Lucene search
This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DLA-1490.NASLHistorySep 04, 2018 - 12:00 a.m.
Debian DLA-1490-1 : php5 security update
2018-09-0400:00:00
This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
Two vulnerabilities have been discovered in php5, a server-side, HTML-embedded scripting language. One (CVE-2018-14851) results in a potential denial of service (out-of-bounds read and application crash) via a crafted JPEG file. The other (CVE-2018-14883) is an Integer Overflow that leads to a heap-based buffer over-read.
Additionally, a previously introduced patch for CVE-2017-7272 was found to negatively affect existing PHP applications (#890266). As a result of the negative effects and the fact that the security team has marked the CVE in question as βignore,β the patch has been dropped.
For Debian 8 βJessieβ, these problems have been fixed in version 5.6.37+dfsg-0+deb8u1.
We recommend that you upgrade your php5 packages.
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DLA-1490-1. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(112229);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2018-14851", "CVE-2018-14883");
script_name(english:"Debian DLA-1490-1 : php5 security update");
script_summary(english:"Checks dpkg output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Two vulnerabilities have been discovered in php5, a server-side,
HTML-embedded scripting language. One (CVE-2018-14851) results in a
potential denial of service (out-of-bounds read and application crash)
via a crafted JPEG file. The other (CVE-2018-14883) is an Integer
Overflow that leads to a heap-based buffer over-read.
Additionally, a previously introduced patch for CVE-2017-7272 was
found to negatively affect existing PHP applications (#890266). As a
result of the negative effects and the fact that the security team has
marked the CVE in question as 'ignore,' the patch has been dropped.
For Debian 8 'Jessie', these problems have been fixed in version
5.6.37+dfsg-0+deb8u1.
We recommend that you upgrade your php5 packages.
NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://lists.debian.org/debian-lts-announce/2018/09/msg00000.html"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/jessie/php5"
);
script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libapache2-mod-php5");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libapache2-mod-php5filter");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libphp5-embed");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php-pear");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-cgi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-cli");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-curl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-dbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-enchant");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-fpm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-gd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-gmp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-imap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-interbase");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-intl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-ldap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-mcrypt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-mysqlnd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-odbc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-pgsql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-phpdbg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-pspell");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-readline");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-recode");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-snmp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-sqlite");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-sybase");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-tidy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-xmlrpc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-xsl");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0");
script_set_attribute(attribute:"patch_publication_date", value:"2018/09/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/09/04");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"8.0", prefix:"libapache2-mod-php5", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"libapache2-mod-php5filter", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"libphp5-embed", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php-pear", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-cgi", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-cli", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-common", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-curl", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-dbg", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-dev", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-enchant", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-fpm", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-gd", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-gmp", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-imap", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-interbase", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-intl", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-ldap", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-mcrypt", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-mysql", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-mysqlnd", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-odbc", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-pgsql", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-phpdbg", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-pspell", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-readline", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-recode", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-snmp", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-sqlite", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-sybase", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-tidy", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-xmlrpc", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (deb_check(release:"8.0", prefix:"php5-xsl", reference:"5.6.37+dfsg-0+deb8u1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| debian | debian_linux | php5-cli | p-cpe:/a:debian:debian_linux:php5-cli |
| debian | debian_linux | php5-ldap | p-cpe:/a:debian:debian_linux:php5-ldap |
| debian | debian_linux | php5-mcrypt | p-cpe:/a:debian:debian_linux:php5-mcrypt |
| debian | debian_linux | php5-interbase | p-cpe:/a:debian:debian_linux:php5-interbase |
| debian | debian_linux | php5-tidy | p-cpe:/a:debian:debian_linux:php5-tidy |
| debian | debian_linux | php-pear | p-cpe:/a:debian:debian_linux:php-pear |
| debian | debian_linux | php5-curl | p-cpe:/a:debian:debian_linux:php5-curl |
| debian | debian_linux | php5-gd | p-cpe:/a:debian:debian_linux:php5-gd |
| debian | debian_linux | php5-sybase | p-cpe:/a:debian:debian_linux:php5-sybase |
| debian | debian_linux | php5-intl | p-cpe:/a:debian:debian_linux:php5-intl |
Related
openvas
openvas
Debian: Security Advisory (DLA-1490-1)
2018-09-02 00:00:00
Mageia: Security Advisory (MGASA-2018-0390)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-3766-2)
2022-08-26 00:00:00
debian
debian
[SECURITY] [DLA 1490-1] php5 security update
2018-09-01 13:12:11
[SECURITY] [DSA 4353-1] php7.0 security update
2018-12-10 21:40:39
[SECURITY] [DLA 875-1] php5 security update
2017-03-27 23:05:29
nessus
nessus
Amazon Linux AMI : php56 / php70,php71 (ALAS-2018-1066)
2018-08-24 00:00:00
Amazon Linux AMI : php72 (ALAS-2018-1067)
2018-08-24 00:00:00
PHP 5.6.x < 5.6.37 exif_thumbnail_extract() DoS
2018-07-24 00:00:00
osv
osv
php5 - security update
2018-08-31 00:00:00
CVE-2017-7272
2017-03-27 17:59:00
CVE-2018-14851
2018-08-02 19:29:00
ubuntu
ubuntu
PHP vulnerabilities
2018-09-19 00:00:00
PHP vulnerabilities
2018-09-18 00:00:00
amazon
amazon
Low: php56, php70, php71
2018-08-22 19:30:00
Medium: php72
2018-08-22 19:31:00
mageia
mageia
Updated php packages fix security vulnerability
2018-09-21 19:26:22
ibm
ibm
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in PHP (CVE-2018-17082 CVE-2018-14883 CVE-2018-14851 CVE-2017-9118)
2023-12-07 22:45:03
redhatcve
redhatcve
prion
prion
Design/Logic Flaw
2017-03-27 17:59:00
Integer overflow
2018-08-03 13:29:00
Out-of-bounds
2018-08-02 19:29:00
hackerone
hackerone
suse
suse
Security update for php53 (important)
2017-06-28 18:11:15
Security update for php7 (moderate)
2018-08-17 12:31:13
Security update for php5 (moderate)
2018-09-12 12:08:47
seebug
seebug
packetstorm
packetstorm
PHP 7.1.2 fsockopen Misbehavior
2017-04-03 00:00:00
ubuntucve
ubuntucve
debiancve
debiancve
cve
cve
veracode
veracode
Denial Of Service (DoS)
2019-08-20 00:10:41
alpinelinux
alpinelinux
CVE-2018-14883
2018-08-03 13:29:00
CVE-2018-14851
2018-08-02 19:29:00
redhat
redhat
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
Related for DEBIAN_DLA-1490.NASL