Lucene search
This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-2527.NASLHistoryAug 14, 2012 - 12:00 a.m.
Debian DSA-2527-1 : php5 - several vulnerabilities
2012-08-1400:00:00
This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues :
-
CVE-2012-2688 A buffer overflow in the scandir() function could lead to denial of service or the execution of arbitrary code.
-
CVE-2012-3450 It was discovered that inconsistent parsing of PDO prepared statements could lead to denial of service.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-2527. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(61520);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2012-2688", "CVE-2012-3450");
script_bugtraq_id(54638, 54777);
script_xref(name:"DSA", value:"2527");
script_name(english:"Debian DSA-2527-1 : php5 - several vulnerabilities");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Several vulnerabilities have been discovered in PHP, the web scripting
language. The Common Vulnerabilities and Exposures project identifies
the following issues :
- CVE-2012-2688
A buffer overflow in the scandir() function could lead
to denial of service or the execution of arbitrary code.
- CVE-2012-3450
It was discovered that inconsistent parsing of PDO
prepared statements could lead to denial of service."
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2012-2688"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2012-3450"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/squeeze/php5"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.debian.org/security/2012/dsa-2527"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the php5 packages.
For the stable distribution (squeeze), this problem has been fixed in
version 5.3.3-7+squeeze14."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");
script_set_attribute(attribute:"patch_publication_date", value:"2012/08/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/14");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"6.0", prefix:"libapache2-mod-php5", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"libapache2-mod-php5filter", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php-pear", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-cgi", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-cli", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-common", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-curl", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-dbg", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-dev", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-enchant", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-gd", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-gmp", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-imap", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-interbase", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-intl", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-ldap", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-mcrypt", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-mysql", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-odbc", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-pgsql", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-pspell", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-recode", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-snmp", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-sqlite", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-sybase", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-tidy", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-xmlrpc", reference:"5.3.3-7+squeeze14")) flag++;
if (deb_check(release:"6.0", prefix:"php5-xsl", reference:"5.3.3-7+squeeze14")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| debian | debian_linux | php5 | p-cpe:/a:debian:debian_linux:php5 |
| debian | debian_linux | 6.0 | cpe:/o:debian:debian_linux:6.0 |
Related
openvas
openvas
Debian Security Advisory DSA 2527-1 (php5)
2012-08-30 00:00:00
Debian: Security Advisory (DSA-2527-1)
2012-08-30 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:1033-1)
2021-06-09 00:00:00
debian
debian
[SECURITY] [DSA 2527-1] php5 security update
2012-08-13 18:16:56
osv
osv
php5 - several
2012-08-13 00:00:00
securityvulns
securityvulns
PHP security vulnerabilities
2012-07-30 00:00:00
[ MDVSA-2012:108 ] php
2012-07-30 00:00:00
nessus
nessus
SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6634)
2013-01-25 00:00:00
Mandriva Linux Security Advisory : php (MDVSA-2012:108)
2012-09-06 00:00:00
SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6634)
2013-01-25 00:00:00
suse
suse
Security update for PHP5 (important)
2012-08-24 09:08:27
Security update for php5 (important)
2012-08-24 14:08:28
Security update for PHP5 (important)
2013-08-16 21:04:11
ubuntu
ubuntu
PHP vulnerabilities
2012-09-17 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2019-05-02 04:52:37
fedora
fedora
[SECURITY] Fedora 17 Update: maniadrive-1.2-43.fc17
2012-08-05 21:27:45
[SECURITY] Fedora 16 Update: php-eaccelerator-0.9.6.1-9.fc16.7
2012-08-05 21:22:14
[SECURITY] Fedora 16 Update: maniadrive-1.2-32.fc16.7
2012-08-05 21:22:14
freebsd
freebsd
php -- potential overflow in _php_stream_scandir
2012-07-19 00:00:00
slackware
slackware
[slackware-security] php
2012-07-22 23:48:31
seebug
seebug
PHP '_php_stream_scandir()'ηΌε²εΊζΊ’εΊζΌζ΄
2012-07-25 00:00:00
cve
cve
CVE-2012-2688
2012-07-20 10:40:00
CVE-2012-3450
2012-08-06 16:55:00
amazon
amazon
Low: php
2012-08-05 14:14:00
f5
f5
SOL15480 - PHP vulnerability CVE-2012-2688
2014-08-06 00:00:00
K15480 : PHP vulnerability CVE-2012-2688
2014-08-07 00:00:00
ubuntucve
ubuntucve
CVE-2012-2688
2012-07-20 00:00:00
CVE-2012-3450
2012-08-06 00:00:00
prion
prion
Buffer overflow
2012-07-20 10:40:00
Out-of-bounds
2012-08-06 16:55:00
redhat
redhat
(RHSA-2013:0514) Moderate: php security, bug fix and enhancement update
2013-02-21 00:00:00
(RHSA-2013:1814) Critical: php security update
2013-12-11 00:00:00
(RHSA-2013:1307) Moderate: php53 security, bug fix and enhancement update
2013-09-30 16:52:28
centos
centos
php security update
2013-02-27 19:37:21
php security update
2013-12-11 09:34:01
php53 security update
2013-10-07 12:42:03
oraclelinux
oraclelinux
php security update
2013-12-10 00:00:00
php security, bug fix and enhancement update
2013-02-27 00:00:00
php53 security, bug fix and enhancement update
2013-10-02 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2012-09-24 00:00:00
hackerone
hackerone
Yahoo!: Out of date version
2014-03-30 08:47:50
Related for DEBIAN_DSA-2527.NASL