Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DLA-1373.NASL
HistoryMay 10, 2018 - 12:00 a.m.

Debian DLA-1373-1 : php5 security update

2018-05-1000:00:00
This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17
JSON

Several issues have been discovered in PHP (recursive acronym for PHP:
Hypertext Preprocessor), a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML.

CVE-2018-10545

Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user’s PHP applications by running gcore on the PID of the PHP-FPM worker process.

CVE-2018-10547

There is a reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712.

CVE-2018-10548

ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.

For Debian 7 ‘Wheezy’, these problems have been fixed in version 5.4.45-0+deb7u14.

We recommend that you upgrade your php5 packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DLA-1373-1. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(109657);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2018-10545", "CVE-2018-10547", "CVE-2018-10548");

  script_name(english:"Debian DLA-1373-1 : php5 security update");
  script_summary(english:"Checks dpkg output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several issues have been discovered in PHP (recursive acronym for PHP:
Hypertext Preprocessor), a widely-used open source general-purpose
scripting language that is especially suited for web development and
can be embedded into HTML.

CVE-2018-10545

Dumpable FPM child processes allow bypassing opcache access controls
because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one
user (in a multiuser environment) to obtain sensitive information from
the process memory of a second user's PHP applications by running
gcore on the PID of the PHP-FPM worker process.

CVE-2018-10547

There is a reflected XSS on the PHAR 403 and 404 error pages via
request data of a request for a .phar file. NOTE: this vulnerability
exists because of an incomplete fix for CVE-2018-5712.

CVE-2018-10548

ext/ldap/ldap.c allows remote LDAP servers to cause a denial of
service (NULL pointer dereference and application crash) because of
mishandling of the ldap_get_dn return value.

For Debian 7 'Wheezy', these problems have been fixed in version
5.4.45-0+deb7u14.

We recommend that you upgrade your php5 packages.

NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://packages.debian.org/source/wheezy/php5"
  );
  script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libapache2-mod-php5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libapache2-mod-php5filter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libphp5-embed");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php-pear");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-cgi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-cli");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-curl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-enchant");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-fpm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-gd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-gmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-imap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-interbase");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-intl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-mcrypt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-mysql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-mysqlnd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-odbc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-pgsql");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-pspell");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-recode");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-snmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-sqlite");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-sybase");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-tidy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-xmlrpc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-xsl");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2018/05/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/10");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"7.0", prefix:"libapache2-mod-php5", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"libapache2-mod-php5filter", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"libphp5-embed", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php-pear", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-cgi", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-cli", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-common", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-curl", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-dbg", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-dev", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-enchant", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-fpm", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-gd", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-gmp", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-imap", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-interbase", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-intl", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-ldap", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-mcrypt", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-mysql", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-mysqlnd", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-odbc", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-pgsql", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-pspell", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-recode", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-snmp", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-sqlite", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-sybase", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-tidy", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-xmlrpc", reference:"5.4.45-0+deb7u14")) flag++;
if (deb_check(release:"7.0", prefix:"php5-xsl", reference:"5.4.45-0+deb7u14")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxlibapache2-mod-php5p-cpe:/a:debian:debian_linux:libapache2-mod-php5
debiandebian_linuxlibapache2-mod-php5filterp-cpe:/a:debian:debian_linux:libapache2-mod-php5filter
debiandebian_linuxlibphp5-embedp-cpe:/a:debian:debian_linux:libphp5-embed
debiandebian_linuxphp-pearp-cpe:/a:debian:debian_linux:php-pear
debiandebian_linuxphp5p-cpe:/a:debian:debian_linux:php5
debiandebian_linuxphp5-cgip-cpe:/a:debian:debian_linux:php5-cgi
debiandebian_linuxphp5-clip-cpe:/a:debian:debian_linux:php5-cli
debiandebian_linuxphp5-commonp-cpe:/a:debian:debian_linux:php5-common
debiandebian_linuxphp5-curlp-cpe:/a:debian:debian_linux:php5-curl
debiandebian_linuxphp5-dbgp-cpe:/a:debian:debian_linux:php5-dbg
Rows per page:
1-10 of 331

Related

debian 4
openvas 39
ubuntu 5
osv 10
nessus 50
suse 4
debiancve 4
f5 4
ubuntucve 4
redhatcve 4
fedora 3
slackware 2
veracode 5
prion 4
alpinelinux 4
cve 4
ibm 4
amazon 2
centos 1
redhat 3
mageia 1
checkpoint_advisories 1
gentoo 1
oraclelinux 1
rosalinux 1
cloudlinux 1
oracle 1
debian
debian
[SECURITY] [DLA 1373-1] php5 security update
2018-05-09 19:09:30
[SECURITY] [DSA 4240-1] php7.0 security update
2018-07-05 20:34:23
[SECURITY] [DLA 1397-1] php5 security update
2018-06-26 18:41:29
openvas
openvas
Debian: Security Advisory (DLA-1373-1)
2018-05-13 00:00:00
Ubuntu: Security Advisory (USN-3646-2)
2022-08-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:1294-1)
2021-06-09 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2018-05-16 00:00:00
PHP vulnerabilities
2018-05-14 00:00:00
PHP vulnerabilities
2018-05-15 00:00:00
osv
osv
php5 - security update
2018-05-09 00:00:00
CVE-2018-10547
2018-04-29 21:29:00
php5 - security update
2018-06-26 00:00:00
nessus
nessus
openSUSE Security Update : php7 (openSUSE-2018-441)
2018-05-11 00:00:00
SUSE SLES12 Security Update : php5 (SUSE-SU-2018:1291-1)
2019-01-02 00:00:00
openSUSE Security Update : php5 (openSUSE-2018-465)
2018-05-17 00:00:00
suse
suse
Security update for php7 (important)
2018-05-11 00:11:52
Security update for php5 (important)
2018-05-17 00:10:37
Security update for php7 (important)
2018-05-09 15:08:34
debiancve
debiancve
CVE-2018-10547
2018-04-29 21:29:00
CVE-2018-10545
2018-04-29 21:29:00
CVE-2018-10548
2018-04-29 21:29:00
f5
f5
K61561040 : PHP vulnerability CVE-2018-10547
2018-05-07 00:00:00
K82641075 : PHP vulnerability CVE-2018-10545
2018-06-19 00:00:00
K13060403 : PHP vulnerability CVE-2018-10548
2018-05-10 00:00:00
ubuntucve
ubuntucve
CVE-2018-10547
2018-04-29 00:00:00
CVE-2018-10545
2018-04-29 00:00:00
CVE-2018-10548
2018-04-29 00:00:00
redhatcve
redhatcve
CVE-2018-10547
2018-05-02 10:29:35
CVE-2018-10548
2018-05-02 10:29:25
CVE-2018-10545
2018-05-02 10:01:42
fedora
fedora
[SECURITY] Fedora 26 Update: php-7.1.17-1.fc26
2018-05-03 15:23:45
[SECURITY] Fedora 27 Update: php-7.1.17-1.fc27
2018-05-04 08:20:24
[SECURITY] Fedora 28 Update: php-7.2.5-1.fc28
2018-05-03 15:27:57
slackware
slackware
[slackware-security] php
2018-05-17 04:21:18
[slackware-security] php
2018-02-04 07:16:29
veracode
veracode
Cross-site Scripting (XSS)
2019-08-20 00:10:41
Denial Of Service (DoS)
2019-08-20 00:10:41
Information Disclosure
2019-08-20 00:10:40
prion
prion
Design/Logic Flaw
2018-04-29 21:29:00
Information disclosure
2018-04-29 21:29:00
Null pointer dereference
2018-04-29 21:29:00
alpinelinux
alpinelinux
CVE-2018-10547
2018-04-29 21:29:00
CVE-2018-10545
2018-04-29 21:29:00
CVE-2018-10548
2018-04-29 21:29:00
cve
cve
CVE-2018-10547
2018-04-29 21:29:00
CVE-2018-10545
2018-04-29 21:29:00
CVE-2018-10548
2018-04-29 21:29:00
ibm
ibm
Security Bulletin: API Connect Developer Portal is affected by multiple PHP vulnerabilities
2018-08-01 13:05:47
Security Bulletin: Vulnerabilities in PHP affect IBM BladeCenter Advanced Management Module (AMM)
2018-10-03 18:00:01
Security Bulletin: IBM API Connect Developer Portal is impacted by PHP vulnerabilities (CVE-2018-10548, CVE-2018-10546)
2018-06-23 02:54:18
amazon
amazon
Medium: php56, php70, php71
2018-05-10 18:23:00
Medium: php56, php70, php71
2018-02-07 17:10:00
centos
centos
php security update
2020-04-08 19:04:38
redhat
redhat
(RHSA-2020:1112) Moderate: php security update
2020-03-31 09:20:14
(RHSA-2019:2519) Moderate: rh-php71-php security, bug fix, and enhancement update
2019-08-19 08:09:18
(RHSA-2018:1296) Moderate: rh-php70-php security, bug fix, and enhancement update
2018-05-03 03:21:11
mageia
mageia
Updated php packages fix security vulnerabilities
2018-05-04 20:29:33
checkpoint_advisories
checkpoint_advisories
PHP LDAP ldap_get_dn Denial of Service (CVE-2018-10548)
2019-11-04 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2018-12-02 00:00:00
oraclelinux
oraclelinux
php security update
2020-04-06 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
cloudlinux
cloudlinux
Fix of 227 CVE
2020-10-15 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2020
2020-04-14 00:00:00
JSON
Related for DEBIAN_DLA-1373.NASL
debian4openvas39ubuntu5osv10nessus50suse4debiancve4f54ubuntucve4redhatcve4fedora3slackware2veracode5prion4alpinelinux4cve4ibm4amazon2centos1redhat3mageia1checkpoint_advisories1gentoo1oraclelinux1rosalinux1cloudlinux1oracle1