Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.ALA_ALAS-2024-1918.NASL
HistoryFeb 06, 2024 - 12:00 a.m.

Amazon Linux AMI : php73 (ALAS-2024-1918)

2024-02-0600:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
php 7.3.13
alas-2024-1918
vulnerabilities
windows
directoryiterator
exif
memory disclosure
cdf_read_property_info
buffer overflow

7.8 High

AI Score

Confidence

Low

JSON

The version of php73 installed on the remote host is prior to 7.3.13-1.22. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1918 advisory.

  • In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access. (CVE-2019-11044)

  • In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access. (CVE-2019-11045)

  • In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren’t ASCII numbers. This can read to disclosure of the content of some memory locations. (CVE-2019-11046)

  • When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
    (CVE-2019-11047, CVE-2019-11050)

  • In PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows, when supplying custom headers to mail() function, due to mistake introduced in commit 78f4b4a2dcf92ddbccea1bb95f8390a18ac3342e, if the header is supplied in lowercase, this can result in double-freeing certain memory locations. (CVE-2019-11049)

  • cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write). (CVE-2019-18218)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2024-1918.
##

include('compat.inc');

if (description)
{
  script_id(190018);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/20");

  script_cve_id(
    "CVE-2019-11044",
    "CVE-2019-11045",
    "CVE-2019-11046",
    "CVE-2019-11047",
    "CVE-2019-11049",
    "CVE-2019-11050",
    "CVE-2019-18218"
  );

  script_name(english:"Amazon Linux AMI : php73 (ALAS-2024-1918)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Amazon Linux AMI host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The version of php73 installed on the remote host is prior to 7.3.13-1.22. It is, therefore, affected by multiple
vulnerabilities as referenced in the ALAS-2024-1918 advisory.

  - In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts
    filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security
    vulnerabilities, e.g. in applications checking paths that the code is allowed to access. (CVE-2019-11044)

  - In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts
    filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security
    vulnerabilities, e.g. in applications checking paths that the code is allowed to access. (CVE-2019-11045)

  - In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some
    systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with
    string containing characters that are identified as numeric by the OS but aren't ASCII numbers. This can
    read to disclosure of the content of some memory locations. (CVE-2019-11046)

  - When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in
    PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what
    will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
    (CVE-2019-11047, CVE-2019-11050)

  - In PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows, when supplying custom headers to mail() function,
    due to mistake introduced in commit 78f4b4a2dcf92ddbccea1bb95f8390a18ac3342e, if the header is supplied in
    lowercase, this can result in double-freeing certain memory locations. (CVE-2019-11049)

  - cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements,
    which allows a heap-based buffer overflow (4-byte out-of-bounds write). (CVE-2019-18218)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/ALAS-2024-1918.html");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/faqs.html");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2019-11044.html");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2019-11045.html");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2019-11046.html");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2019-11047.html");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2019-11049.html");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2019-11050.html");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2019-18218.html");
  script_set_attribute(attribute:"solution", value:
"Run 'yum update php73' to update your system.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-11049");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/10/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/02/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/02/06");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-bcmath");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-cli");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-dba");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-embedded");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-enchant");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-fpm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-gd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-gmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-imap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-intl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-json");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-mbstring");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-mysqlnd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-odbc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-opcache");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-pdo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-pdo-dblib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-pgsql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-process");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-pspell");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-recode");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-snmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-soap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-tidy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-xml");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-xmlrpc");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Amazon Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}

include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

var alas_release = get_kb_item("Host/AmazonLinux/release");
if (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, "Amazon Linux");
var os_ver = pregmatch(pattern: "^AL(A|\d+|-\d+)", string:alas_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var pkgs = [
    {'reference':'php73-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-bcmath-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-bcmath-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-cli-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-cli-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-common-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-common-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-dba-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-dba-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-dbg-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-dbg-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-debuginfo-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-debuginfo-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-devel-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-devel-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-embedded-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-embedded-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-enchant-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-enchant-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-fpm-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-fpm-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-gd-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-gd-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-gmp-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-gmp-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-imap-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-imap-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-intl-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-intl-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-json-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-json-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-ldap-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-ldap-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-mbstring-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-mbstring-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-mysqlnd-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-mysqlnd-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-odbc-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-odbc-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-opcache-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-opcache-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-pdo-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-pdo-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-pdo-dblib-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-pdo-dblib-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-pgsql-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-pgsql-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-process-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-process-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-pspell-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-pspell-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-recode-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-recode-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-snmp-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-snmp-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-soap-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-soap-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-tidy-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-tidy-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-xml-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-xml-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-xmlrpc-7.3.13-1.22.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'php73-xmlrpc-7.3.13-1.22.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE}
];

var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var el_string = NULL;
  var rpm_spec_vers_cmp = NULL;
  var epoch = NULL;
  var allowmaj = NULL;
  var exists_check = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php73 / php73-bcmath / php73-cli / etc");
}
VendorProductVersionCPE
amazonlinuxphp73p-cpe:/a:amazon:linux:php73
amazonlinuxphp73-bcmathp-cpe:/a:amazon:linux:php73-bcmath
amazonlinuxphp73-clip-cpe:/a:amazon:linux:php73-cli
amazonlinuxphp73-commonp-cpe:/a:amazon:linux:php73-common
amazonlinuxphp73-dbap-cpe:/a:amazon:linux:php73-dba
amazonlinuxphp73-dbgp-cpe:/a:amazon:linux:php73-dbg
amazonlinuxphp73-debuginfop-cpe:/a:amazon:linux:php73-debuginfo
amazonlinuxphp73-develp-cpe:/a:amazon:linux:php73-devel
amazonlinuxphp73-embeddedp-cpe:/a:amazon:linux:php73-embedded
amazonlinuxphp73-enchantp-cpe:/a:amazon:linux:php73-enchant
Rows per page:
1-10 of 331

Related

nessus 55
amazon 5
fedora 4
openvas 42
altlinux 4
mageia 2
suse 2
osv 9
ubuntu 3
debian 6
ibm 1
f5 3
ubuntucve 7
symantec 7
cve 7
prion 7
debiancve 7
alpinelinux 4
hackerone 2
redhatcve 7
kitploit 1
veracode 4
cloudfoundry 1
archlinux 1
freebsd 1
gentoo 1
redhat 2
almalinux 1
oraclelinux 1
rocky 1
rosalinux 1
nessus
nessus
Amazon Linux AMI : php72 (ALAS-2024-1921)
2024-02-19 00:00:00
Fedora 30 : php (2019-437d94e271)
2020-01-06 00:00:00
Amazon Linux AMI : php72 / php73 (ALAS-2020-1339)
2020-02-10 00:00:00
amazon
amazon
Important: php73
2024-02-01 19:33:00
Important: php72
2024-02-14 20:03:00
Medium: php72, php73
2020-02-04 22:42:00
fedora
fedora
[SECURITY] Fedora 30 Update: php-7.3.13-1.fc30
2020-01-03 20:36:41
[SECURITY] Fedora 31 Update: php-7.3.13-1.fc31
2020-01-05 00:42:40
[SECURITY] Fedora 30 Update: file-5.36-5.fc30
2019-11-03 00:13:57
openvas
openvas
Fedora Update for php FEDORA-2019-437d94e271
2020-01-08 00:00:00
Fedora Update for php FEDORA-2019-a54a622670
2020-01-09 00:00:00
PHP Multiple Vulnerabilities (Dec 2019) - Windows
2019-12-19 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package php8.1 version 7.3.13-alt1
2019-12-20 00:00:00
Security fix for the ALT Linux 10 package php8.0 version 7.3.13-alt1
2019-12-20 00:00:00
Security fix for the ALT Linux 9 package php7 version 7.3.13-alt1
2019-12-27 00:00:00
mageia
mageia
Updated php packages fix security vulnerabilities
2019-12-25 22:08:41
Updated file packages fix security vulnerability
2019-10-29 17:54:30
suse
suse
Security update for php7 (moderate)
2020-01-20 00:00:00
Security update for file (moderate)
2020-05-23 00:00:00
osv
osv
php5 - security update
2019-12-29 00:00:00
php7.0 - security update
2020-02-18 00:00:00
php7.3 - security update
2020-02-17 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2020-01-15 00:00:00
file vulnerability
2019-10-31 00:00:00
file vulnerability
2019-10-30 00:00:00
debian
debian
[SECURITY] [DLA 2050-1] php5 security update
2019-12-29 22:47:12
[SECURITY] [DSA 4626-1] php7.3 security update
2020-02-17 20:39:09
[SECURITY] [DSA 4628-1] php7.0 security update
2020-02-18 22:00:11
ibm
ibm
Security Bulletin: IBM API Connect is impacted by multiple vulnerabilities in PHP (CVE-2019-11045, CVE-2019-11044, CVE-2019-11046)
2020-05-11 17:22:11
f5
f5
K50301222 : PHP EXIF extension vulnerabilities CVE-2019-11047 and CVE-2019-11050
2020-01-22 00:00:00
K48866433 : PHP vulnerability CVE-2019-11046
2020-01-09 00:00:00
K44650157 : PHP DirectoryIterator vulnerability CVE-2019-11045
2020-01-22 00:00:00
ubuntucve
ubuntucve
CVE-2019-11044
2019-12-23 00:00:00
CVE-2019-11049
2019-12-23 00:00:00
CVE-2019-11045
2019-12-23 00:00:00
symantec
symantec
PHP CVE-2019-11044 Multiple Unspecified Security Vulnerabilities
2019-12-16 00:00:00
file CVE-2019-18218 Heap Based Buffer Overflow Vulnerability
2019-08-26 00:00:00
PHP CVE-2019-11049 Remote Denial Of Service Vulnerability
2019-12-18 00:00:00
cve
cve
CVE-2019-11044
2019-12-23 03:15:00
CVE-2019-11050
2019-12-23 03:15:00
CVE-2019-11049
2019-12-23 03:15:00
prion
prion
Design/Logic Flaw
2019-12-23 03:15:00
Double free
2019-12-23 03:15:00
Heap overflow
2019-10-21 05:15:00
debiancve
debiancve
CVE-2019-11049
2019-12-23 03:15:00
CVE-2019-11044
2019-12-23 03:15:00
CVE-2019-11050
2019-12-23 03:15:00
alpinelinux
alpinelinux
CVE-2019-11050
2019-12-23 03:15:00
CVE-2019-18218
2019-10-21 05:15:00
CVE-2019-11047
2019-12-23 03:15:00
hackerone
hackerone
Internet Bug Bounty: PHP link() silently truncates after a null byte on Windows
2020-02-26 05:04:15
Internet Bug Bounty: DirectoryIterator class silently truncates after a null byte
2020-02-26 05:07:29
redhatcve
redhatcve
CVE-2019-11046
2020-04-08 21:40:54
CVE-2019-11049
2020-04-05 05:17:59
CVE-2019-11047
2019-12-26 10:17:06
kitploit
kitploit
FLUFFI (Fully Localized Utility For Fuzzing Instantaneously) - A Distributed Evolutionary Binary Fuzzer For Pentesters
2020-09-22 21:00:00
veracode
veracode
Information Disclosure
2020-12-02 09:50:06
Denial Of Service (DoS)
2020-12-02 09:50:08
Arbitrary Code Execution
2020-08-06 21:31:09
cloudfoundry
cloudfoundry
USN-4172-1: file vulnerability | Cloud Foundry
2019-11-18 00:00:00
archlinux
archlinux
[ASA-202001-2] file: arbitrary code execution
2020-01-09 00:00:00
freebsd
freebsd
file -- Heap buffer overflow possible
2019-08-26 00:00:00
gentoo
gentoo
file: Heap-based buffer overflow
2020-03-15 00:00:00
redhat
redhat
(RHSA-2021:4374) Moderate: file security update
2021-11-09 09:13:30
(RHSA-2020:5275) Moderate: rh-php73-php security, bug fix, and enhancement update
2020-12-01 11:15:07
almalinux
almalinux
Moderate: file security update
2021-11-09 09:13:30
oraclelinux
oraclelinux
file security update
2021-11-16 00:00:00
rocky
rocky
file security update
2021-11-09 09:13:30
rosalinux
rosalinux
Advisory ROSA-SA-2021-1833
2021-07-02 16:40:28

7.8 High

AI Score

Confidence

Low

JSON
Related for ALA_ALAS-2024-1918.NASL
nessus55amazon5fedora4openvas42altlinux4mageia2suse2osv9ubuntu3debian6ibm1f53ubuntucve7symantec7cve7prion7debiancve7alpinelinux4hackerone2redhatcve7kitploit1veracode4cloudfoundry1archlinux1freebsd1gentoo1redhat2almalinux1oraclelinux1rocky1rosalinux1