHSA\", value:\"2012:1047\");\n script_xref(name:\"TRA\", value:\"TRA-2012-01\");\n\n script_name(english:\"CentOS 5 : php53 (CESA-2012:1047)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php53 packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nIt was discovered that the PHP XSL extension did not restrict the file\nwriting capability of libxslt. A remote attacker could use this flaw\nto create or overwrite an arbitrary file that is writable by the user\nrunning PHP, if a PHP script processed untrusted eXtensible Style\nSheet Language Transformations (XSLT) content. (CVE-2012-0057)\n\nNote: This update disables file writing by default. A new PHP\nconfiguration directive, 'xsl.security_prefs', can be used to enable\nfile writing in XSLT.\n\nA flaw was found in the way PHP validated file names in file upload\nrequests. A remote attacker could possibly use this flaw to bypass the\nsanitization of the uploaded file names, and cause a PHP script to\nstore the uploaded file in an unexpected directory, by using a\ndirectory traversal attack. (CVE-2012-1172)\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in the way the PHP phar extension processed\ncertain fields of tar archive files. A remote attacker could provide a\nspecially crafted tar archive file that, when processed by a PHP\napplication using the phar extension, could cause the application to\ncrash or, potentially, execute arbitrary code with the privileges of\nthe user running PHP. (CVE-2012-2386)\n\nA format string flaw was found in the way the PHP phar extension\nprocessed certain PHAR files. A remote attacker could provide a\nspecially crafted PHAR file, which once processed in a PHP application\nusing the phar extension, could lead to information disclosure and\npossibly arbitrary code execution via a crafted phar:// URI.\n(CVE-2010-2950)\n\nA flaw was found in the DES algorithm implementation in the crypt()\npassword hashing function in PHP. If the password string to be hashed\ncontained certain characters, the remainder of the string was ignored\nwhen calculating the hash, significantly reducing the password\nstrength. (CVE-2012-2143)\n\nNote: With this update, passwords are no longer truncated when\nperforming DES hashing. Therefore, new hashes of the affected\npasswords will not match stored hashes generated using vulnerable PHP\nversions, and will need to be updated.\n\nIt was discovered that the fix for CVE-2012-1823, released via\nRHSA-2012:0547, did not properly filter all php-cgi command line\narguments. A specially crafted request to a PHP script could cause the\nPHP interpreter to execute the script in a loop, or output usage\ninformation that triggers an Internal Server Error. (CVE-2012-2336)\n\nA memory leak flaw was found in the PHP strtotime() function call. A\nremote attacker could possibly use this flaw to cause excessive memory\nconsumption by triggering many strtotime() function calls.\n(CVE-2012-0789)\n\nIt was found that PHP did not check the zend_strndup() function's\nreturn value in certain cases. A remote attacker could possibly use\nthis flaw to crash a PHP application. (CVE-2011-4153)\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original\nreporters of CVE-2012-2143.\n\nAll php53 users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-June/018703.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b8e42a3a\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2012-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php53 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-2386\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-bcmath-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-cli-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-common-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-dba-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-devel-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-gd-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-imap-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-intl-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-ldap-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-mbstring-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-mysql-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-odbc-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-pdo-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-pgsql-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-process-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-pspell-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-snmp-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-soap-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-xml-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"php53-xmlrpc-5.3.3-13.el5_8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53 / php53-bcmath / php53-cli / php53-common / php53-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:51:06", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nIt was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user running PHP, if a PHP script processed untrusted eXtensible Style Sheet Language Transformations (XSLT) content. (CVE-2012-0057)\n\nNote: This update disables file writing by default. A new PHP configuration directive, 'xsl.security_prefs', can be used to enable file writing in XSLT.\n\nA flaw was found in the way PHP validated file names in file upload requests. A remote attacker could possibly use this flaw to bypass the sanitization of the uploaded file names, and cause a PHP script to store the uploaded file in an unexpected directory, by using a directory traversal attack. (CVE-2012-1172)\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way the PHP phar extension processed certain fields of tar archive files. A remote attacker could provide a specially crafted tar archive file that, when processed by a PHP application using the phar extension, could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running PHP. (CVE-2012-2386)\n\nA format string flaw was found in the way the PHP phar extension processed certain PHAR files. A remote attacker could provide a specially crafted PHAR file, which once processed in a PHP application using the phar extension, could lead to information disclosure and possibly arbitrary code execution via a crafted phar:// URI.\n(CVE-2010-2950)\n\nA flaw was found in the DES algorithm implementation in the crypt() password hashing function in PHP. If the password string to be hashed contained certain characters, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. (CVE-2012-2143)\n\nNote: With this update, passwords are no longer truncated when performing DES hashing. Therefore, new hashes of the affected passwords will not match stored hashes generated using vulnerable PHP versions, and will need to be updated.\n\nIt was discovered that the fix for CVE-2012-1823, released via a previous update, did not properly filter all php-cgi command line arguments. A specially crafted request to a PHP script could cause the PHP interpreter to execute the script in a loop, or output usage information that triggers an Internal Server Error. (CVE-2012-2336)\n\nA memory leak flaw was found in the PHP strtotime() function call. A remote attacker could possibly use this flaw to cause excessive memory consumption by triggering many strtotime() function calls.\n(CVE-2012-0789)\n\nIt was found that PHP did not check the zend_strndup() function's return value in certain cases. A remote attacker could possibly use this flaw to crash a PHP application. (CVE-2011-4153)\n\nAll php53 users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : php53 on SL5.x i386/x86_64 (20120627)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2950", "CVE-2011-4153", "CVE-2012-0057", "CVE-2012-0789", "CVE-2012-1172", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2336", "CVE-2012-2386"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:php53", "p-cpe:/a:fermilab:scientific_linux:php53-bcmath", "p-cpe:/a:fermilab:scientific_linux:php53-cli", "p-cpe:/a:fermilab:scientific_linux:php53-common", "p-cpe:/a:fermilab:scientific_linux:php53-dba", "p-cpe:/a:fermilab:scientific_linux:php53-debuginfo", "p-cpe:/a:fermilab:scientific_linux:php53-devel", "p-cpe:/a:fermilab:scientific_linux:php53-gd", "p-cpe:/a:fermilab:scientific_linux:php53-imap", "p-cpe:/a:fermilab:scientific_linux:php53-intl", "p-cpe:/a:fermilab:scientific_linux:php53-ldap", "p-cpe:/a:fermilab:scientific_linux:php53-mbstring", "p-cpe:/a:fermilab:scientific_linux:php53-mysql", "p-cpe:/a:fermilab:scientific_linux:php53-odbc", "p-cpe:/a:fermilab:scientific_linux:php53-pdo", "p-cpe:/a:fermilab:scientific_linux:php53-pgsql", "p-cpe:/a:fermilab:scientific_linux:php53-process", "p-cpe:/a:fermilab:scientific_linux:php53-pspell", "p-cpe:/a:fermilab:scientific_linux:php53-snmp", "p-cpe:/a:fermilab:scientific_linux:php53-soap", "p-cpe:/a:fermilab:scientific_linux:php53-xml", "p-cpe:/a:fermilab:scientific_linux:php53-xmlrpc", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120627_PHP53_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61356", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61356);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-2950\", \"CVE-2011-4153\", \"CVE-2012-0057\", \"CVE-2012-0789\", \"CVE-2012-1172\", \"CVE-2012-2143\", \"CVE-2012-2336\", \"CVE-2012-2386\");\n script_xref(name:\"TRA\", value:\"TRA-2012-01\");\n\n script_name(english:\"Scientific Linux Security Update : php53 on SL5.x i386/x86_64 (20120627)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nIt was discovered that the PHP XSL extension did not restrict the file\nwriting capability of libxslt. A remote attacker could use this flaw\nto create or overwrite an arbitrary file that is writable by the user\nrunning PHP, if a PHP script processed untrusted eXtensible Style\nSheet Language Transformations (XSLT) content. (CVE-2012-0057)\n\nNote: This update disables file writing by default. A new PHP\nconfiguration directive, 'xsl.security_prefs', can be used to enable\nfile writing in XSLT.\n\nA flaw was found in the way PHP validated file names in file upload\nrequests. A remote attacker could possibly use this flaw to bypass the\nsanitization of the uploaded file names, and cause a PHP script to\nstore the uploaded file in an unexpected directory, by using a\ndirectory traversal attack. (CVE-2012-1172)\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in the way the PHP phar extension processed\ncertain fields of tar archive files. A remote attacker could provide a\nspecially crafted tar archive file that, when processed by a PHP\napplication using the phar extension, could cause the application to\ncrash or, potentially, execute arbitrary code with the privileges of\nthe user running PHP. (CVE-2012-2386)\n\nA format string flaw was found in the way the PHP phar extension\nprocessed certain PHAR files. A remote attacker could provide a\nspecially crafted PHAR file, which once processed in a PHP application\nusing the phar extension, could lead to information disclosure and\npossibly arbitrary code execution via a crafted phar:// URI.\n(CVE-2010-2950)\n\nA flaw was found in the DES algorithm implementation in the crypt()\npassword hashing function in PHP. If the password string to be hashed\ncontained certain characters, the remainder of the string was ignored\nwhen calculating the hash, significantly reducing the password\nstrength. (CVE-2012-2143)\n\nNote: With this update, passwords are no longer truncated when\nperforming DES hashing. Therefore, new hashes of the affected\npasswords will not match stored hashes generated using vulnerable PHP\nversions, and will need to be updated.\n\nIt was discovered that the fix for CVE-2012-1823, released via a\nprevious update, did not properly filter all php-cgi command line\narguments. A specially crafted request to a PHP script could cause the\nPHP interpreter to execute the script in a loop, or output usage\ninformation that triggers an Internal Server Error. (CVE-2012-2336)\n\nA memory leak flaw was found in the PHP strtotime() function call. A\nremote attacker could possibly use this flaw to cause excessive memory\nconsumption by triggering many strtotime() function calls.\n(CVE-2012-0789)\n\nIt was found that PHP did not check the zend_strndup() function's\nreturn value in certain cases. A remote attacker could possibly use\nthis flaw to crash a PHP application. (CVE-2011-4153)\n\nAll php53 users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. After installing\nthe updated packages, the httpd daemon must be restarted for the\nupdate to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1207&L=scientific-linux-errata&T=0&P=594\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?84d5fe48\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2012-01\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php53-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"php53-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-bcmath-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-cli-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-common-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-dba-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-debuginfo-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-devel-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-gd-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-imap-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-intl-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-ldap-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-mbstring-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-mysql-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-odbc-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-pdo-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-pgsql-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-process-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-pspell-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-snmp-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-soap-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-xml-5.3.3-13.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"php53-xmlrpc-5.3.3-13.el5_8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php53 / php53-bcmath / php53-cli / php53-common / php53-dba / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:58:20", "description": "Multiple vulnerabilities has been discovered and corrected in postgresql :\n\nFix incorrect password transformation in contrib/pgcrypto's DES crypt() function (Solar Designer). If a password string contained the byte value 0x80, the remainder of the password was ignored, causing the password to be much weaker than it appeared. With this fix, the rest of the string is properly included in the DES hash. Any stored password values that are affected by this bug will thus no longer match, so the stored values may need to be updated (CVE-2012-2143).\n\nIgnore SECURITY DEFINER and SET attributes for a procedural language's call handler (Tom Lane). Applying such attributes to a call handler could crash the server (CVE-2012-2655).\n\nThis advisory provides the latest versions of PostgreSQL that is not vulnerable to these issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-15T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : postgresql (MDVSA-2012:092)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-2143", "CVE-2012-2655"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64ecpg8.4_6", "p-cpe:/a:mandriva:linux:lib64ecpg9.0_6", "p-cpe:/a:mandriva:linux:lib64pq8.4_5", "p-cpe:/a:mandriva:linux:lib64pq9.0_5", "p-cpe:/a:mandriva:linux:libecpg8.4_6", "p-cpe:/a:mandriva:linux:libecpg9.0_6", "p-cpe:/a:mandriva:linux:libpq8.4_5", "p-cpe:/a:mandriva:linux:libpq9.0_5", "p-cpe:/a:mandriva:linux:postgresql8.4", "p-cpe:/a:mandriva:linux:postgresql8.4-contrib", "p-cpe:/a:mandriva:linux:postgresql8.4-devel", "p-cpe:/a:mandriva:linux:postgresql8.4-docs", "p-cpe:/a:mandriva:linux:postgresql8.4-pl", "p-cpe:/a:mandriva:linux:postgresql8.4-plperl", "p-cpe:/a:mandriva:linux:postgresql8.4-plpgsql", "p-cpe:/a:mandriva:linux:postgresql8.4-plpython", "p-cpe:/a:mandriva:linux:postgresql8.4-pltcl", "p-cpe:/a:mandriva:linux:postgresql8.4-server", "p-cpe:/a:mandriva:linux:postgresql9.0", "p-cpe:/a:mandriva:linux:postgresql9.0-contrib", "p-cpe:/a:mandriva:linux:postgresql9.0-devel", "p-cpe:/a:mandriva:linux:postgresql9.0-docs", "p-cpe:/a:mandriva:linux:postgresql9.0-pl", "p-cpe:/a:mandriva:linux:postgresql9.0-plperl", "p-cpe:/a:mandriva:linux:postgresql9.0-plpgsql", "p-cpe:/a:mandriva:linux:postgresql9.0-plpython", "p-cpe:/a:mandriva:linux:postgresql9.0-pltcl", "p-cpe:/a:mandriva:linux:postgresql9.0-server", "cpe:/o:mandriva:linux:2010.1", "cpe:/o:mandriva:linux:2011"], "id": "MANDRIVA_MDVSA-2012-092.NASL", "href": "https://www.tenable.com/plugins/nessus/59518", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:092. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59518);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-2143\", \"CVE-2012-2655\");\n script_bugtraq_id(53729, 53812);\n script_xref(name:\"MDVSA\", value:\"2012:092\");\n\n script_name(english:\"Mandriva Linux Security Advisory : postgresql (MDVSA-2012:092)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been discovered and corrected in\npostgresql :\n\nFix incorrect password transformation in contrib/pgcrypto's DES\ncrypt() function (Solar Designer). If a password string contained the\nbyte value 0x80, the remainder of the password was ignored, causing\nthe password to be much weaker than it appeared. With this fix, the\nrest of the string is properly included in the DES hash. Any stored\npassword values that are affected by this bug will thus no longer\nmatch, so the stored values may need to be updated (CVE-2012-2143).\n\nIgnore SECURITY DEFINER and SET attributes for a procedural language's\ncall handler (Tom Lane). Applying such attributes to a call handler\ncould crash the server (CVE-2012-2655).\n\nThis advisory provides the latest versions of PostgreSQL that is not\nvulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/8.3/release-8-3-19.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/8.4/release-8-4-12.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.0/release-9-0-8.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ecpg8.4_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ecpg9.0_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64pq8.4_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64pq9.0_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libecpg8.4_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libecpg9.0_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpq8.4_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpq9.0_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-plpgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-plpgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64ecpg8.4_6-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64pq8.4_5-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libecpg8.4_6-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libpq8.4_5-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-contrib-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-devel-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-docs-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-pl-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-plperl-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-plpgsql-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-plpython-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-pltcl-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-server-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64ecpg9.0_6-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64pq9.0_5-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libecpg9.0_6-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libpq9.0_5-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-contrib-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-devel-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-docs-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-pl-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-plperl-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-plpgsql-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-plpython-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-pltcl-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-server-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:46:23", "description": "Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nIt was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user running PHP, if a PHP script processed untrusted eXtensible Style Sheet Language Transformations (XSLT) content. (CVE-2012-0057)\n\nNote: This update disables file writing by default. A new PHP configuration directive, 'xsl.security_prefs', can be used to enable file writing in XSLT.\n\nA flaw was found in the way PHP validated file names in file upload requests. A remote attacker could possibly use this flaw to bypass the sanitization of the uploaded file names, and cause a PHP script to store the uploaded file in an unexpected directory, by using a directory traversal attack. (CVE-2012-1172)\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way the PHP phar extension processed certain fields of tar archive files. A remote attacker could provide a specially crafted tar archive file that, when processed by a PHP application using the phar extension, could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running PHP. (CVE-2012-2386)\n\nA format string flaw was found in the way the PHP phar extension processed certain PHAR files. A remote attacker could provide a specially crafted PHAR file, which once processed in a PHP application using the phar extension, could lead to information disclosure and possibly arbitrary code execution via a crafted phar:// URI.\n(CVE-2010-2950)\n\nA flaw was found in the DES algorithm implementation in the crypt() password hashing function in PHP. If the password string to be hashed contained certain characters, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. (CVE-2012-2143)\n\nNote: With this update, passwords are no longer truncated when performing DES hashing. Therefore, new hashes of the affected passwords will not match stored hashes generated using vulnerable PHP versions, and will need to be updated.\n\nIt was discovered that the fix for CVE-2012-1823, released via RHSA-2012:0546, did not properly filter all php-cgi command line arguments. A specially crafted request to a PHP script could cause the PHP interpreter to execute the script in a loop, or output usage information that triggers an Internal Server Error. (CVE-2012-2336)\n\nA memory leak flaw was found in the PHP strtotime() function call. A remote attacker could possibly use this flaw to cause excessive memory consumption by triggering many strtotime() function calls.\n(CVE-2012-0789)\n\nA NULL pointer dereference flaw was found in the PHP tidy_diagnose() function. A remote attacker could use specially crafted input to crash an application that uses tidy::diagnose. (CVE-2012-0781)\n\nIt was found that PHP did not check the zend_strndup() function's return value in certain cases. A remote attacker could possibly use this flaw to crash a PHP application. (CVE-2011-4153)\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters of CVE-2012-2143.\n\nAll php users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-06-28T00:00:00", "type": "nessus", "title": "RHEL 6 : php (RHSA-2012:1046)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2950", "CVE-2011-4153", "CVE-2012-0057", "CVE-2012-0781", "CVE-2012-0789", "CVE-2012-1172", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2336", "CVE-2012-2386"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:php", "p-cpe:/a:redhat:enterprise_linux:php-bcmath", "p-cpe:/a:redhat:enterprise_linux:php-cli", "p-cpe:/a:redhat:enterprise_linux:php-common", "p-cpe:/a:redhat:enterprise_linux:php-dba", "p-cpe:/a:redhat:enterprise_linux:php-debuginfo", "p-cpe:/a:redhat:enterprise_linux:php-devel", "p-cpe:/a:redhat:enterprise_linux:php-embedded", "p-cpe:/a:redhat:enterprise_linux:php-enchant", "p-cpe:/a:redhat:enterprise_linux:php-gd", "p-cpe:/a:redhat:enterprise_linux:php-imap", "p-cpe:/a:redhat:enterprise_linux:php-intl", "p-cpe:/a:redhat:enterprise_linux:php-ldap", "p-cpe:/a:redhat:enterprise_linux:php-mbstring", "p-cpe:/a:redhat:enterprise_linux:php-mysql", "p-cpe:/a:redhat:enterprise_linux:php-odbc", "p-cpe:/a:redhat:enterprise_linux:php-pdo", "p-cpe:/a:redhat:enterprise_linux:php-pgsql", "p-cpe:/a:redhat:enterprise_linux:php-process", "p-cpe:/a:redhat:enterprise_linux:php-pspell", "p-cpe:/a:redhat:enterprise_linux:php-recode", "p-cpe:/a:redhat:enterprise_linux:php-snmp", "p-cpe:/a:redhat:enterprise_linux:php-soap", "p-cpe:/a:redhat:enterprise_linux:php-tidy", "p-cpe:/a:redhat:enterprise_linux:php-xml", "p-cpe:/a:redhat:enterprise_linux:php-xmlrpc", "p-cpe:/a:redhat:enterprise_linux:php-zts", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.3"], "id": "REDHAT-RHSA-2012-1046.NASL", "href": "https://www.tenable.com/plugins/nessus/59752", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1046. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59752);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-2950\", \"CVE-2011-4153\", \"CVE-2012-0057\", \"CVE-2012-0781\", \"CVE-2012-0789\", \"CVE-2012-1172\", \"CVE-2012-2143\", \"CVE-2012-2336\", \"CVE-2012-2386\");\n script_bugtraq_id(40173, 47545, 51992, 53729);\n script_xref(name:\"RHSA\", value:\"2012:1046\");\n script_xref(name:\"TRA\", value:\"TRA-2012-01\");\n\n script_name(english:\"RHEL 6 : php (RHSA-2012:1046)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nIt was discovered that the PHP XSL extension did not restrict the file\nwriting capability of libxslt. A remote attacker could use this flaw\nto create or overwrite an arbitrary file that is writable by the user\nrunning PHP, if a PHP script processed untrusted eXtensible Style\nSheet Language Transformations (XSLT) content. (CVE-2012-0057)\n\nNote: This update disables file writing by default. A new PHP\nconfiguration directive, 'xsl.security_prefs', can be used to enable\nfile writing in XSLT.\n\nA flaw was found in the way PHP validated file names in file upload\nrequests. A remote attacker could possibly use this flaw to bypass the\nsanitization of the uploaded file names, and cause a PHP script to\nstore the uploaded file in an unexpected directory, by using a\ndirectory traversal attack. (CVE-2012-1172)\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in the way the PHP phar extension processed\ncertain fields of tar archive files. A remote attacker could provide a\nspecially crafted tar archive file that, when processed by a PHP\napplication using the phar extension, could cause the application to\ncrash or, potentially, execute arbitrary code with the privileges of\nthe user running PHP. (CVE-2012-2386)\n\nA format string flaw was found in the way the PHP phar extension\nprocessed certain PHAR files. A remote attacker could provide a\nspecially crafted PHAR file, which once processed in a PHP application\nusing the phar extension, could lead to information disclosure and\npossibly arbitrary code execution via a crafted phar:// URI.\n(CVE-2010-2950)\n\nA flaw was found in the DES algorithm implementation in the crypt()\npassword hashing function in PHP. If the password string to be hashed\ncontained certain characters, the remainder of the string was ignored\nwhen calculating the hash, significantly reducing the password\nstrength. (CVE-2012-2143)\n\nNote: With this update, passwords are no longer truncated when\nperforming DES hashing. Therefore, new hashes of the affected\npasswords will not match stored hashes generated using vulnerable PHP\nversions, and will need to be updated.\n\nIt was discovered that the fix for CVE-2012-1823, released via\nRHSA-2012:0546, did not properly filter all php-cgi command line\narguments. A specially crafted request to a PHP script could cause the\nPHP interpreter to execute the script in a loop, or output usage\ninformation that triggers an Internal Server Error. (CVE-2012-2336)\n\nA memory leak flaw was found in the PHP strtotime() function call. A\nremote attacker could possibly use this flaw to cause excessive memory\nconsumption by triggering many strtotime() function calls.\n(CVE-2012-0789)\n\nA NULL pointer dereference flaw was found in the PHP tidy_diagnose()\nfunction. A remote attacker could use specially crafted input to crash\nan application that uses tidy::diagnose. (CVE-2012-0781)\n\nIt was found that PHP did not check the zend_strndup() function's\nreturn value in certain cases. A remote attacker could possibly use\nthis flaw to crash a PHP application. (CVE-2011-4153)\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original\nreporters of CVE-2012-2143.\n\nAll php users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://rhn.redhat.com/errata/RHSA-2012-0546.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2143\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0781\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0057\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0789\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4153\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2950\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2012-01\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:php-zts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1046\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-bcmath-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-bcmath-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-bcmath-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-cli-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-cli-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-cli-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-common-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-common-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-common-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-dba-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-dba-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-dba-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-debuginfo-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-debuginfo-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-debuginfo-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-devel-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-devel-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-devel-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-embedded-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-embedded-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-embedded-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-enchant-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-enchant-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-enchant-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-gd-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-gd-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-gd-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-imap-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-imap-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-imap-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-intl-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-intl-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-intl-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-ldap-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-ldap-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-ldap-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-mbstring-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-mbstring-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-mbstring-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-mysql-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-mysql-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-mysql-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-odbc-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-odbc-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-odbc-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-pdo-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-pdo-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-pdo-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-pgsql-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-pgsql-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-pgsql-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-process-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-process-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-process-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-pspell-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-pspell-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-pspell-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-recode-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-recode-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-recode-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-snmp-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-snmp-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-snmp-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-soap-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-soap-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-soap-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-tidy-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-tidy-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-tidy-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-xml-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-xml-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-xml-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-xmlrpc-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-xmlrpc-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-xmlrpc-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"php-zts-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"php-zts-5.3.3-14.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"php-zts-5.3.3-14.el6_3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T18:29:03", "description": "From Red Hat Security Advisory 2012:1046 :\n\nUpdated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nIt was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user running PHP, if a PHP script processed untrusted eXtensible Style Sheet Language Transformations (XSLT) content. (CVE-2012-0057)\n\nNote: This update disables file writing by default. A new PHP configuration directive, 'xsl.security_prefs', can be used to enable file writing in XSLT.\n\nA flaw was found in the way PHP validated file names in file upload requests. A remote attacker could possibly use this flaw to bypass the sanitization of the uploaded file names, and cause a PHP script to store the uploaded file in an unexpected directory, by using a directory traversal attack. (CVE-2012-1172)\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way the PHP phar extension processed certain fields of tar archive files. A remote attacker could provide a specially crafted tar archive file that, when processed by a PHP application using the phar extension, could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running PHP. (CVE-2012-2386)\n\nA format string flaw was found in the way the PHP phar extension processed certain PHAR files. A remote attacker could provide a specially crafted PHAR file, which once processed in a PHP application using the phar extension, could lead to information disclosure and possibly arbitrary code execution via a crafted phar:// URI.\n(CVE-2010-2950)\n\nA flaw was found in the DES algorithm implementation in the crypt() password hashing function in PHP. If the password string to be hashed contained certain characters, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. (CVE-2012-2143)\n\nNote: With this update, passwords are no longer truncated when performing DES hashing. Therefore, new hashes of the affected passwords will not match stored hashes generated using vulnerable PHP versions, and will need to be updated.\n\nIt was discovered that the fix for CVE-2012-1823, released via RHSA-2012:0546, did not properly filter all php-cgi command line arguments. A specially crafted request to a PHP script could cause the PHP interpreter to execute the script in a loop, or output usage information that triggers an Internal Server Error. (CVE-2012-2336)\n\nA memory leak flaw was found in the PHP strtotime() function call. A remote attacker could possibly use this flaw to cause excessive memory consumption by triggering many strtotime() function calls.\n(CVE-2012-0789)\n\nA NULL pointer dereference flaw was found in the PHP tidy_diagnose() function. A remote attacker could use specially crafted input to crash an application that uses tidy::diagnose. (CVE-2012-0781)\n\nIt was found that PHP did not check the zend_strndup() function's return value in certain cases. A remote attacker could possibly use this flaw to crash a PHP application. (CVE-2011-4153)\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters of CVE-2012-2143.\n\nAll php users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : php (ELSA-2012-1046)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2950", "CVE-2011-4153", "CVE-2012-0057", "CVE-2012-0781", "CVE-2012-0789", "CVE-2012-1172", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2336", "CVE-2012-2386"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:php", "p-cpe:/a:oracle:linux:php-bcmath", "p-cpe:/a:oracle:linux:php-cli", "p-cpe:/a:oracle:linux:php-common", "p-cpe:/a:oracle:linux:php-dba", "p-cpe:/a:oracle:linux:php-devel", "p-cpe:/a:oracle:linux:php-embedded", "p-cpe:/a:oracle:linux:php-enchant", "p-cpe:/a:oracle:linux:php-gd", "p-cpe:/a:oracle:linux:php-imap", "p-cpe:/a:oracle:linux:php-intl", "p-cpe:/a:oracle:linux:php-ldap", "p-cpe:/a:oracle:linux:php-mbstring", "p-cpe:/a:oracle:linux:php-mysql", "p-cpe:/a:oracle:linux:php-odbc", "p-cpe:/a:oracle:linux:php-pdo", "p-cpe:/a:oracle:linux:php-pgsql", "p-cpe:/a:oracle:linux:php-process", "p-cpe:/a:oracle:linux:php-pspell", "p-cpe:/a:oracle:linux:php-recode", "p-cpe:/a:oracle:linux:php-snmp", "p-cpe:/a:oracle:linux:php-soap", "p-cpe:/a:oracle:linux:php-tidy", "p-cpe:/a:oracle:linux:php-xml", "p-cpe:/a:oracle:linux:php-xmlrpc", "p-cpe:/a:oracle:linux:php-zts", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2012-1046.NASL", "href": "https://www.tenable.com/plugins/nessus/68570", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1046 and \n# Oracle Linux Security Advisory ELSA-2012-1046 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68570);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-2950\", \"CVE-2011-4153\", \"CVE-2012-0057\", \"CVE-2012-0781\", \"CVE-2012-0789\", \"CVE-2012-1172\", \"CVE-2012-2143\", \"CVE-2012-2336\", \"CVE-2012-2386\");\n script_bugtraq_id(40173, 46365, 46967, 46969, 46970, 46975, 46977, 47545, 47950, 48259, 49241, 51193, 51417, 51806, 51992, 52043, 53388, 53403, 53729);\n script_xref(name:\"RHSA\", value:\"2012:1046\");\n script_xref(name:\"TRA\", value:\"TRA-2012-01\");\n\n script_name(english:\"Oracle Linux 6 : php (ELSA-2012-1046)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:1046 :\n\nUpdated php packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nIt was discovered that the PHP XSL extension did not restrict the file\nwriting capability of libxslt. A remote attacker could use this flaw\nto create or overwrite an arbitrary file that is writable by the user\nrunning PHP, if a PHP script processed untrusted eXtensible Style\nSheet Language Transformations (XSLT) content. (CVE-2012-0057)\n\nNote: This update disables file writing by default. A new PHP\nconfiguration directive, 'xsl.security_prefs', can be used to enable\nfile writing in XSLT.\n\nA flaw was found in the way PHP validated file names in file upload\nrequests. A remote attacker could possibly use this flaw to bypass the\nsanitization of the uploaded file names, and cause a PHP script to\nstore the uploaded file in an unexpected directory, by using a\ndirectory traversal attack. (CVE-2012-1172)\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in the way the PHP phar extension processed\ncertain fields of tar archive files. A remote attacker could provide a\nspecially crafted tar archive file that, when processed by a PHP\napplication using the phar extension, could cause the application to\ncrash or, potentially, execute arbitrary code with the privileges of\nthe user running PHP. (CVE-2012-2386)\n\nA format string flaw was found in the way the PHP phar extension\nprocessed certain PHAR files. A remote attacker could provide a\nspecially crafted PHAR file, which once processed in a PHP application\nusing the phar extension, could lead to information disclosure and\npossibly arbitrary code execution via a crafted phar:// URI.\n(CVE-2010-2950)\n\nA flaw was found in the DES algorithm implementation in the crypt()\npassword hashing function in PHP. If the password string to be hashed\ncontained certain characters, the remainder of the string was ignored\nwhen calculating the hash, significantly reducing the password\nstrength. (CVE-2012-2143)\n\nNote: With this update, passwords are no longer truncated when\nperforming DES hashing. Therefore, new hashes of the affected\npasswords will not match stored hashes generated using vulnerable PHP\nversions, and will need to be updated.\n\nIt was discovered that the fix for CVE-2012-1823, released via\nRHSA-2012:0546, did not properly filter all php-cgi command line\narguments. A specially crafted request to a PHP script could cause the\nPHP interpreter to execute the script in a loop, or output usage\ninformation that triggers an Internal Server Error. (CVE-2012-2336)\n\nA memory leak flaw was found in the PHP strtotime() function call. A\nremote attacker could possibly use this flaw to cause excessive memory\nconsumption by triggering many strtotime() function calls.\n(CVE-2012-0789)\n\nA NULL pointer dereference flaw was found in the PHP tidy_diagnose()\nfunction. A remote attacker could use specially crafted input to crash\nan application that uses tidy::diagnose. (CVE-2012-0781)\n\nIt was found that PHP did not check the zend_strndup() function's\nreturn value in certain cases. A remote attacker could possibly use\nthis flaw to crash a PHP application. (CVE-2011-4153)\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original\nreporters of CVE-2012-2143.\n\nAll php users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-June/002894.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2012-01\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:php-zts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"php-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-bcmath-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-cli-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-common-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-dba-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-devel-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-embedded-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-enchant-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-gd-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-imap-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-intl-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-ldap-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-mbstring-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-mysql-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-odbc-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-pdo-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-pgsql-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-process-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-pspell-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-recode-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-snmp-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-soap-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-tidy-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-xml-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-xmlrpc-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"php-zts-5.3.3-14.el6_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:51:43", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nIt was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user running PHP, if a PHP script processed untrusted eXtensible Style Sheet Language Transformations (XSLT) content. (CVE-2012-0057)\n\nNote: This update disables file writing by default. A new PHP configuration directive, 'xsl.security_prefs', can be used to enable file writing in XSLT.\n\nA flaw was found in the way PHP validated file names in file upload requests. A remote attacker could possibly use this flaw to bypass the sanitization of the uploaded file names, and cause a PHP script to store the uploaded file in an unexpected directory, by using a directory traversal attack. (CVE-2012-1172)\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way the PHP phar extension processed certain fields of tar archive files. A remote attacker could provide a specially crafted tar archive file that, when processed by a PHP application using the phar extension, could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running PHP. (CVE-2012-2386)\n\nA format string flaw was found in the way the PHP phar extension processed certain PHAR files. A remote attacker could provide a specially crafted PHAR file, which once processed in a PHP application using the phar extension, could lead to information disclosure and possibly arbitrary code execution via a crafted phar:// URI.\n(CVE-2010-2950)\n\nA flaw was found in the DES algorithm implementation in the crypt() password hashing function in PHP. If the password string to be hashed contained certain characters, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. (CVE-2012-2143)\n\nNote: With this update, passwords are no longer truncated when performing DES hashing. Therefore, new hashes of the affected passwords will not match stored hashes generated using vulnerable PHP versions, and will need to be updated.\n\nIt was discovered that the fix for CVE-2012-1823, released via a previous update, did not properly filter all php-cgi command line arguments. A specially crafted request to a PHP script could cause the PHP interpreter to execute the script in a loop, or output usage information that triggers an Internal Server Error. (CVE-2012-2336)\n\nA memory leak flaw was found in the PHP strtotime() function call. A remote attacker could possibly use this flaw to cause excessive memory consumption by triggering many strtotime() function calls.\n(CVE-2012-0789)\n\nA NULL pointer dereference flaw was found in the PHP tidy_diagnose() function. A remote attacker could use specially crafted input to crash an application that uses tidy::diagnose. (CVE-2012-0781)\n\nIt was found that PHP did not check the zend_strndup() function's return value in certain cases. A remote attacker could possibly use this flaw to crash a PHP application. (CVE-2011-4153)\n\nAll php users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : php on SL6.x i386/x86_64 (20120627)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2950", "CVE-2011-4153", "CVE-2012-0057", "CVE-2012-0781", "CVE-2012-0789", "CVE-2012-1172", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2336", "CVE-2012-2386"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:php", "p-cpe:/a:fermilab:scientific_linux:php-bcmath", "p-cpe:/a:fermilab:scientific_linux:php-cli", "p-cpe:/a:fermilab:scientific_linux:php-common", "p-cpe:/a:fermilab:scientific_linux:php-dba", "p-cpe:/a:fermilab:scientific_linux:php-debuginfo", "p-cpe:/a:fermilab:scientific_linux:php-devel", "p-cpe:/a:fermilab:scientific_linux:php-embedded", "p-cpe:/a:fermilab:scientific_linux:php-enchant", "p-cpe:/a:fermilab:scientific_linux:php-gd", "p-cpe:/a:fermilab:scientific_linux:php-imap", "p-cpe:/a:fermilab:scientific_linux:php-intl", "p-cpe:/a:fermilab:scientific_linux:php-ldap", "p-cpe:/a:fermilab:scientific_linux:php-mbstring", "p-cpe:/a:fermilab:scientific_linux:php-mysql", "p-cpe:/a:fermilab:scientific_linux:php-odbc", "p-cpe:/a:fermilab:scientific_linux:php-pdo", "p-cpe:/a:fermilab:scientific_linux:php-pgsql", "p-cpe:/a:fermilab:scientific_linux:php-process", "p-cpe:/a:fermilab:scientific_linux:php-pspell", "p-cpe:/a:fermilab:scientific_linux:php-recode", "p-cpe:/a:fermilab:scientific_linux:php-snmp", "p-cpe:/a:fermilab:scientific_linux:php-soap", "p-cpe:/a:fermilab:scientific_linux:php-tidy", "p-cpe:/a:fermilab:scientific_linux:php-xml", "p-cpe:/a:fermilab:scientific_linux:php-xmlrpc", "p-cpe:/a:fermilab:scientific_linux:php-zts", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120627_PHP_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61358", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61358);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-2950\", \"CVE-2011-4153\", \"CVE-2012-0057\", \"CVE-2012-0781\", \"CVE-2012-0789\", \"CVE-2012-1172\", \"CVE-2012-2143\", \"CVE-2012-2336\", \"CVE-2012-2386\");\n script_xref(name:\"TRA\", value:\"TRA-2012-01\");\n\n script_name(english:\"Scientific Linux Security Update : php on SL6.x i386/x86_64 (20120627)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nIt was discovered that the PHP XSL extension did not restrict the file\nwriting capability of libxslt. A remote attacker could use this flaw\nto create or overwrite an arbitrary file that is writable by the user\nrunning PHP, if a PHP script processed untrusted eXtensible Style\nSheet Language Transformations (XSLT) content. (CVE-2012-0057)\n\nNote: This update disables file writing by default. A new PHP\nconfiguration directive, 'xsl.security_prefs', can be used to enable\nfile writing in XSLT.\n\nA flaw was found in the way PHP validated file names in file upload\nrequests. A remote attacker could possibly use this flaw to bypass the\nsanitization of the uploaded file names, and cause a PHP script to\nstore the uploaded file in an unexpected directory, by using a\ndirectory traversal attack. (CVE-2012-1172)\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in the way the PHP phar extension processed\ncertain fields of tar archive files. A remote attacker could provide a\nspecially crafted tar archive file that, when processed by a PHP\napplication using the phar extension, could cause the application to\ncrash or, potentially, execute arbitrary code with the privileges of\nthe user running PHP. (CVE-2012-2386)\n\nA format string flaw was found in the way the PHP phar extension\nprocessed certain PHAR files. A remote attacker could provide a\nspecially crafted PHAR file, which once processed in a PHP application\nusing the phar extension, could lead to information disclosure and\npossibly arbitrary code execution via a crafted phar:// URI.\n(CVE-2010-2950)\n\nA flaw was found in the DES algorithm implementation in the crypt()\npassword hashing function in PHP. If the password string to be hashed\ncontained certain characters, the remainder of the string was ignored\nwhen calculating the hash, significantly reducing the password\nstrength. (CVE-2012-2143)\n\nNote: With this update, passwords are no longer truncated when\nperforming DES hashing. Therefore, new hashes of the affected\npasswords will not match stored hashes generated using vulnerable PHP\nversions, and will need to be updated.\n\nIt was discovered that the fix for CVE-2012-1823, released via a\nprevious update, did not properly filter all php-cgi command line\narguments. A specially crafted request to a PHP script could cause the\nPHP interpreter to execute the script in a loop, or output usage\ninformation that triggers an Internal Server Error. (CVE-2012-2336)\n\nA memory leak flaw was found in the PHP strtotime() function call. A\nremote attacker could possibly use this flaw to cause excessive memory\nconsumption by triggering many strtotime() function calls.\n(CVE-2012-0789)\n\nA NULL pointer dereference flaw was found in the PHP tidy_diagnose()\nfunction. A remote attacker could use specially crafted input to crash\nan application that uses tidy::diagnose. (CVE-2012-0781)\n\nIt was found that PHP did not check the zend_strndup() function's\nreturn value in certain cases. A remote attacker could possibly use\nthis flaw to crash a PHP application. (CVE-2011-4153)\n\nAll php users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1207&L=scientific-linux-errata&T=0&P=2427\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?055113e5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2012-01\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:php-zts\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"php-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-bcmath-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-cli-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-common-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-dba-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-debuginfo-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-devel-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-embedded-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-enchant-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-gd-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-imap-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-intl-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-ldap-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-mbstring-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-mysql-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-odbc-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-pdo-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-pgsql-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-process-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-pspell-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-recode-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-snmp-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-soap-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-tidy-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-xml-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-xmlrpc-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"php-zts-5.3.3-14.el6_3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:49:08", "description": "Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nIt was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user running PHP, if a PHP script processed untrusted eXtensible Style Sheet Language Transformations (XSLT) content. (CVE-2012-0057)\n\nNote: This update disables file writing by default. A new PHP configuration directive, 'xsl.security_prefs', can be used to enable file writing in XSLT.\n\nA flaw was found in the way PHP validated file names in file upload requests. A remote attacker could possibly use this flaw to bypass the sanitization of the uploaded file names, and cause a PHP script to store the uploaded file in an unexpected directory, by using a directory traversal attack. (CVE-2012-1172)\n\nMultiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way the PHP phar extension processed certain fields of tar archive files. A remote attacker could provide a specially crafted tar archive file that, when processed by a PHP application using the phar extension, could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running PHP. (CVE-2012-2386)\n\nA format string flaw was found in the way the PHP phar extension processed certain PHAR files. A remote attacker could provide a specially crafted PHAR file, which once processed in a PHP application using the phar extension, could lead to information disclosure and possibly arbitrary code execution via a crafted phar:// URI.\n(CVE-2010-2950)\n\nA flaw was found in the DES algorithm implementation in the crypt() password hashing function in PHP. If the password string to be hashed contained certain characters, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. (CVE-2012-2143)\n\nNote: With this update, passwords are no longer truncated when performing DES hashing. Therefore, new hashes of the affected passwords will not match stored hashes generated using vulnerable PHP versions, and will need to be updated.\n\nIt was discovered that the fix for CVE-2012-1823, released via RHSA-2012:0546, did not properly filter all php-cgi command line arguments. A specially crafted request to a PHP script could cause the PHP interpreter to execute the script in a loop, or output usage information that triggers an Internal Server Error. (CVE-2012-2336)\n\nA memory leak flaw was found in the PHP strtotime() function call. A remote attacker could possibly use this flaw to cause excessive memory consumption by triggering many strtotime() function calls.\n(CVE-2012-0789)\n\nA NULL pointer dereference flaw was found in the PHP tidy_diagnose() function. A remote attacker could use specially crafted input to crash an application that uses tidy::diagnose. (CVE-2012-0781)\n\nIt was found that PHP did not check the zend_strndup() function's return value in certain cases. A remote attacker could possibly use this flaw to crash a PHP application. (CVE-2011-4153)\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters of CVE-2012-2143.\n\nAll php users should upgrade to these updated packages, which contain backported patches to resolve these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2012-07-11T00:00:00", "type": "nessus", "title": "CentOS 6 : php (CESA-2012:1046)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2950", "CVE-2011-4153", "CVE-2012-0057", "CVE-2012-0781", "CVE-2012-0789", "CVE-2012-1172", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2336", "CVE-2012-2386"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:php", "p-cpe:/a:centos:centos:php-bcmath", "p-cpe:/a:centos:centos:php-cli", "p-cpe:/a:centos:centos:php-common", "p-cpe:/a:centos:centos:php-dba", "p-cpe:/a:centos:centos:php-devel", "p-cpe:/a:centos:centos:php-embedded", "p-cpe:/a:centos:centos:php-enchant", "p-cpe:/a:centos:centos:php-gd", "p-cpe:/a:centos:centos:php-imap", "p-cpe:/a:centos:centos:php-intl", "p-cpe:/a:centos:centos:php-ldap", "p-cpe:/a:centos:centos:php-mbstring", "p-cpe:/a:centos:centos:php-mysql", "p-cpe:/a:centos:centos:php-odbc", "p-cpe:/a:centos:centos:php-pdo", "p-cpe:/a:centos:centos:php-pgsql", "p-cpe:/a:centos:centos:php-process", "p-cpe:/a:centos:centos:php-pspell", "p-cpe:/a:centos:centos:php-recode", "p-cpe:/a:centos:centos:php-snmp", "p-cpe:/a:centos:centos:php-soap", "p-cpe:/a:centos:centos:php-tidy", "p-cpe:/a:centos:centos:php-xml", "p-cpe:/a:centos:centos:php-xmlrpc", "p-cpe:/a:centos:centos:php-zts", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2012-1046.NASL", "href": "https://www.tenable.com/plugins/nessus/59938", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1046 and \n# CentOS Errata and Security Advisory 2012:1046 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59938);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-2950\", \"CVE-2011-4153\", \"CVE-2012-0057\", \"CVE-2012-0781\", \"CVE-2012-0789\", \"CVE-2012-1172\", \"CVE-2012-2143\", \"CVE-2012-2336\", \"CVE-2012-2386\");\n script_bugtraq_id(40173, 47545, 51992, 53729);\n script_xref(name:\"RHSA\", value:\"2012:1046\");\n script_xref(name:\"TRA\", value:\"TRA-2012-01\");\n\n script_name(english:\"CentOS 6 : php (CESA-2012:1046)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated php packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPHP is an HTML-embedded scripting language commonly used with the\nApache HTTP Server.\n\nIt was discovered that the PHP XSL extension did not restrict the file\nwriting capability of libxslt. A remote attacker could use this flaw\nto create or overwrite an arbitrary file that is writable by the user\nrunning PHP, if a PHP script processed untrusted eXtensible Style\nSheet Language Transformations (XSLT) content. (CVE-2012-0057)\n\nNote: This update disables file writing by default. A new PHP\nconfiguration directive, 'xsl.security_prefs', can be used to enable\nfile writing in XSLT.\n\nA flaw was found in the way PHP validated file names in file upload\nrequests. A remote attacker could possibly use this flaw to bypass the\nsanitization of the uploaded file names, and cause a PHP script to\nstore the uploaded file in an unexpected directory, by using a\ndirectory traversal attack. (CVE-2012-1172)\n\nMultiple integer overflow flaws, leading to heap-based buffer\noverflows, were found in the way the PHP phar extension processed\ncertain fields of tar archive files. A remote attacker could provide a\nspecially crafted tar archive file that, when processed by a PHP\napplication using the phar extension, could cause the application to\ncrash or, potentially, execute arbitrary code with the privileges of\nthe user running PHP. (CVE-2012-2386)\n\nA format string flaw was found in the way the PHP phar extension\nprocessed certain PHAR files. A remote attacker could provide a\nspecially crafted PHAR file, which once processed in a PHP application\nusing the phar extension, could lead to information disclosure and\npossibly arbitrary code execution via a crafted phar:// URI.\n(CVE-2010-2950)\n\nA flaw was found in the DES algorithm implementation in the crypt()\npassword hashing function in PHP. If the password string to be hashed\ncontained certain characters, the remainder of the string was ignored\nwhen calculating the hash, significantly reducing the password\nstrength. (CVE-2012-2143)\n\nNote: With this update, passwords are no longer truncated when\nperforming DES hashing. Therefore, new hashes of the affected\npasswords will not match stored hashes generated using vulnerable PHP\nversions, and will need to be updated.\n\nIt was discovered that the fix for CVE-2012-1823, released via\nRHSA-2012:0546, did not properly filter all php-cgi command line\narguments. A specially crafted request to a PHP script could cause the\nPHP interpreter to execute the script in a loop, or output usage\ninformation that triggers an Internal Server Error. (CVE-2012-2336)\n\nA memory leak flaw was found in the PHP strtotime() function call. A\nremote attacker could possibly use this flaw to cause excessive memory\nconsumption by triggering many strtotime() function calls.\n(CVE-2012-0789)\n\nA NULL pointer dereference flaw was found in the PHP tidy_diagnose()\nfunction. A remote attacker could use specially crafted input to crash\nan application that uses tidy::diagnose. (CVE-2012-0781)\n\nIt was found that PHP did not check the zend_strndup() function's\nreturn value in certain cases. A remote attacker could possibly use\nthis flaw to crash a PHP application. (CVE-2011-4153)\n\nUpstream acknowledges Rubin Xu and Joseph Bonneau as the original\nreporters of CVE-2012-2143.\n\nAll php users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-July/018730.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1128679e\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.tenable.com/security/research/tra-2012-01\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-2386\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-process\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-recode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:php-zts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-bcmath-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-cli-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-common-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-dba-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-devel-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-embedded-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-enchant-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-gd-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-imap-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-intl-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-ldap-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-mbstring-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-mysql-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-odbc-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-pdo-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-pgsql-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-process-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-pspell-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-recode-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-snmp-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-soap-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-tidy-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-xml-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-xmlrpc-5.3.3-14.el6_3\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"php-zts-5.3.3-14.el6_3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:56:51", "description": "The remote host is running a version of Mac OS X 10.8 that is older than version 10.8.2. The newer version contains numerous security-related fixes for the following components :\n\n - BIND\n\n - Data Security\n\n - LoginWindow\n\\ - Mobile Accounts\n\n - PHP\n\n", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2012-09-21T00:00:00", "type": "nessus", "title": "Mac OS X 10.8 < 10.8.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4313", "CVE-2012-1667", "CVE-2012-2143", "CVE-2012-1172", "CVE-2012-2386", "CVE-2012-0831", "CVE-2012-2688", "CVE-2012-2311", "CVE-2012-3718", "CVE-2012-3720"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "6584.PRM", "href": "https://www.tenable.com/plugins/nnm/6584", "sourceData": "Binary data 6584.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-09T13:20:23", "description": "The remote host is running a version of Mac OS X 10.8.x that is prior to 10.8.2. The newer version contains multiple security-related fixes for the following components :\n\n - BIND\n - Data Security\n - LoginWindow\n - Mobile Accounts\n - PHP", "cvss3": {"score": null, "vector": null}, "published": "2012-09-20T00:00:00", "type": "nessus", "title": "Mac OS X 10.8.x < 10.8.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4313", "CVE-2012-0831", "CVE-2012-1172", "CVE-2012-1667", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2311", "CVE-2012-2386", "CVE-2012-2688", "CVE-2012-3718", "CVE-2012-3720"], "modified": "2022-03-28T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_8_2.NASL", "href": "https://www.tenable.com/plugins/nessus/62215", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62215);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/28\");\n\n script_cve_id(\n \"CVE-2011-4313\",\n \"CVE-2012-0831\",\n \"CVE-2012-1172\",\n \"CVE-2012-1667\",\n \"CVE-2012-1823\",\n \"CVE-2012-2143\",\n \"CVE-2012-2311\",\n \"CVE-2012-2386\",\n \"CVE-2012-2688\",\n \"CVE-2012-3718\",\n \"CVE-2012-3720\"\n );\n script_bugtraq_id(\n 47545,\n 50690,\n 51954,\n 53388,\n 53403,\n 53729,\n 53772,\n 54638,\n 56243,\n 56252\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n\n script_name(english:\"Mac OS X 10.8.x < 10.8.2 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes several\nsecurity issues.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.8.x that is prior\nto 10.8.2. The newer version contains multiple security-related fixes\nfor the following components :\n\n - BIND\n - Data Security\n - LoginWindow\n - Mobile Accounts\n - PHP\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5501\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mac OS X 10.8.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-2688\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP CGI Argument Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/11/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Mac OS X\" >!< os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\n\nif (ereg(pattern:\"Mac OS X 10\\.8($|\\.[0-1]([^0-9]|$))\", string:os)) security_hole(0);\nelse exit(0, \"The host is not affected as it is running \"+os+\".\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:55:53", "description": "This update provides PostgreSQL 8.3.20. As part of this update, the packaging scheme has been changed to accomodate an optional parallel installation of newer PostgreSQL versions.\n\nThe changes in 8.3.20 are :\n\n - Prevent access to external files/URLs via XML entity references. xml_parse() would attempt to fetch external files or URLs as needed to resolve DTD and entity references in an XML value, thus allowing unprivileged database users to attempt to fetch data with the privileges of the database server. (CVE-2012-3489, bnc#776524)\n\n - Prevent access to external files/URLs via 'contrib/xml2''s xslt_process(). libxslt offers the ability to read and write both files and URLs through stylesheet commands, thus allowing unprivileged database users to both read and write data with the privileges of the database server. Disable that through proper use of libxslt's security options. (CVE-2012-3488, bnc#776523).\n Also, remove xslt_process()'s ability to fetch documents and stylesheets from external files/URLs.\n\n - Fix incorrect password transformation in contrib/pgcrypto's DES crypt() function. If a password string contained the byte value 0x80, the remainder of the password was ignored, causing the password to be much weaker than it appeared. With this fix, the rest of the string is properly included in the DES hash. Any stored password values that are affected by this bug will thus no longer match, so the stored values may need to be updated. (CVE-2012-2143)\n\n - Ignore SECURITY DEFINER and SET attributes for a procedural language's call handler. Applying such attributes to a call handler could crash the server.\n (CVE-2012-2655)\n\n - Allow numeric timezone offsets in timestamp input to be up to 16 hours away from UTC. Some historical time zones have offsets larger than 15 hours, the previous limit.\n This could result in dumped data values being rejected during reload.\n\n - Fix timestamp conversion to cope when the given time is exactly the last DST transition time for the current timezone. This oversight has been there a long time, but was not noticed previously because most DST-using zones are presumed to have an indefinite sequence of future DST transitions.\n\n - Fix text to name and char to name casts to perform string truncation correctly in multibyte encodings.\n\n - Fix memory copying bug in to_tsquery().\n\n - Fix slow session startup when pg_attribute is very large. If pg_attribute exceeds one-fourth of shared_buffers, cache rebuilding code that is sometimes needed during session start would trigger the synchronized-scan logic, causing it to take many times longer than normal. The problem was particularly acute if many new sessions were starting at once.\n\n - Ensure sequential scans check for query cancel reasonably often. A scan encountering many consecutive pages that contain no live tuples would not respond to interrupts meanwhile.\n\n - Show whole-row variables safely when printing views or rules. Corner cases involving ambiguous names (that is, the name could be either a table or column name of the query) were printed in an ambiguous way, risking that the view or rule would be interpreted differently after dump and reload. Avoid the ambiguous case by attaching a no-op cast.\n\n - Ensure autovacuum worker processes perform stack depth checking properly. Previously, infinite recursion in a function invoked by auto-ANALYZE could crash worker processes.\n\n - Fix logging collector to not lose log coherency under high load. The collector previously could fail to reassemble large messages if it got too busy.\n\n - Fix logging collector to ensure it will restart file rotation after receiving SIGHUP.\n\n - Fix PL/pgSQL's GET DIAGNOSTICS command when the target is the function's first variable.\n\n - Fix several performance problems in pg_dump when the database contains many objects. pg_dump could get very slow if the database contained many schemas, or if many objects are in dependency loops, or if there are many owned sequences.\n\n - Fix contrib/dblink's dblink_exec() to not leak temporary database connections upon error.", "cvss3": {"score": null, "vector": null}, "published": "2013-01-25T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : PostgreSQL (SAT Patch Number 6697)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2655", "CVE-2012-3488", "CVE-2012-3489"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:postgresql", "p-cpe:/a:novell:suse_linux:11:postgresql-contrib", "p-cpe:/a:novell:suse_linux:11:postgresql-docs", "p-cpe:/a:novell:suse_linux:11:postgresql-init", "p-cpe:/a:novell:suse_linux:11:postgresql-server", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_POSTGRESQL-120820.NASL", "href": "https://www.tenable.com/plugins/nessus/64216", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64216);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2655\", \"CVE-2012-3488\", \"CVE-2012-3489\");\n\n script_name(english:\"SuSE 11.1 Security Update : PostgreSQL (SAT Patch Number 6697)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update provides PostgreSQL 8.3.20. As part of this update, the\npackaging scheme has been changed to accomodate an optional parallel\ninstallation of newer PostgreSQL versions.\n\nThe changes in 8.3.20 are :\n\n - Prevent access to external files/URLs via XML entity\n references. xml_parse() would attempt to fetch external\n files or URLs as needed to resolve DTD and entity\n references in an XML value, thus allowing unprivileged\n database users to attempt to fetch data with the\n privileges of the database server. (CVE-2012-3489,\n bnc#776524)\n\n - Prevent access to external files/URLs via\n 'contrib/xml2''s xslt_process(). libxslt offers the\n ability to read and write both files and URLs through\n stylesheet commands, thus allowing unprivileged database\n users to both read and write data with the privileges of\n the database server. Disable that through proper use of\n libxslt's security options. (CVE-2012-3488, bnc#776523).\n Also, remove xslt_process()'s ability to fetch documents\n and stylesheets from external files/URLs.\n\n - Fix incorrect password transformation in\n contrib/pgcrypto's DES crypt() function. If a password\n string contained the byte value 0x80, the remainder of\n the password was ignored, causing the password to be\n much weaker than it appeared. With this fix, the rest of\n the string is properly included in the DES hash. Any\n stored password values that are affected by this bug\n will thus no longer match, so the stored values may need\n to be updated. (CVE-2012-2143)\n\n - Ignore SECURITY DEFINER and SET attributes for a\n procedural language's call handler. Applying such\n attributes to a call handler could crash the server.\n (CVE-2012-2655)\n\n - Allow numeric timezone offsets in timestamp input to be\n up to 16 hours away from UTC. Some historical time zones\n have offsets larger than 15 hours, the previous limit.\n This could result in dumped data values being rejected\n during reload.\n\n - Fix timestamp conversion to cope when the given time is\n exactly the last DST transition time for the current\n timezone. This oversight has been there a long time, but\n was not noticed previously because most DST-using zones\n are presumed to have an indefinite sequence of future\n DST transitions.\n\n - Fix text to name and char to name casts to perform\n string truncation correctly in multibyte encodings.\n\n - Fix memory copying bug in to_tsquery().\n\n - Fix slow session startup when pg_attribute is very\n large. If pg_attribute exceeds one-fourth of\n shared_buffers, cache rebuilding code that is sometimes\n needed during session start would trigger the\n synchronized-scan logic, causing it to take many times\n longer than normal. The problem was particularly acute\n if many new sessions were starting at once.\n\n - Ensure sequential scans check for query cancel\n reasonably often. A scan encountering many consecutive\n pages that contain no live tuples would not respond to\n interrupts meanwhile.\n\n - Show whole-row variables safely when printing views or\n rules. Corner cases involving ambiguous names (that is,\n the name could be either a table or column name of the\n query) were printed in an ambiguous way, risking that\n the view or rule would be interpreted differently after\n dump and reload. Avoid the ambiguous case by attaching a\n no-op cast.\n\n - Ensure autovacuum worker processes perform stack depth\n checking properly. Previously, infinite recursion in a\n function invoked by auto-ANALYZE could crash worker\n processes.\n\n - Fix logging collector to not lose log coherency under\n high load. The collector previously could fail to\n reassemble large messages if it got too busy.\n\n - Fix logging collector to ensure it will restart file\n rotation after receiving SIGHUP.\n\n - Fix PL/pgSQL's GET DIAGNOSTICS command when the target\n is the function's first variable.\n\n - Fix several performance problems in pg_dump when the\n database contains many objects. pg_dump could get very\n slow if the database contained many schemas, or if many\n objects are in dependency loops, or if there are many\n owned sequences.\n\n - Fix contrib/dblink's dblink_exec() to not leak temporary\n database connections upon error.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=760511\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=765069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=766799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=767505\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=770193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=773771\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=774616\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=774617\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=775399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=775402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=776523\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=776524\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-2143.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-2655.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-3488.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-3489.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 6697.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:postgresql-init\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"postgresql-8.3.20-0.4.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"postgresql-init-9.1-0.6.10.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"postgresql-8.3.20-0.4.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"postgresql-init-9.1-0.6.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"postgresql-8.3.20-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"postgresql-contrib-8.3.20-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"postgresql-docs-8.3.20-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"postgresql-init-9.1-0.6.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"postgresql-server-8.3.20-0.4.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2021-08-19T12:49:25", "description": "- Security and bugfix release 9.1.5 :\n\n - Ignore SECURITY DEFINER and SET attributes for a procedural language's call handler (CVE-2012-2655) bnc#765069\n\n - Fix incorrect password transformation in 'contrib/pgcrypto''s DES crypt() function (CVE-2012-2143) bnc#766799\n\n - Prevent access to external files/URLs via 'contrib/xml2''s xslt_process() (CVE-2012-3488) bnc#776523\n\n - Prevent access to external files/URLs via XML entity references (CVE-2012-3489) bnc#776524\n\n - See the release notes for the rest of the changes:\n http://www.postgresql.org/docs/9.1/static/release.html /usr/share/doc/packages/postgresql/HISTORY", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : postgresql / postgresql-libs (openSUSE-SU-2012:1251-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2655", "CVE-2012-3488", "CVE-2012-3489"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libecpg6", "p-cpe:/a:novell:opensuse:libecpg6-debuginfo", "p-cpe:/a:novell:opensuse:libpq5", "p-cpe:/a:novell:opensuse:libpq5-32bit", "p-cpe:/a:novell:opensuse:libpq5-debuginfo", "p-cpe:/a:novell:opensuse:libpq5-debuginfo-32bit", "p-cpe:/a:novell:opensuse:postgresql", "p-cpe:/a:novell:opensuse:postgresql-contrib", "p-cpe:/a:novell:opensuse:postgresql-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-debugsource", "p-cpe:/a:novell:opensuse:postgresql-devel", "p-cpe:/a:novell:opensuse:postgresql-devel-32bit", "p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo-32bit", "p-cpe:/a:novell:opensuse:postgresql-libs-debugsource", "p-cpe:/a:novell:opensuse:postgresql-plperl", "p-cpe:/a:novell:opensuse:postgresql-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-plpython", "p-cpe:/a:novell:opensuse:postgresql-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-pltcl", "p-cpe:/a:novell:opensuse:postgresql-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-server", "p-cpe:/a:novell:opensuse:postgresql-server-debuginfo", "cpe:/o:novell:opensuse:12.1"], "id": "OPENSUSE-2012-650.NASL", "href": "https://www.tenable.com/plugins/nessus/74766", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-650.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74766);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2655\", \"CVE-2012-3488\", \"CVE-2012-3489\");\n\n script_name(english:\"openSUSE Security Update : postgresql / postgresql-libs (openSUSE-SU-2012:1251-1)\");\n script_summary(english:\"Check for the openSUSE-2012-650 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Security and bugfix release 9.1.5 :\n\n - Ignore SECURITY DEFINER and SET attributes for a\n procedural language's call handler (CVE-2012-2655)\n bnc#765069\n\n - Fix incorrect password transformation in\n 'contrib/pgcrypto''s DES crypt() function\n (CVE-2012-2143) bnc#766799\n\n - Prevent access to external files/URLs via\n 'contrib/xml2''s xslt_process() (CVE-2012-3488)\n bnc#776523\n\n - Prevent access to external files/URLs via XML entity\n references (CVE-2012-3489) bnc#776524\n\n - See the release notes for the rest of the changes:\n http://www.postgresql.org/docs/9.1/static/release.html\n /usr/share/doc/packages/postgresql/HISTORY\"\n );\n # http://www.postgresql.org/docs/9.1/static/release.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.1/release.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=765069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=766797\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=776523\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=776524\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-09/msg00102.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql / postgresql-libs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-libs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libecpg6-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libecpg6-debuginfo-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libpq5-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libpq5-debuginfo-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-contrib-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-contrib-debuginfo-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-debuginfo-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-debugsource-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-devel-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-devel-debuginfo-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-libs-debugsource-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-plperl-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-plperl-debuginfo-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-plpython-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-plpython-debuginfo-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-pltcl-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-pltcl-debuginfo-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-server-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-server-debuginfo-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libpq5-32bit-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libpq5-debuginfo-32bit-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"postgresql-devel-32bit-9.1.5-3.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"postgresql-devel-debuginfo-32bit-9.1.5-3.10.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libecpg6 / libecpg6-debuginfo / libpq5-32bit / libpq5 / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2021-08-19T12:49:47", "description": "- Security and bugfix release 9.1.5 :\n\n - Ignore SECURITY DEFINER and SET attributes for a procedural language's call handler (CVE-2012-2655) bnc#765069\n\n - Fix incorrect password transformation in 'contrib/pgcrypto''s DES crypt() function (CVE-2012-2143) bnc#766799\n\n - Prevent access to external files/URLs via 'contrib/xml2''s xslt_process() (CVE-2012-3488) bnc#776523\n\n - Prevent access to external files/URLs via XML entity references (CVE-2012-3489) bnc#776524\n\n - See the release notes for the rest of the changes:\n http://www.postgresql.org/docs/9.1/static/release.html /usr/share/doc/packages/postgresql/HISTORY", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : postgresql / postgresql-libs (openSUSE-SU-2012:1288-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2655", "CVE-2012-3488", "CVE-2012-3489"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libecpg6", "p-cpe:/a:novell:opensuse:libecpg6-debuginfo", "p-cpe:/a:novell:opensuse:libpq5", "p-cpe:/a:novell:opensuse:libpq5-32bit", "p-cpe:/a:novell:opensuse:libpq5-debuginfo", "p-cpe:/a:novell:opensuse:libpq5-debuginfo-32bit", "p-cpe:/a:novell:opensuse:postgresql", "p-cpe:/a:novell:opensuse:postgresql-contrib", "p-cpe:/a:novell:opensuse:postgresql-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-debugsource", "p-cpe:/a:novell:opensuse:postgresql-devel", "p-cpe:/a:novell:opensuse:postgresql-devel-32bit", "p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo-32bit", "p-cpe:/a:novell:opensuse:postgresql-libs-debugsource", "p-cpe:/a:novell:opensuse:postgresql-plperl", "p-cpe:/a:novell:opensuse:postgresql-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-plpython", "p-cpe:/a:novell:opensuse:postgresql-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-pltcl", "p-cpe:/a:novell:opensuse:postgresql-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-server", "p-cpe:/a:novell:opensuse:postgresql-server-debuginfo", "cpe:/o:novell:opensuse:12.2"], "id": "OPENSUSE-2012-667.NASL", "href": "https://www.tenable.com/plugins/nessus/74769", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-667.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74769);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2655\", \"CVE-2012-3488\", \"CVE-2012-3489\");\n\n script_name(english:\"openSUSE Security Update : postgresql / postgresql-libs (openSUSE-SU-2012:1288-1)\");\n script_summary(english:\"Check for the openSUSE-2012-667 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Security and bugfix release 9.1.5 :\n\n - Ignore SECURITY DEFINER and SET attributes for a\n procedural language's call handler (CVE-2012-2655)\n bnc#765069\n\n - Fix incorrect password transformation in\n 'contrib/pgcrypto''s DES crypt() function\n (CVE-2012-2143) bnc#766799\n\n - Prevent access to external files/URLs via\n 'contrib/xml2''s xslt_process() (CVE-2012-3488)\n bnc#776523\n\n - Prevent access to external files/URLs via XML entity\n references (CVE-2012-3489) bnc#776524\n\n - See the release notes for the rest of the changes:\n http://www.postgresql.org/docs/9.1/static/release.html\n /usr/share/doc/packages/postgresql/HISTORY\"\n );\n # http://www.postgresql.org/docs/9.1/static/release.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.1/release.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=765069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=766797\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=776523\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=776524\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-10/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql / postgresql-libs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-libs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libecpg6-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libecpg6-debuginfo-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libpq5-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libpq5-debuginfo-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-contrib-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-contrib-debuginfo-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-debuginfo-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-debugsource-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-devel-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-devel-debuginfo-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-libs-debugsource-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-plperl-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-plperl-debuginfo-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-plpython-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-plpython-debuginfo-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-pltcl-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-pltcl-debuginfo-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-server-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-server-debuginfo-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libpq5-32bit-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libpq5-debuginfo-32bit-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"postgresql-devel-32bit-9.1.5-7.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"postgresql-devel-debuginfo-32bit-9.1.5-7.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libecpg6 / libecpg6-debuginfo / libpq5-32bit / libpq5 / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2021-08-19T12:50:06", "description": "This version upgrade of PostgreSQL fixes following issues :\n\n - Bugfix release 9.0.10 :\n\n - Fix planner's assignment of executor parameters, and fix executor's rescan logic for CTE plan nodes.\n\n - Improve page-splitting decisions in GiST indexes.\n\n - Fix cascading privilege revoke to stop if privileges are still held.\n\n - Improve error messages for Hot Standby misconfiguration errors.\n\n - Fix handling of SIGFPE when PL/Perl is in use.\n\n - Prevent PL/Perl from crashing if a recursive PL/Perl function is redefined while being executed.\n\n - Work around possible misoptimization in PL/Perl.\n\n - See also:\n http://www.postgresql.org/docs/9.0/static/release.html\n\n - Security and bugfix release 9.0.9 :\n\n - Prevent access to external files/URLs via contrib/xml2 (CVE-2012-3488, bnc#776523).\n\n - Prevent access to external files/URLs via XML entity references (CVE-2012-3489, bnc#776524).\n\n - Fix incorrect password transformation in contrib/pgcrypto (CVE-2012-2143, bnc#766799).\n\n - Ignore SECURITY DEFINER and SET attributes for a procedural language's call handler (CVE-2012-2655, bnc#765069).\n\n - See also:\n http://www.postgresql.org/docs/9.0/static/release.html\n\n - Rename postgresql-mkspecfiles to pre_checkin.sh", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : postgresql (openSUSE-SU-2012:1299-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2655", "CVE-2012-3488", "CVE-2012-3489"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libecpg6", "p-cpe:/a:novell:opensuse:libecpg6-debuginfo", "p-cpe:/a:novell:opensuse:libpq5", "p-cpe:/a:novell:opensuse:libpq5-32bit", "p-cpe:/a:novell:opensuse:libpq5-debuginfo", "p-cpe:/a:novell:opensuse:libpq5-debuginfo-32bit", "p-cpe:/a:novell:opensuse:postgresql", "p-cpe:/a:novell:opensuse:postgresql-contrib", "p-cpe:/a:novell:opensuse:postgresql-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-debugsource", "p-cpe:/a:novell:opensuse:postgresql-devel", "p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-libs-debugsource", "p-cpe:/a:novell:opensuse:postgresql-plperl", "p-cpe:/a:novell:opensuse:postgresql-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-plpython", "p-cpe:/a:novell:opensuse:postgresql-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-pltcl", "p-cpe:/a:novell:opensuse:postgresql-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-server", "p-cpe:/a:novell:opensuse:postgresql-server-debuginfo", "cpe:/o:novell:opensuse:11.4"], "id": "OPENSUSE-2012-675.NASL", "href": "https://www.tenable.com/plugins/nessus/74773", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-675.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74773);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2655\", \"CVE-2012-3488\", \"CVE-2012-3489\");\n\n script_name(english:\"openSUSE Security Update : postgresql (openSUSE-SU-2012:1299-1)\");\n script_summary(english:\"Check for the openSUSE-2012-675 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This version upgrade of PostgreSQL fixes following issues :\n\n - Bugfix release 9.0.10 :\n\n - Fix planner's assignment of executor parameters, and fix\n executor's rescan logic for CTE plan nodes.\n\n - Improve page-splitting decisions in GiST indexes.\n\n - Fix cascading privilege revoke to stop if privileges are\n still held.\n\n - Improve error messages for Hot Standby misconfiguration\n errors.\n\n - Fix handling of SIGFPE when PL/Perl is in use.\n\n - Prevent PL/Perl from crashing if a recursive PL/Perl\n function is redefined while being executed.\n\n - Work around possible misoptimization in PL/Perl.\n\n - See also:\n http://www.postgresql.org/docs/9.0/static/release.html\n\n - Security and bugfix release 9.0.9 :\n\n - Prevent access to external files/URLs via contrib/xml2\n (CVE-2012-3488, bnc#776523).\n\n - Prevent access to external files/URLs via XML entity\n references (CVE-2012-3489, bnc#776524).\n\n - Fix incorrect password transformation in\n contrib/pgcrypto (CVE-2012-2143, bnc#766799).\n\n - Ignore SECURITY DEFINER and SET attributes for a\n procedural language's call handler (CVE-2012-2655,\n bnc#765069).\n\n - See also:\n http://www.postgresql.org/docs/9.0/static/release.html\n\n - Rename postgresql-mkspecfiles to pre_checkin.sh\"\n );\n # http://www.postgresql.org/docs/9.0/static/release.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.0/release.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=765069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=766799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=776523\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=776524\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-10/msg00024.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-libs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libecpg6-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libecpg6-debuginfo-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libpq5-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libpq5-debuginfo-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"postgresql-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"postgresql-contrib-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"postgresql-contrib-debuginfo-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"postgresql-debuginfo-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"postgresql-debugsource-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"postgresql-devel-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"postgresql-devel-debuginfo-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"postgresql-libs-debugsource-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"postgresql-plperl-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"postgresql-plperl-debuginfo-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"postgresql-plpython-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"postgresql-plpython-debuginfo-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"postgresql-pltcl-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"postgresql-pltcl-debuginfo-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"postgresql-server-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"postgresql-server-debuginfo-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libpq5-32bit-9.0.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libpq5-debuginfo-32bit-9.0.10-17.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2021-08-19T12:57:01", "description": "The remote host is affected by the vulnerability described in GLSA-201209-24 (PostgreSQL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could spoof SSL connections. Furthermore, a remote authenticated attacker could cause a Denial of Service, read and write arbitrary files, inject SQL commands into dump scripts, or bypass database restrictions to execute database functions.\n A context-dependent attacker could more easily obtain access via authentication attempts with an initial substring of the intended password.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-29T00:00:00", "type": "nessus", "title": "GLSA-201209-24 : PostgreSQL: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868", "CVE-2012-2143", "CVE-2012-2655", "CVE-2012-3488", "CVE-2012-3489"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:postgresql-server", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201209-24.NASL", "href": "https://www.tenable.com/plugins/nessus/62380", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201209-24.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62380);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\", \"CVE-2012-2143\", \"CVE-2012-2655\", \"CVE-2012-3488\", \"CVE-2012-3489\");\n script_bugtraq_id(52188, 53729, 53812, 55072, 55074);\n script_xref(name:\"GLSA\", value:\"201209-24\");\n\n script_name(english:\"GLSA-201209-24 : PostgreSQL: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201209-24\n(PostgreSQL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PostgreSQL. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could spoof SSL connections. Furthermore, a remote\n authenticated attacker could cause a Denial of Service, read and write\n arbitrary files, inject SQL commands into dump scripts, or bypass\n database restrictions to execute database functions.\n A context-dependent attacker could more easily obtain access via\n authentication attempts with an initial substring of the intended\n password.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201209-24\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All PostgreSQL 9.1 server users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/postgresql-server-9.1.5'\n All PostgreSQL 9.0 server users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/postgresql-server-9.0.9'\n All PostgreSQL 8.4 server users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/postgresql-server-8.4.13'\n All PostgreSQL 8.3 server users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/postgresql-server-8.3.20'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-db/postgresql-server\", unaffected:make_list(\"ge 9.1.5\", \"rge 9.0.9\", \"rge 8.4.13\", \"rge 8.3.20\", \"rge 8.4.17\", \"rge 8.4.19\", \"rge 9.0.13\", \"rge 9.0.14\", \"rge 9.0.15\", \"rge 8.4.14\", \"rge 8.4.15\", \"rge 8.4.16\", \"rge 9.0.16\", \"rge 9.0.17\"), vulnerable:make_list(\"lt 9.1.5\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"PostgreSQL\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-09T13:18:51", "description": "The remote host is affected by the vulnerability described in GLSA-201209-03 (PHP: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, create arbitrary files, conduct directory traversal attacks, bypass protection mechanisms, or perform further attacks with unspecified impact.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2012-09-24T00:00:00", "type": "nessus", "title": "GLSA-201209-03 : PHP: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1398", "CVE-2011-3379", "CVE-2011-4566", "CVE-2011-4885", "CVE-2012-0057", "CVE-2012-0788", "CVE-2012-0789", "CVE-2012-0830", "CVE-2012-0831", "CVE-2012-1172", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2311", "CVE-2012-2335", "CVE-2012-2336", "CVE-2012-2386", "CVE-2012-2688", "CVE-2012-3365", "CVE-2012-3450"], "modified": "2022-03-28T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:php", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201209-03.NASL", "href": "https://www.tenable.com/plugins/nessus/62236", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201209-03.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62236);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/28\");\n\n script_cve_id(\n \"CVE-2011-1398\",\n \"CVE-2011-3379\",\n \"CVE-2011-4566\",\n \"CVE-2011-4885\",\n \"CVE-2012-0057\",\n \"CVE-2012-0788\",\n \"CVE-2012-0789\",\n \"CVE-2012-0830\",\n \"CVE-2012-0831\",\n \"CVE-2012-1172\",\n \"CVE-2012-1823\",\n \"CVE-2012-2143\",\n \"CVE-2012-2311\",\n \"CVE-2012-2335\",\n \"CVE-2012-2336\",\n \"CVE-2012-2386\",\n \"CVE-2012-2688\",\n \"CVE-2012-3365\",\n \"CVE-2012-3450\"\n );\n script_bugtraq_id(\n 47545,\n 49754,\n 50907,\n 51193,\n 51806,\n 51830,\n 51952,\n 51954,\n 52043,\n 53388,\n 53403,\n 53729,\n 54612,\n 54638,\n 54777,\n 55297\n );\n script_xref(name:\"GLSA\", value:\"201209-03\");\n script_xref(name:\"TRA\", value:\"TRA-2012-01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n\n script_name(english:\"GLSA-201209-03 : PHP: Multiple vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-201209-03\n(PHP: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PHP. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could execute arbitrary code with the privileges of\n the process, cause a Denial of Service condition, obtain sensitive\n information, create arbitrary files, conduct directory traversal attacks,\n bypass protection mechanisms, or perform further attacks with unspecified\n impact.\n \nWorkaround :\n\n There is no known workaround at this time.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/201209-03\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/research/tra-2012-01\");\n script_set_attribute(attribute:\"solution\", value:\n\"All PHP users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.3.15'\n All PHP users on ARM should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.4.5'\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP CGI Argument Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-lang/php\", unaffected:make_list(\"ge 5.3.15\", \"ge 5.4.5\"), vulnerable:make_list(\"lt 5.3.15\", \"lt 5.4.5\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"PHP\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-09T13:20:57", "description": "The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2012-004 applied. This update contains multiple security-related fixes for the following components :\n\n - Apache\n - Data Security\n - DirectoryService\n - ImageIO\n - International Components for Unicode\n - Mail\n - PHP\n - QuickLook\n - QuickTime\n - Ruby", "cvss3": {"score": null, "vector": null}, "published": "2012-09-20T00:00:00", "type": "nessus", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2012-004) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3026", "CVE-2011-3048", "CVE-2011-3368", "CVE-2011-3389", "CVE-2011-3607", "CVE-2011-4317", "CVE-2011-4599", "CVE-2012-0021", "CVE-2012-0031", "CVE-2012-0053", "CVE-2012-0650", "CVE-2012-0668", "CVE-2012-0670", "CVE-2012-0671", "CVE-2012-0831", "CVE-2012-1172", "CVE-2012-1173", "CVE-2012-1667", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2311", "CVE-2012-2386", "CVE-2012-2688", "CVE-2012-3719", "CVE-2012-3722"], "modified": "2022-03-28T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2012-004.NASL", "href": "https://www.tenable.com/plugins/nessus/62213", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62213);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/28\");\n\n script_cve_id(\n \"CVE-2011-3026\",\n \"CVE-2011-3048\",\n \"CVE-2011-3368\",\n \"CVE-2011-3389\",\n \"CVE-2011-3607\",\n \"CVE-2011-4317\",\n \"CVE-2011-4599\",\n \"CVE-2012-0021\",\n \"CVE-2012-0031\",\n \"CVE-2012-0053\",\n \"CVE-2012-0650\",\n \"CVE-2012-0668\",\n \"CVE-2012-0670\",\n \"CVE-2012-0671\",\n \"CVE-2012-0831\",\n \"CVE-2012-1172\",\n \"CVE-2012-1173\",\n \"CVE-2012-1667\",\n \"CVE-2012-1823\",\n \"CVE-2012-2143\",\n \"CVE-2012-2311\",\n \"CVE-2012-2386\",\n \"CVE-2012-2688\",\n \"CVE-2012-3719\",\n \"CVE-2012-3722\"\n );\n script_bugtraq_id(\n 47545,\n 49778,\n 49957,\n 50494,\n 50802,\n 51006,\n 51407,\n 51705,\n 51706,\n 51954,\n 52049,\n 52830,\n 52891,\n 53388,\n 53403,\n 53579,\n 53582,\n 53584,\n 53729,\n 53772,\n 54638,\n 56240,\n 56241\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2012-09-19-2\");\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2012-004) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes multiple\nsecurity vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.6 that does not\nhave Security Update 2012-004 applied. This update contains multiple\nsecurity-related fixes for the following components :\n\n - Apache\n - Data Security\n - DirectoryService\n - ImageIO\n - International Components for Unicode\n - Mail\n - PHP\n - QuickLook\n - QuickTime\n - Ruby\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-12-185/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://seclists.org/fulldisclosure/2012/Nov/111\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5501\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/tls-cbc.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install Security Update 2012-004 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-2688\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP CGI Argument Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/07/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\nif (!ereg(pattern:\"Mac OS X 10\\.6([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.6\");\n\npackages = get_kb_item_or_exit(\"Host/MacOSX/packages/boms\", exit_code:1);\nif (\n egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\\.(2012\\.00[4-9]|201[3-9]\\.[0-9]+)(\\.snowleopard[0-9.]*)?\\.bom\", string:packages) ||\n egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\\.2012\\.004(\\.snowleopard)?\\.1\\.0\\.bom\", string:packages)\n) exit(0, \"The host has Security Update 2012-004 or later installed and is therefore not affected.\");\nelse\n{\n if (report_verbosity > 0)\n {\n security_boms = egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\", string:packages);\n\n report = '\\n Installed security updates : ';\n if (security_boms) report += str_replace(find:'\\n', replace:'\\n ', string:security_boms);\n else report += 'n/a';\n report += '\\n';\n\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-09T13:19:41", "description": "The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.5. The newer version contains multiple security-related fixes for the following components :\n\n - Apache\n - BIND\n - CoreText\n - Data Security\n - ImageIO\n - Installer\n - International Components for Unicode\n - Kernel\n - Mail\n - PHP\n - Profile Manager\n - QuickLook\n - QuickTime\n - Ruby\n - USB", "cvss3": {"score": null, "vector": null}, "published": "2012-09-20T00:00:00", "type": "nessus", "title": "Mac OS X 10.7.x < 10.7.5 Multiple Vulnerabilities (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3026", "CVE-2011-3048", "CVE-2011-3368", "CVE-2011-3389", "CVE-2011-3607", "CVE-2011-4313", "CVE-2011-4317", "CVE-2011-4599", "CVE-2012-0021", "CVE-2012-0031", "CVE-2012-0053", "CVE-2012-0643", "CVE-2012-0652", "CVE-2012-0668", "CVE-2012-0670", "CVE-2012-0671", "CVE-2012-0831", "CVE-2012-1172", "CVE-2012-1173", "CVE-2012-1667", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2311", "CVE-2012-2386", "CVE-2012-2688", "CVE-2012-3716", "CVE-2012-3719", "CVE-2012-3721", "CVE-2012-3722", "CVE-2012-3723"], "modified": "2022-03-28T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_7_5.NASL", "href": "https://www.tenable.com/plugins/nessus/62214", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62214);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/28\");\n\n script_cve_id(\n \"CVE-2011-3026\",\n \"CVE-2011-3048\",\n \"CVE-2011-3368\",\n \"CVE-2011-3389\",\n \"CVE-2011-3607\",\n \"CVE-2011-4313\",\n \"CVE-2011-4317\",\n \"CVE-2011-4599\",\n \"CVE-2012-0021\",\n \"CVE-2012-0031\",\n \"CVE-2012-0053\",\n \"CVE-2012-0643\",\n \"CVE-2012-0652\",\n \"CVE-2012-0668\",\n \"CVE-2012-0670\",\n \"CVE-2012-0671\",\n \"CVE-2012-0831\",\n \"CVE-2012-1172\",\n \"CVE-2012-1173\",\n \"CVE-2012-1667\",\n \"CVE-2012-1823\",\n \"CVE-2012-2143\",\n \"CVE-2012-2311\",\n \"CVE-2012-2386\",\n \"CVE-2012-2688\",\n \"CVE-2012-3716\",\n \"CVE-2012-3719\",\n \"CVE-2012-3721\",\n \"CVE-2012-3722\",\n \"CVE-2012-3723\"\n );\n script_bugtraq_id(\n 47545,\n 49778,\n 49957,\n 50494,\n 50690,\n 50802,\n 51006,\n 51407,\n 51705,\n 51706,\n 51954,\n 52049,\n 52364,\n 52830,\n 52891,\n 53388,\n 53403,\n 53445,\n 53457,\n 53579,\n 53582,\n 53584,\n 53729,\n 53772,\n 54638,\n 56241,\n 56244,\n 56246,\n 56247\n );\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n\n script_name(english:\"Mac OS X 10.7.x < 10.7.5 Multiple Vulnerabilities (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes multiple\nsecurity vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.7.x that is prior\nto 10.7.5. The newer version contains multiple security-related fixes\nfor the following components :\n\n - Apache\n - BIND\n - CoreText\n - Data Security\n - ImageIO\n - Installer\n - International Components for Unicode\n - Kernel\n - Mail\n - PHP\n - Profile Manager\n - QuickLook\n - QuickTime\n - Ruby\n - USB\");\n script_set_attribute(attribute:\"see_also\", value:\"http://seclists.org/bugtraq/2012/Sep/94\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5501\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/tls-cbc.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mac OS X 10.7.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-2688\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'PHP CGI Argument Injection');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/07/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Mac OS X\" >!< os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (ereg(pattern:\"Mac OS X 10\\.7($|\\.[0-4]([^0-9]|$))\", string:os)) security_hole(0);\nelse exit(0, \"The host is not affected as it is running \"+os+\".\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:56:52", "description": "The remote host is running a version of Mac OS X 10.7 that is older than version 10.7.5. The newer version contains numerous security-related fixes for the following components :\n\n - Apache\n\n - BIND\n\n - CoreText\n\n - Data Security\n\n - ImageIO\n\n - Installer\n\n - International Components for Unicode\n\n - Kernel\n\n - Mail\n\n - PHP\n\n - Profile Manager\n\n - QuickLook\n\n - QuickTime\n\n - Ruby\n\n - USB", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2012-09-21T00:00:00", "type": "nessus", "title": "Mac OS X 10.7 < 10.7.5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1823", "CVE-2011-4313", "CVE-2012-0021", "CVE-2011-3026", "CVE-2011-3048", "CVE-2011-4599", "CVE-2012-1173", "CVE-2012-3722", "CVE-2011-3389", "CVE-2011-3368", "CVE-2011-3607", "CVE-2012-0031", "CVE-2012-0053", "CVE-2012-1667", "CVE-2011-4317", "CVE-2012-2143", "CVE-2012-1172", "CVE-2012-2386", "CVE-2012-0831", "CVE-2012-2688", "CVE-2012-2311", "CVE-2012-0643", "CVE-2012-0671", "CVE-2012-3719", "CVE-2012-3723", "CVE-2012-0652", "CVE-2012-3721", "CVE-2012-0670", "CVE-2012-0668", "CVE-2012-3716"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "6583.PRM", "href": "https://www.tenable.com/plugins/nnm/6583", "sourceData": "Binary data 6583.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:38:32", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-03T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2012-9762", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2386", "CVE-2012-2143"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864528", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864528", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2012-9762\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083376.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864528\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-03 10:24:51 +0530 (Tue, 03 Jul 2012)\");\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-9762\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2012-9762\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php-eaccelerator'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"php-eaccelerator on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~9.fc16.6\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-03T00:00:00", "type": "openvas", "title": "Mandriva Update for php MDVSA-2012:093 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2386", "CVE-2012-2143"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831576", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831576", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for php MDVSA-2012:093 (php)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:093\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831576\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-03 09:50:26 +0530 (Fri, 03 Aug 2012)\");\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"MDVSA\", value:\"2012:093\");\n script_name(\"Mandriva Update for php MDVSA-2012:093 (php)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(2011\\.0|mes5\\.2|2010\\.1)\");\n script_tag(name:\"affected\", value:\"php on Mandriva Linux 2011.0,\n Mandriva Enterprise Server 5.2,\n Mandriva Linux 2010.1\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been identified and fixed in php:\n\n There is a programming error in the DES implementation used in crypt()\n in ext/standard/crypt_freesec.c when handling input which contains\n characters that can not be represented with 7-bit ASCII. When the input\n contains characters with only the most significant bit set (0x80), that\n character and all characters after it will be ignored (CVE-2012-2143).\n\n An integer overflow, leading to heap-based buffer overflow was found in\n the way Phar extension of the PHP scripting language processed certain\n fields by manipulating TAR files. A remote attacker could provide a\n specially-crafted TAR archive file, which once processed in an PHP\n application using the Phar extension could lead to denial of service\n (application crash), or, potentially arbitrary code execution with\n the privileges of the user running the application (CVE-2012-2386).\n\n The updated php packages have been upgraded to the 5.3.14 version\n which is not vulnerable to these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqlnd\", rpm:\"php-mysqlnd~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqlnd\", rpm:\"php-mysqlnd~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqlnd\", rpm:\"php-mysqlnd~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-11T11:06:53", "description": "Check for the Version of php-eaccelerator", "cvss3": {}, "published": "2012-07-03T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2012-9762", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2386", "CVE-2012-2143"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:864528", "href": "http://plugins.openvas.org/nasl.php?oid=864528", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2012-9762\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"php-eaccelerator on Fedora 16\";\ntag_insight = \"eAccelerator is a further development of the MMCache PHP Accelerator & Encoder.\n It increases performance of PHP scripts by caching them in compiled state, so\n that the overhead of compiling is almost completely eliminated.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083376.html\");\n script_id(864528);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-03 10:24:51 +0530 (Tue, 03 Jul 2012)\");\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-9762\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2012-9762\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php-eaccelerator\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~9.fc16.6\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:57:35", "description": "Check for the Version of php", "cvss3": {}, "published": "2012-08-03T00:00:00", "type": "openvas", "title": "Mandriva Update for php MDVSA-2012:093 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2386", "CVE-2012-2143"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:831576", "href": "http://plugins.openvas.org/nasl.php?oid=831576", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for php MDVSA-2012:093 (php)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been identified and fixed in php:\n\n There is a programming error in the DES implementation used in crypt()\n in ext/standard/crypt_freesec.c when handling input which contains\n characters that can not be represented with 7-bit ASCII. When the input\n contains characters with only the most significant bit set (0x80), that\n character and all characters after it will be ignored (CVE-2012-2143).\n\n An integer overflow, leading to heap-based buffer overflow was found in\n the way Phar extension of the PHP scripting language processed certain\n fields by manipulating TAR files. A remote attacker could provide a\n specially-crafted TAR archive file, which once processed in an PHP\n application using the Phar extension could lead to denial of service\n (application crash), or, potentially arbitrary code execution with\n the privileges of the user running the application (CVE-2012-2386).\n\n The updated php packages have been upgraded to the 5.3.14 version\n which is not vulnerable to these issues.\";\n\ntag_affected = \"php on Mandriva Linux 2011.0,\n Mandriva Enterprise Server 5.2,\n Mandriva Linux 2010.1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:093\");\n script_id(831576);\n script_version(\"$Revision: 8249 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 07:29:56 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-03 09:50:26 +0530 (Fri, 03 Aug 2012)\");\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2012:093\");\n script_name(\"Mandriva Update for php MDVSA-2012:093 (php)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqlnd\", rpm:\"php-mysqlnd~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.14~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqlnd\", rpm:\"php-mysqlnd~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.14~0.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php\", rpm:\"apache-mod_php~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-doc\", rpm:\"php-doc~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-enchant\", rpm:\"php-enchant~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fileinfo\", rpm:\"php-fileinfo~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ini\", rpm:\"php-ini~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysqlnd\", rpm:\"php-mysqlnd~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-phar\", rpm:\"php-phar~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite3\", rpm:\"php-sqlite3~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sybase_ct\", rpm:\"php-sybase_ct~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zip\", rpm:\"php-zip~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.3.14~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-08T12:56:52", "description": "Check for the Version of maniadrive", "cvss3": {}, "published": "2012-07-03T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2012-9762", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2386", "CVE-2012-2143"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:864516", "href": "http://plugins.openvas.org/nasl.php?oid=864516", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2012-9762\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"maniadrive on Fedora 16\";\ntag_insight = \"ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous\n gameplay (tracks almost never exceed one minute). Features: Complex car\n physics, Challenging "story mode", LAN and Internet mode, Live scores,\n Track editor, Dedicated server with HTTP interface and More than 30 blocks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083374.html\");\n script_id(864516);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-03 10:24:04 +0530 (Tue, 03 Jul 2012)\");\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-9762\");\n script_name(\"Fedora Update for maniadrive FEDORA-2012-9762\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of maniadrive\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~32.fc16.6\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:56:33", "description": "Check for the Version of maniadrive", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2012-9490", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2386", "CVE-2012-2143"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:864518", "href": "http://plugins.openvas.org/nasl.php?oid=864518", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2012-9490\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"maniadrive on Fedora 17\";\ntag_insight = \"ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous\n gameplay (tracks almost never exceed one minute). Features: Complex car\n physics, Challenging "story mode", LAN and Internet mode, Live scores,\n Track editor, Dedicated server with HTTP interface and More than 30 blocks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/083317.html\");\n script_id(864518);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:24:15 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-9490\");\n script_name(\"Fedora Update for maniadrive FEDORA-2012-9490\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of maniadrive\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~41.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2012-9490", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2386", "CVE-2012-2143"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864518", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864518", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2012-9490\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/083317.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864518\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:24:15 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-9490\");\n script_name(\"Fedora Update for maniadrive FEDORA-2012-9490\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'maniadrive'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"maniadrive on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~41.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T23:03:16", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-95)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2386", "CVE-2012-2143"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120098", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120098", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120098\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:17:22 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-95)\");\n script_tag(name:\"insight\", value:\"Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow. The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password.\");\n script_tag(name:\"solution\", value:\"Run yum update php to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-95.html\");\n script_cve_id(\"CVE-2012-2386\", \"CVE-2012-2143\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"php-intl\", rpm:\"php-intl~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-embedded\", rpm:\"php-embedded~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-process\", rpm:\"php-process~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-fpm\", rpm:\"php-fpm~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-mysqlnd\", rpm:\"php-mysqlnd~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.3.14~2.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-03T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2012-9762", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2386", "CVE-2012-2143"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864516", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864516", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2012-9762\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083374.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864516\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-03 10:24:04 +0530 (Tue, 03 Jul 2012)\");\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-9762\");\n script_name(\"Fedora Update for maniadrive FEDORA-2012-9762\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'maniadrive'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"maniadrive on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~32.fc16.6\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:56:51", "description": "Check for the Version of php", "cvss3": {}, "published": "2012-07-03T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2012-9762", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2012-1823", "CVE-2012-2143"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:864523", "href": "http://plugins.openvas.org/nasl.php?oid=864523", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2012-9762\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated web pages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\n\ntag_affected = \"php on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083375.html\");\n script_id(864523);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-03 10:24:31 +0530 (Tue, 03 Jul 2012)\");\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\", \"CVE-2012-2311\", \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-9762\");\n script_name(\"Fedora Update for php FEDORA-2012-9762\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.14~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-03T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2012-9762", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2012-1823", "CVE-2012-2143"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864523", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864523", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2012-9762\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083375.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864523\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-03 10:24:31 +0530 (Tue, 03 Jul 2012)\");\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2386\", \"CVE-2012-2311\", \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-9762\");\n script_name(\"Fedora Update for php FEDORA-2012-9762\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"php on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.14~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2012-9490", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2329"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864517", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864517", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2012-9490\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/083318.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864517\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:24:06 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-2311\", \"CVE-2012-2329\", \"CVE-2012-1823\", \"CVE-2012-2143\", \"CVE-2012-2386\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-9490\");\n script_name(\"Fedora Update for php FEDORA-2012-9490\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"php on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.4~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:57:26", "description": "Check for the Version of php", "cvss3": {}, "published": "2012-08-06T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2012-10908", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2688"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:864593", "href": "http://plugins.openvas.org/nasl.php?oid=864593", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2012-10908\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated web pages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\n\ntag_affected = \"php on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-August/084629.html\");\n script_id(864593);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-06 11:22:18 +0530 (Mon, 06 Aug 2012)\");\n script_cve_id(\"CVE-2012-2688\", \"CVE-2012-2143\", \"CVE-2012-2386\", \"CVE-2012-2311\",\n \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2012-10908\");\n script_name(\"Fedora Update for php FEDORA-2012-10908\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.15~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-03T10:58:03", "description": "Check for the Version of php", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2012-9490", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2329"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:864517", "href": "http://plugins.openvas.org/nasl.php?oid=864517", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2012-9490\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated web pages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\n\ntag_affected = \"php on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/083318.html\");\n script_id(864517);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:24:06 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-2311\", \"CVE-2012-2329\", \"CVE-2012-1823\", \"CVE-2012-2143\", \"CVE-2012-2386\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-9490\");\n script_name(\"Fedora Update for php FEDORA-2012-9490\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.4~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-06T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2012-10908", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2688"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864593", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864593", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2012-10908\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-August/084629.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864593\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-06 11:22:18 +0530 (Mon, 06 Aug 2012)\");\n script_cve_id(\"CVE-2012-2688\", \"CVE-2012-2143\", \"CVE-2012-2386\", \"CVE-2012-2311\",\n \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2012-10908\");\n script_name(\"Fedora Update for php FEDORA-2012-10908\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"php on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.15~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:05", "description": "The remote host is missing an update to php5\nannounced via advisory DSA 2492-1.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2492-1 (php5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2386"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231071470", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071470", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2492_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2492-1 (php5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71470\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2012-2386\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:04:50 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Debian Security Advisory DSA 2492-1 (php5)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202492-1\");\n script_tag(name:\"insight\", value:\"The Phar extension for PHP does not properly handle crafted tar files,\nleading to a heap-based buffer overflow. PHP applications processing\ntar files could crash or, potentially, execute arbitrary code.\n\nIn addition, this update addresses a regression which caused a crash\nwhen accessing a global object that is returned as $this from __get.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 5.3.3-7+squeeze13.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), this problem has been fixed in version 5.4.4~rc1-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your php5 packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to php5\nannounced via advisory DSA 2492-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.4-2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:50:56", "description": "The remote host is missing an update to php5\nannounced via advisory DSA 2492-1.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2492-1 (php5)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2386"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71470", "href": "http://plugins.openvas.org/nasl.php?oid=71470", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2492_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2492-1 (php5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Phar extension for PHP does not properly handle crafted tar files,\nleading to a heap-based buffer overflow. PHP applications processing\ntar files could crash or, potentially, execute arbitrary code.\n\nIn addition, this update addresses a regression which caused a crash\nwhen accessing a global object that is returned as $this from __get.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 5.3.3-7+squeeze13.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), this problem has been fixed in version 5.4.4~rc1-1.\n\nWe recommend that you upgrade your php5 packages.\";\ntag_summary = \"The remote host is missing an update to php5\nannounced via advisory DSA 2492-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202492-1\";\n\nif(description)\n{\n script_id(71470);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2012-2386\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:04:50 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Debian Security Advisory DSA 2492-1 (php5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.3-7+squeeze13\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libphp5-embed\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-fpm\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-imap\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-interbase\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mcrypt\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-mysqlnd\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.4.4-2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:29", "description": "This host is running PHP and is prone to heap buffer overflow\n vulnerability.", "cvss3": {}, "published": "2013-03-21T00:00:00", "type": "openvas", "title": "PHP 'phar/tar.c' Heap Buffer Overflow Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2386"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310803342", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803342", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_php_heap_bof_vuln_win.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# PHP 'phar/tar.c' Heap Buffer Overflow Vulnerability (Windows)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803342\");\n script_version(\"$Revision: 11865 $\");\n script_cve_id(\"CVE-2012-2386\");\n script_bugtraq_id(47545);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-21 18:05:46 +0530 (Thu, 21 Mar 2013)\");\n script_name(\"PHP 'phar/tar.c' Heap Buffer Overflow Vulnerability (Windows)\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/ChangeLog-5.php\");\n script_xref(name:\"URL\", value:\"http://en.securitylab.ru/nvd/426726.php\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/cve_reference/CVE-2012-2386\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"os_detection.nasl\", \"gb_php_detect.nasl\");\n script_mandatory_keys(\"php/installed\", \"Host/runs_windows\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code\n or cause a denial-of-service condition via specially crafted TAR file.\");\n\n script_tag(name:\"affected\", value:\"PHP version before 5.3.14 and 5.4.x before 5.4.4\");\n\n script_tag(name:\"insight\", value:\"Flaw related to overflow in phar_parse_tarfile()function in ext/phar/tar.c\n in the phar extension.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to PHP 5.4.4 or 5.3.14 or later.\");\n\n script_tag(name:\"summary\", value:\"This host is running PHP and is prone to heap buffer overflow\n vulnerability.\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.php.net/downloads.php\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( phpPort = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! phpVer = get_app_version( cpe:CPE, port:phpPort ) ) exit( 0 );\n\nif(version_is_less(version:phpVer, test_version:\"5.3.14\")||\n version_in_range(version:phpVer, test_version:\"5.4\", test_version2: \"5.4.3\")){\n report = report_fixed_ver(installed_version:phpVer, fixed_version:\"5.3.14/5.4.4\");\n security_message(data:report, port:phpPort);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-02T21:10:40", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2012-05-31T00:00:00", "type": "openvas", "title": "FreeBSD Ports: postgresql-server", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143"], "modified": "2017-04-21T00:00:00", "id": "OPENVAS:71362", "href": "http://plugins.openvas.org/nasl.php?oid=71362", "sourceData": "#\n#VID a8864f8f-aa9e-11e1-a284-0023ae8e59f0\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID a8864f8f-aa9e-11e1-a284-0023ae8e59f0\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: postgresql-server\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.postgresql.org/about/news/1397/\nhttp://git.postgresql.org/gitweb/?p=postgresql.git;a=patch;h=932ded2ed51e8333852e370c7a6dad75d9f236f9\nhttp://www.vuxml.org/freebsd/a8864f8f-aa9e-11e1-a284-0023ae8e59f0.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(71362);\n script_cve_id(\"CVE-2012-2143\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_version(\"$Revision: 5999 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-21 11:02:32 +0200 (Fri, 21 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-31 11:53:50 -0400 (Thu, 31 May 2012)\");\n script_name(\"FreeBSD Ports: postgresql-server\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"postgresql-server\");\nif(!isnull(bver) && revcomp(a:bver, b:\"8.3\")>0 && revcomp(a:bver, b:\"8.3.18_1\")<0) {\n txt += \"Package postgresql-server version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"8.4\")>0 && revcomp(a:bver, b:\"8.4.11_1\")<0) {\n txt += \"Package postgresql-server version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"9.0\")>0 && revcomp(a:bver, b:\"9.0.7_2\")<0) {\n txt += \"Package postgresql-server version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"9.1\")>0 && revcomp(a:bver, b:\"9.1.3_1\")<0) {\n txt += \"Package postgresql-server version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"9.2\")>0 && revcomp(a:bver, b:\"9.2.b1_1\")<0) {\n txt += \"Package postgresql-server version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt ));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:36:53", "description": "Oracle Linux Local Security Checks ELSA-2012-1036", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1036", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123897", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123897", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1036.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123897\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:10:00 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1036\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1036 - postgresql security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1036\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1036.html\");\n script_cve_id(\"CVE-2012-2143\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.1.23~5.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.1.23~5.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.1.23~5.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.1.23~5.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.1.23~5.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-pl\", rpm:\"postgresql-pl~8.1.23~5.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-python\", rpm:\"postgresql-python~8.1.23~5.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.1.23~5.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-tcl\", rpm:\"postgresql-tcl~8.1.23~5.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~8.1.23~5.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:38:42", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2012-05-31T00:00:00", "type": "openvas", "title": "FreeBSD Ports: postgresql-server", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:136141256231071362", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071362", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_postgresql-server1.nasl 14170 2019-03-14 09:24:12Z cfischer $\n#\n# Auto generated from VID a8864f8f-aa9e-11e1-a284-0023ae8e59f0\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71362\");\n script_cve_id(\"CVE-2012-2143\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_version(\"$Revision: 14170 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 10:24:12 +0100 (Thu, 14 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-31 11:53:50 -0400 (Thu, 31 May 2012)\");\n script_name(\"FreeBSD Ports: postgresql-server\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: postgresql-server\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.postgresql.org/about/news/1397/\");\n script_xref(name:\"URL\", value:\"http://git.postgresql.org/gitweb/?p=postgresql.git;a=patch;h=932ded2ed51e8333852e370c7a6dad75d9f236f9\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/a8864f8f-aa9e-11e1-a284-0023ae8e59f0.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"postgresql-server\");\nif(!isnull(bver) && revcomp(a:bver, b:\"8.3\")>0 && revcomp(a:bver, b:\"8.3.18_1\")<0) {\n txt += \"Package postgresql-server version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"8.4\")>0 && revcomp(a:bver, b:\"8.4.11_1\")<0) {\n txt += \"Package postgresql-server version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"9.0\")>0 && revcomp(a:bver, b:\"9.0.7_2\")<0) {\n txt += \"Package postgresql-server version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"9.1\")>0 && revcomp(a:bver, b:\"9.1.3_1\")<0) {\n txt += \"Package postgresql-server version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"9.2\")>0 && revcomp(a:bver, b:\"9.2.b1_1\")<0) {\n txt += \"Package postgresql-server version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2017-07-02T21:10:44", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "FreeBSD Ports: FreeBSD", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143"], "modified": "2017-04-14T00:00:00", "id": "OPENVAS:71532", "href": "http://plugins.openvas.org/nasl.php?oid=71532", "sourceData": "#\n#VID 185ff22e-c066-11e1-b5e0-000c299b62e1\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 185ff22e-c066-11e1-b5e0-000c299b62e1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: FreeBSD\n\nCVE-2012-2143\nThe crypt_des (aka DES-based crypt) function in FreeBSD before\n9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does\nnot process the complete cleartext password if this password contains\na 0x80 character, which makes it easier for context-dependent\nattackers to obtain access via an authentication attempt with an\ninitial substring of the intended password, as demonstrated by a\nUnicode password.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(71532);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cve_id(\"CVE-2012-2143\");\n script_version(\"$Revision: 5956 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-14 11:02:12 +0200 (Fri, 14 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:17 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"FreeBSD Ports: FreeBSD\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"FreeBSD\");\nif(!isnull(bver) && revcomp(a:bver, b:\"7.4\")>=0 && revcomp(a:bver, b:\"7.4_8\")<0) {\n txt += \"Package FreeBSD version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"8.1\")>=0 && revcomp(a:bver, b:\"8.1_10\")<0) {\n txt += \"Package FreeBSD version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"8.2\")>=0 && revcomp(a:bver, b:\"8.2_8\")<0) {\n txt += \"Package FreeBSD version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"8.3\")>=0 && revcomp(a:bver, b:\"8.3_2\")<0) {\n txt += \"Package FreeBSD version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"9.0\")>=0 && revcomp(a:bver, b:\"9.0_2\")<0) {\n txt += \"Package FreeBSD version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt ));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:04", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "FreeBSD Ports: FreeBSD", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231071532", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071532", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_FreeBSD18.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 185ff22e-c066-11e1-b5e0-000c299b62e1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71532\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cve_id(\"CVE-2012-2143\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:17 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"FreeBSD Ports: FreeBSD\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: FreeBSD\n\nCVE-2012-2143\nThe crypt_des (aka DES-based crypt) function in FreeBSD before\n9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does\nnot process the complete cleartext password if this password contains\na 0x80 character, which makes it easier for context-dependent\nattackers to obtain access via an authentication attempt with an\ninitial substring of the intended password, as demonstrated by a\nUnicode password.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"FreeBSD\");\nif(!isnull(bver) && revcomp(a:bver, b:\"7.4\")>=0 && revcomp(a:bver, b:\"7.4_8\")<0) {\n txt += \"Package FreeBSD version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"8.1\")>=0 && revcomp(a:bver, b:\"8.1_10\")<0) {\n txt += \"Package FreeBSD version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"8.2\")>=0 && revcomp(a:bver, b:\"8.2_8\")<0) {\n txt += \"Package FreeBSD version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"8.3\")>=0 && revcomp(a:bver, b:\"8.3_2\")<0) {\n txt += \"Package FreeBSD version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"9.0\")>=0 && revcomp(a:bver, b:\"9.0_2\")<0) {\n txt += \"Package FreeBSD version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-17T23:03:15", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-91)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120298", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120298", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120298\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:23:06 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-91)\");\n script_tag(name:\"insight\", value:\"The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password.\");\n script_tag(name:\"solution\", value:\"Run yum update postgresql9 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-91.html\");\n script_cve_id(\"CVE-2012-2143\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"postgresql9-debuginfo\", rpm:\"postgresql9-debuginfo~9.1.4~1.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql9\", rpm:\"postgresql9~9.1.4~1.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql9-server\", rpm:\"postgresql9-server~9.1.4~1.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql9-libs\", rpm:\"postgresql9-libs~9.1.4~1.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql9-test\", rpm:\"postgresql9-test~9.1.4~1.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql9-contrib\", rpm:\"postgresql9-contrib~9.1.4~1.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql9-plpython\", rpm:\"postgresql9-plpython~9.1.4~1.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql9-plperl\", rpm:\"postgresql9-plperl~9.1.4~1.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql9-devel\", rpm:\"postgresql9-devel~9.1.4~1.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql9-pltcl\", rpm:\"postgresql9-pltcl~9.1.4~1.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"postgresql9-docs\", rpm:\"postgresql9-docs~9.1.4~1.21.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:39:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-28T00:00:00", "type": "openvas", "title": "RedHat Update for postgresql RHSA-2012:1036-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310870783", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870783", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for postgresql RHSA-2012:1036-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-June/msg00050.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870783\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-28 10:36:34 +0530 (Thu, 28 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cve_id(\"CVE-2012-2143\");\n script_xref(name:\"RHSA\", value:\"2012:1036-01\");\n script_name(\"RedHat Update for postgresql RHSA-2012:1036-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"postgresql on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"PostgreSQL is an advanced object-relational database management system\n (DBMS).\n\n A flaw was found in the way the crypt() password hashing function from the\n optional PostgreSQL pgcrypto contrib module performed password\n transformation when used with the DES algorithm. If the password string to\n be hashed contained the 0x80 byte value, the remainder of the string was\n ignored when calculating the hash, significantly reducing the password\n strength. This made brute-force guessing more efficient as the whole\n password was not required to gain access to protected resources.\n (CVE-2012-2143)\n\n Note: With this update, the rest of the string is properly included in the\n DES hash. Therefore, any previously stored password values that are\n affected by this issue will no longer match. In such cases, it will be\n necessary for those stored password hashes to be updated.\n\n Upstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters\n of this issue.\n\n All PostgreSQL users are advised to upgrade to these updated packages,\n which contain a backported patch to correct this issue. If the postgresql\n service is running, it will be automatically restarted after installing\n this update.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-debuginfo\", rpm:\"postgresql-debuginfo~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-pl\", rpm:\"postgresql-pl~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-python\", rpm:\"postgresql-python~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-tcl\", rpm:\"postgresql-tcl~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2018-01-02T10:56:39", "description": "Check for the Version of postgresql", "cvss3": {}, "published": "2012-06-28T00:00:00", "type": "openvas", "title": "RedHat Update for postgresql RHSA-2012:1036-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143"], "modified": "2018-01-01T00:00:00", "id": "OPENVAS:870783", "href": "http://plugins.openvas.org/nasl.php?oid=870783", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for postgresql RHSA-2012:1036-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PostgreSQL is an advanced object-relational database management system\n (DBMS).\n\n A flaw was found in the way the crypt() password hashing function from the\n optional PostgreSQL pgcrypto contrib module performed password\n transformation when used with the DES algorithm. If the password string to\n be hashed contained the 0x80 byte value, the remainder of the string was\n ignored when calculating the hash, significantly reducing the password\n strength. This made brute-force guessing more efficient as the whole\n password was not required to gain access to protected resources.\n (CVE-2012-2143)\n \n Note: With this update, the rest of the string is properly included in the\n DES hash; therefore, any previously stored password values that are\n affected by this issue will no longer match. In such cases, it will be\n necessary for those stored password hashes to be updated.\n \n Upstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters\n of this issue.\n \n All PostgreSQL users are advised to upgrade to these updated packages,\n which contain a backported patch to correct this issue. If the postgresql\n service is running, it will be automatically restarted after installing\n this update.\";\n\ntag_affected = \"postgresql on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-June/msg00050.html\");\n script_id(870783);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-28 10:36:34 +0530 (Thu, 28 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cve_id(\"CVE-2012-2143\");\n script_xref(name: \"RHSA\", value: \"2012:1036-01\");\n script_name(\"RedHat Update for postgresql RHSA-2012:1036-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of postgresql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-debuginfo\", rpm:\"postgresql-debuginfo~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-pl\", rpm:\"postgresql-pl~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-python\", rpm:\"postgresql-python~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-tcl\", rpm:\"postgresql-tcl~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~8.1.23~5.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:46", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for postgresql CESA-2012:1036 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881195", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881195", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for postgresql CESA-2012:1036 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-June/018698.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881195\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:40:08 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-2143\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name:\"CESA\", value:\"2012:1036\");\n script_name(\"CentOS Update for postgresql CESA-2012:1036 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"postgresql on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"PostgreSQL is an advanced object-relational database management system\n (DBMS).\n\n A flaw was found in the way the crypt() password hashing function from the\n optional PostgreSQL pgcrypto contrib module performed password\n transformation when used with the DES algorithm. If the password string to\n be hashed contained the 0x80 byte value, the remainder of the string was\n ignored when calculating the hash, significantly reducing the password\n strength. This made brute-force guessing more efficient as the whole\n password was not required to gain access to protected resources.\n (CVE-2012-2143)\n\n Note: With this update, the rest of the string is properly included in the\n DES hash. Therefore, any previously stored password values that are\n affected by this issue will no longer match. In such cases, it will be\n necessary for those stored password hashes to be updated.\n\n Upstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters\n of this issue.\n\n All PostgreSQL users are advised to upgrade to these updated packages,\n which contain a backported patch to correct this issue. If the postgresql\n service is running, it will be automatically restarted after installing\n this update.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-pl\", rpm:\"postgresql-pl~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-python\", rpm:\"postgresql-python~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-tcl\", rpm:\"postgresql-tcl~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2018-01-06T13:06:21", "description": "Check for the Version of postgresql", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for postgresql CESA-2012:1036 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:881195", "href": "http://plugins.openvas.org/nasl.php?oid=881195", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for postgresql CESA-2012:1036 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PostgreSQL is an advanced object-relational database management system\n (DBMS).\n\n A flaw was found in the way the crypt() password hashing function from the\n optional PostgreSQL pgcrypto contrib module performed password\n transformation when used with the DES algorithm. If the password string to\n be hashed contained the 0x80 byte value, the remainder of the string was\n ignored when calculating the hash, significantly reducing the password\n strength. This made brute-force guessing more efficient as the whole\n password was not required to gain access to protected resources.\n (CVE-2012-2143)\n \n Note: With this update, the rest of the string is properly included in the\n DES hash; therefore, any previously stored password values that are\n affected by this issue will no longer match. In such cases, it will be\n necessary for those stored password hashes to be updated.\n \n Upstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters\n of this issue.\n \n All PostgreSQL users are advised to upgrade to these updated packages,\n which contain a backported patch to correct this issue. If the postgresql\n service is running, it will be automatically restarted after installing\n this update.\";\n\ntag_affected = \"postgresql on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-June/018698.html\");\n script_id(881195);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:40:08 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-2143\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"CESA\", value: \"2012:1036\");\n script_name(\"CentOS Update for postgresql CESA-2012:1036 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of postgresql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-pl\", rpm:\"postgresql-pl~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-python\", rpm:\"postgresql-python~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-tcl\", rpm:\"postgresql-tcl~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~8.1.23~5.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:30", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2012-10936", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2688", "CVE-2012-2329"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864590", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864590", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2012-10936\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-August/084668.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864590\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 11:20:32 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-2688\", \"CVE-2012-2143\", \"CVE-2012-2386\", \"CVE-2012-2311\",\n \"CVE-2012-2329\", \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2012-10936\");\n script_name(\"Fedora Update for php FEDORA-2012-10936\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"php on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.5~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-18T11:07:47", "description": "Check for the Version of php", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2012-10936", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2688", "CVE-2012-2329"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:864590", "href": "http://plugins.openvas.org/nasl.php?oid=864590", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2012-10936\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated web pages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\n\ntag_affected = \"php on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-August/084668.html\");\n script_id(864590);\n script_version(\"$Revision: 8448 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:18:06 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 11:20:32 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-2688\", \"CVE-2012-2143\", \"CVE-2012-2386\", \"CVE-2012-2311\",\n \"CVE-2012-2329\", \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2012-10936\");\n script_name(\"Fedora Update for php FEDORA-2012-10936\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.5~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-26T11:10:12", "description": "Check for the Version of php", "cvss3": {}, "published": "2013-06-24T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2013-10233", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2013-1643", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2329", "CVE-2013-1635"], "modified": "2018-01-25T00:00:00", "id": "OPENVAS:866019", "href": "http://plugins.openvas.org/nasl.php?oid=866019", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2013-10233\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated web pages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\n\n\ntag_affected = \"php on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(866019);\n script_version(\"$Revision: 8526 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 07:57:37 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-24 14:49:08 +0530 (Mon, 24 Jun 2013)\");\n script_cve_id(\"CVE-2013-1643\", \"CVE-2013-1635\", \"CVE-2012-2143\", \"CVE-2012-2386\",\n \"CVE-2012-2311\", \"CVE-2012-2329\", \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for php FEDORA-2013-10233\");\n\n script_xref(name: \"FEDORA\", value: \"2013-10233\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-June/109692.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.16~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:20", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1481-1", "cvss3": {}, "published": "2012-06-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for php5 USN-1481-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2336", "CVE-2012-2386", "CVE-2012-2335", "CVE-2012-2143", "CVE-2012-0781", "CVE-2012-1172", "CVE-2012-2317"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841052", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841052", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1481_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for php5 USN-1481-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1481-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841052\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:28:12 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2012-0781\", \"CVE-2012-1172\", \"CVE-2012-2143\", \"CVE-2012-2317\",\n \"CVE-2012-2335\", \"CVE-2012-2336\", \"CVE-2012-2386\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"USN\", value:\"1481-1\");\n script_name(\"Ubuntu Update for php5 USN-1481-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.04 LTS|12\\.04 LTS|11\\.10|11\\.04|8\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1481-1\");\n script_tag(name:\"affected\", value:\"php5 on Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 11.04,\n Ubuntu 10.04 LTS,\n Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that PHP incorrectly handled certain Tidy::diagnose\n operations on invalid objects. A remote attacker could use this flaw to\n cause PHP to crash, leading to a denial of service. (CVE-2012-0781)\n\n It was discovered that PHP incorrectly handled certain multi-file upload\n filenames. A remote attacker could use this flaw to cause a denial of\n service, or to perform a directory traversal attack. (CVE-2012-1172)\n\n Rubin Xu and Joseph Bonneau discovered that PHP incorrectly handled certain\n Unicode characters in passwords passed to the crypt() function. A remote\n attacker could possibly use this flaw to bypass authentication.\n (CVE-2012-2143)\n\n It was discovered that a Debian/Ubuntu specific patch caused PHP to\n incorrectly handle empty salt strings. A remote attacker could possibly use\n this flaw to bypass authentication. This issue only affected Ubuntu 10.04\n LTS and Ubuntu 11.04. (CVE-2012-2317)\n\n It was discovered that PHP, when used as a stand alone CGI processor\n for the Apache Web Server, did not properly parse and filter query\n strings. This could allow a remote attacker to execute arbitrary code\n running with the privilege of the web server, or to perform a denial of\n service. Configurations using mod_php5 and FastCGI were not vulnerable.\n (CVE-2012-2335, CVE-2012-2336)\n\n Alexander Gavrun discovered that the PHP Phar extension incorrectly handled\n certain malformed TAR files. A remote attacker could use this flaw to\n perform a denial of service, or possibly execute arbitrary code.\n (CVE-2012-2386)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.2-1ubuntu4.17\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.10-1ubuntu3.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.6-13ubuntu3.8\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.5-1ubuntu7.10\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.4-2ubuntu5.25\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-04T11:20:23", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1481-1", "cvss3": {}, "published": "2012-06-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for php5 USN-1481-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2336", "CVE-2012-2386", "CVE-2012-2335", "CVE-2012-2143", "CVE-2012-0781", "CVE-2012-1172", "CVE-2012-2317"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841052", "href": "http://plugins.openvas.org/nasl.php?oid=841052", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1481_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for php5 USN-1481-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that PHP incorrectly handled certain Tidy::diagnose\n operations on invalid objects. A remote attacker could use this flaw to\n cause PHP to crash, leading to a denial of service. (CVE-2012-0781)\n\n It was discovered that PHP incorrectly handled certain multi-file upload\n filenames. A remote attacker could use this flaw to cause a denial of\n service, or to perform a directory traversal attack. (CVE-2012-1172)\n\n Rubin Xu and Joseph Bonneau discovered that PHP incorrectly handled certain\n Unicode characters in passwords passed to the crypt() function. A remote\n attacker could possibly use this flaw to bypass authentication.\n (CVE-2012-2143)\n\n It was discovered that a Debian/Ubuntu specific patch caused PHP to\n incorrectly handle empty salt strings. A remote attacker could possibly use\n this flaw to bypass authentication. This issue only affected Ubuntu 10.04\n LTS and Ubuntu 11.04. (CVE-2012-2317)\n\n It was discovered that PHP, when used as a stand alone CGI processor\n for the Apache Web Server, did not properly parse and filter query\n strings. This could allow a remote attacker to execute arbitrary code\n running with the privilege of the web server, or to perform a denial of\n service. Configurations using mod_php5 and FastCGI were not vulnerable.\n (CVE-2012-2335, CVE-2012-2336)\n\n Alexander Gavrun discovered that the PHP Phar extension incorrectly handled\n certain malformed TAR files. A remote attacker could use this flaw to\n perform a denial of service, or possibly execute arbitrary code.\n (CVE-2012-2386)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1481-1\";\ntag_affected = \"php5 on Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 11.04 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1481-1/\");\n script_id(841052);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:28:12 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2012-0781\", \"CVE-2012-1172\", \"CVE-2012-2143\", \"CVE-2012-2317\",\n \"CVE-2012-2335\", \"CVE-2012-2336\", \"CVE-2012-2386\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1481-1\");\n script_name(\"Ubuntu Update for php5 USN-1481-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.2-1ubuntu4.17\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.10-1ubuntu3.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.6-13ubuntu3.8\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.5-1ubuntu7.10\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.4-2ubuntu5.25\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-06-24T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2013-10233", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2013-1643", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2329", "CVE-2013-1635"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310866019", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866019", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2013-10233\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866019\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-24 14:49:08 +0530 (Mon, 24 Jun 2013)\");\n script_cve_id(\"CVE-2013-1643\", \"CVE-2013-1635\", \"CVE-2012-2143\", \"CVE-2012-2386\",\n \"CVE-2012-2311\", \"CVE-2012-2329\", \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for php FEDORA-2013-10233\");\n script_xref(name:\"FEDORA\", value:\"2013-10233\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-June/109692.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"php on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.16~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:51:36", "description": "Check for the Version of php", "cvss3": {}, "published": "2013-04-05T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2013-3927", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2013-1643", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2329", "CVE-2013-1635"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:865520", "href": "http://plugins.openvas.org/nasl.php?oid=865520", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2013-3927\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated web pages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\n\n\ntag_affected = \"php on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(865520);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-05 13:43:44 +0530 (Fri, 05 Apr 2013)\");\n script_cve_id(\"CVE-2013-1635\", \"CVE-2013-1643\", \"CVE-2012-2143\", \"CVE-2012-2386\",\n \"CVE-2012-2311\", \"CVE-2012-2329\", \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for php FEDORA-2013-3927\");\n\n script_xref(name: \"FEDORA\", value: \"2013-3927\");\n script_xref(name: \"URL\" , value: \"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101330.html\");\n script_summary(\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.13~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-04-05T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2013-3927", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2311", "CVE-2012-2386", "CVE-2013-1643", "CVE-2012-1823", "CVE-2012-2143", "CVE-2012-2329", "CVE-2013-1635"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865520", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865520", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2013-3927\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.865520\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-04-05 13:43:44 +0530 (Fri, 05 Apr 2013)\");\n script_cve_id(\"CVE-2013-1635\", \"CVE-2013-1643\", \"CVE-2012-2143\", \"CVE-2012-2386\",\n \"CVE-2012-2311\", \"CVE-2012-2329\", \"CVE-2012-1823\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for php FEDORA-2013-3927\");\n script_xref(name:\"FEDORA\", value:\"2013-3927\");\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101330.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"php on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.4.13~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-28T00:00:00", "type": "openvas", "title": "RedHat Update for postgresql and postgresql84 RHSA-2012:1037-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2143", "CVE-2012-2655"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310870779", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870779", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for postgresql and postgresql84 RHSA-2012:1037-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-June/msg00051.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870779\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-28 10:35:46 +0530 (Thu, 28 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cve_id(\"CVE-2012-2143\", \"CVE-2012-2655\");\n script_xref(name:\"RHSA\", value:\"2012:1037-01\");\n script_name(\"RedHat Update for postgresql and postgresql84 RHSA-2012:1037-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql and postgresql84'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(6|5)\");\n script_tag(name:\"affected\", value:\"postgresql and postgresql84 on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"PostgreSQL is an advanced object-relational database management system\n (DBMS).\n\n A flaw was found in the way the crypt() password hashing function from the\n optional PostgreSQL pgcrypto contrib module performed password\n transformation when used with the DES algorithm. If the password string to\n be hashed contained the 0x80 byte value, the remainder of the string was\n ignored when calculating the hash, significantly reducing the password\n strength. This made brute-force guessing more efficient as the whole\n password was not required to gain access to protected resources.\n (CVE-2012-2143)\n\n Note: With this update, the rest of the string is properly included in the\n DES hash. Therefore, any previously stored password values that are\n affected by this issue will no longer match. In such cases, it will be\n necessary for those stored password hashes to be updated.\n\n A denial of service flaw was found in the way the PostgreSQL server\n performed a user privileges check when applying SECURITY DEFINER or SET\n attributes to a procedural language's (such as PL/Perl or PL/Python) call\n handler function. A non-superuser database owner could use this flaw to\n cause the PostgreSQL server to crash due to infinite recursion.\n (CVE-2012-2655)\n\n Upstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters\n of the CVE-2012-2143 issue.\n\n These updated packages upgrade PostgreSQL to version 8.4.12, which fixes\n these issues as well as several non-security issues. Refer to the\n PostgreSQL Release Notes for a full list of changes.\n\n All PostgreSQL users are advised to upgrade to these updated packages,\n which correct these issues. If the postgresql service is running, it will\n be automatically restarted after installing this update.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.postgresql.org/docs/8.4/static/release.html\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.4.12~1.el6_2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.4.12~1.el6_2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-debuginfo\", rpm:\"postgresql-debuginfo~8.4.12~1.el6_2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.4.12~1.el6_2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.4.12~1.el6_2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.4.12~1.el6_2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~8.4.12~1.el6_2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~8.4.12~1.el6_2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~8.4.12~1.el6_2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\&quo