DATABASE RESOURCES PRICING ABOUT US

{"id": "F5_BIGIP_SOL15885.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "F5 Networks BIG-IP : GNU C Library vulnerability (SOL15885)", "description": "The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a 'stack extension attack,' a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome. (CVE-2011-1071)", "published": "2014-11-28T00:00:00", "modified": "2021-03-10T00:00:00", "epss": [{"cve": "CVE-2007-4782", "epss": 0.01328, "percentile": 0.84449, "modified": "2023-12-02"}, {"cve": "CVE-2010-1917", "epss": 0.01593, "percentile": 0.85893, "modified": "2023-12-02"}, {"cve": "CVE-2010-2898", "epss": 0.00213, "percentile": 0.58995, "modified": "2023-12-02"}, {"cve": "CVE-2011-1071", "epss": 0.01907, "percentile": 0.87201, "modified": "2023-12-02"}], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/79606", "reporter": "This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2898", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4782", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1917", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1071", "https://support.f5.com/csp/article/K15885"], "cvelist": ["CVE-2007-4782", "CVE-2010-1917", "CVE-2010-2898", "CVE-2011-1071"], "immutableFields": [], "lastseen": "2023-12-02T15:39:59", "viewCount": 15, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2008:0544", "CESA-2008:0545", "CESA-2010:0919", "CESA-2011:0412", "CESA-2012:0125"]}, {"type": "cve", "idList": ["CVE-2007-4782", "CVE-2010-1917", "CVE-2010-2898", "CVE-2011-1071", "CVE-2011-1659"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2089-1:00F1C"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2010-2898", "DEBIANCVE:CVE-2011-1071", "DEBIANCVE:CVE-2011-1659"]}, {"type": "f5", "idList": ["F5:K09408132", "SOL15885"]}, {"type": "fedora", "idList": ["FEDORA:0129311067C", "FEDORA:27D41110369", "FEDORA:2ED1F11052D", "FEDORA:363A1110632", "FEDORA:E6EE910FDE7", "FEDORA:EDBEB110632", "FEDORA:M5KJ8UT0016229"]}, {"type": "gentoo", "idList": ["GLSA-200710-02", "GLSA-201110-06", "GLSA-201312-01"]}, {"type": "ibm", "idList": ["A3D6D9F86CE29E7AB19CF5C1D180331D27DE05EC91D726E0FACE559173F92FDE"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2008-0544.NASL", "CENTOS_RHSA-2008-0545.NASL", "CENTOS_RHSA-2010-0919.NASL", "CENTOS_RHSA-2011-0412.NASL", "CENTOS_RHSA-2012-0125.NASL", "DEBIAN_DSA-2089.NASL", "F5_BIGIP_SOL09408132.NASL", "FEDORA_2008-3864.NASL", "FEDORA_2010-11428.NASL", "FEDORA_2010-11481.NASL", "GENTOO_GLSA-200710-02.NASL", "GENTOO_GLSA-201110-06.NASL", "GENTOO_GLSA-201312-01.NASL", "GOOGLE_CHROME_5_0_375_125.NASL", "HPSMH_6_3_0_22.NASL", "MANDRIVA_MDVSA-2009-022.NASL", "MANDRIVA_MDVSA-2011-178.NASL", "MANDRIVA_MDVSA-2011-179.NASL", "ORACLELINUX_ELSA-2008-0544.NASL", "ORACLELINUX_ELSA-2008-0545.NASL", "ORACLELINUX_ELSA-2010-0919.NASL", "ORACLELINUX_ELSA-2011-0412.NASL", "ORACLELINUX_ELSA-2011-0413.NASL", "ORACLELINUX_ELSA-2012-0125.NASL", "ORACLEVM_OVMSA-2015-0023.NASL", "PHP_5_2_5.NASL", "PHP_5_3_3.NASL", "REDHAT-RHSA-2008-0544.NASL", "REDHAT-RHSA-2008-0545.NASL", "REDHAT-RHSA-2010-0919.NASL", "REDHAT-RHSA-2011-0412.NASL", "REDHAT-RHSA-2011-0413.NASL", "REDHAT-RHSA-2012-0125.NASL", "SLACKWARE_SSA_2010-240-04.NASL", "SL_20080716_PHP_ON_SL4_X.NASL", "SL_20080716_PHP_ON_SL5_X.NASL", "SL_20101129_PHP_ON_SL4_X.NASL", "SL_20110404_GLIBC_ON_SL5_X.NASL", "SL_20120213_GLIBC_ON_SL4_X.NASL", "SUSE9_12049.NASL", "SUSE9_12775.NASL", "SUSE_11_1_APACHE2-MOD_PHP5-100928.NASL", "SUSE_11_2_APACHE2-MOD_PHP5-100813.NASL", "SUSE_11_3_APACHE2-MOD_PHP5-100812.NASL", "SUSE_11_APACHE2-MOD_PHP5-100805.NASL", "SUSE_11_GLIBC-110516.NASL", "SUSE_11_GLIBC-110517.NASL", "SUSE_APACHE2-MOD_PHP5-4808.NASL", "SUSE_APACHE2-MOD_PHP5-4810.NASL", "SUSE_APACHE2-MOD_PHP5-4909.NASL", "SUSE_APACHE2-MOD_PHP5-7110.NASL", "SUSE_GLIBC-7574.NASL", "SUSE_GLIBC-7575.NASL", "UBUNTU_USN-1396-1.NASL", "UBUNTU_USN-628-1.NASL", "UBUNTU_USN-989-1.NASL", "VMWARE_ESXI_5_0_BUILD_515841_REMOTE.NASL", "VMWARE_VMSA-2011-0010.NASL", "VMWARE_VMSA-2011-0010_REMOTE.NASL", "VMWARE_VMSA-2011-0012.NASL", "VMWARE_VMSA-2011-0012_REMOTE.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:103455", "OPENVAS:1361412562310103455", "OPENVAS:1361412562310110179", "OPENVAS:1361412562310110182", "OPENVAS:1361412562310121082", "OPENVAS:1361412562310122202", "OPENVAS:1361412562310122203", "OPENVAS:1361412562310122295", "OPENVAS:1361412562310122567", "OPENVAS:136141256231063253", "OPENVAS:136141256231063254", "OPENVAS:136141256231065266", "OPENVAS:136141256231068173", "OPENVAS:136141256231070769", "OPENVAS:1361412562310831500", "OPENVAS:1361412562310840501", "OPENVAS:1361412562310840929", "OPENVAS:1361412562310862343", "OPENVAS:1361412562310862345", "OPENVAS:1361412562310862346", "OPENVAS:1361412562310862347", "OPENVAS:1361412562310862349", "OPENVAS:1361412562310862351", "OPENVAS:1361412562310870120", "OPENVAS:1361412562310870125", "OPENVAS:1361412562310870362", "OPENVAS:1361412562310870417", "OPENVAS:1361412562310870545", "OPENVAS:1361412562310870670", "OPENVAS:1361412562310880040", "OPENVAS:1361412562310880308", "OPENVAS:1361412562310880456", "OPENVAS:1361412562310880538", "OPENVAS:1361412562310880633", "OPENVAS:1361412562310881217", "OPENVAS:1361412562310881328", "OPENVAS:1361412562310902092", "OPENVAS:58650", "OPENVAS:63253", "OPENVAS:63254", "OPENVAS:65266", "OPENVAS:68173", "OPENVAS:70769", "OPENVAS:831500", "OPENVAS:840283", "OPENVAS:840501", "OPENVAS:840929", "OPENVAS:850047", "OPENVAS:860416", "OPENVAS:862343", "OPENVAS:862345", "OPENVAS:862346", "OPENVAS:862347", "OPENVAS:862349", "OPENVAS:862351", "OPENVAS:870120", "OPENVAS:870125", "OPENVAS:870362", "OPENVAS:870417", "OPENVAS:870545", "OPENVAS:870670", "OPENVAS:880040", "OPENVAS:880308", "OPENVAS:880456", "OPENVAS:880538", "OPENVAS:880633", "OPENVAS:881217", "OPENVAS:881328", "OPENVAS:902092"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0544", "ELSA-2008-0545", "ELSA-2010-0919", "ELSA-2011-0412", "ELSA-2011-0413", "ELSA-2012-0125"]}, {"type": "osv", "idList": ["OSV:DSA-2089-1"]}, {"type": "prion", "idList": ["PRION:CVE-2007-4782", "PRION:CVE-2010-1917", "PRION:CVE-2010-2898", "PRION:CVE-2011-1071", "PRION:CVE-2011-1659"]}, {"type": "redhat", "idList": ["RHSA-2008:0505", "RHSA-2008:0544", "RHSA-2008:0545", "RHSA-2008:0582", "RHSA-2010:0919", "RHSA-2011:0412", "RHSA-2011:0413", "RHSA-2012:0125"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:24800", "SECURITYVULNS:DOC:26222", "SECURITYVULNS:DOC:27147", "SECURITYVULNS:DOC:27395", "SECURITYVULNS:DOC:27743", "SECURITYVULNS:VULN:10820", "SECURITYVULNS:VULN:11626", "SECURITYVULNS:VULN:12065"]}, {"type": "slackware", "idList": ["SSA-2010-240-04"]}, {"type": "suse", "idList": ["SUSE-SA:2008:004"]}, {"type": "ubuntu", "idList": ["USN-1396-1", "USN-628-1", "USN-989-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2007-4782", "UB:CVE-2010-1917", "UB:CVE-2010-2898", "UB:CVE-2011-1071", "UB:CVE-2011-1659"]}, {"type": "veracode", "idList": ["VERACODE:23308", "VERACODE:24426", "VERACODE:24482"]}, {"type": "vmware", "idList": ["VMSA-2011-0010", "VMSA-2011-0010.3", "VMSA-2011-0012", "VMSA-2011-0012.3"]}]}, "score": {"value": 0.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2008:0544", "CESA-2008:0545", "CESA-2010:0919", "CESA-2011:0412", "CESA-2012:0125"]}, {"type": "cve", "idList": ["CVE-2007-4782"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-1071"]}, {"type": "f5", "idList": ["SOL15885"]}, {"type": "fedora", "idList": ["FEDORA:M5KJ8UT0016229"]}, {"type": "gentoo", "idList": ["GLSA-201110-06"]}, {"type": "ibm", "idList": ["A3D6D9F86CE29E7AB19CF5C1D180331D27DE05EC91D726E0FACE559173F92FDE"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2010-0919.NASL", "F5_BIGIP_DETECT.NBIN", "VMWARE_ESXI_5_0_BUILD_515841_REMOTE.NASL", "VMWARE_VMSA-2011-0012_REMOTE.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122203", "OPENVAS:1361412562310870362", "OPENVAS:840283", "OPENVAS:850047", "OPENVAS:870120", "OPENVAS:870125", "OPENVAS:880633"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0919"]}, {"type": "redhat", "idList": ["RHSA-2008:0505", "RHSA-2008:0544"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:10820", "SECURITYVULNS:VULN:11626"]}, {"type": "slackware", "idList": ["SSA-2010-240-04"]}, {"type": "suse", "idList": ["SUSE-SA:2008:004"]}, {"type": "ubuntu", "idList": ["USN-1396-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-1917"]}, {"type": "vmware", "idList": ["VMSA-2011-0012.3"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2007-4782", "epss": "0.015880000", "percentile": "0.853040000", "modified": "2023-03-13"}, {"cve": "CVE-2010-1917", "epss": "0.015930000", "percentile": "0.853620000", "modified": "2023-03-13"}, {"cve": "CVE-2010-2898", "epss": "0.002130000", "percentile": "0.574790000", "modified": "2023-03-13"}, {"cve": "CVE-2011-1071", "epss": "0.019070000", "percentile": "0.867130000", "modified": "2023-03-13"}], "vulnersScore": 0.2}, "_state": {"dependencies": 1701549006, "score": 1701548784, "epss": 0}, "_internal": {"score_hash": "cd9ca765a63775ebc48ef905e204eed7"}, "pluginID": "79606", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL15885.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79606);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/10\");\n\n script_cve_id(\"CVE-2007-4782\", \"CVE-2010-1917\", \"CVE-2010-2898\", \"CVE-2011-1071\");\n script_bugtraq_id(26403, 41991, 46563);\n\n script_name(english:\"F5 Networks BIG-IP : GNU C Library vulnerability (SOL15885)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded\nGLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary\ncode or cause a denial of service (memory consumption) via a long UTF8\nstring that is used in an fnmatch call, aka a 'stack extension\nattack,' a related issue to CVE-2010-2898, CVE-2010-1917, and\nCVE-2007-4782, as originally reported for use of this library by\nGoogle Chrome. (CVE-2011-1071)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K15885\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL15885.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL15885\";\nvmatrix = make_array();\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.0.0-11.6.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"11.0.0-11.6.0\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.0.0-11.6.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"11.0.0-11.6.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"11.0.0-11.6.0\");\n\n# PSM\nvmatrix[\"PSM\"] = make_array();\nvmatrix[\"PSM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"PSM\"][\"unaffected\"] = make_list(\"11.0.0-11.4.1\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"11.0.0-11.3.0\");\n\n# WOM\nvmatrix[\"WOM\"] = make_array();\nvmatrix[\"WOM\"][\"affected\" ] = make_list(\"10.0.0-10.2.4\");\nvmatrix[\"WOM\"][\"unaffected\"] = make_list(\"11.0.0-11.3.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "naslFamily": "F5 Networks Local Security Checks", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "solution": "Upgrade to one of the non-vulnerable versions listed in the F5 Solution SOL15885.", "nessusSeverity": "Critical", "cvssScoreSource": "", "vendor_cvss2": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": null, "vector": null}, "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2014-11-27T00:00:00", "vulnerabilityPublicationDate": "2007-09-10T00:00:00", "exploitableWith": []}

{"debiancve": [{"lastseen": "2023-12-02T18:25:09", "description": "The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a \"stack extension attack,\" a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome.", "cvss3": {}, "published": "2011-04-08T15:17:00", "type": "debiancve", "title": "CVE-2011-1071", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-4782", "CVE-2010-1917", "CVE-2010-2898", "CVE-2011-1071"], "modified": "2011-04-08T15:17:00", "id": "DEBIANCVE:CVE-2011-1071", "href": "https://security-tracker.debian.org/tracker/CVE-2011-1071", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-14T17:47:10", "description": "Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the GNU C Library, which has unknown impact and attack vectors.", "cvss3": {}, "published": "2010-07-28T20:00:00", "type": "debiancve", "title": "CVE-2010-2898", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2898"], "modified": "2010-07-28T20:00:00", "id": "DEBIANCVE:CVE-2010-2898", "href": "https://security-tracker.debian.org/tracker/CVE-2010-2898", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-02T18:25:09", "description": "Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.", "cvss3": {}, "published": "2011-04-08T15:17:00", "type": "debiancve", "title": "CVE-2011-1659", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1071", "CVE-2011-1659"], "modified": "2011-04-08T15:17:00", "id": "DEBIANCVE:CVE-2011-1659", "href": "https://security-tracker.debian.org/tracker/CVE-2011-1659", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "f5": [{"lastseen": "2021-06-08T18:45:09", "description": "*Most ARX components are based on GNU C library code.\n\nRecommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 is responding to this vulnerability as determined by the parameters defined in SOL4602: Overview of the F5 security vulnerability response policy. \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "cvss3": {}, "published": "2014-11-27T00:00:00", "type": "f5", "title": "SOL15885 - GNU C Library vulnerability CVE-2011-1071", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-4782", "CVE-2010-2898", "CVE-2011-1071", "CVE-2010-1917"], "modified": "2015-06-12T00:00:00", "id": "SOL15885", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/800/sol15885.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-06-08T00:16:27", "description": "\nF5 Product Development has assigned ID 356183 (BIG-IP) and ID 476571 (ARX) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H611600 on the **Diagnostics** &gt; **Identified** &gt; **Low** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 10.2.1 - 10.2.4| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1| Low| glibc \nBIG-IP AAM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| 10.2.1 - 10.2.4| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1| Low| glibc \nBIG-IP ASM| 10.2.1 - 10.2.4| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1| Low| glibc \nBIG-IP DNS| None| 12.0.0 - 12.1.0| Not vulnerable| None \nBIG-IP Edge Gateway| 10.2.1 - 10.2.4| 11.2.1| Low| glibc \nBIG-IP GTM| 10.2.1 - 10.2.4| 11.4.0 - 11.6.1 \n11.2.1| Low| glibc \nBIG-IP Link Controller| 10.2.1 - 10.2.4| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1| Low| glibc \nBIG-IP PEM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| 10.2.1 - 10.2.4| 11.4.0 - 11.4.1| Low| glibc \nBIG-IP WebAccelerator| 10.2.1 - 10.2.4| 11.2.1| Low| glibc \nBIG-IP WOM| 10.2.1 - 10.2.4| 11.2.1| Low| glibc \nBIG-IP WebSafe| None| 12.0.0 - 12.1.0 \n11.6.0 - 11.6.1| Not vulnerable \n\n| None \nARX| 6.2.0 - 6.4.0| None| Low| glibc \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nTraffix SDC| None| 5.0.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "cvss3": {}, "published": "2016-08-19T00:10:00", "type": "f5", "title": "glibc vulnerability CVE-2011-1659", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1659", "CVE-2011-1071"], "modified": "2017-01-19T21:47:00", "id": "F5:K09408132", "href": "https://support.f5.com/csp/article/K09408132", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cve": [{"lastseen": "2023-12-02T14:59:16", "description": "The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a \"stack extension attack,\" a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome.", "cvss3": {}, "published": "2011-04-08T15:17:00", "type": "cve", "title": "CVE-2011-1071", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-4782", "CVE-2010-1917", "CVE-2010-2898", "CVE-2011-1071"], "modified": "2023-02-13T03:23:00", "cpe": ["cpe:/a:gnu:glibc:1.07", "cpe:/a:gnu:glibc:2.0", "cpe:/a:gnu:glibc:2.12.0", "cpe:/a:gnu:glibc:2.0.1", "cpe:/a:gnu:glibc:2.5.1", "cpe:/a:gnu:glibc:2.0.6", "cpe:/a:gnu:glibc:2.1.3.10", "cpe:/a:gnu:glibc:1.09.1", "cpe:/a:gnu:glibc:1.04", "cpe:/a:gnu:glibc:2.3.3", "cpe:/a:gnu:glibc:2.10", "cpe:/a:gnu:glibc:1.03", "cpe:/a:gnu:glibc:2.2.3", "cpe:/a:gnu:glibc:1.09", "cpe:/a:gnu:glibc:2.6.1", "cpe:/a:gnu:glibc:2.1.2", "cpe:/a:gnu:glibc:1.02", "cpe:/a:gnu:glibc:2.2.5", "cpe:/a:gnu:glibc:2.11", "cpe:/a:gnu:glibc:2.10.2", "cpe:/a:gnu:glibc:2.5", "cpe:/a:gnu:glibc:2.3.2", "cpe:/a:gnu:glibc:2.6", "cpe:/a:gnu:glibc:2.1", "cpe:/a:gnu:glibc:2.10.1", "cpe:/a:gnu:glibc:1.06", "cpe:/a:gnu:glibc:1.00", "cpe:/a:gnu:glibc:2.2.1", "cpe:/a:gnu:glibc:1.08", "cpe:/a:gnu:glibc:2.3.5", "cpe:/a:gnu:glibc:2.2", "cpe:/a:gnu:glibc:2.7", "cpe:/a:gnu:glibc:2.1.1", "cpe:/a:gnu:glibc:2.0.3", "cpe:/a:gnu:glibc:2.3.1", "cpe:/a:gnu:glibc:2.3.6", "cpe:/a:gnu:glibc:2.0.4", "cpe:/a:gnu:glibc:1.05", "cpe:/a:gnu:glibc:2.2.2", "cpe:/a:gnu:glibc:2.1.3", "cpe:/a:gnu:glibc:2.11.3", "cpe:/a:gnu:glibc:2.0.2", "cpe:/a:gnu:glibc:2.11.1", "cpe:/a:gnu:glibc:2.11.2", "cpe:/a:gnu:glibc:2.8", "cpe:/a:gnu:glibc:2.12.1", "cpe:/a:gnu:glibc:2.9", "cpe:/a:gnu:glibc:2.0.5", "cpe:/a:gnu:glibc:2.1.9", "cpe:/a:gnu:glibc:2.4", "cpe:/a:gnu:glibc:2.2.4", "cpe:/a:gnu:glibc:2.3.4", "cpe:/a:gnu:eglibc:*", "cpe:/a:gnu:glibc:1.01", "cpe:/a:gnu:glibc:2.3", "cpe:/a:gnu:glibc:2.1.1.6", "cpe:/a:gnu:glibc:2.3.10"], "id": "CVE-2011-1071", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1071", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.09:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:eglibc:*:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.09.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-02T14:37:46", "description": "PHP before 5.2.3 allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the pattern parameter to the glob function; or (2) a long string in the string parameter to the fnmatch function, accompanied by a pattern parameter value with undefined characteristics, as demonstrated by a \"*[1]e\" value. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution.", "cvss3": {}, "published": "2007-09-10T21:17:00", "type": "cve", "title": "CVE-2007-4782", "cwe": ["CWE-94"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-4782"], "modified": "2018-10-15T21:38:00", "cpe": ["cpe:/a:php:php:5.2.3"], "id": "CVE-2007-4782", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4782", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-02T14:23:46", "description": "Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the GNU C Library, which has unknown impact and attack vectors.", "cvss3": {}, "published": "2010-07-28T20:00:00", "type": "cve", "title": "CVE-2010-2898", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2898"], "modified": "2020-08-05T18:21:00", "cpe": [], "id": "CVE-2010-2898", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2898", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-12-02T14:17:08", "description": "Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (PHP crash) via a crafted first argument to the fnmatch function, as demonstrated using a long string.", "cvss3": {}, "published": "2010-05-12T11:46:00", "type": "cve", "title": "CVE-2010-1917", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1917"], "modified": "2017-08-17T01:32:00", "cpe": ["cpe:/a:php:php:5.2.5", "cpe:/a:php:php:5.2.8", "cpe:/a:php:php:5.2.9", "cpe:/a:php:php:5.2.2", "cpe:/a:php:php:5.2.6", "cpe:/a:php:php:5.3.1", "cpe:/a:php:php:5.2.12", "cpe:/a:php:php:5.2.13", "cpe:/a:php:php:5.2.4", "cpe:/a:php:php:5.3.2", "cpe:/a:php:php:5.2.10", "cpe:/a:php:php:5.3.0", "cpe:/a:php:php:5.2.11", "cpe:/a:php:php:5.2.3", "cpe:/a:php:php:5.2.0", "cpe:/a:php:php:5.2.1"], "id": "CVE-2010-1917", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1917", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-02T15:02:35", "description": "Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.", "cvss3": {}, "published": "2011-04-08T15:17:00", "type": "cve", "title": "CVE-2011-1659", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1071", "CVE-2011-1659"], "modified": "2023-11-07T02:07:00", "cpe": ["cpe:/a:gnu:glibc:1.07", "cpe:/a:gnu:glibc:2.0", "cpe:/a:gnu:glibc:2.12.0", "cpe:/a:gnu:glibc:2.0.1", "cpe:/a:gnu:glibc:2.13", "cpe:/a:gnu:glibc:2.5.1", "cpe:/a:gnu:glibc:2.0.6", "cpe:/a:gnu:glibc:2.1.3.10", "cpe:/a:gnu:glibc:1.09.1", "cpe:/a:gnu:glibc:1.04", "cpe:/a:gnu:glibc:2.3.3", "cpe:/a:gnu:glibc:2.10", "cpe:/a:gnu:glibc:1.03", "cpe:/a:gnu:glibc:2.2.3", "cpe:/a:gnu:glibc:1.09", "cpe:/a:gnu:glibc:2.6.1", "cpe:/a:gnu:glibc:2.1.2", "cpe:/a:gnu:glibc:1.02", "cpe:/a:gnu:glibc:2.2.5", "cpe:/a:gnu:glibc:2.11", "cpe:/a:gnu:glibc:2.10.2", "cpe:/a:gnu:glibc:2.5", "cpe:/a:gnu:glibc:2.3.2", "cpe:/a:gnu:glibc:2.6", "cpe:/a:gnu:glibc:2.1", "cpe:/a:gnu:glibc:2.10.1", "cpe:/a:gnu:glibc:1.06", "cpe:/a:gnu:glibc:1.00", "cpe:/a:gnu:glibc:2.2.1", "cpe:/a:gnu:glibc:1.08", "cpe:/a:gnu:glibc:2.3.5", "cpe:/a:gnu:glibc:2.2", "cpe:/a:gnu:glibc:2.7", "cpe:/a:gnu:glibc:2.1.1", "cpe:/a:gnu:glibc:2.0.3", "cpe:/a:gnu:glibc:2.3.1", "cpe:/a:gnu:glibc:2.3.6", "cpe:/a:gnu:glibc:2.0.4", "cpe:/a:gnu:glibc:1.05", "cpe:/a:gnu:glibc:2.2.2", "cpe:/a:gnu:glibc:2.1.3", "cpe:/a:gnu:glibc:2.11.3", "cpe:/a:gnu:glibc:2.0.2", "cpe:/a:gnu:glibc:2.12.2", "cpe:/a:gnu:glibc:2.11.1", "cpe:/a:gnu:glibc:2.11.2", "cpe:/a:gnu:glibc:2.8", "cpe:/a:gnu:glibc:2.12.1", "cpe:/a:gnu:glibc:2.9", "cpe:/a:gnu:glibc:2.0.5", "cpe:/a:gnu:glibc:2.1.9", "cpe:/a:gnu:glibc:2.4", "cpe:/a:gnu:glibc:2.2.4", "cpe:/a:gnu:glibc:2.3.4", "cpe:/a:gnu:glibc:1.01", "cpe:/a:gnu:glibc:2.3", "cpe:/a:gnu:glibc:2.1.1.6", "cpe:/a:gnu:glibc:2.3.10"], "id": "CVE-2011-1659", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1659", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.09:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.09.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*"]}], "prion": [{"lastseen": "2023-11-22T04:44:40", "description": "The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a \"stack extension attack,\" a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome.", "cvss3": {}, "published": "2011-04-08T15:17:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-4782", "CVE-2010-1917", "CVE-2010-2898", "CVE-2011-1071"], "modified": "2023-02-13T03:23:00", "id": "PRION:CVE-2011-1071", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2011-1071", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T04:57:36", "description": "Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the GNU C Library, which has unknown impact and attack vectors.", "cvss3": {}, "published": "2010-07-28T20:00:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2898"], "modified": "2020-08-05T18:21:00", "id": "PRION:CVE-2010-2898", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2010-2898", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T05:35:15", "description": "PHP before 5.2.3 allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the pattern parameter to the glob function; or (2) a long string in the string parameter to the fnmatch function, accompanied by a pattern parameter value with undefined characteristics, as demonstrated by a \"*[1]e\" value. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution.", "cvss3": {}, "published": "2007-09-10T21:17:00", "type": "prion", "title": "Remote code execution", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-4782"], "modified": "2018-10-15T21:38:00", "id": "PRION:CVE-2007-4782", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2007-4782", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-22T04:55:46", "description": "Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (PHP crash) via a crafted first argument to the fnmatch function, as demonstrated using a long string.", "cvss3": {}, "published": "2010-05-12T11:46:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1917"], "modified": "2017-08-17T01:32:00", "id": "PRION:CVE-2010-1917", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2010-1917", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-22T04:45:40", "description": "Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.", "cvss3": {}, "published": "2011-04-08T15:17:00", "type": "prion", "title": "Integer overflow", "bulletinFamily": "NVD", "cvss2": {"baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "type": "Primary", "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1071", "CVE-2011-1659"], "modified": "2018-10-09T19:31:00", "id": "PRION:CVE-2011-1659", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2011-1659", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntucve": [{"lastseen": "2023-12-02T15:56:56", "description": "The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC\n(EGLIBC) allow context-dependent attackers to execute arbitrary code or\ncause a denial of service (memory consumption) via a long UTF8 string that\nis used in an fnmatch call, aka a \"stack extension attack,\" a related issue\nto CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported\nfor use of this library by Google Chrome.\n\n#### Bugs\n\n * <http://sourceware.org/bugzilla/show_bug.cgi?id=11883>\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615120>\n * <https://bugzilla.redhat.com/show_bug.cgi?id=681054>\n", "cvss3": {}, "published": "2011-04-08T00:00:00", "type": "ubuntucve", "title": "CVE-2011-1071", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-4782", "CVE-2010-1917", "CVE-2010-2898", "CVE-2011-1071"], "modified": "2011-04-08T00:00:00", "id": "UB:CVE-2011-1071", "href": "https://ubuntu.com/security/CVE-2011-1071", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-02T16:00:23", "description": "Google Chrome before 5.0.375.125 does not properly mitigate an unspecified\nflaw in the GNU C Library, which has unknown impact and attack vectors.\n\n#### Bugs\n\n * <http://code.google.com/p/chromium/issues/detail?id=48733>\n", "cvss3": {}, "published": "2010-07-28T00:00:00", "type": "ubuntucve", "title": "CVE-2010-2898", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2898"], "modified": "2010-07-28T00:00:00", "id": "UB:CVE-2010-2898", "href": "https://ubuntu.com/security/CVE-2010-2898", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-02T16:12:19", "description": "PHP before 5.2.3 allows context-dependent attackers to cause a denial of\nservice (application crash) via (1) a long string in the pattern parameter\nto the glob function; or (2) a long string in the string parameter to the\nfnmatch function, accompanied by a pattern parameter value with undefined\ncharacteristics, as demonstrated by a \"*[1]e\" value. NOTE: this might not\nbe a vulnerability in most web server environments that support multiple\nthreads, unless these issues can be demonstrated for code execution.", "cvss3": {}, "published": "2007-09-10T00:00:00", "type": "ubuntucve", "title": "CVE-2007-4782", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-4782"], "modified": "2007-09-10T00:00:00", "id": "UB:CVE-2007-4782", "href": "https://ubuntu.com/security/CVE-2007-4782", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-02T16:01:21", "description": "Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 through\n5.3.2 allows context-dependent attackers to cause a denial of service (PHP\ncrash) via a crafted first argument to the fnmatch function, as\ndemonstrated using a long string.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | This is MOPS-2010-021\n", "cvss3": {}, "published": "2010-05-12T00:00:00", "type": "ubuntucve", "title": "CVE-2010-1917", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1917"], "modified": "2010-05-12T00:00:00", "id": "UB:CVE-2010-1917", "href": "https://ubuntu.com/security/CVE-2010-1917", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-12-02T15:56:55", "description": "Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or\nlibc6) 2.13 and earlier allows context-dependent attackers to cause a\ndenial of service (application crash) via a long UTF8 string that is used\nin an fnmatch call with a crafted pattern argument, a different\nvulnerability than CVE-2011-1071.\n\n#### Bugs\n\n * <http://sourceware.org/bugzilla/show_bug.cgi?id=12583>\n * <https://bugzilla.redhat.com/show_bug.cgi?id=681054>\n", "cvss3": {}, "published": "2011-04-08T00:00:00", "type": "ubuntucve", "title": "CVE-2011-1659", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1071", "CVE-2011-1659"], "modified": "2011-04-08T00:00:00", "id": "UB:CVE-2011-1659", "href": "https://ubuntu.com/security/CVE-2011-1659", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "veracode": [{"lastseen": "2022-07-27T10:25:15", "description": "php is vulnerable to denial of service (DoS). The vulnerability exists as it was discovered that the PHP fnmatch() function did not restrict the length of the pattern argument. A remote attacker could use this flaw to crash the PHP interpreter where a script used fnmatch() on untrusted matching patterns.\n", "cvss3": {}, "published": "2020-04-10T00:53:57", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1917"], "modified": "2022-04-19T18:24:50", "id": "VERACODE:24426", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-24426/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-27T10:23:29", "description": "php is vulnerable to denial of service (DoS). The vulnerability exists as it was discovered that the PHP fnmatch() function did not restrict the length of the string argument. An attacker could use this flaw to crash the PHP interpreter where a script used fnmatch() on untrusted input data.\n", "cvss3": {}, "published": "2020-04-10T00:22:29", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-4782"], "modified": "2022-04-19T18:28:39", "id": "VERACODE:23308", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-23308/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-04-18T12:28:13", "description": "glibc is vulnerable to arbitrary code execution. It was discovered that the glibc fnmatch() function did not properly restrict the use of alloca(). If the function was called on sufficiently large inputs, it could cause an application using fnmatch() to crash or, possibly, execute arbitrary code with the privileges of the application.\n", "cvss3": {}, "published": "2020-04-10T00:55:26", "type": "veracode", "title": "Arbitrary Code Execution", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1071"], "modified": "2023-02-13T07:24:08", "id": "VERACODE:24482", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-24482/summary", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:38:44", "description": "The remote host is missing an update as announced\nvia advisory SSA:2010-240-04.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2010-240-04 php", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2225", "CVE-2010-1917"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:136141256231068173", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068173", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2010_240_04.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68173\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2010-1917\", \"CVE-2010-2225\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2010-240-04 php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(11\\.0|12\\.0|12\\.1|12\\.2|13\\.0|13\\.1)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2010-240-04\");\n\n script_tag(name:\"insight\", value:\"New php packages are available for Slackware 11.0 (extra), 12.0, 12.1, 12.2,\n13.0, 13.1, and -current to fix security issues.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2010-240-04.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"php\", ver:\"5.2.14-i486-1_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"php\", ver:\"5.2.14-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"php\", ver:\"5.2.14-i486-1_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"php\", ver:\"5.2.14-i486-1_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"php\", ver:\"5.2.14-i486-1_slack13.0\", rls:\"SLK13.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"php\", ver:\"5.2.14-i486-1_slack13.1\", rls:\"SLK13.1\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:50:56", "description": "The remote host is missing an update as announced\nvia advisory SSA:2010-240-04.", "cvss3": {}, "published": "2012-09-11T00:00:00", "type": "openvas", "title": "Slackware Advisory SSA:2010-240-04 php ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2225", "CVE-2010-1917"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:68173", "href": "http://plugins.openvas.org/nasl.php?oid=68173", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2010_240_04.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New php packages are available for Slackware 11.0 (extra), 12.0, 12.1, 12.2,\n13.0, 13.1, and -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2010-240-04.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2010-240-04\";\n \nif(description)\n{\n script_id(68173);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2010-1917\", \"CVE-2010-2225\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 6598 $\");\n script_name(\"Slackware Advisory SSA:2010-240-04 php \");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"php\", ver:\"5.2.14-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"php\", ver:\"5.2.14-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"php\", ver:\"5.2.14-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"php\", ver:\"5.2.14-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"php\", ver:\"5.2.14-i486-1_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"php\", ver:\"5.2.14-i486-1_slack13.1\", rls:\"SLK13.1\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-11-28T00:00:00", "type": "openvas", "title": "Mandriva Update for glibc MDVSA-2011:178 (glibc)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2898", "CVE-2010-0296", "CVE-2011-2483", "CVE-2011-1659", "CVE-2011-1071", "CVE-2011-1095", "CVE-2010-3847", "CVE-2011-0536", "CVE-2011-1089"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831500", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831500", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for glibc MDVSA-2011:178 (glibc)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-11/msg00037.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831500\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-28 12:50:20 +0530 (Mon, 28 Nov 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"MDVSA\", value:\"2011:178\");\n script_cve_id(\"CVE-2010-3847\", \"CVE-2011-0536\", \"CVE-2010-2898\", \"CVE-2011-1071\",\n \"CVE-2010-0296\", \"CVE-2011-1089\", \"CVE-2011-1095\", \"CVE-2011-1659\",\n \"CVE-2011-2483\");\n script_name(\"Mandriva Update for glibc MDVSA-2011:178 (glibc)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2010\\.1)\");\n script_tag(name:\"affected\", value:\"glibc on Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities was discovered and fixed in glibc:\n Multiple untrusted search path vulnerabilities in elf/dl-object.c in\n certain modified versions of the GNU C Library (aka glibc or libc6),\n including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat\n Enterprise Linux, allow local users to gain privileges via a crafted\n dynamic shared object (DSO) in a subdirectory of the current working\n directory during execution of a (1) setuid or (2) setgid program that\n has in (a) RPATH or (b) RUNPATH. NOTE: this issue exists because\n of an incorrect fix for CVE-2010-3847 (CVE-2011-0536).\n\n The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC\n (EGLIBC) allow context-dependent attackers to execute arbitrary code\n or cause a denial of service (memory consumption) via a long UTF8\n string that is used in an fnmatch call, aka a stack extension attack,\n a related issue to CVE-2010-2898, as originally reported for use of\n this library by Google Chrome (CVE-2011-1071).\n\n The addmntent function in the GNU C Library (aka glibc or libc6) 2.13\n and earlier does not report an error status for failed attempts to\n write to the /etc/mtab file, which makes it easier for local users\n to trigger corruption of this file, as demonstrated by writes from\n a process with a small RLIMIT_FSIZE value, a different vulnerability\n than CVE-2010-0296 (CVE-2011-1089).\n\n locale/programs/locale.c in locale in the GNU C Library (aka glibc\n or libc6) before 2.13 does not quote its output, which might allow\n local users to gain privileges via a crafted localization environment\n variable, in conjunction with a program that executes a script that\n uses the eval function (CVE-2011-1095).\n\n Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or\n libc6) 2.13 and earlier allows context-dependent attackers to cause a\n denial of service (application crash) via a long UTF8 string that is\n used in an fnmatch call with a crafted pattern argument, a different\n vulnerability than CVE-2011-1071 (CVE-2011-1659).\n\n crypt_blowfish before 1.1, as used in glibc on certain platforms,\n does not properly handle 8-bit characters, which makes it easier\n for context-dependent attackers to determine a cleartext password by\n leveraging knowledge of a password hash (CVE-2011-2483).\n\n The updated packages have been patched to correct these issues.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.8~1.20080520.5.8mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.8~1.20080520.5.8mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-doc\", rpm:\"glibc-doc~2.8~1.20080520.5.8mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-doc-pdf\", rpm:\"glibc-doc-pdf~2.8~1.20080520.5.8mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-i18ndata\", rpm:\"glibc-i18ndata~2.8~1.20080520.5.8mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-profile\", rpm:\"glibc-profile~2.8~1.20080520.5.8mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-static-devel\", rpm:\"glibc-static-devel~2.8~1.20080520.5.8mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.8~1.20080520.5.8mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.8~1.20080520.5.8mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.11.1~8.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.11.1~8.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-doc\", rpm:\"glibc-doc~2.11.1~8.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-doc-pdf\", rpm:\"glibc-doc-pdf~2.11.1~8.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-i18ndata\", rpm:\"glibc-i18ndata~2.11.1~8.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-profile\", rpm:\"glibc-profile~2.11.1~8.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-static-devel\", rpm:\"glibc-static-devel~2.11.1~8.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.11.1~8.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.11.1~8.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:55:35", "description": "Check for the Version of glibc", "cvss3": {}, "published": "2011-11-28T00:00:00", "type": "openvas", "title": "Mandriva Update for glibc MDVSA-2011:178 (glibc)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2898", "CVE-2010-0296", "CVE-2011-2483", "CVE-2011-1659", "CVE-2011-1071", "CVE-2011-1095", "CVE-2010-3847", "CVE-2011-0536", "CVE-2011-1089"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831500", "href": "http://plugins.openvas.org/nasl.php?oid=831500", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for glibc MDVSA-2011:178 (glibc)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities was discovered and fixed in glibc:\n Multiple untrusted search path vulnerabilities in elf/dl-object.c in\n certain modified versions of the GNU C Library (aka glibc or libc6),\n including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat\n Enterprise Linux, allow local users to gain privileges via a crafted\n dynamic shared object (DSO) in a subdirectory of the current working\n directory during execution of a (1) setuid or (2) setgid program that\n has in (a) RPATH or (b) RUNPATH. NOTE: this issue exists because\n of an incorrect fix for CVE-2010-3847 (CVE-2011-0536).\n\n The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC\n (EGLIBC) allow context-dependent attackers to execute arbitrary code\n or cause a denial of service (memory consumption) via a long UTF8\n string that is used in an fnmatch call, aka a stack extension attack,\n a related issue to CVE-2010-2898, as originally reported for use of\n this library by Google Chrome (CVE-2011-1071).\n\n The addmntent function in the GNU C Library (aka glibc or libc6) 2.13\n and earlier does not report an error status for failed attempts to\n write to the /etc/mtab file, which makes it easier for local users\n to trigger corruption of this file, as demonstrated by writes from\n a process with a small RLIMIT_FSIZE value, a different vulnerability\n than CVE-2010-0296 (CVE-2011-1089).\n\n locale/programs/locale.c in locale in the GNU C Library (aka glibc\n or libc6) before 2.13 does not quote its output, which might allow\n local users to gain privileges via a crafted localization environment\n variable, in conjunction with a program that executes a script that\n uses the eval function (CVE-2011-1095).\n\n Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or\n libc6) 2.13 and earlier allows context-dependent attackers to cause a\n denial of service (application crash) via a long UTF8 string that is\n used in an fnmatch call with a crafted pattern argument, a different\n vulnerability than CVE-2011-1071 (CVE-2011-1659).\n\n crypt_blowfish before 1.1, as used in glibc on certain platforms,\n does not properly handle 8-bit characters, which makes it easier\n for context-dependent attackers to determine a cleartext password by\n leveraging knowledge of a password hash (CVE-2011-2483).\n\n The updated packages have been patched to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"glibc on Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-11/msg00037.php\");\n script_id(831500);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-28 12:50:20 +0530 (Mon, 28 Nov 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2011:178\");\n script_cve_id(\"CVE-2010-3847\", \"CVE-2011-0536\", \"CVE-2010-2898\", \"CVE-2011-1071\",\n \"CVE-2010-0296\", \"CVE-2011-1089\", \"CVE-2011-1095\", \"CVE-2011-1659\",\n \"CVE-2011-2483\");\n script_name(\"Mandriva Update for glibc MDVSA-2011:178 (glibc)\");\n\n script_summary(\"Check for the Version of glibc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.8~1.20080520.5.8mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.8~1.20080520.5.8mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-doc\", rpm:\"glibc-doc~2.8~1.20080520.5.8mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-doc-pdf\", rpm:\"glibc-doc-pdf~2.8~1.20080520.5.8mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-i18ndata\", rpm:\"glibc-i18ndata~2.8~1.20080520.5.8mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-profile\", rpm:\"glibc-profile~2.8~1.20080520.5.8mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-static-devel\", rpm:\"glibc-static-devel~2.8~1.20080520.5.8mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.8~1.20080520.5.8mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.8~1.20080520.5.8mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.11.1~8.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.11.1~8.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-doc\", rpm:\"glibc-doc~2.11.1~8.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-doc-pdf\", rpm:\"glibc-doc-pdf~2.11.1~8.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-i18ndata\", rpm:\"glibc-i18ndata~2.11.1~8.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-profile\", rpm:\"glibc-profile~2.11.1~8.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-static-devel\", rpm:\"glibc-static-devel~2.11.1~8.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.11.1~8.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.11.1~8.3mnb2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:57:52", "description": "Check for the Version of glibc", "cvss3": {}, "published": "2012-06-06T00:00:00", "type": "openvas", "title": "RedHat Update for glibc RHSA-2011:0413-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1071", "CVE-2011-1095", "CVE-2010-3847", "CVE-2011-0536"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:870670", "href": "http://plugins.openvas.org/nasl.php?oid=870670", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2011:0413-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n The fix for CVE-2010-3847 introduced a regression in the way the dynamic\n loader expanded the $ORIGIN dynamic string token specified in the RPATH and\n RUNPATH entries in the ELF library header. A local attacker could use this\n flaw to escalate their privileges via a setuid or setgid program using\n such a library. (CVE-2011-0536)\n\n It was discovered that the glibc fnmatch() function did not properly\n restrict the use of alloca(). If the function was called on sufficiently\n large inputs, it could cause an application using fnmatch() to crash or,\n possibly, execute arbitrary code with the privileges of the application.\n (CVE-2011-1071)\n\n It was discovered that the locale command did not produce properly escaped\n output as required by the POSIX specification. If an attacker were able to\n set the locale environment variables in the environment of a script that\n performed shell evaluation on the output of the locale command, and that\n script were run with different privileges than the attacker's, it could\n execute arbitrary code with the privileges of the script. (CVE-2011-1095)\n\n All users should upgrade to these updated packages, which contain\n backported patches to correct these issues.\";\n\ntag_affected = \"glibc on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-April/msg00001.html\");\n script_id(870670);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-06 10:45:07 +0530 (Wed, 06 Jun 2012)\");\n script_cve_id(\"CVE-2011-0536\", \"CVE-2011-1071\", \"CVE-2011-1095\", \"CVE-2010-3847\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2011:0413-01\");\n script_name(\"RedHat Update for glibc RHSA-2011:0413-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of glibc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.7.el6_0.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.7.el6_0.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.12~1.7.el6_0.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.7.el6_0.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.7.el6_0.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.7.el6_0.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.7.el6_0.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-06T00:00:00", "type": "openvas", "title": "RedHat Update for glibc RHSA-2011:0413-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1071", "CVE-2011-1095", "CVE-2010-3847", "CVE-2011-0536"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870670", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870670", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2011:0413-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-April/msg00001.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870670\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-06 10:45:07 +0530 (Wed, 06 Jun 2012)\");\n script_cve_id(\"CVE-2011-0536\", \"CVE-2011-1071\", \"CVE-2011-1095\", \"CVE-2010-3847\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2011:0413-01\");\n script_name(\"RedHat Update for glibc RHSA-2011:0413-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"glibc on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n The fix for CVE-2010-3847 introduced a regression in the way the dynamic\n loader expanded the $ORIGIN dynamic string token specified in the RPATH and\n RUNPATH entries in the ELF library header. A local attacker could use this\n flaw to escalate their privileges via a setuid or setgid program using\n such a library. (CVE-2011-0536)\n\n It was discovered that the glibc fnmatch() function did not properly\n restrict the use of alloca(). If the function was called on sufficiently\n large inputs, it could cause an application using fnmatch() to crash or,\n possibly, execute arbitrary code with the privileges of the application.\n (CVE-2011-1071)\n\n It was discovered that the locale command did not produce properly escaped\n output as required by the POSIX specification. If an attacker were able to\n set the locale environment variables in the environment of a script that\n performed shell evaluation on the output of the locale command, and that\n script were run with different privileges than the attacker's, it could\n execute arbitrary code with the privileges of the script. (CVE-2011-1095)\n\n All users should upgrade to these updated packages, which contain\n backported patches to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.7.el6_0.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.7.el6_0.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.12~1.7.el6_0.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.7.el6_0.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.7.el6_0.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.7.el6_0.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.7.el6_0.5\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:42", "description": "Check for the Version of glibc", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for glibc CESA-2011:0412 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0296", "CVE-2011-1071", "CVE-2011-1095", "CVE-2010-3847", "CVE-2011-0536"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880538", "href": "http://plugins.openvas.org/nasl.php?oid=880538", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for glibc CESA-2011:0412 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n The fix for CVE-2010-3847 introduced a regression in the way the dynamic\n loader expanded the $ORIGIN dynamic string token specified in the RPATH and\n RUNPATH entries in the ELF library header. A local attacker could use this\n flaw to escalate their privileges via a setuid or setgid program using\n such a library. (CVE-2011-0536)\n \n It was discovered that the glibc addmntent() function did not sanitize its\n input properly. A local attacker could possibly use this flaw to inject\n malformed lines into /etc/mtab via certain setuid mount helpers, if the\n attacker were allowed to mount to an arbitrary directory under their\n control. (CVE-2010-0296)\n \n It was discovered that the glibc fnmatch() function did not properly\n restrict the use of alloca(). If the function was called on sufficiently\n large inputs, it could cause an application using fnmatch() to crash or,\n possibly, execute arbitrary code with the privileges of the application.\n (CVE-2011-1071)\n \n It was discovered that the locale command did not produce properly escaped\n output as required by the POSIX specification. If an attacker were able to\n set the locale environment variables in the environment of a script that\n performed shell evaluation on the output of the locale command, and that\n script were run with different privileges than the attacker's, it could\n execute arbitrary code with the privileges of the script. (CVE-2011-1095)\n \n All users should upgrade to these updated packages, which contain\n backported patches to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"glibc on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-April/017297.html\");\n script_id(880538);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2011:0412\");\n script_cve_id(\"CVE-2010-0296\", \"CVE-2011-0536\", \"CVE-2011-1071\", \"CVE-2011-1095\", \"CVE-2010-3847\");\n script_name(\"CentOS Update for glibc CESA-2011:0412 centos5 i386\");\n\n script_summary(\"Check for the Version of glibc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:00", "description": "Oracle Linux Local Security Checks ELSA-2011-0413", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0413", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1658", "CVE-2011-1659", "CVE-2011-1071", "CVE-2011-1095", "CVE-2011-0536"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122202", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122202", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0413.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122202\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:14:44 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0413\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0413 - glibc security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0413\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0413.html\");\n script_cve_id(\"CVE-2011-0536\", \"CVE-2011-1071\", \"CVE-2011-1095\", \"CVE-2011-1658\", \"CVE-2011-1659\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.12~1.7.el6_0.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.12~1.7.el6_0.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.12~1.7.el6_0.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.12~1.7.el6_0.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-static\", rpm:\"glibc-static~2.12~1.7.el6_0.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.12~1.7.el6_0.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.12~1.7.el6_0.5\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:57:29", "description": "Check for the Version of glibc", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for glibc CESA-2011:0412 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0296", "CVE-2011-1071", "CVE-2011-1095", "CVE-2010-3847", "CVE-2011-0536"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:881328", "href": "http://plugins.openvas.org/nasl.php?oid=881328", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for glibc CESA-2011:0412 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n The fix for CVE-2010-3847 introduced a regression in the way the dynamic\n loader expanded the $ORIGIN dynamic string token specified in the RPATH and\n RUNPATH entries in the ELF library header. A local attacker could use this\n flaw to escalate their privileges via a setuid or setgid program using\n such a library. (CVE-2011-0536)\n \n It was discovered that the glibc addmntent() function did not sanitize its\n input properly. A local attacker could possibly use this flaw to inject\n malformed lines into /etc/mtab via certain setuid mount helpers, if the\n attacker were allowed to mount to an arbitrary directory under their\n control. (CVE-2010-0296)\n \n It was discovered that the glibc fnmatch() function did not properly\n restrict the use of alloca(). If the function was called on sufficiently\n large inputs, it could cause an application using fnmatch() to crash or,\n possibly, execute arbitrary code with the privileges of the application.\n (CVE-2011-1071)\n \n It was discovered that the locale command did not produce properly escaped\n output as required by the POSIX specification. If an attacker were able to\n set the locale environment variables in the environment of a script that\n performed shell evaluation on the output of the locale command, and that\n script were run with different privileges than the attacker's, it could\n execute arbitrary code with the privileges of the script. (CVE-2011-1095)\n \n All users should upgrade to these updated packages, which contain\n backported patches to correct these issues.\";\n\ntag_affected = \"glibc on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-April/017298.html\");\n script_id(881328);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:24:58 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-0296\", \"CVE-2011-0536\", \"CVE-2011-1071\", \"CVE-2011-1095\",\n \"CVE-2010-3847\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2011:0412\");\n script_name(\"CentOS Update for glibc CESA-2011:0412 centos5 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of glibc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-04-06T00:00:00", "type": "openvas", "title": "RedHat Update for glibc RHSA-2011:0412-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0296", "CVE-2011-1071", "CVE-2011-1095", "CVE-2010-3847", "CVE-2011-0536"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870417", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870417", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2011:0412-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-April/msg00000.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870417\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-06 16:20:31 +0200 (Wed, 06 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2011:0412-01\");\n script_cve_id(\"CVE-2010-0296\", \"CVE-2011-0536\", \"CVE-2011-1071\", \"CVE-2011-1095\", \"CVE-2010-3847\");\n script_name(\"RedHat Update for glibc RHSA-2011:0412-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"glibc on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n The fix for CVE-2010-3847 introduced a regression in the way the dynamic\n loader expanded the $ORIGIN dynamic string token specified in the RPATH and\n RUNPATH entries in the ELF library header. A local attacker could use this\n flaw to escalate their privileges via a setuid or setgid program using\n such a library. (CVE-2011-0536)\n\n It was discovered that the glibc addmntent() function did not sanitize its\n input properly. A local attacker could possibly use this flaw to inject\n malformed lines into /etc/mtab via certain setuid mount helpers, if the\n attacker were allowed to mount to an arbitrary directory under their\n control. (CVE-2010-0296)\n\n It was discovered that the glibc fnmatch() function did not properly\n restrict the use of alloca(). If the function was called on sufficiently\n large inputs, it could cause an application using fnmatch() to crash or,\n possibly, execute arbitrary code with the privileges of the application.\n (CVE-2011-1071)\n\n It was discovered that the locale command did not produce properly escaped\n output as required by the POSIX specification. If an attacker were able to\n set the locale environment variables in the environment of a script that\n performed shell evaluation on the output of the locale command, and that\n script were run with different privileges than the attacker's, it could\n execute arbitrary code with the privileges of the script. (CVE-2011-1095)\n\n All users should upgrade to these updated packages, which contain\n backported patches to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.5~58.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.5~58.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.5~58.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.5~58.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.5~58.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.5~58.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.5~58.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.5~58.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:40:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for glibc CESA-2011:0412 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0296", "CVE-2011-1071", "CVE-2011-1095", "CVE-2010-3847", "CVE-2011-0536"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880538", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880538", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for glibc CESA-2011:0412 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-April/017297.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880538\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2011:0412\");\n script_cve_id(\"CVE-2010-0296\", \"CVE-2011-0536\", \"CVE-2011-1071\", \"CVE-2011-1095\", \"CVE-2010-3847\");\n script_name(\"CentOS Update for glibc CESA-2011:0412 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"glibc on CentOS 5\");\n script_tag(name:\"insight\", value:\"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n The fix for CVE-2010-3847 introduced a regression in the way the dynamic\n loader expanded the $ORIGIN dynamic string token specified in the RPATH and\n RUNPATH entries in the ELF library header. A local attacker could use this\n flaw to escalate their privileges via a setuid or setgid program using\n such a library. (CVE-2011-0536)\n\n It was discovered that the glibc addmntent() function did not sanitize its\n input properly. A local attacker could possibly use this flaw to inject\n malformed lines into /etc/mtab via certain setuid mount helpers, if the\n attacker were allowed to mount to an arbitrary directory under their\n control. (CVE-2010-0296)\n\n It was discovered that the glibc fnmatch() function did not properly\n restrict the use of alloca(). If the function was called on sufficiently\n large inputs, it could cause an application using fnmatch() to crash or,\n possibly, execute arbitrary code with the privileges of the application.\n (CVE-2011-1071)\n\n It was discovered that the locale command did not produce properly escaped\n output as required by the POSIX specification. If an attacker were able to\n set the locale environment variables in the environment of a script that\n performed shell evaluation on the output of the locale command, and that\n script were run with different privileges than the attacker's, it could\n execute arbitrary code with the privileges of the script. (CVE-2011-1095)\n\n All users should upgrade to these updated packages, which contain\n backported patches to correct these issues.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-27T10:55:25", "description": "Check for the Version of glibc", "cvss3": {}, "published": "2011-04-06T00:00:00", "type": "openvas", "title": "RedHat Update for glibc RHSA-2011:0412-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0296", "CVE-2011-1071", "CVE-2011-1095", "CVE-2010-3847", "CVE-2011-0536"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870417", "href": "http://plugins.openvas.org/nasl.php?oid=870417", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2011:0412-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n The fix for CVE-2010-3847 introduced a regression in the way the dynamic\n loader expanded the $ORIGIN dynamic string token specified in the RPATH and\n RUNPATH entries in the ELF library header. A local attacker could use this\n flaw to escalate their privileges via a setuid or setgid program using\n such a library. (CVE-2011-0536)\n \n It was discovered that the glibc addmntent() function did not sanitize its\n input properly. A local attacker could possibly use this flaw to inject\n malformed lines into /etc/mtab via certain setuid mount helpers, if the\n attacker were allowed to mount to an arbitrary directory under their\n control. (CVE-2010-0296)\n \n It was discovered that the glibc fnmatch() function did not properly\n restrict the use of alloca(). If the function was called on sufficiently\n large inputs, it could cause an application using fnmatch() to crash or,\n possibly, execute arbitrary code with the privileges of the application.\n (CVE-2011-1071)\n \n It was discovered that the locale command did not produce properly escaped\n output as required by the POSIX specification. If an attacker were able to\n set the locale environment variables in the environment of a script that\n performed shell evaluation on the output of the locale command, and that\n script were run with different privileges than the attacker's, it could\n execute arbitrary code with the privileges of the script. (CVE-2011-1095)\n \n All users should upgrade to these updated packages, which contain\n backported patches to correct these issues.\";\n\ntag_affected = \"glibc on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-April/msg00000.html\");\n script_id(870417);\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-06 16:20:31 +0200 (Wed, 06 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2011:0412-01\");\n script_cve_id(\"CVE-2010-0296\", \"CVE-2011-0536\", \"CVE-2011-1071\", \"CVE-2011-1095\", \"CVE-2010-3847\");\n script_name(\"RedHat Update for glibc RHSA-2011:0412-01\");\n\n script_summary(\"Check for the Version of glibc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.5~58.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.5~58.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.5~58.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.5~58.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.5~58.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.5~58.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.5~58.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.5~58.el5_6.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for glibc CESA-2011:0412 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0296", "CVE-2011-1071", "CVE-2011-1095", "CVE-2010-3847", "CVE-2011-0536"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881328", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881328", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for glibc CESA-2011:0412 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-April/017298.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881328\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:24:58 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-0296\", \"CVE-2011-0536\", \"CVE-2011-1071\", \"CVE-2011-1095\",\n \"CVE-2010-3847\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2011:0412\");\n script_name(\"CentOS Update for glibc CESA-2011:0412 centos5 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"glibc on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n The fix for CVE-2010-3847 introduced a regression in the way the dynamic\n loader expanded the $ORIGIN dynamic string token specified in the RPATH and\n RUNPATH entries in the ELF library header. A local attacker could use this\n flaw to escalate their privileges via a setuid or setgid program using\n such a library. (CVE-2011-0536)\n\n It was discovered that the glibc addmntent() function did not sanitize its\n input properly. A local attacker could possibly use this flaw to inject\n malformed lines into /etc/mtab via certain setuid mount helpers, if the\n attacker were allowed to mount to an arbitrary directory under their\n control. (CVE-2010-0296)\n\n It was discovered that the glibc fnmatch() function did not properly\n restrict the use of alloca(). If the function was called on sufficiently\n large inputs, it could cause an application using fnmatch() to crash or,\n possibly, execute arbitrary code with the privileges of the application.\n (CVE-2011-1071)\n\n It was discovered that the locale command did not produce properly escaped\n output as required by the POSIX specification. If an attacker were able to\n set the locale environment variables in the environment of a script that\n performed shell evaluation on the output of the locale command, and that\n script were run with different privileges than the attacker's, it could\n execute arbitrary code with the privileges of the script. (CVE-2011-1095)\n\n All users should upgrade to these updated packages, which contain\n backported patches to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.5~58.el5_6.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-27T10:56:46", "description": "Check for the Version of php", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for php RHSA-2008:0544-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4782", "CVE-2008-2051", "CVE-2007-5898", "CVE-2008-2107", "CVE-2008-2108", "CVE-2007-5899"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870120", "href": "http://plugins.openvas.org/nasl.php?oid=870120", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php RHSA-2008:0544-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Web server.\n\n It was discovered that the PHP escapeshellcmd() function did not properly\n escape multi-byte characters which are not valid in the locale used by the\n script. This could allow an attacker to bypass quoting restrictions imposed\n by escapeshellcmd() and execute arbitrary commands if the PHP script was\n using certain locales. Scripts using the default UTF-8 locale are not\n affected by this issue. (CVE-2008-2051)\n \n PHP functions htmlentities() and htmlspecialchars() did not properly\n recognize partial multi-byte sequences. Certain sequences of bytes could be\n passed through these functions without being correctly HTML-escaped.\n Depending on the browser being used, an attacker could use this flaw to\n conduct cross-site scripting attacks. (CVE-2007-5898)\n \n A PHP script which used the transparent session ID configuration option, or\n which used the output_add_rewrite_var() function, could leak session\n identifiers to external web sites. If a page included an HTML form with an\n ACTION attribute referencing a non-local URL, the user's session ID would\n be included in the form data passed to that URL. (CVE-2007-5899)\n \n It was discovered that PHP fnmatch() function did not restrict the length\n of the string argument. An attacker could use this flaw to crash the PHP\n interpreter where a script used fnmatch() on untrusted input data.\n (CVE-2007-4782)\n \n It was discovered that PHP did not properly seed its pseudo-random number\n generator used by functions such as rand() and mt_rand(), possibly allowing\n an attacker to easily predict the generated pseudo-random values.\n (CVE-2008-2107, CVE-2008-2108)\n \n Users of PHP should upgrade to these updated packages, which contain\n backported patches to correct these issues.\";\n\ntag_affected = \"php on Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-July/msg00016.html\");\n script_id(870120);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0544-01\");\n script_cve_id(\"CVE-2008-2051\", \"CVE-2007-5898\", \"CVE-2007-5899\", \"CVE-2007-4782\", \"CVE-2008-2107\", \"CVE-2008-2108\");\n script_name( \"RedHat Update for php RHSA-2008:0544-01\");\n\n script_summary(\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~4.3.2~48.ent\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~4.3.2~48.ent\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~4.3.2~48.ent\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~4.3.2~48.ent\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~4.3.2~48.ent\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~4.3.2~48.ent\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~4.3.2~48.ent\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~4.3.2~48.ent\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:59", "description": "Check for the Version of php", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2008:0544 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4782", "CVE-2008-2051", "CVE-2007-5898", "CVE-2008-2107", "CVE-2008-2108", "CVE-2007-5899"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880308", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880308", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2008:0544 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Web server.\n\n It was discovered that the PHP escapeshellcmd() function did not properly\n escape multi-byte characters which are not valid in the locale used by the\n script. This could allow an attacker to bypass quoting restrictions imposed\n by escapeshellcmd() and execute arbitrary commands if the PHP script was\n using certain locales. Scripts using the default UTF-8 locale are not\n affected by this issue. (CVE-2008-2051)\n \n PHP functions htmlentities() and htmlspecialchars() did not properly\n recognize partial multi-byte sequences. Certain sequences of bytes could be\n passed through these functions without being correctly HTML-escaped.\n Depending on the browser being used, an attacker could use this flaw to\n conduct cross-site scripting attacks. (CVE-2007-5898)\n \n A PHP script which used the transparent session ID configuration option, or\n which used the output_add_rewrite_var() function, could leak session\n identifiers to external web sites. If a page included an HTML form with an\n ACTION attribute referencing a non-local URL, the user's session ID would\n be included in the form data passed to that URL. (CVE-2007-5899)\n \n It was discovered that PHP fnmatch() function did not restrict the length\n of the string argument. An attacker could use this flaw to crash the PHP\n interpreter where a script used fnmatch() on untrusted input data.\n (CVE-2007-4782)\n \n It was discovered that PHP did not properly seed its pseudo-random number\n generator used by functions such as rand() and mt_rand(), possibly allowing\n an attacker to easily predict the generated pseudo-random values.\n (CVE-2008-2107, CVE-2008-2108)\n \n Users of PHP should upgrade to these updated packages, which contain\n backported patches to correct these issues.\";\n\ntag_affected = \"php on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-July/015128.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880308\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0544\");\n script_cve_id(\"CVE-2008-2051\", \"CVE-2007-5898\", \"CVE-2007-5899\", \"CVE-2007-4782\", \"CVE-2008-2107\", \"CVE-2008-2108\");\n script_name( \"CentOS Update for php CESA-2008:0544 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:33", "description": "Check for the Version of php", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2008:0544 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4782", "CVE-2008-2051", "CVE-2007-5898", "CVE-2008-2107", "CVE-2008-2108", "CVE-2007-5899"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880308", "href": "http://plugins.openvas.org/nasl.php?oid=880308", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2008:0544 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Web server.\n\n It was discovered that the PHP escapeshellcmd() function did not properly\n escape multi-byte characters which are not valid in the locale used by the\n script. This could allow an attacker to bypass quoting restrictions imposed\n by escapeshellcmd() and execute arbitrary commands if the PHP script was\n using certain locales. Scripts using the default UTF-8 locale are not\n affected by this issue. (CVE-2008-2051)\n \n PHP functions htmlentities() and htmlspecialchars() did not properly\n recognize partial multi-byte sequences. Certain sequences of bytes could be\n passed through these functions without being correctly HTML-escaped.\n Depending on the browser being used, an attacker could use this flaw to\n conduct cross-site scripting attacks. (CVE-2007-5898)\n \n A PHP script which used the transparent session ID configuration option, or\n which used the output_add_rewrite_var() function, could leak session\n identifiers to external web sites. If a page included an HTML form with an\n ACTION attribute referencing a non-local URL, the user's session ID would\n be included in the form data passed to that URL. (CVE-2007-5899)\n \n It was discovered that PHP fnmatch() function did not restrict the length\n of the string argument. An attacker could use this flaw to crash the PHP\n interpreter where a script used fnmatch() on untrusted input data.\n (CVE-2007-4782)\n \n It was discovered that PHP did not properly seed its pseudo-random number\n generator used by functions such as rand() and mt_rand(), possibly allowing\n an attacker to easily predict the generated pseudo-random values.\n (CVE-2008-2107, CVE-2008-2108)\n \n Users of PHP should upgrade to these updated packages, which contain\n backported patches to correct these issues.\";\n\ntag_affected = \"php on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-July/015128.html\");\n script_id(880308);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0544\");\n script_cve_id(\"CVE-2008-2051\", \"CVE-2007-5898\", \"CVE-2007-5899\", \"CVE-2007-4782\", \"CVE-2008-2107\", \"CVE-2008-2108\");\n script_name( \"CentOS Update for php CESA-2008:0544 centos3 i386\");\n\n script_summary(\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:25", "description": "Check for the Version of php", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2008:0544 centos3 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4782", "CVE-2008-2051", "CVE-2007-5898", "CVE-2008-2107", "CVE-2008-2108", "CVE-2007-5899"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880040", "href": "http://plugins.openvas.org/nasl.php?oid=880040", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2008:0544 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Web server.\n\n It was discovered that the PHP escapeshellcmd() function did not properly\n escape multi-byte characters which are not valid in the locale used by the\n script. This could allow an attacker to bypass quoting restrictions imposed\n by escapeshellcmd() and execute arbitrary commands if the PHP script was\n using certain locales. Scripts using the default UTF-8 locale are not\n affected by this issue. (CVE-2008-2051)\n \n PHP functions htmlentities() and htmlspecialchars() did not properly\n recognize partial multi-byte sequences. Certain sequences of bytes could be\n passed through these functions without being correctly HTML-escaped.\n Depending on the browser being used, an attacker could use this flaw to\n conduct cross-site scripting attacks. (CVE-2007-5898)\n \n A PHP script which used the transparent session ID configuration option, or\n which used the output_add_rewrite_var() function, could leak session\n identifiers to external web sites. If a page included an HTML form with an\n ACTION attribute referencing a non-local URL, the user's session ID would\n be included in the form data passed to that URL. (CVE-2007-5899)\n \n It was discovered that PHP fnmatch() function did not restrict the length\n of the string argument. An attacker could use this flaw to crash the PHP\n interpreter where a script used fnmatch() on untrusted input data.\n (CVE-2007-4782)\n \n It was discovered that PHP did not properly seed its pseudo-random number\n generator used by functions such as rand() and mt_rand(), possibly allowing\n an attacker to easily predict the generated pseudo-random values.\n (CVE-2008-2107, CVE-2008-2108)\n \n Users of PHP should upgrade to these updated packages, which contain\n backported patches to correct these issues.\";\n\ntag_affected = \"php on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-July/015129.html\");\n script_id(880040);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0544\");\n script_cve_id(\"CVE-2008-2051\", \"CVE-2007-5898\", \"CVE-2007-5899\", \"CVE-2007-4782\", \"CVE-2008-2107\", \"CVE-2008-2108\");\n script_name( \"CentOS Update for php CESA-2008:0544 centos3 x86_64\");\n\n script_summary(\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:20", "description": "Check for the Version of php", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for php RHSA-2008:0545-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4782", "CVE-2008-2051", "CVE-2007-5898", "CVE-2008-2107", "CVE-2008-2108", "CVE-2007-5899"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870125", "href": "http://plugins.openvas.org/nasl.php?oid=870125", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php RHSA-2008:0545-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Web server.\n\n It was discovered that the PHP escapeshellcmd() function did not properly\n escape multi-byte characters which are not valid in the locale used by the\n script. This could allow an attacker to bypass quoting restrictions imposed\n by escapeshellcmd() and execute arbitrary commands if the PHP script was\n using certain locales. Scripts using the default UTF-8 locale are not\n affected by this issue. (CVE-2008-2051)\n \n The PHP functions htmlentities() and htmlspecialchars() did not properly\n recognize partial multi-byte sequences. Certain sequences of bytes could be\n passed through these functions without being correctly HTML-escaped.\n Depending on the browser being used, an attacker could use this flaw to\n conduct cross-site scripting attacks. (CVE-2007-5898)\n \n A PHP script which used the transparent session ID configuration option, or\n which used the output_add_rewrite_var() function, could leak session\n identifiers to external web sites. If a page included an HTML form with an\n ACTION attribute referencing a non-local URL, the user's session ID would\n be included in the form data passed to that URL. (CVE-2007-5899)\n \n It was discovered that the PHP fnmatch() function did not restrict the\n length of the string argument. An attacker could use this flaw to crash the\n PHP interpreter where a script used fnmatch() on untrusted input data.\n (CVE-2007-4782)\n \n It was discovered that PHP did not properly seed its pseudo-random number\n generator used by functions such as rand() and mt_rand(), possibly allowing\n an attacker to easily predict the generated pseudo-random values.\n (CVE-2008-2107, CVE-2008-2108)\n \n As well, these updated packages fix the following bug:\n \n * after 2008-01-01, when using PEAR version 1.3.6 or older, it was not\n possible to use the PHP Extension and Application Repository (PEAR) to\n upgrade or install packages. In these updated packages, PEAR has been\n upgraded to version 1.4.9, which restores support for the current\n pear.php.net update server. The following changes were made to the PEAR\n packages included in php-pear: Console_Getopt and Archive_Tar are now\n included by default, and XML_RPC has been upgraded to version 1.5.0.\n \n All php users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"php on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-July/msg00017.html\");\n script_id(870125);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0545-01\");\n script_cve_id(\"CVE-2008-2051\", \"CVE-2007-5898\", \"CVE-2007-5899\", \"CVE-2007-4782\", \"CVE-2008-2107\", \"CVE-2008-2108\");\n script_name( \"RedHat Update for php RHSA-2008:0545-01\");\n\n script_summary(\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-domxml\", rpm:\"php-domxml~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:29", "description": "Check for the Version of php", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for php RHSA-2008:0545-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4782", "CVE-2008-2051", "CVE-2007-5898", "CVE-2008-2107", "CVE-2008-2108", "CVE-2007-5899"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870125", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870125", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php RHSA-2008:0545-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Web server.\n\n It was discovered that the PHP escapeshellcmd() function did not properly\n escape multi-byte characters which are not valid in the locale used by the\n script. This could allow an attacker to bypass quoting restrictions imposed\n by escapeshellcmd() and execute arbitrary commands if the PHP script was\n using certain locales. Scripts using the default UTF-8 locale are not\n affected by this issue. (CVE-2008-2051)\n \n The PHP functions htmlentities() and htmlspecialchars() did not properly\n recognize partial multi-byte sequences. Certain sequences of bytes could be\n passed through these functions without being correctly HTML-escaped.\n Depending on the browser being used, an attacker could use this flaw to\n conduct cross-site scripting attacks. (CVE-2007-5898)\n \n A PHP script which used the transparent session ID configuration option, or\n which used the output_add_rewrite_var() function, could leak session\n identifiers to external web sites. If a page included an HTML form with an\n ACTION attribute referencing a non-local URL, the user's session ID would\n be included in the form data passed to that URL. (CVE-2007-5899)\n \n It was discovered that the PHP fnmatch() function did not restrict the\n length of the string argument. An attacker could use this flaw to crash the\n PHP interpreter where a script used fnmatch() on untrusted input data.\n (CVE-2007-4782)\n \n It was discovered that PHP did not properly seed its pseudo-random number\n generator used by functions such as rand() and mt_rand(), possibly allowing\n an attacker to easily predict the generated pseudo-random values.\n (CVE-2008-2107, CVE-2008-2108)\n \n As well, these updated packages fix the following bug:\n \n * after 2008-01-01, when using PEAR version 1.3.6 or older, it was not\n possible to use the PHP Extension and Application Repository (PEAR) to\n upgrade or install packages. In these updated packages, PEAR has been\n upgraded to version 1.4.9, which restores support for the current\n pear.php.net update server. The following changes were made to the PEAR\n packages included in php-pear: Console_Getopt and Archive_Tar are now\n included by default, and XML_RPC has been upgraded to version 1.5.0.\n \n All php users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"php on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-July/msg00017.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870125\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0545-01\");\n script_cve_id(\"CVE-2008-2051\", \"CVE-2007-5898\", \"CVE-2007-5899\", \"CVE-2007-4782\", \"CVE-2008-2107\", \"CVE-2008-2108\");\n script_name( \"RedHat Update for php RHSA-2008:0545-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-domxml\", rpm:\"php-domxml~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~4.3.9~3.22.12\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:37", "description": "Check for the Version of php", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2008:0544 centos3 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4782", "CVE-2008-2051", "CVE-2007-5898", "CVE-2008-2107", "CVE-2008-2108", "CVE-2007-5899"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880040", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880040", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2008:0544 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Web server.\n\n It was discovered that the PHP escapeshellcmd() function did not properly\n escape multi-byte characters which are not valid in the locale used by the\n script. This could allow an attacker to bypass quoting restrictions imposed\n by escapeshellcmd() and execute arbitrary commands if the PHP script was\n using certain locales. Scripts using the default UTF-8 locale are not\n affected by this issue. (CVE-2008-2051)\n \n PHP functions htmlentities() and htmlspecialchars() did not properly\n recognize partial multi-byte sequences. Certain sequences of bytes could be\n passed through these functions without being correctly HTML-escaped.\n Depending on the browser being used, an attacker could use this flaw to\n conduct cross-site scripting attacks. (CVE-2007-5898)\n \n A PHP script which used the transparent session ID configuration option, or\n which used the output_add_rewrite_var() function, could leak session\n identifiers to external web sites. If a page included an HTML form with an\n ACTION attribute referencing a non-local URL, the user's session ID would\n be included in the form data passed to that URL. (CVE-2007-5899)\n \n It was discovered that PHP fnmatch() function did not restrict the length\n of the string argument. An attacker could use this flaw to crash the PHP\n interpreter where a script used fnmatch() on untrusted input data.\n (CVE-2007-4782)\n \n It was discovered that PHP did not properly seed its pseudo-random number\n generator used by functions such as rand() and mt_rand(), possibly allowing\n an attacker to easily predict the generated pseudo-random values.\n (CVE-2008-2107, CVE-2008-2108)\n \n Users of PHP should upgrade to these updated packages, which contain\n backported patches to correct these issues.\";\n\ntag_affected = \"php on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-July/015129.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880040\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:40:14 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0544\");\n script_cve_id(\"CVE-2008-2051\", \"CVE-2007-5898\", \"CVE-2007-5899\", \"CVE-2007-4782\", \"CVE-2008-2107\", \"CVE-2008-2108\");\n script_name( \"CentOS Update for php CESA-2008:0544 centos3 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~4.3.2~48.ent\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:38", "description": "Check for the Version of php", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for php RHSA-2008:0544-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4782", "CVE-2008-2051", "CVE-2007-5898", "CVE-2008-2107", "CVE-2008-2108", "CVE-2007-5899"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870120", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870120", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php RHSA-2008:0544-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Web server.\n\n It was discovered that the PHP escapeshellcmd() function did not properly\n escape multi-byte characters which are not valid in the locale used by the\n script. This could allow an attacker to bypass quoting restrictions imposed\n by escapeshellcmd() and execute arbitrary commands if the PHP script was\n using certain locales. Scripts using the default UTF-8 locale are not\n affected by this issue. (CVE-2008-2051)\n \n PHP functions htmlentities() and htmlspecialchars() did not properly\n recognize partial multi-byte sequences. Certain sequences of bytes could be\n passed through these functions without being correctly HTML-escaped.\n Depending on the browser being used, an attacker could use this flaw to\n conduct cross-site scripting attacks. (CVE-2007-5898)\n \n A PHP script which used the transparent session ID configuration option, or\n which used the output_add_rewrite_var() function, could leak session\n identifiers to external web sites. If a page included an HTML form with an\n ACTION attribute referencing a non-local URL, the user's session ID would\n be included in the form data passed to that URL. (CVE-2007-5899)\n \n It was discovered that PHP fnmatch() function did not restrict the length\n of the string argument. An attacker could use this flaw to crash the PHP\n interpreter where a script used fnmatch() on untrusted input data.\n (CVE-2007-4782)\n \n It was discovered that PHP did not properly seed its pseudo-random number\n generator used by functions such as rand() and mt_rand(), possibly allowing\n an attacker to easily predict the generated pseudo-random values.\n (CVE-2008-2107, CVE-2008-2108)\n \n Users of PHP should upgrade to these updated packages, which contain\n backported patches to correct these issues.\";\n\ntag_affected = \"php on Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-July/msg00016.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870120\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0544-01\");\n script_cve_id(\"CVE-2008-2051\", \"CVE-2007-5898\", \"CVE-2007-5899\", \"CVE-2007-4782\", \"CVE-2008-2107\", \"CVE-2008-2108\");\n script_name( \"RedHat Update for php RHSA-2008:0544-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~20.el5_2.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~4.3.2~48.ent\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~4.3.2~48.ent\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~4.3.2~48.ent\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~4.3.2~48.ent\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~4.3.2~48.ent\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~4.3.2~48.ent\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~4.3.2~48.ent\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~4.3.2~48.ent\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:19", "description": "Oracle Linux Local Security Checks ELSA-2008-0544", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2008-0544", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4782", "CVE-2008-2051", "CVE-2007-5898", "CVE-2008-2107", "CVE-2008-2108", "CVE-2007-5899"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122567", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122567", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2008-0544.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122567\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:48:13 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2008-0544\");\n script_tag(name:\"insight\", value:\"ELSA-2008-0544 - php security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2008-0544\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2008-0544.html\");\n script_cve_id(\"CVE-2007-4782\", \"CVE-2007-5898\", \"CVE-2007-5899\", \"CVE-2008-2051\", \"CVE-2008-2107\", \"CVE-2008-2108\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~20.el5_2.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:55", "description": "Oracle Linux Local Security Checks ELSA-2011-0412", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0412", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1658", "CVE-2010-0296", "CVE-2011-1659", "CVE-2011-1071", "CVE-2011-1095", "CVE-2011-0536"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122203", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122203", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0412.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122203\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:14:45 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0412\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0412 - glibc security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0412\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0412.html\");\n script_cve_id(\"CVE-2010-0296\", \"CVE-2011-0536\", \"CVE-2011-1071\", \"CVE-2011-1095\", \"CVE-2011-1658\", \"CVE-2011-1659\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.5~58.el5_6.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.5~58.el5_6.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.5~58.el5_6.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.5~58.el5_6.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.5~58.el5_6.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.5~58.el5_6.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-12T11:10:39", "description": "Check for the Version of php-eaccelerator", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2010-11481", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2225", "CVE-2010-2531", "CVE-2010-1915", "CVE-2010-2190", "CVE-2010-1914", "CVE-2010-1917", "CVE-2010-0397"], "modified": "2017-12-12T00:00:00", "id": "OPENVAS:862349", "href": "http://plugins.openvas.org/nasl.php?oid=862349", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2010-11481\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"php-eaccelerator on Fedora 13\";\ntag_insight = \"eAccelerator is a further development of the MMCache PHP Accelerator &amp; Encoder.\n It increases performance of PHP scripts by caching them in compiled state, so\n that the overhead of compiling is almost completely eliminated.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046022.html\");\n script_id(862349);\n script_version(\"$Revision: 8082 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-12 07:31:24 +0100 (Tue, 12 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-11481\");\n script_cve_id(\"CVE-2010-2531\", \"CVE-2010-0397\", \"CVE-2010-2225\", \"CVE-2010-2190\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2010-11481\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php-eaccelerator\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~2.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:09:58", "description": "The host isnstalled with Google Chrome and is prone to multiple\n unspecified vulnerabilities.", "cvss3": {}, "published": "2010-08-02T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Unspecified Vulnerabilities - July 10", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2897", "CVE-2010-2898", "CVE-2010-2901", "CVE-2010-2899", "CVE-2010-2903", "CVE-2010-2900", "CVE-2010-2902"], "modified": "2017-02-22T00:00:00", "id": "OPENVAS:902092", "href": "http://plugins.openvas.org/nasl.php?oid=902092", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_google_chrome_mult_unspecified_vuln_jul10.nasl 5394 2017-02-22 09:22:42Z teissa $\n#\n# Google Chrome Multiple Unspcified Vulnerabilities - July 10\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow the attackers to cause a denial of\n service (memory corruption) or possibly have unspecified other impact\n via unknown vectors.\n Impact Level: Application\";\ntag_affected = \"Google Chrome version prior to 5.0.375.125\";\ntag_insight = \"Multiple flaws are due to:\n - Not properly mitigate an unspecified flaw in the 'GNU C Library', which\n has unknown impact and attack vectors.\n - Not properly mitigate an unspecified flaw in the 'Windows kernel'.\n - An unspecified error exists related to large 'canvases'.\n - An unspecified error in the 'layout code' can be exploited to disclose\n memory content.\n - An unspecified error in the 'rendering code' and 'SVG handling' can be\n exploited to corrupt memory.\n - Unexpected truncation and improper eliding of hostnames.\";\ntag_solution = \"Upgrade to the Google Chrome 5.0.375.125 or later,\n For updates refer to http://www.google.com/chrome\";\ntag_summary = \"The host isnstalled with Google Chrome and is prone to multiple\n unspecified vulnerabilities.\";\n\nif(description)\n{\n script_id(902092);\n script_version(\"$Revision: 5394 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-22 10:22:42 +0100 (Wed, 22 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-02 12:38:17 +0200 (Mon, 02 Aug 2010)\");\n script_cve_id(\"CVE-2010-2898\", \"CVE-2010-2897\", \"CVE-2010-2900\",\n \"CVE-2010-2899\", \"CVE-2010-2901\", \"CVE-2010-2903\",\n \"CVE-2010-2902\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Google Chrome Multiple Unspecified Vulnerabilities - July 10\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/40743\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.com/2010/07/stable-channel-update_26.html\");\n\n script_copyright(\"Copyright (c) 2010 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_win.nasl\");\n script_require_keys(\"GoogleChrome/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Get the version from KB\nchromeVer = get_kb_item(\"GoogleChrome/Win/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Version less than 5.0.375.125\nif(version_is_less(version:chromeVer, test_version:\"5.0.375.125\")){\n security_message(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:21", "description": "Check for the Version of php", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2010:0919 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870", "CVE-2009-5016", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880633", "href": "http://plugins.openvas.org/nasl.php?oid=880633", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2010:0919 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n An input validation flaw was discovered in the PHP session serializer. If a\n PHP script generated session variable names from untrusted user input, a\n remote attacker could use this flaw to inject an arbitrary variable into\n the PHP session. (CVE-2010-3065)\n \n An information leak flaw was discovered in the PHP var_export() function\n implementation. If some fatal error occurred during the execution of this\n function (such as the exhaustion of memory or script execution time limit),\n part of the function's output was sent to the user as script output,\n possibly leading to the disclosure of sensitive information.\n (CVE-2010-2531)\n \n A numeric truncation error and an input validation flaw were found in the\n way the PHP utf8_decode() function decoded partial multi-byte sequences\n for some multi-byte encodings, sending them to output without them being\n escaped. An attacker could use these flaws to perform a cross-site\n scripting attack. (CVE-2009-5016, CVE-2010-3870)\n \n It was discovered that the PHP lcg_value() function used insufficient\n entropy to seed the pseudo-random number generator. A remote attacker could\n possibly use this flaw to predict values returned by the function, which\n are used to generate session identifiers by default. This update changes\n the function's implementation to use more entropy during seeding.\n (CVE-2010-1128)\n \n It was discovered that the PHP fnmatch() function did not restrict the\n length of the pattern argument. A remote attacker could use this flaw to\n crash the PHP interpreter where a script used fnmatch() on untrusted\n matching patterns. (CVE-2010-1917)\n \n A NULL pointer dereference flaw was discovered in the PHP XML-RPC\n extension. A malicious XML-RPC client or server could use this flaw to\n crash the PHP interpreter via a specially-crafted XML-RPC request.\n (CVE-2010-0397)\n \n All php users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-November/017198.html\");\n script_id(880633);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2010:0919\");\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1917\", \"CVE-2010-2531\", \"CVE-2010-3065\", \"CVE-2010-3870\");\n script_name(\"CentOS Update for php CESA-2010:0919 centos5 i386\");\n\n script_summary(\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:04:08", "description": "Check for the Version of maniadrive", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2010-11428", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2225", "CVE-2010-2531", "CVE-2010-1915", "CVE-2010-2190", "CVE-2010-1914", "CVE-2010-1917", "CVE-2010-0397"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:1361412562310862343", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862343", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2010-11428\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"maniadrive on Fedora 12\";\ntag_insight = \"ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous\n gameplay (tracks almost never exceed one minute). Features: Complex car\n physics, Challenging &quot;story mode&quot;, LAN and Internet mode, Live scores,\n Track editor, Dedicated server with HTTP interface and More than 30 blocks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046048.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862343\");\n script_version(\"$Revision: 8338 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 09:00:38 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-11428\");\n script_cve_id(\"CVE-2010-2531\", \"CVE-2010-0397\", \"CVE-2010-2225\", \"CVE-2010-2190\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\");\n script_name(\"Fedora Update for maniadrive FEDORA-2010-11428\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of maniadrive\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~22.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:25", "description": "Oracle Linux Local Security Checks ELSA-2010-0919", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2010-0919", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870", "CVE-2009-5016", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122295", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122295", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0919.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122295\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:16:11 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0919\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0919 - php security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0919\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0919.html\");\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1917\", \"CVE-2010-2531\", \"CVE-2010-3065\", \"CVE-2010-3870\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~27.el5_5.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-11T11:04:46", "description": "Check for the Version of php-eaccelerator", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2010-11428", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2225", "CVE-2010-2531", "CVE-2010-1915", "CVE-2010-2190", "CVE-2010-1914", "CVE-2010-1917", "CVE-2010-0397"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:1361412562310862347", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862347", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2010-11428\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"php-eaccelerator on Fedora 12\";\ntag_insight = \"eAccelerator is a further development of the MMCache PHP Accelerator &amp; Encoder.\n It increases performance of PHP scripts by caching them in compiled state, so\n that the overhead of compiling is almost completely eliminated.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046047.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862347\");\n script_version(\"$Revision: 8338 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 09:00:38 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-11428\");\n script_cve_id(\"CVE-2010-2531\", \"CVE-2010-0397\", \"CVE-2010-2225\", \"CVE-2010-2190\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2010-11428\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php-eaccelerator\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~2.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:53:59", "description": "Check for the Version of php-eaccelerator", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2010-11481", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2225", "CVE-2010-2531", "CVE-2010-1915", "CVE-2010-2190", "CVE-2010-1914", "CVE-2010-1917", "CVE-2010-0397"], "modified": "2017-12-21T00:00:00", "id": "OPENVAS:1361412562310862349", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862349", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2010-11481\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"php-eaccelerator on Fedora 13\";\ntag_insight = \"eAccelerator is a further development of the MMCache PHP Accelerator &amp; Encoder.\n It increases performance of PHP scripts by caching them in compiled state, so\n that the overhead of compiling is almost completely eliminated.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046022.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862349\");\n script_version(\"$Revision: 8207 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-21 08:30:12 +0100 (Thu, 21 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-11481\");\n script_cve_id(\"CVE-2010-2531\", \"CVE-2010-0397\", \"CVE-2010-2225\", \"CVE-2010-2190\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2010-11481\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php-eaccelerator\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~2.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-14T11:48:47", "description": "Check for the Version of maniadrive", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2010-11481", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2225", "CVE-2010-2531", "CVE-2010-1915", "CVE-2010-2190", "CVE-2010-1914", "CVE-2010-1917", "CVE-2010-0397"], "modified": "2017-12-14T00:00:00", "id": "OPENVAS:862346", "href": "http://plugins.openvas.org/nasl.php?oid=862346", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2010-11481\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"maniadrive on Fedora 13\";\ntag_insight = \"ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous\n gameplay (tracks almost never exceed one minute). Features: Complex car\n physics, Challenging &quot;story mode&quot;, LAN and Internet mode, Live scores,\n Track editor, Dedicated server with HTTP interface and More than 30 blocks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046023.html\");\n script_id(862346);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-11481\");\n script_cve_id(\"CVE-2010-2531\", \"CVE-2010-0397\", \"CVE-2010-2225\", \"CVE-2010-2190\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\");\n script_name(\"Fedora Update for maniadrive FEDORA-2010-11481\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of maniadrive\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~22.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-14T11:49:03", "description": "Check for the Version of php", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2010-11428", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2225", "CVE-2010-2531", "CVE-2010-1915", "CVE-2010-2190", "CVE-2010-1914", "CVE-2010-1917", "CVE-2010-0397"], "modified": "2017-12-13T00:00:00", "id": "OPENVAS:862345", "href": "http://plugins.openvas.org/nasl.php?oid=862345", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2010-11428\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated webpages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on Fedora 12\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046046.html\");\n script_id(862345);\n script_version(\"$Revision: 8092 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-13 07:31:16 +0100 (Wed, 13 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-11428\");\n script_cve_id(\"CVE-2010-2531\", \"CVE-2010-0397\", \"CVE-2010-2225\", \"CVE-2010-2190\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\");\n script_name(\"Fedora Update for php FEDORA-2010-11428\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.3~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-15T11:57:57", "description": "Check for the Version of php", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2010-11481", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2225", "CVE-2010-2531", "CVE-2010-1915", "CVE-2010-2190", "CVE-2010-1914", "CVE-2010-1917", "CVE-2010-0397"], "modified": "2017-12-15T00:00:00", "id": "OPENVAS:862351", "href": "http://plugins.openvas.org/nasl.php?oid=862351", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2010-11481\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated webpages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046021.html\");\n script_id(862351);\n script_version(\"$Revision: 8130 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-15 07:31:09 +0100 (Fri, 15 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-11481\");\n script_cve_id(\"CVE-2010-2531\", \"CVE-2010-0397\", \"CVE-2010-2225\", \"CVE-2010-2190\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\");\n script_name(\"Fedora Update for php FEDORA-2010-11481\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.3~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-14T11:48:51", "description": "Check for the Version of php", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "RedHat Update for php RHSA-2010:0919-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870", "CVE-2009-5016", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2017-12-13T00:00:00", "id": "OPENVAS:870362", "href": "http://plugins.openvas.org/nasl.php?oid=870362", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php RHSA-2010:0919-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n An input validation flaw was discovered in the PHP session serializer. If a\n PHP script generated session variable names from untrusted user input, a\n remote attacker could use this flaw to inject an arbitrary variable into\n the PHP session. (CVE-2010-3065)\n \n An information leak flaw was discovered in the PHP var_export() function\n implementation. If some fatal error occurred during the execution of this\n function (such as the exhaustion of memory or script execution time limit),\n part of the function's output was sent to the user as script output,\n possibly leading to the disclosure of sensitive information.\n (CVE-2010-2531)\n \n A numeric truncation error and an input validation flaw were found in the\n way the PHP utf8_decode() function decoded partial multi-byte sequences\n for some multi-byte encodings, sending them to output without them being\n escaped. An attacker could use these flaws to perform a cross-site\n scripting attack. (CVE-2009-5016, CVE-2010-3870)\n \n It was discovered that the PHP lcg_value() function used insufficient\n entropy to seed the pseudo-random number generator. A remote attacker could\n possibly use this flaw to predict values returned by the function, which\n are used to generate session identifiers by default. This update changes\n the function's implementation to use more entropy during seeding.\n (CVE-2010-1128)\n \n It was discovered that the PHP fnmatch() function did not restrict the\n length of the pattern argument. A remote attacker could use this flaw to\n crash the PHP interpreter where a script used fnmatch() on untrusted\n matching patterns. (CVE-2010-1917)\n \n A NULL pointer dereference flaw was discovered in the PHP XML-RPC\n extension. A malicious XML-RPC client or server could use this flaw to\n crash the PHP interpreter via a specially-crafted XML-RPC request.\n (CVE-2010-0397)\n \n All php users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_affected = \"php on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-November/msg00035.html\");\n script_id(870362);\n script_version(\"$Revision: 8092 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-13 07:31:16 +0100 (Wed, 13 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 08:26:35 +0100 (Thu, 09 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:0919-01\");\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1917\", \"CVE-2010-2531\", \"CVE-2010-3065\", \"CVE-2010-3870\");\n script_name(\"RedHat Update for php RHSA-2010:0919-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-domxml\", rpm:\"php-domxml~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:35", "description": "Check for the Version of maniadrive", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2010-11481", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2225", "CVE-2010-2531", "CVE-2010-1915", "CVE-2010-2190", "CVE-2010-1914", "CVE-2010-1917", "CVE-2010-0397"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:1361412562310862346", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862346", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2010-11481\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"maniadrive on Fedora 13\";\ntag_insight = \"ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous\n gameplay (tracks almost never exceed one minute). Features: Complex car\n physics, Challenging &quot;story mode&quot;, LAN and Internet mode, Live scores,\n Track editor, Dedicated server with HTTP interface and More than 30 blocks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046023.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862346\");\n script_version(\"$Revision: 8254 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 08:29:05 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-11481\");\n script_cve_id(\"CVE-2010-2531\", \"CVE-2010-0397\", \"CVE-2010-2225\", \"CVE-2010-2190\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\");\n script_name(\"Fedora Update for maniadrive FEDORA-2010-11481\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of maniadrive\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~22.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-06T13:04:59", "description": "Check for the Version of php", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2010-11481", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2225", "CVE-2010-2531", "CVE-2010-1915", "CVE-2010-2190", "CVE-2010-1914", "CVE-2010-1917", "CVE-2010-0397"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:1361412562310862351", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862351", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2010-11481\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated webpages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046021.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862351\");\n script_version(\"$Revision: 8274 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 08:28:17 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-11481\");\n script_cve_id(\"CVE-2010-2531\", \"CVE-2010-0397\", \"CVE-2010-2225\", \"CVE-2010-2190\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\");\n script_name(\"Fedora Update for php FEDORA-2010-11481\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.3~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:40", "description": "Check for the Version of php", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "RedHat Update for php RHSA-2010:0919-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870", "CVE-2009-5016", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2017-12-25T00:00:00", "id": "OPENVAS:1361412562310870362", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870362", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for php RHSA-2010:0919-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n An input validation flaw was discovered in the PHP session serializer. If a\n PHP script generated session variable names from untrusted user input, a\n remote attacker could use this flaw to inject an arbitrary variable into\n the PHP session. (CVE-2010-3065)\n \n An information leak flaw was discovered in the PHP var_export() function\n implementation. If some fatal error occurred during the execution of this\n function (such as the exhaustion of memory or script execution time limit),\n part of the function's output was sent to the user as script output,\n possibly leading to the disclosure of sensitive information.\n (CVE-2010-2531)\n \n A numeric truncation error and an input validation flaw were found in the\n way the PHP utf8_decode() function decoded partial multi-byte sequences\n for some multi-byte encodings, sending them to output without them being\n escaped. An attacker could use these flaws to perform a cross-site\n scripting attack. (CVE-2009-5016, CVE-2010-3870)\n \n It was discovered that the PHP lcg_value() function used insufficient\n entropy to seed the pseudo-random number generator. A remote attacker could\n possibly use this flaw to predict values returned by the function, which\n are used to generate session identifiers by default. This update changes\n the function's implementation to use more entropy during seeding.\n (CVE-2010-1128)\n \n It was discovered that the PHP fnmatch() function did not restrict the\n length of the pattern argument. A remote attacker could use this flaw to\n crash the PHP interpreter where a script used fnmatch() on untrusted\n matching patterns. (CVE-2010-1917)\n \n A NULL pointer dereference flaw was discovered in the PHP XML-RPC\n extension. A malicious XML-RPC client or server could use this flaw to\n crash the PHP interpreter via a specially-crafted XML-RPC request.\n (CVE-2010-0397)\n \n All php users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\n\ntag_affected = \"php on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-November/msg00035.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870362\");\n script_version(\"$Revision: 8244 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 08:29:28 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 08:26:35 +0100 (Thu, 09 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2010:0919-01\");\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1917\", \"CVE-2010-2531\", \"CVE-2010-3065\", \"CVE-2010-3870\");\n script_name(\"RedHat Update for php RHSA-2010:0919-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~27.el5_5.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-debuginfo\", rpm:\"php-debuginfo~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-domxml\", rpm:\"php-domxml~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~4.3.9~3.31\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:57", "description": "Check for the Version of php", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2010-11428", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2225", "CVE-2010-2531", "CVE-2010-1915", "CVE-2010-2190", "CVE-2010-1914", "CVE-2010-1917", "CVE-2010-0397"], "modified": "2017-12-22T00:00:00", "id": "OPENVAS:1361412562310862345", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862345", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2010-11428\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated webpages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on Fedora 12\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046046.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862345\");\n script_version(\"$Revision: 8228 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 08:29:52 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-11428\");\n script_cve_id(\"CVE-2010-2531\", \"CVE-2010-0397\", \"CVE-2010-2225\", \"CVE-2010-2190\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\");\n script_name(\"Fedora Update for php FEDORA-2010-11428\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.3.3~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-03T10:54:47", "description": "Check for the Version of php", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2010:0919 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870", "CVE-2009-5016", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:1361412562310880456", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880456", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2010:0919 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n An input validation flaw was discovered in the PHP session serializer. If a\n PHP script generated session variable names from untrusted user input, a\n remote attacker could use this flaw to inject an arbitrary variable into\n the PHP session. (CVE-2010-3065)\n \n An information leak flaw was discovered in the PHP var_export() function\n implementation. If some fatal error occurred during the execution of this\n function (such as the exhaustion of memory or script execution time limit),\n part of the function's output was sent to the user as script output,\n possibly leading to the disclosure of sensitive information.\n (CVE-2010-2531)\n \n A numeric truncation error and an input validation flaw were found in the\n way the PHP utf8_decode() function decoded partial multi-byte sequences\n for some multi-byte encodings, sending them to output without them being\n escaped. An attacker could use these flaws to perform a cross-site\n scripting attack. (CVE-2009-5016, CVE-2010-3870)\n \n It was discovered that the PHP lcg_value() function used insufficient\n entropy to seed the pseudo-random number generator. A remote attacker could\n possibly use this flaw to predict values returned by the function, which\n are used to generate session identifiers by default. This update changes\n the function's implementation to use more entropy during seeding.\n (CVE-2010-1128)\n \n It was discovered that the PHP fnmatch() function did not restrict the\n length of the pattern argument. A remote attacker could use this flaw to\n crash the PHP interpreter where a script used fnmatch() on untrusted\n matching patterns. (CVE-2010-1917)\n \n A NULL pointer dereference flaw was discovered in the PHP XML-RPC\n extension. A malicious XML-RPC client or server could use this flaw to\n crash the PHP interpreter via a specially-crafted XML-RPC request.\n (CVE-2010-0397)\n \n All php users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-December/017205.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880456\");\n script_version(\"$Revision: 8269 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 08:28:22 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 08:26:35 +0100 (Thu, 09 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2010:0919\");\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1917\", \"CVE-2010-2531\", \"CVE-2010-3065\", \"CVE-2010-3870\");\n script_name(\"CentOS Update for php CESA-2010:0919 centos4 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-domxml\", rpm:\"php-domxml~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2010:0919 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870", "CVE-2009-5016", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880633", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880633", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2010:0919 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2010-November/017198.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880633\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2010:0919\");\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1917\", \"CVE-2010-2531\", \"CVE-2010-3065\", \"CVE-2010-3870\");\n script_name(\"CentOS Update for php CESA-2010:0919 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'php'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"php on CentOS 5\");\n script_tag(name:\"insight\", value:\"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n An input validation flaw was discovered in the PHP session serializer. If a\n PHP script generated session variable names from untrusted user input, a\n remote attacker could use this flaw to inject an arbitrary variable into\n the PHP session. (CVE-2010-3065)\n\n An information leak flaw was discovered in the PHP var_export() function\n implementation. If some fatal error occurred during the execution of this\n function (such as the exhaustion of memory or script execution time limit),\n part of the function's output was sent to the user as script output,\n possibly leading to the disclosure of sensitive information.\n (CVE-2010-2531)\n\n A numeric truncation error and an input validation flaw were found in the\n way the PHP utf8_decode() function decoded partial multi-byte sequences\n for some multi-byte encodings, sending them to output without them being\n escaped. An attacker could use these flaws to perform a cross-site\n scripting attack. (CVE-2009-5016, CVE-2010-3870)\n\n It was discovered that the PHP lcg_value() function used insufficient\n entropy to seed the pseudo-random number generator. A remote attacker could\n possibly use this flaw to predict values returned by the function, which\n are used to generate session identifiers by default. This update changes\n the function's implementation to use more entropy during seeding.\n (CVE-2010-1128)\n\n It was discovered that the PHP fnmatch() function did not restrict the\n length of the pattern argument. A remote attacker could use this flaw to\n crash the PHP interpreter where a script used fnmatch() on untrusted\n matching patterns. (CVE-2010-1917)\n\n A NULL pointer dereference flaw was discovered in the PHP XML-RPC\n extension. A malicious XML-RPC client or server could use this flaw to\n crash the PHP interpreter via a specially-crafted XML-RPC request.\n (CVE-2010-0397)\n\n All php users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-common\", rpm:\"php-common~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.1.6~27.el5_5.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-15T11:58:07", "description": "Check for the Version of php", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "CentOS Update for php CESA-2010:0919 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2531", "CVE-2010-3065", "CVE-2010-3870", "CVE-2009-5016", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2017-12-15T00:00:00", "id": "OPENVAS:880456", "href": "http://plugins.openvas.org/nasl.php?oid=880456", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for php CESA-2010:0919 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language commonly used with the Apache\n HTTP Server.\n\n An input validation flaw was discovered in the PHP session serializer. If a\n PHP script generated session variable names from untrusted user input, a\n remote attacker could use this flaw to inject an arbitrary variable into\n the PHP session. (CVE-2010-3065)\n \n An information leak flaw was discovered in the PHP var_export() function\n implementation. If some fatal error occurred during the execution of this\n function (such as the exhaustion of memory or script execution time limit),\n part of the function's output was sent to the user as script output,\n possibly leading to the disclosure of sensitive information.\n (CVE-2010-2531)\n \n A numeric truncation error and an input validation flaw were found in the\n way the PHP utf8_decode() function decoded partial multi-byte sequences\n for some multi-byte encodings, sending them to output without them being\n escaped. An attacker could use these flaws to perform a cross-site\n scripting attack. (CVE-2009-5016, CVE-2010-3870)\n \n It was discovered that the PHP lcg_value() function used insufficient\n entropy to seed the pseudo-random number generator. A remote attacker could\n possibly use this flaw to predict values returned by the function, which\n are used to generate session identifiers by default. This update changes\n the function's implementation to use more entropy during seeding.\n (CVE-2010-1128)\n \n It was discovered that the PHP fnmatch() function did not restrict the\n length of the pattern argument. A remote attacker could use this flaw to\n crash the PHP interpreter where a script used fnmatch() on untrusted\n matching patterns. (CVE-2010-1917)\n \n A NULL pointer dereference flaw was discovered in the PHP XML-RPC\n extension. A malicious XML-RPC client or server could use this flaw to\n crash the PHP interpreter via a specially-crafted XML-RPC request.\n (CVE-2010-0397)\n \n All php users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. After installing the updated\n packages, the httpd daemon must be restarted for the update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"php on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-December/017205.html\");\n script_id(880456);\n script_version(\"$Revision: 8130 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-15 07:31:09 +0100 (Fri, 15 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 08:26:35 +0100 (Thu, 09 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2010:0919\");\n script_cve_id(\"CVE-2009-5016\", \"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1917\", \"CVE-2010-2531\", \"CVE-2010-3065\", \"CVE-2010-3870\");\n script_name(\"CentOS Update for php CESA-2010:0919 centos4 i386\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-domxml\", rpm:\"php-domxml~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pear\", rpm:\"php-pear~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~4.3.9~3.31\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-18T10:58:27", "description": "Check for the Version of php-eaccelerator", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for php-eaccelerator FEDORA-2010-11428", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2225", "CVE-2010-2531", "CVE-2010-1915", "CVE-2010-2190", "CVE-2010-1914", "CVE-2010-1917", "CVE-2010-0397"], "modified": "2017-12-18T00:00:00", "id": "OPENVAS:862347", "href": "http://plugins.openvas.org/nasl.php?oid=862347", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php-eaccelerator FEDORA-2010-11428\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"php-eaccelerator on Fedora 12\";\ntag_insight = \"eAccelerator is a further development of the MMCache PHP Accelerator &amp; Encoder.\n It increases performance of PHP scripts by caching them in compiled state, so\n that the overhead of compiling is almost completely eliminated.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046047.html\");\n script_id(862347);\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-11428\");\n script_cve_id(\"CVE-2010-2531\", \"CVE-2010-0397\", \"CVE-2010-2225\", \"CVE-2010-2190\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\");\n script_name(\"Fedora Update for php-eaccelerator FEDORA-2010-11428\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of php-eaccelerator\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"php-eaccelerator\", rpm:\"php-eaccelerator~0.9.6.1~2.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-18T10:57:49", "description": "Check for the Version of maniadrive", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "Fedora Update for maniadrive FEDORA-2010-11428", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2225", "CVE-2010-2531", "CVE-2010-1915", "CVE-2010-2190", "CVE-2010-1914", "CVE-2010-1917", "CVE-2010-0397"], "modified": "2017-12-18T00:00:00", "id": "OPENVAS:862343", "href": "http://plugins.openvas.org/nasl.php?oid=862343", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for maniadrive FEDORA-2010-11428\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"maniadrive on Fedora 12\";\ntag_insight = \"ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous\n gameplay (tracks almost never exceed one minute). Features: Complex car\n physics, Challenging &quot;story mode&quot;, LAN and Internet mode, Live scores,\n Track editor, Dedicated server with HTTP interface and More than 30 blocks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046048.html\");\n script_id(862343);\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-11428\");\n script_cve_id(\"CVE-2010-2531\", \"CVE-2010-0397\", \"CVE-2010-2225\", \"CVE-2010-2190\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\");\n script_name(\"Fedora Update for maniadrive FEDORA-2010-11428\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of maniadrive\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"maniadrive\", rpm:\"maniadrive~1.2~22.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-04-27T19:23:06", "description": "The host isnstalled with Google Chrome and is prone to multiple\n unspecified vulnerabilities.", "cvss3": {}, "published": "2010-08-02T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Unspecified Vulnerabilities - July 10", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2897", "CVE-2010-2898", "CVE-2010-2901", "CVE-2010-2899", "CVE-2010-2903", "CVE-2010-2900", "CVE-2010-2902"], "modified": "2020-04-23T00:00:00", "id": "OPENVAS:1361412562310902092", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902092", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Unspcified Vulnerabilities - July 10\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2010 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902092\");\n script_version(\"2020-04-23T12:22:09+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 12:22:09 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2010-08-02 12:38:17 +0200 (Mon, 02 Aug 2010)\");\n script_cve_id(\"CVE-2010-2898\", \"CVE-2010-2897\", \"CVE-2010-2900\",\n \"CVE-2010-2899\", \"CVE-2010-2901\", \"CVE-2010-2903\",\n \"CVE-2010-2902\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Google Chrome Multiple Unspecified Vulnerabilities - July 10\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/40743\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.com/2010/07/stable-channel-update_26.html\");\n\n script_copyright(\"Copyright (C) 2010 SecPod\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_family(\"General\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow the attackers to cause a denial of\n service (memory corruption) or possibly have unspecified other impact\n via unknown vectors.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 5.0.375.125\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to:\n\n - Not properly mitigate an unspecified flaw in the 'GNU C Library', which\n has unknown impact and attack vectors.\n\n - Not properly mitigate an unspecified flaw in the 'Windows kernel'.\n\n - An unspecified error exists related to large 'canvases'.\n\n - An unspecified error in the 'layout code' can be exploited to disclose\n memory content.\n\n - An unspecified error in the 'rendering code' and 'SVG handling' can be\n exploited to corrupt memory.\n\n - Unexpected truncation and improper eliding of hostnames.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 5.0.375.125 or later.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"The host isnstalled with Google Chrome and is prone to multiple\n unspecified vulnerabilities.\");\n\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"GoogleChrome/Win/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"5.0.375.125\")){\n report = report_fixed_ver(installed_version:chromeVer, fixed_version:\"5.0.375.125\");\n security_message(port: 0, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:56:58", "description": "Check for the Version of php", "cvss3": {}, "published": "2009-02-17T00:00:00", "type": "openvas", "title": "Fedora Update for php FEDORA-2008-3864", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4782", "CVE-2008-2051", "CVE-2007-5898", "CVE-2008-0599", "CVE-2008-2107", "CVE-2008-2108", "CVE-2007-5899"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860416", "href": "http://plugins.openvas.org/nasl.php?oid=860416", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for php FEDORA-2008-3864\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP is an HTML-embedded scripting language. PHP attempts to make it\n easy for developers to write dynamically generated webpages. PHP also\n offers built-in database integration for several commercial and\n non-commercial database management systems, so writing a\n database-enabled webpage with PHP is fairly simple. The most common\n use of PHP coding is probably as a replacement for CGI scripts.\n\n The php package contains the module which adds support for the PHP\n language to Apache HTTP Server.\";\n\ntag_affected = \"php on Fedora 8\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html\");\n script_id(860416);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 16:43:56 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-3864\");\n script_cve_id(\"CVE-2008-2051\", \"CVE-2007-5898\", \"CVE-2007-5899\", \"CVE-2007-4782\", \"CVE-2008-2107\", \"CVE-2008-2108\", \"CVE-2008-0599\");\n script_name( \"Fedora Update for php FEDORA-2008-3864\");\n\n script_summary(\"Check for the Version of php\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"php\", rpm:\"php~5.2.6~2.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:46", "description": "The remote host is missing an update to php\nannounced via advisory MDVSA-2009:022.", "cvss3": {}, "published": "2009-01-26T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:022 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3659", "CVE-2007-4782", "CVE-2008-3658", "CVE-2008-3660", "CVE-2007-4850", "CVE-2008-2050", "CVE-2008-5498", "CVE-2008-1384"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:63253", "href": "http://plugins.openvas.org/nasl.php?oid=63253", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_022.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:022 (php)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability in PHP allowed context-dependent attackers to cause\na denial of service (crash) via a certain long string in the glob()\nor fnmatch() functions (CVE-2007-4782).\n\nA vulnerability in the cURL library in PHP allowed context-dependent\nattackers to bypass safe_mode and open_basedir restrictions and read\narbitrary files using a special URL request (CVE-2007-4850).\n\nAn integer overflow in PHP allowed context-dependent attackers to\ncause a denial of serivce via a special printf() format parameter\n(CVE-2008-1384).\n\nA stack-based buffer overflow in the FastCGI SAPI in PHP has unknown\nimpact and attack vectors (CVE-2008-2050).\n\nA buffer overflow in the imageloadfont() function in PHP allowed\ncontext-dependent attackers to cause a denial of service (crash)\nand potentially execute arbitrary code via a crafted font file\n(CVE-2008-3658).\n\nA buffer overflow in the memnstr() function allowed context-dependent\nattackers to cause a denial of service (crash) and potentially execute\narbitrary code via the delimiter argument to the explode() function\n(CVE-2008-3659).\n\nPHP, when used as a FastCGI module, allowed remote attackers to cause\na denial of service (crash) via a request with multiple dots preceding\nthe extension (CVE-2008-3660).\n\nAn array index error in the imageRotate() function in PHP allowed\ncontext-dependent attackers to read the contents of arbitrary memory\nlocations via a crafted value of the third argument to the function\nfor an indexed image (CVE-2008-5498).\n\nThe updated packages have been patched to correct these issues.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:022\";\ntag_summary = \"The remote host is missing an update to php\nannounced via advisory MDVSA-2009:022.\";\n\n \n\nif(description)\n{\n script_id(63253);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-26 18:18:20 +0100 (Mon, 26 Jan 2009)\");\n script_cve_id(\"CVE-2007-4782\", \"CVE-2007-4850\", \"CVE-2008-1384\", \"CVE-2008-2050\", \"CVE-2008-3658\", \"CVE-2008-3659\", \"CVE-2008-3660\", \"CVE-2008-5498\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:022 (php)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-simplexml\", rpm:\"php-simplexml~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:17", "description": "The remote host is missing an update to php\nannounced via advisory MDVSA-2009:022.", "cvss3": {}, "published": "2009-01-26T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:022 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3659", "CVE-2007-4782", "CVE-2008-3658", "CVE-2008-3660", "CVE-2007-4850", "CVE-2008-2050", "CVE-2008-5498", "CVE-2008-1384"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063253", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063253", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_022.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:022 (php)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability in PHP allowed context-dependent attackers to cause\na denial of service (crash) via a certain long string in the glob()\nor fnmatch() functions (CVE-2007-4782).\n\nA vulnerability in the cURL library in PHP allowed context-dependent\nattackers to bypass safe_mode and open_basedir restrictions and read\narbitrary files using a special URL request (CVE-2007-4850).\n\nAn integer overflow in PHP allowed context-dependent attackers to\ncause a denial of serivce via a special printf() format parameter\n(CVE-2008-1384).\n\nA stack-based buffer overflow in the FastCGI SAPI in PHP has unknown\nimpact and attack vectors (CVE-2008-2050).\n\nA buffer overflow in the imageloadfont() function in PHP allowed\ncontext-dependent attackers to cause a denial of service (crash)\nand potentially execute arbitrary code via a crafted font file\n(CVE-2008-3658).\n\nA buffer overflow in the memnstr() function allowed context-dependent\nattackers to cause a denial of service (crash) and potentially execute\narbitrary code via the delimiter argument to the explode() function\n(CVE-2008-3659).\n\nPHP, when used as a FastCGI module, allowed remote attackers to cause\na denial of service (crash) via a request with multiple dots preceding\nthe extension (CVE-2008-3660).\n\nAn array index error in the imageRotate() function in PHP allowed\ncontext-dependent attackers to read the contents of arbitrary memory\nlocations via a crafted value of the third argument to the function\nfor an indexed image (CVE-2008-5498).\n\nThe updated packages have been patched to correct these issues.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:022\";\ntag_summary = \"The remote host is missing an update to php\nannounced via advisory MDVSA-2009:022.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63253\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-26 18:18:20 +0100 (Mon, 26 Jan 2009)\");\n script_cve_id(\"CVE-2007-4782\", \"CVE-2007-4850\", \"CVE-2008-1384\", \"CVE-2008-2050\", \"CVE-2008-3658\", \"CVE-2008-3659\", \"CVE-2008-3660\", \"CVE-2008-5498\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:022 (php)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bcmath\", rpm:\"php-bcmath~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-bz2\", rpm:\"php-bz2~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-calendar\", rpm:\"php-calendar~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ctype\", rpm:\"php-ctype~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dba\", rpm:\"php-dba~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dbase\", rpm:\"php-dbase~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-dom\", rpm:\"php-dom~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-exif\", rpm:\"php-exif~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-filter\", rpm:\"php-filter~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ftp\", rpm:\"php-ftp~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gd\", rpm:\"php-gd~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gettext\", rpm:\"php-gettext~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-gmp\", rpm:\"php-gmp~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-hash\", rpm:\"php-hash~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-iconv\", rpm:\"php-iconv~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-imap\", rpm:\"php-imap~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-json\", rpm:\"php-json~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ldap\", rpm:\"php-ldap~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mbstring\", rpm:\"php-mbstring~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mcrypt\", rpm:\"php-mcrypt~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mhash\", rpm:\"php-mhash~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mime_magic\", rpm:\"php-mime_magic~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ming\", rpm:\"php-ming~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mssql\", rpm:\"php-mssql~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysql\", rpm:\"php-mysql~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-mysqli\", rpm:\"php-mysqli~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-ncurses\", rpm:\"php-ncurses~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-odbc\", rpm:\"php-odbc~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-openssl\", rpm:\"php-openssl~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pcntl\", rpm:\"php-pcntl~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo\", rpm:\"php-pdo~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_dblib\", rpm:\"php-pdo_dblib~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_mysql\", rpm:\"php-pdo_mysql~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_odbc\", rpm:\"php-pdo_odbc~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_pgsql\", rpm:\"php-pdo_pgsql~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pdo_sqlite\", rpm:\"php-pdo_sqlite~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pgsql\", rpm:\"php-pgsql~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-posix\", rpm:\"php-posix~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pspell\", rpm:\"php-pspell~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-readline\", rpm:\"php-readline~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-recode\", rpm:\"php-recode~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-session\", rpm:\"php-session~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-shmop\", rpm:\"php-shmop~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-simplexml\", rpm:\"php-simplexml~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-snmp\", rpm:\"php-snmp~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-soap\", rpm:\"php-soap~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sockets\", rpm:\"php-sockets~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sqlite\", rpm:\"php-sqlite~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvmsg\", rpm:\"php-sysvmsg~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvsem\", rpm:\"php-sysvsem~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-sysvshm\", rpm:\"php-sysvshm~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tidy\", rpm:\"php-tidy~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-tokenizer\", rpm:\"php-tokenizer~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-wddx\", rpm:\"php-wddx~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xml\", rpm:\"php-xml~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlreader\", rpm:\"php-xmlreader~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlrpc\", rpm:\"php-xmlrpc~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xmlwriter\", rpm:\"php-xmlwriter~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-xsl\", rpm:\"php-xsl~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-zlib\", rpm:\"php-zlib~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.2.4~3.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:42", "description": "The remote host is missing an update to php\nannounced via advisory MDVSA-2009:023.", "cvss3": {}, "published": "2009-01-26T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:023 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3659", "CVE-2007-4782", "CVE-2008-2371", "CVE-2008-3658", "CVE-2008-3660", "CVE-2007-4850", "CVE-2008-2050", "CVE-2008-5498", "CVE-2008-1384"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:63254", "href": "http://plugins.openvas.org/nasl.php?oid=63254", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_023.nasl 6587 2017-07-07 06:35:35Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:023 (php)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability in PHP allowed context-dependent attackers to cause\na denial of service (crash) via a certain long string in the glob()\nor fnmatch() functions (CVE-2007-4782).\n\nA vulnerability in the cURL library in PHP allowed context-dependent\nattackers to bypass safe_mode and open_basedir restrictions and read\narbitrary files using a special URL request (CVE-2007-4850).\n\nAn integer overflow in PHP allowed context-dependent attackers to\ncause a denial of serivce via a special printf() format parameter\n(CVE-2008-1384).\n\nA stack-based buffer overflow in the FastCGI SAPI in PHP has unknown\nimpact and attack vectors (CVE-2008-2050).\n\nTavis Ormandy of the Google Security Team discovered a heap-based\nbuffer overflow when compiling certain regular expression patterns.\nThis could be used by a malicious attacker by sending a specially\ncrafted regular expression to an application using the PCRE library,\nresulting in the possible execution of arbitrary code or a denial of\nservice (CVE-2008-2371). PHP in Corporate Server 4.0 is affected by\nthis issue.\n\nA buffer overflow in the imageloadfont() function in PHP allowed\ncontext-dependent attackers to cause a denial of service (crash)\nand potentially execute arbitrary code via a crafted font file\n(CVE-2008-3658).\n\nA buffer overflow in the memnstr() function allowed context-dependent\nattackers to cause a denial of service (crash) and potentially execute\narbitrary code via the delimiter argument to the explode() function\n(CVE-2008-3659).\n\nPHP, when used as a FastCGI module, allowed remote attackers to cause\na denial of service (crash) via a request with multiple dots preceding\nthe extension (CVE-2008-3660).\n\nAn array index error in the imageRotate() function in PHP allowed\ncontext-dependent attackers to read the contents of arbitrary memory\nlocations via a crafted value of the third argument to the function\nfor an indexed image (CVE-2008-5498).\n\nThe updated packages have been patched to correct these issues.\n\nAffected: Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:023\";\ntag_summary = \"The remote host is missing an update to php\nannounced via advisory MDVSA-2009:023.\";\n\n \n\nif(description)\n{\n script_id(63254);\n script_version(\"$Revision: 6587 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 08:35:35 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-26 18:18:20 +0100 (Mon, 26 Jan 2009)\");\n script_cve_id(\"CVE-2007-4782\", \"CVE-2007-4850\", \"CVE-2008-1384\", \"CVE-2008-2050\", \"CVE-2008-2371\", \"CVE-2008-3658\", \"CVE-2008-3659\", \"CVE-2008-3660\", \"CVE-2008-5498\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:023 (php)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.1.6~1.10.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.1.6~1.10.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~1.10.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.1.6~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~1.10.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.1.6~1.10.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pcre\", rpm:\"php-pcre~5.1.6~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.1.6~1.10.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:05", "description": "The remote host is missing an update to php\nannounced via advisory MDVSA-2009:023.", "cvss3": {}, "published": "2009-01-26T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:023 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3659", "CVE-2007-4782", "CVE-2008-2371", "CVE-2008-3658", "CVE-2008-3660", "CVE-2007-4850", "CVE-2008-2050", "CVE-2008-5498", "CVE-2008-1384"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063254", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063254", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_023.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:023 (php)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability in PHP allowed context-dependent attackers to cause\na denial of service (crash) via a certain long string in the glob()\nor fnmatch() functions (CVE-2007-4782).\n\nA vulnerability in the cURL library in PHP allowed context-dependent\nattackers to bypass safe_mode and open_basedir restrictions and read\narbitrary files using a special URL request (CVE-2007-4850).\n\nAn integer overflow in PHP allowed context-dependent attackers to\ncause a denial of serivce via a special printf() format parameter\n(CVE-2008-1384).\n\nA stack-based buffer overflow in the FastCGI SAPI in PHP has unknown\nimpact and attack vectors (CVE-2008-2050).\n\nTavis Ormandy of the Google Security Team discovered a heap-based\nbuffer overflow when compiling certain regular expression patterns.\nThis could be used by a malicious attacker by sending a specially\ncrafted regular expression to an application using the PCRE library,\nresulting in the possible execution of arbitrary code or a denial of\nservice (CVE-2008-2371). PHP in Corporate Server 4.0 is affected by\nthis issue.\n\nA buffer overflow in the imageloadfont() function in PHP allowed\ncontext-dependent attackers to cause a denial of service (crash)\nand potentially execute arbitrary code via a crafted font file\n(CVE-2008-3658).\n\nA buffer overflow in the memnstr() function allowed context-dependent\nattackers to cause a denial of service (crash) and potentially execute\narbitrary code via the delimiter argument to the explode() function\n(CVE-2008-3659).\n\nPHP, when used as a FastCGI module, allowed remote attackers to cause\na denial of service (crash) via a request with multiple dots preceding\nthe extension (CVE-2008-3660).\n\nAn array index error in the imageRotate() function in PHP allowed\ncontext-dependent attackers to read the contents of arbitrary memory\nlocations via a crafted value of the third argument to the function\nfor an indexed image (CVE-2008-5498).\n\nThe updated packages have been patched to correct these issues.\n\nAffected: Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:023\";\ntag_summary = \"The remote host is missing an update to php\nannounced via advisory MDVSA-2009:023.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63254\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-26 18:18:20 +0100 (Mon, 26 Jan 2009)\");\n script_cve_id(\"CVE-2007-4782\", \"CVE-2007-4850\", \"CVE-2008-1384\", \"CVE-2008-2050\", \"CVE-2008-2371\", \"CVE-2008-3658\", \"CVE-2008-3659\", \"CVE-2008-3660\", \"CVE-2008-5498\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:023 (php)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libphp5_common5\", rpm:\"libphp5_common5~5.1.6~1.10.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cgi\", rpm:\"php-cgi~5.1.6~1.10.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-cli\", rpm:\"php-cli~5.1.6~1.10.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-curl\", rpm:\"php-curl~5.1.6~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-devel\", rpm:\"php-devel~5.1.6~1.10.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-fcgi\", rpm:\"php-fcgi~5.1.6~1.10.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"php-pcre\", rpm:\"php-pcre~5.1.6~1.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64php5_common5\", rpm:\"lib64php5_common5~5.1.6~1.10.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:50", "description": "Gentoo Linux Local Security Checks GLSA 201312-01", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201312-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0864", "CVE-2011-1658", "CVE-2011-1659", "CVE-2011-1071", "CVE-2011-1095", "CVE-2010-3847", "CVE-2009-5029", "CVE-2011-0536", "CVE-2011-1089"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121082", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121082", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201312-01.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121082\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:26:23 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201312-01\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in GNU C Library. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201312-01\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2010-3847\", \"CVE-2011-0536\", \"CVE-2011-1071\", \"CVE-2011-1089\", \"CVE-2011-1095\", \"CVE-2011-1658\", \"CVE-2011-1659\", \"CVE-2012-0864\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201312-01\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"sys-libs/glibc\", unaffected: make_list(\"ge 2.15-r3\"), vulnerable: make_list(\"lt 2.15-r3\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:57:24", "description": "Check for the Version of glibc", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for glibc CESA-2012:0125 centos4 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2010-0296", "CVE-2011-1659", "CVE-2010-0830", "CVE-2011-1071", "CVE-2011-1095", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:881217", "href": "http://plugins.openvas.org/nasl.php?oid=881217", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for glibc CESA-2012:0125 centos4 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library read timezone files. If a\n carefully-crafted timezone file was loaded by an application linked against\n glibc, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-5029)\n \n A flaw was found in the way the ldd utility identified dynamically linked\n libraries. If an attacker could trick a user into running ldd on a\n malicious binary, it could result in arbitrary code execution with the\n privileges of the user running ldd. (CVE-2009-5064)\n \n It was discovered that the glibc addmntent() function, used by various\n mount helper utilities, did not sanitize its input properly. A local\n attacker could possibly use this flaw to inject malformed lines into the\n mtab (mounted file systems table) file via certain setuid mount helpers, if\n the attacker were allowed to mount to an arbitrary directory under their\n control. (CVE-2010-0296)\n \n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library loaded ELF (Executable and Linking\n Format) files. If a carefully-crafted ELF file was loaded by an\n application linked against glibc, it could cause the application to crash\n or, potentially, execute arbitrary code with the privileges of the user\n running the application. (CVE-2010-0830)\n \n It was discovered that the glibc fnmatch() function did not properly\n restrict the use of alloca(). If the function was called on sufficiently\n large inputs, it could cause an application using fnmatch() to crash or,\n possibly, execute arbitrary code with the privileges of the application.\n (CVE-2011-1071)\n \n It was found that the glibc addmntent() function, used by various mount\n helper utilities, did not handle certain errors correctly when updating the\n mtab (mounted file systems table) file. If such utilities had the setuid\n bit set, a local attacker could use this flaw to corrupt the mtab file.\n (CVE-2011-1089)\n \n It was discovered that the locale command did not produce properly escaped\n output as required by the POSIX specification. If an attacker were able to\n set the locale environment variables in the environment of a script that\n performed shell evaluation on the output of the locale command, ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"glibc on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-February/018427.html\");\n script_id(881217);\n script_version(\"$Revision: 8249 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 07:29:56 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:48:09 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0296\", \"CVE-2010-0830\",\n \"CVE-2011-1071\", \"CVE-2011-1089\", \"CVE-2011-1095\", \"CVE-2011-1659\",\n \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2012:0125\");\n script_name(\"CentOS Update for glibc CESA-2012:0125 centos4 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of glibc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-profile\", rpm:\"glibc-profile~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nptl-devel\", rpm:\"nptl-devel~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for glibc CESA-2012:0125 centos4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2010-0296", "CVE-2011-1659", "CVE-2010-0830", "CVE-2011-1071", "CVE-2011-1095", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881217", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881217", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for glibc CESA-2012:0125 centos4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-February/018427.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881217\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:48:09 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0296\", \"CVE-2010-0830\",\n \"CVE-2011-1071\", \"CVE-2011-1089\", \"CVE-2011-1095\", \"CVE-2011-1659\",\n \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2012:0125\");\n script_name(\"CentOS Update for glibc CESA-2012:0125 centos4\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"glibc on CentOS 4\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library read timezone files. If a\n carefully-crafted timezone file was loaded by an application linked against\n glibc, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-5029)\n\n A flaw was found in the way the ldd utility identified dynamically linked\n libraries. If an attacker could trick a user into running ldd on a\n malicious binary, it could result in arbitrary code execution with the\n privileges of the user running ldd. (CVE-2009-5064)\n\n It was discovered that the glibc addmntent() function, used by various\n mount helper utilities, did not sanitize its input properly. A local\n attacker could possibly use this flaw to inject malformed lines into the\n mtab (mounted file systems table) file via certain setuid mount helpers, if\n the attacker were allowed to mount to an arbitrary directory under their\n control. (CVE-2010-0296)\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library loaded ELF (Executable and Linking\n Format) files. If a carefully-crafted ELF file was loaded by an\n application linked against glibc, it could cause the application to crash\n or, potentially, execute arbitrary code with the privileges of the user\n running the application. (CVE-2010-0830)\n\n It was discovered that the glibc fnmatch() function did not properly\n restrict the use of alloca(). If the function was called on sufficiently\n large inputs, it could cause an application using fnmatch() to crash or,\n possibly, execute arbitrary code with the privileges of the application.\n (CVE-2011-1071)\n\n It was found that the glibc addmntent() function, used by various mount\n helper utilities, did not handle certain errors correctly when updating the\n mtab (mounted file systems table) file. If such utilities had the setuid\n bit set, a local attacker could use this flaw to corrupt the mtab file.\n (CVE-2011-1089)\n\n It was discovered that the locale command did not produce properly escaped\n output as required by the POSIX specification. If an attacker were able to\n set the locale environment variables in the environment of a script that\n performed shell evaluation on the output of the locale command, ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-profile\", rpm:\"glibc-profile~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nptl-devel\", rpm:\"nptl-devel~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.3.4~2.57\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-02-21T00:00:00", "type": "openvas", "title": "RedHat Update for glibc RHSA-2012:0125-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2010-0296", "CVE-2011-1659", "CVE-2010-0830", "CVE-2011-1071", "CVE-2011-1095", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870545", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870545", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2012:0125-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-February/msg00026.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870545\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-21 18:55:19 +0530 (Tue, 21 Feb 2012)\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0296\", \"CVE-2010-0830\",\n \"CVE-2011-1071\", \"CVE-2011-1089\", \"CVE-2011-1095\", \"CVE-2011-1659\",\n \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2012:0125-01\");\n script_name(\"RedHat Update for glibc RHSA-2012:0125-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'glibc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_4\");\n script_tag(name:\"affected\", value:\"glibc on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library read timezone files. If a\n carefully-crafted timezone file was loaded by an application linked against\n glibc, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-5029)\n\n A flaw was found in the way the ldd utility identified dynamically linked\n libraries. If an attacker could trick a user into running ldd on a\n malicious binary, it could result in arbitrary code execution with the\n privileges of the user running ldd. (CVE-2009-5064)\n\n It was discovered that the glibc addmntent() function, used by various\n mount helper utilities, did not sanitize its input properly. A local\n attacker could possibly use this flaw to inject malformed lines into the\n mtab (mounted file systems table) file via certain setuid mount helpers, if\n the attacker were allowed to mount to an arbitrary directory under their\n control. (CVE-2010-0296)\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library loaded ELF (Executable and Linking\n Format) files. If a carefully-crafted ELF file was loaded by an\n application linked against glibc, it could cause the application to crash\n or, potentially, execute arbitrary code with the privileges of the user\n running the application. (CVE-2010-0830)\n\n It was discovered that the glibc fnmatch() function did not properly\n restrict the use of alloca(). If the function was called on sufficiently\n large inputs, it could cause an application using fnmatch() to crash or,\n possibly, execute arbitrary code with the privileges of the application.\n (CVE-2011-1071)\n\n It was found that the glibc addmntent() function, used by various mount\n helper utilities, did not handle certain errors correctly when updating the\n mtab (mounted file systems table) file. If such utilities had the setuid\n bit set, a local attacker could use this flaw to corrupt the mtab file.\n (CVE-2011-1089)\n\n It was discovered that the locale command did not produce properly escaped\n output as required by the POSIX specification. If an attacker were able to\n set the locale environment ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-profile\", rpm:\"glibc-profile~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nptl-devel\", rpm:\"nptl-devel~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:58:07", "description": "Check for the Version of glibc", "cvss3": {}, "published": "2012-02-21T00:00:00", "type": "openvas", "title": "RedHat Update for glibc RHSA-2012:0125-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4609", "CVE-2010-0296", "CVE-2011-1659", "CVE-2010-0830", "CVE-2011-1071", "CVE-2011-1095", "CVE-2009-5029", "CVE-2011-1089", "CVE-2009-5064"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:870545", "href": "http://plugins.openvas.org/nasl.php?oid=870545", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for glibc RHSA-2012:0125-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The glibc packages contain the standard C libraries used by multiple\n programs on the system. These packages contain the standard C and the\n standard math libraries. Without these two libraries, a Linux system cannot\n function properly.\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library read timezone files. If a\n carefully-crafted timezone file was loaded by an application linked against\n glibc, it could cause the application to crash or, potentially, execute\n arbitrary code with the privileges of the user running the application.\n (CVE-2009-5029)\n\n A flaw was found in the way the ldd utility identified dynamically linked\n libraries. If an attacker could trick a user into running ldd on a\n malicious binary, it could result in arbitrary code execution with the\n privileges of the user running ldd. (CVE-2009-5064)\n\n It was discovered that the glibc addmntent() function, used by various\n mount helper utilities, did not sanitize its input properly. A local\n attacker could possibly use this flaw to inject malformed lines into the\n mtab (mounted file systems table) file via certain setuid mount helpers, if\n the attacker were allowed to mount to an arbitrary directory under their\n control. (CVE-2010-0296)\n\n An integer overflow flaw, leading to a heap-based buffer overflow, was\n found in the way the glibc library loaded ELF (Executable and Linking\n Format) files. If a carefully-crafted ELF file was loaded by an\n application linked against glibc, it could cause the application to crash\n or, potentially, execute arbitrary code with the privileges of the user\n running the application. (CVE-2010-0830)\n\n It was discovered that the glibc fnmatch() function did not properly\n restrict the use of alloca(). If the function was called on sufficiently\n large inputs, it could cause an application using fnmatch() to crash or,\n possibly, execute arbitrary code with the privileges of the application.\n (CVE-2011-1071)\n\n It was found that the glibc addmntent() function, used by various mount\n helper utilities, did not handle certain errors correctly when updating the\n mtab (mounted file systems table) file. If such utilities had the setuid\n bit set, a local attacker could use this flaw to corrupt the mtab file.\n (CVE-2011-1089)\n\n It was discovered that the locale command did not produce properly escaped\n output as required by the POSIX specification. If an attacker were able to\n set the locale environment ...\n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"glibc on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-February/msg00026.html\");\n script_id(870545);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-21 18:55:19 +0530 (Tue, 21 Feb 2012)\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2009-5064\", \"CVE-2010-0296\", \"CVE-2010-0830\",\n \"CVE-2011-1071\", \"CVE-2011-1089\", \"CVE-2011-1095\", \"CVE-2011-1659\",\n \"CVE-2011-4609\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2012:0125-01\");\n script_name(\"RedHat Update for glibc RHSA-2012:0125-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of glibc\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"glibc\", rpm:\"glibc~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-common\", rpm:\"glibc-common~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo\", rpm:\"glibc-debuginfo~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-debuginfo-common\", rpm:\"glibc-debuginfo-common~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-devel\", rpm:\"glibc-devel~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-headers\", rpm:\"glibc-headers~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-profile\", rpm:\"glibc-profile~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"glibc-utils\", rpm:\"glibc-utils~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nptl-devel\", rpm:\"nptl-devel~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.3.4~2.57\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:20:27", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1396-1", "cvss3": {}, "published": "2012-03-12T00:00:00", "type": "openvas", "title": "Ubuntu Update for eglibc USN-1396-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0864", "CVE-2010-0015", "CVE-2011-4609", "CVE-2011-1658", "CVE-2011-1659", "CVE-2011-1071", "CVE-2011-1095", "CVE-2009-5029", "CVE-2011-2702", "CVE-2011-1089"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840929", "href": "http://plugins.openvas.org/nasl.php?oid=840929", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1396_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for eglibc USN-1396-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that the GNU C Library did not properly handle\n integer overflows in the timezone handling code. An attacker could use\n this to possibly execute arbitrary code by convincing an application\n to load a maliciously constructed tzfile. (CVE-2009-5029)\n\n It was discovered that the GNU C Library did not properly handle\n passwd.adjunct.byname map entries in the Network Information Service\n (NIS) code in the name service caching daemon (nscd). An attacker\n could use this to obtain the encrypted passwords of NIS accounts.\n This issue only affected Ubuntu 8.04 LTS. (CVE-2010-0015)\n\n Chris Evans reported that the GNU C Library did not properly\n calculate the amount of memory to allocate in the fnmatch() code. An\n attacker could use this to cause a denial of service or possibly\n execute arbitrary code via a maliciously crafted UTF-8 string.\n This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu\n 10.10. (CVE-2011-1071)\n\n Tomas Hoger reported that an additional integer overflow was possible\n in the GNU C Library fnmatch() code. An attacker could use this to\n cause a denial of service via a maliciously crafted UTF-8 string. This\n issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10\n and Ubuntu 11.04. (CVE-2011-1659)\n\n Dan Rosenberg discovered that the addmntent() function in the GNU C\n Library did not report an error status for failed attempts to write to\n the /etc/mtab file. This could allow an attacker to corrupt /etc/mtab,\n possibly causing a denial of service or otherwise manipulate mount\n options. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS,\n Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1089)\n\n Harald van Dijk discovered that the locale program included with the\n GNU C library did not properly quote its output. This could allow a\n local attacker to possibly execute arbitrary code using a crafted\n localization string that was evaluated in a shell script. This\n issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu\n 10.10. (CVE-2011-1095)\n\n It was discovered that the GNU C library loader expanded the\n $ORIGIN dynamic string token when RPATH is composed entirely of this\n token. This could allow an attacker to gain privilege via a setuid\n program that had this RPATH value. (CVE-2011-1658)\n\n It was discovered that the GNU C library implementation of memcpy\n optimized for Supplemental Streaming SIMD Extensions 3 (SSSE3)\n contained a possible integer overflow. An attacker could use this to\n cause a denial of service or possibly exec ...\n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1396-1\";\ntag_affected = \"eglibc on Ubuntu 11.04 ,\n Ubuntu 10.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1396-1/\");\n script_id(840929);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-12 12:42:00 +0530 (Mon, 12 Mar 2012)\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2010-0015\", \"CVE-2011-1071\", \"CVE-2011-1659\",\n \"CVE-2011-1089\", \"CVE-2011-1095\", \"CVE-2011-1658\", \"CVE-2011-2702\",\n \"CVE-2011-4609\", \"CVE-2012-0864\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1396-1\");\n script_name(\"Ubuntu Update for eglibc USN-1396-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc-bin\", ver:\"2.12.1-0ubuntu10.4\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.12.1-0ubuntu10.4\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc-bin\", ver:\"2.11.1-0ubuntu7.10\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.11.1-0ubuntu7.10\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.13-0ubuntu13.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.7-10ubuntu8.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:14", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1396-1", "cvss3": {}, "published": "2012-03-12T00:00:00", "type": "openvas", "title": "Ubuntu Update for eglibc USN-1396-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0864", "CVE-2010-0015", "CVE-2011-4609", "CVE-2011-1658", "CVE-2011-1659", "CVE-2011-1071", "CVE-2011-1095", "CVE-2009-5029", "CVE-2011-2702", "CVE-2011-1089"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840929", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840929", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1396_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for eglibc USN-1396-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1396-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840929\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-12 12:42:00 +0530 (Mon, 12 Mar 2012)\");\n script_cve_id(\"CVE-2009-5029\", \"CVE-2010-0015\", \"CVE-2011-1071\", \"CVE-2011-1659\",\n \"CVE-2011-1089\", \"CVE-2011-1095\", \"CVE-2011-1658\", \"CVE-2011-2702\",\n \"CVE-2011-4609\", \"CVE-2012-0864\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"USN\", value:\"1396-1\");\n script_name(\"Ubuntu Update for eglibc USN-1396-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.10|10\\.04 LTS|11\\.04|8\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1396-1\");\n script_tag(name:\"affected\", value:\"eglibc on Ubuntu 11.04,\n Ubuntu 10.10,\n Ubuntu 10.04 LTS,\n Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that the GNU C Library did not properly handle\n integer overflows in the timezone handling code. An attacker could use\n this to possibly execute arbitrary code by convincing an application\n to load a maliciously constructed tzfile. (CVE-2009-5029)\n\n It was discovered that the GNU C Library did not properly handle\n passwd.adjunct.byname map entries in the Network Information Service\n (NIS) code in the name service caching daemon (nscd). An attacker\n could use this to obtain the encrypted passwords of NIS accounts.\n This issue only affected Ubuntu 8.04 LTS. (CVE-2010-0015)\n\n Chris Evans reported that the GNU C Library did not properly\n calculate the amount of memory to allocate in the fnmatch() code. An\n attacker could use this to cause a denial of service or possibly\n execute arbitrary code via a maliciously crafted UTF-8 string.\n This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu\n 10.10. (CVE-2011-1071)\n\n Tomas Hoger reported that an additional integer overflow was possible\n in the GNU C Library fnmatch() code. An attacker could use this to\n cause a denial of service via a maliciously crafted UTF-8 string. This\n issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10\n and Ubuntu 11.04. (CVE-2011-1659)\n\n Dan Rosenberg discovered that the addmntent() function in the GNU C\n Library did not report an error status for failed attempts to write to\n the /etc/mtab file. This could allow an attacker to corrupt /etc/mtab,\n possibly causing a denial of service or otherwise manipulate mount\n options. This issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS,\n Ubuntu 10.10 and Ubuntu 11.04. (CVE-2011-1089)\n\n Harald van Dijk discovered that the locale program included with the\n GNU C library did not properly quote its output. This could allow a\n local attacker to possibly execute arbitrary code using a crafted\n localization string that was evaluated in a shell script. This\n issue only affected Ubuntu 8.04 LTS, Ubuntu 10.04 LTS and Ubuntu\n 10.10. (CVE-2011-1095)\n\n It was discovered that the GNU C library loader expanded the\n $ORIGIN dynamic string token when RPATH is composed entirely of this\n token. This could allow an attacker to gain privilege via a setuid\n program that had this RPATH value. (CVE-2011-1658)\n\n It was discovered that the GNU C library implementation of memcpy\n optimized for Supplemental Streaming SIMD Extensions 3 (SSSE3)\n contained a possible integer overflow. An attacker could use this to\n cause a denial of service or possibly exec ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc-bin\", ver:\"2.12.1-0ubuntu10.4\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.12.1-0ubuntu10.4\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc-bin\", ver:\"2.11.1-0ubuntu7.10\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.11.1-0ubuntu7.10\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.13-0ubuntu13.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc6\", ver:\"2.7-10ubuntu8.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-04T11:29:13", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-628-1", "cvss3": {}, "published": "2009-03-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for php5 vulnerabilities USN-628-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4782", "CVE-2008-2051", "CVE-2007-5898", "CVE-2008-2371", "CVE-2008-0599", "CVE-2008-2107", "CVE-2008-2108", "CVE-2008-2829", "CVE-2007-4850", "CVE-2008-2050", "CVE-2008-1384", "CVE-2007-5899"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840283", "href": "http://plugins.openvas.org/nasl.php?oid=840283", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_628_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for php5 vulnerabilities USN-628-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that PHP did not properly check the length of the\n string parameter to the fnmatch function. An attacker could cause a\n denial of service in the PHP interpreter if a script passed untrusted\n input to the fnmatch function. (CVE-2007-4782)\n\n Maksymilian Arciemowicz discovered a flaw in the cURL library that\n allowed safe_mode and open_basedir restrictions to be bypassed. If a\n PHP application were tricked into processing a bad file:// request,\n an attacker could read arbitrary files. (CVE-2007-4850)\n \n Rasmus Lerdorf discovered that the htmlentities and htmlspecialchars\n functions did not correctly stop when handling partial multibyte\n sequences. A remote attacker could exploit this to read certain areas\n of memory, possibly gaining access to sensitive information. This\n issue affects Ubuntu 8.04 LTS, and an updated fix is included for\n Ubuntu 6.06 LTS, 7.04 and 7.10. (CVE-2007-5898)\n \n It was discovered that the output_add_rewrite_var function would\n sometimes leak session id information to forms targeting remote URLs.\n Malicious remote sites could use this information to gain access to a\n PHP application user's login credentials. This issue only affects\n Ubuntu 8.04 LTS. (CVE-2007-5899)\n \n It was discovered that PHP did not properly calculate the length of\n PATH_TRANSLATED. If a PHP application were tricked into processing\n a malicious URI, and attacker may be able to execute arbitrary code\n with application privileges. (CVE-2008-0599)\n \n An integer overflow was discovered in the php_sprintf_appendstring\n function. Attackers could exploit this to cause a denial of service.\n (CVE-2008-1384)\n \n Andrei Nigmatulin discovered stack-based overflows in the FastCGI SAPI\n of PHP. An attacker may be able to leverage this issue to perform\n attacks against PHP applications. (CVE-2008-2050)\n \n It was discovered that the escapeshellcmd did not properly process\n multibyte characters. An attacker may be able to bypass quoting\n restrictions and possibly execute arbitrary code with application\n privileges. (CVE-2008-2051)\n \n It was discovered that the GENERATE_SEED macro produced a predictable\n seed under certain circumstances. Attackers may by able to easily\n predict the results of the rand and mt_rand functions.\n (CVE-2008-2107, CVE-2008-2108)\n \n Tavis Ormandy discovered that the PCRE library did not correctly\n handle certain in-pattern options. An attacker could cause PHP\n applications using pcre to crash, leading to a denial of service.\n USN-624-1 fixed vulnerabilities in ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-628-1\";\ntag_affected = \"php5 vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 7.04 ,\n Ubuntu 7.10 ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-628-1/\");\n script_id(840283);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"628-1\");\n script_cve_id(\"CVE-2007-4782\", \"CVE-2007-4850\", \"CVE-2007-5898\", \"CVE-2007-5899\", \"CVE-2008-0599\", \"CVE-2008-1384\", \"CVE-2008-2050\", \"CVE-2008-2051\", \"CVE-2008-2107\", \"CVE-2008-2108\", \"CVE-2008-2371\", \"CVE-2008-2829\");\n script_name( \"Ubuntu Update for php5 vulnerabilities USN-628-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysqli\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.1.2-1ubuntu3.12\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.1-0ubuntu1.6\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.4-2ubuntu5.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU7.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.3-1ubuntu6.4\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:17:43", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-989-1", "cvss3": {}, "published": "2010-09-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for php5 vulnerabilities USN-989-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1129", "CVE-2010-2225", "CVE-2010-1868", "CVE-2010-2531", "CVE-2010-3065", "CVE-2010-1866", "CVE-2010-2094", "CVE-2010-1130", "CVE-2010-2950", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840501", "href": "http://plugins.openvas.org/nasl.php?oid=840501", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_989_1.nasl 7965 2017-12-01 07:38:25Z santu $\n#\n# Ubuntu Update for php5 vulnerabilities USN-989-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Auke van Slooten discovered that PHP incorrectly handled certain xmlrpc\n requests. An attacker could exploit this issue to cause the PHP server to\n crash, resulting in a denial of service. This issue only affected Ubuntu\n 6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2010-0397)\n\n It was discovered that the pseudorandom number generator in PHP did not\n provide the expected entropy. An attacker could exploit this issue to\n predict values that were intended to be random, such as session cookies.\n This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10.\n (CVE-2010-1128)\n \n It was discovered that PHP did not properly handle directory pathnames that\n lacked a trailing slash character. An attacker could exploit this issue to\n bypass safe_mode restrictions. This issue only affected Ubuntu 6.06 LTS,\n 8.04 LTS, 9.04 and 9.10. (CVE-2010-1129)\n \n Grzegorz Stachowiak discovered that the PHP session extension did not\n properly handle semicolon characters. An attacker could exploit this issue\n to bypass safe_mode restrictions. This issue only affected Ubuntu 8.04 LTS,\n 9.04 and 9.10. (CVE-2010-1130)\n \n Stefan Esser discovered that PHP incorrectly decoded remote HTTP chunked\n encoding streams. An attacker could exploit this issue to cause the PHP\n server to crash and possibly execute arbitrary code with application\n privileges. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-1866)\n \n Mateusz Kocielski discovered that certain PHP SQLite functions incorrectly\n handled empty SQL queries. An attacker could exploit this issue to possibly\n execute arbitrary code with application privileges. (CVE-2010-1868)\n \n Mateusz Kocielski discovered that PHP incorrectly handled certain arguments\n to the fnmatch function. An attacker could exploit this flaw and cause the\n PHP server to consume all available stack memory, resulting in a denial of\n service. (CVE-2010-1917)\n \n Stefan Esser discovered that PHP incorrectly handled certain strings in the\n phar extension. An attacker could exploit this flaw to possibly view\n sensitive information. This issue only affected Ubuntu 10.04 LTS.\n (CVE-2010-2094, CVE-2010-2950)\n \n Stefan Esser discovered that PHP incorrectly handled deserialization of\n SPLObjectStorage objects. A remote attacker could exploit this issue to\n view sensitive information and possibly execute arbitrary code with\n application privileges. This issue only affected Ubuntu 8.04 LTS, 9.04,\n 9.10 and 10.04 LTS. (CVE-2010-2225)\n \n It was discovered that PHP incorrectly filtered ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-989-1\";\ntag_affected = \"php5 vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.04 ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-989-1/\");\n script_id(840501);\n script_version(\"$Revision: 7965 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-22 08:32:53 +0200 (Wed, 22 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"989-1\");\n script_cve_id(\"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1129\", \"CVE-2010-1130\", \"CVE-2010-1866\", \"CVE-2010-1868\", \"CVE-2010-1917\", \"CVE-2010-2094\", \"CVE-2010-2225\", \"CVE-2010-2531\", \"CVE-2010-2950\", \"CVE-2010-3065\");\n script_name(\"Ubuntu Update for php5 vulnerabilities USN-989-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysqli\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-23T13:05:21", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-989-1", "cvss3": {}, "published": "2010-09-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for php5 vulnerabilities USN-989-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1129", "CVE-2010-2225", "CVE-2010-1868", "CVE-2010-2531", "CVE-2010-3065", "CVE-2010-1866", "CVE-2010-2094", "CVE-2010-1130", "CVE-2010-2950", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-0397"], "modified": "2018-01-23T00:00:00", "id": "OPENVAS:1361412562310840501", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840501", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_989_1.nasl 8495 2018-01-23 07:57:49Z teissa $\n#\n# Ubuntu Update for php5 vulnerabilities USN-989-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Auke van Slooten discovered that PHP incorrectly handled certain xmlrpc\n requests. An attacker could exploit this issue to cause the PHP server to\n crash, resulting in a denial of service. This issue only affected Ubuntu\n 6.06 LTS, 8.04 LTS, 9.04 and 9.10. (CVE-2010-0397)\n\n It was discovered that the pseudorandom number generator in PHP did not\n provide the expected entropy. An attacker could exploit this issue to\n predict values that were intended to be random, such as session cookies.\n This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10.\n (CVE-2010-1128)\n \n It was discovered that PHP did not properly handle directory pathnames that\n lacked a trailing slash character. An attacker could exploit this issue to\n bypass safe_mode restrictions. This issue only affected Ubuntu 6.06 LTS,\n 8.04 LTS, 9.04 and 9.10. (CVE-2010-1129)\n \n Grzegorz Stachowiak discovered that the PHP session extension did not\n properly handle semicolon characters. An attacker could exploit this issue\n to bypass safe_mode restrictions. This issue only affected Ubuntu 8.04 LTS,\n 9.04 and 9.10. (CVE-2010-1130)\n \n Stefan Esser discovered that PHP incorrectly decoded remote HTTP chunked\n encoding streams. An attacker could exploit this issue to cause the PHP\n server to crash and possibly execute arbitrary code with application\n privileges. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-1866)\n \n Mateusz Kocielski discovered that certain PHP SQLite functions incorrectly\n handled empty SQL queries. An attacker could exploit this issue to possibly\n execute arbitrary code with application privileges. (CVE-2010-1868)\n \n Mateusz Kocielski discovered that PHP incorrectly handled certain arguments\n to the fnmatch function. An attacker could exploit this flaw and cause the\n PHP server to consume all available stack memory, resulting in a denial of\n service. (CVE-2010-1917)\n \n Stefan Esser discovered that PHP incorrectly handled certain strings in the\n phar extension. An attacker could exploit this flaw to possibly view\n sensitive information. This issue only affected Ubuntu 10.04 LTS.\n (CVE-2010-2094, CVE-2010-2950)\n \n Stefan Esser discovered that PHP incorrectly handled deserialization of\n SPLObjectStorage objects. A remote attacker could exploit this issue to\n view sensitive information and possibly execute arbitrary code with\n application privileges. This issue only affected Ubuntu 8.04 LTS, 9.04,\n 9.10 and 10.04 LTS. (CVE-2010-2225)\n \n It was discovered that PHP incorrectly filtered ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-989-1\";\ntag_affected = \"php5 vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.04 ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-989-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840501\");\n script_version(\"$Revision: 8495 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-22 08:32:53 +0200 (Wed, 22 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"989-1\");\n script_cve_id(\"CVE-2010-0397\", \"CVE-2010-1128\", \"CVE-2010-1129\", \"CVE-2010-1130\", \"CVE-2010-1866\", \"CVE-2010-1868\", \"CVE-2010-1917\", \"CVE-2010-2094\", \"CVE-2010-2225\", \"CVE-2010-2531\", \"CVE-2010-2950\", \"CVE-2010-3065\");\n script_name(\"Ubuntu Update for php5 vulnerabilities USN-989-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.10.dfsg.1-2ubuntu6.5\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysqli\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.1.2-1ubuntu3.19\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-enchant\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-intl\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.3.2-1ubuntu4.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dbg\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5filter\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.6.dfsg.1-3ubuntu4.6\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libapache2-mod-php5\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cgi\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-cli\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-common\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-curl\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-dev\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gd\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-gmp\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-ldap\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mhash\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-mysql\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-odbc\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pgsql\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-pspell\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-recode\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-snmp\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sqlite\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-sybase\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-tidy\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xmlrpc\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5-xsl\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php-pear\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"php5\", ver:\"5.2.4-2ubuntu5.12\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:32:03", "description": "PHP version smaller than 5.2.5 suffers from multiple vulnerabilities.", "cvss3": {}, "published": "2012-06-21T00:00:00", "type": "openvas", "title": "PHP Version < 5.2.5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4840", "CVE-2007-4782", "CVE-2008-4107", "CVE-2007-4784", "CVE-2007-4887", "CVE-2007-5898", "CVE-2008-2107", "CVE-2008-2108", "CVE-2007-5900", "CVE-2007-4783", "CVE-2007-4825", "CVE-2007-5653", "CVE-2007-3996", "CVE-2007-4889", "CVE-2007-5899", "CVE-2007-5447"], "modified": "2018-07-09T00:00:00", "id": "OPENVAS:1361412562310110179", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310110179", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: nopsec_php_5_2_5.nasl 10460 2018-07-09 07:50:03Z cfischer $\n#\n# PHP Version < 5.2.5 Multiple Vulnerabilities\n#\n# Authors:\n# Songhan Yu <syu@nopsec.com>\n#\n# Copyright:\n# Copyright NopSec Inc. 2012, http://www.nopsec.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.110179\");\n script_version(\"$Revision: 10460 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-07-09 09:50:03 +0200 (Mon, 09 Jul 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-21 11:43:12 +0100 (Thu, 21 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2007-3996\", \"CVE-2007-4782\", \"CVE-2007-4783\", \"CVE-2007-4784\",\n \"CVE-2007-4825\", \"CVE-2007-4840\", \"CVE-2007-4887\", \"CVE-2007-4889\",\n \"CVE-2007-5447\", \"CVE-2007-5653\", \"CVE-2007-5898\", \"CVE-2007-5899\",\n \"CVE-2007-5900\", \"CVE-2008-2107\", \"CVE-2008-2108\", \"CVE-2008-4107\");\n script_bugtraq_id(26403);\n script_name(\"PHP Version < 5.2.5 Multiple Vulnerabilities\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"Copyright NopSec Inc. 2012\");\n script_dependencies(\"gb_php_detect.nasl\");\n script_mandatory_keys(\"php/installed\");\n\n script_tag(name:\"solution\", value:\"Update PHP to version 5.2.5 or later.\");\n\n script_tag(name:\"summary\", value:\"PHP version smaller than 5.2.5 suffers from multiple vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( port = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! vers = get_app_version( cpe:CPE, port:port ) ) exit( 0 );\n\nif( version_is_less( version:vers, test_version:\"5.2.5\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"5.2.5\" );\n security_message( data:report, port:port );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-04-06T11:39:30", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n php4-zlib\n php4-shmop\n php4-ftp\n php4-filepro\n php4-mcrypt\n php4-servlet\n php4-gmp\n php4-bz2\n php4-snmp\n php4-mysql\n php4-mime_magic\n php4\n php4-pgsql\n mod_php4-servlet\n php4-swf\n php4-unixODBC\n php4-fastcgi\n php4-mbstring\n php4-domxml\n php4-xslt\n php4-imap\n php4-sysvshm\n mod_php4-apache2\n php4-dbase\n mod_php4-core\n php4-mhash\n php4-session\n php4-ctype\n php4-pear\n php4-gettext\n php4-iconv\n php4-sockets\n php4-devel\n apache-mod_php4\n apache2-mod_php4\n php4-wddx\n php4-exif\n php4-ldap\n php4-gd\n php4-bcmath\n php4-calendar\n php4-readline\n php4-mcal\n php4-qtdom\n php4-yp\n php4-curl\n php4-recode\n php4-sysvsem\n php4-dba\n mod_php4\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5015662 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for PHP4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7226", "CVE-2007-4840", "CVE-2007-4782", "CVE-2006-7225", "CVE-2007-2872", "CVE-2007-4784", "CVE-2006-7230", "CVE-2007-5898", "CVE-2007-4661", "CVE-2007-1659", "CVE-2007-4658", "CVE-2007-1660", "CVE-2007-3998", "CVE-2007-4825", "CVE-2007-3996", "CVE-2006-7224"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065266", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065266", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5015662.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for PHP4\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n php4-zlib\n php4-shmop\n php4-ftp\n php4-filepro\n php4-mcrypt\n php4-servlet\n php4-gmp\n php4-bz2\n php4-snmp\n php4-mysql\n php4-mime_magic\n php4\n php4-pgsql\n mod_php4-servlet\n php4-swf\n php4-unixODBC\n php4-fastcgi\n php4-mbstring\n php4-domxml\n php4-xslt\n php4-imap\n php4-sysvshm\n mod_php4-apache2\n php4-dbase\n mod_php4-core\n php4-mhash\n php4-session\n php4-ctype\n php4-pear\n php4-gettext\n php4-iconv\n php4-sockets\n php4-devel\n apache-mod_php4\n apache2-mod_php4\n php4-wddx\n php4-exif\n php4-ldap\n php4-gd\n php4-bcmath\n php4-calendar\n php4-readline\n php4-mcal\n php4-qtdom\n php4-yp\n php4-curl\n php4-recode\n php4-sysvsem\n php4-dba\n mod_php4\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5015662 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65266\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2007-1660\", \"CVE-2006-7225\", \"CVE-2006-7224\", \"CVE-2006-7226\", \"CVE-2007-1659\", \"CVE-2006-7230\", \"CVE-2007-5898\", \"CVE-2007-4825\", \"CVE-2007-4782\", \"CVE-2007-4840\", \"CVE-2007-4784\", \"CVE-2007-3998\", \"CVE-2007-4661\", \"CVE-2007-2872\", \"CVE-2007-3996\", \"CVE-2007-4658\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for PHP4\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"php4-zlib\", rpm:\"php4-zlib~4.3.4~43.85\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:57", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n php4-zlib\n php4-shmop\n php4-ftp\n php4-filepro\n php4-mcrypt\n php4-servlet\n php4-gmp\n php4-bz2\n php4-snmp\n php4-mysql\n php4-mime_magic\n php4\n php4-pgsql\n mod_php4-servlet\n php4-swf\n php4-unixODBC\n php4-fastcgi\n php4-mbstring\n php4-domxml\n php4-xslt\n php4-imap\n php4-sysvshm\n mod_php4-apache2\n php4-dbase\n mod_php4-core\n php4-mhash\n php4-session\n php4-ctype\n php4-pear\n php4-gettext\n php4-iconv\n php4-sockets\n php4-devel\n apache-mod_php4\n apache2-mod_php4\n php4-wddx\n php4-exif\n php4-ldap\n php4-gd\n php4-bcmath\n php4-calendar\n php4-readline\n php4-mcal\n php4-qtdom\n php4-yp\n php4-curl\n php4-recode\n php4-sysvsem\n php4-dba\n mod_php4\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5015662 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for PHP4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7226", "CVE-2007-4840", "CVE-2007-4782", "CVE-2006-7225", "CVE-2007-2872", "CVE-2007-4784", "CVE-2006-7230", "CVE-2007-5898", "CVE-2007-4661", "CVE-2007-1659", "CVE-2007-4658", "CVE-2007-1660", "CVE-2007-3998", "CVE-2007-4825", "CVE-2007-3996", "CVE-2006-7224"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65266", "href": "http://plugins.openvas.org/nasl.php?oid=65266", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5015662.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for PHP4\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n php4-zlib\n php4-shmop\n php4-ftp\n php4-filepro\n php4-mcrypt\n php4-servlet\n php4-gmp\n php4-bz2\n php4-snmp\n php4-mysql\n php4-mime_magic\n php4\n php4-pgsql\n mod_php4-servlet\n php4-swf\n php4-unixODBC\n php4-fastcgi\n php4-mbstring\n php4-domxml\n php4-xslt\n php4-imap\n php4-sysvshm\n mod_php4-apache2\n php4-dbase\n mod_php4-core\n php4-mhash\n php4-session\n php4-ctype\n php4-pear\n php4-gettext\n php4-iconv\n php4-sockets\n php4-devel\n apache-mod_php4\n apache2-mod_php4\n php4-wddx\n php4-exif\n php4-ldap\n php4-gd\n php4-bcmath\n php4-calendar\n php4-readline\n php4-mcal\n php4-qtdom\n php4-yp\n php4-curl\n php4-recode\n php4-sysvsem\n php4-dba\n mod_php4\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5015662 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65266);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2007-1660\", \"CVE-2006-7225\", \"CVE-2006-7224\", \"CVE-2006-7226\", \"CVE-2007-1659\", \"CVE-2006-7230\", \"CVE-2007-5898\", \"CVE-2007-4825\", \"CVE-2007-4782\", \"CVE-2007-4840\", \"CVE-2007-4784\", \"CVE-2007-3998\", \"CVE-2007-4661\", \"CVE-2007-2872\", \"CVE-2007-3996\", \"CVE-2007-4658\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for PHP4\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"php4-zlib\", rpm:\"php4-zlib~4.3.4~43.85\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:32:03", "description": "PHP version smaller than 5.3.3 suffers from multiple vulnerabilities.", "cvss3": {}, "published": "2012-06-21T00:00:00", "type": "openvas", "title": "PHP Version < 5.3.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2225", "CVE-2010-2484", "CVE-2010-2097", "CVE-2010-2531", "CVE-2010-3065", "CVE-2010-2191", "CVE-2007-1581", "CVE-2010-2190", "CVE-2010-3063", "CVE-2010-2101", "CVE-2010-3062", "CVE-2010-1860", "CVE-2010-3064", "CVE-2010-2100", "CVE-2010-1917", "CVE-2010-1864", "CVE-2010-1862", "CVE-2010-0397"], "modified": "2018-07-09T00:00:00", "id": "OPENVAS:1361412562310110182", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310110182", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n# $Id: nopsec_php_5_3_3.nasl 10460 2018-07-09 07:50:03Z cfischer $\n#\n# PHP Version < 5.3.3 Multiple Vulnerabilities\n#\n# Authors:\n# Songhan Yu <syu@nopsec.com>\n#\n# Copyright:\n# Copyright NopSec Inc. 2012, http://www.nopsec.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:php:php\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.110182\");\n script_version(\"$Revision: 10460 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-07-09 09:50:03 +0200 (Mon, 09 Jul 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-21 11:43:12 +0100 (Thu, 21 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2007-1581\", \"CVE-2010-0397\", \"CVE-2010-1860\", \"CVE-2010-1862\",\n \"CVE-2010-1864\", \"CVE-2010-1917\", \"CVE-2010-2097\", \"CVE-2010-2100\",\n \"CVE-2010-2101\", \"CVE-2010-2190\", \"CVE-2010-2191\", \"CVE-2010-2225\",\n \"CVE-2010-2484\", \"CVE-2010-2531\", \"CVE-2010-3062\", \"CVE-2010-3063\",\n \"CVE-2010-3064\", \"CVE-2010-3065\");\n script_bugtraq_id(38708, 40461, 40948, 41991);\n script_name(\"PHP Version < 5.3.3 Multiple Vulnerabilities\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"Copyright NopSec Inc. 2012\");\n script_dependencies(\"gb_php_detect.nasl\");\n script_mandatory_keys(\"php/installed\");\n\n script_tag(name:\"solution\", value:\"Update PHP to version 5.3.3 or later.\");\n\n script_tag(name:\"summary\", value:\"PHP version smaller than 5.3.3 suffers from multiple vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( isnull( port = get_app_port( cpe:CPE ) ) ) exit( 0 );\nif( ! vers = get_app_version( cpe:CPE, port:port ) ) exit( 0 );\n\nif( version_is_less( version:vers, test_version:\"5.3.3\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"5.3.3\" );\n security_message( data:report, port:port );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-12T11:20:39", "description": "Check for the Version of php4, php5", "cvss3": {}, "published": "2009-01-23T00:00:00", "type": "openvas", "title": "SuSE Update for php4, php5 SUSE-SA:2008:004", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2006-7226", "CVE-2007-4840", "CVE-2007-4782", "CVE-2006-7225", "CVE-2006-7227", "CVE-2006-7228", "CVE-2007-2872", "CVE-2007-4784", "CVE-2006-7230", "CVE-2005-4872", "CVE-2007-5898", "CVE-2007-4661", "CVE-2007-1659", "CVE-2007-4658", "CVE-2007-1660", "CVE-2007-3998", "CVE-2007-4825", "CVE-2007-3996", "CVE-2006-7224"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850047", "href": "http://plugins.openvas.org/nasl.php?oid=850047", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2008_004.nasl 8050 2017-12-08 09:34:29Z santu $\n#\n# SuSE Update for php4, php5 SUSE-SA:2008:004\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"php5 was updated to version 5.2.5 to fix several security\n vulnerabilities. For php4 on SLES9 the patches were backported.\n\n - php4 on SLES9 and php5 on SLES10/10.1 contained a copy of the pcre\n library which was vulnerable to several security issues. On SLES9\n the included library was patched. SLES10/10.1 now uses the system\n pcre library. 10.2 and 10.3 already used the system pcre library\n before.\n CVE-2006-7227\n CVE-2006-7228\n\n - flaws in processing multi byte sequences in htmlentities/htmlspecialchars\n CVE-2007-5898\n\n - overly long arguments to the dl() function could crash php\n CVE-2007-4825\n\n - overy long arguments to the glob() function could crash php\n CVE-2007-4782\n\n - overly long arguments to some iconv functions could crash php\n CVE-2007-4840\n\n - overy long arguments to the setlocale() function could crash php\n CVE-2007-4784\n\n - the wordwrap-function could cause a floating point exception\n CVE-2007-3998\n\n - overy long arguments to the fnmatch() function could crash php\n CVE-2007-4782\n\n - incorrect size calculation in the chunk_split function could lead\n to a buffer overflow\n CVE-2007-4661\n\n - flaws in the GD extension could lead to integer overflows\n CVE-2007-3996\n\n - the money_format function contained format string flaws\n CVE-2007-4658\";\n\ntag_impact = \"remote code execution\";\ntag_affected = \"php4, php5 on SUSE LINUX 10.1, openSUSE 10.2, openSUSE 10.3, SUSE SLES 9, Novell Linux Desktop 9 SDK, Open Enterprise Server, Novell Linux POS 9, SLE SDK 10 SP1, SUSE Linux Enterprise Server 10 SP1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850047);\n script_version(\"$Revision: 8050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-23 16:44:26 +0100 (Fri, 23 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"SUSE-SA\", value: \"2008-004\");\n script_cve_id(\"CVE-2005-4872\", \"CVE-2006-7224\", \"CVE-2006-7225\", \"CVE-2006-7226\", \"CVE-2006-7227\", \"CVE-2006-7228\", \"CVE-2006-7230\", \"CVE-2007-1659\", \"CVE-2007-1660\", \"CVE-2007-2872\", \"CVE-2007-3996\", \"CVE-2007-3998\", \"CVE-2007-4658\", \"CVE-2007-4661\", \"CVE-2007-4782\", \"CVE-2007-4784\", \"CVE-2007-4825\", \"CVE-2007-4840\", \"CVE-2007-5898\");\n script_name( \"SuSE Update for php4, php5 SUSE-SA:2008:004\");\n\n script_summary(\"Check for the Version of php4, php5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE10.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-hash\", rpm:\"php5-hash~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mhash\", rpm:\"php5-mhash~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-readline\", rpm:\"php5-readline~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.2.5~8.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE10.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-hash\", rpm:\"php5-hash~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-json\", rpm:\"php5-json~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mhash\", rpm:\"php5-mhash~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zip\", rpm:\"php5-zip~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.2.5~18.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLPOS9\")\n{\n\n if ((res = isrpmvuln(pkg:\"mod_php4-core\", rpm:\"mod_php4-core~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4\", rpm:\"php4~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-bcmath\", rpm:\"php4-bcmath~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-bz2\", rpm:\"php4-bz2~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-calendar\", rpm:\"php4-calendar~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-ctype\", rpm:\"php4-ctype~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-curl\", rpm:\"php4-curl~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-dba\", rpm:\"php4-dba~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-dbase\", rpm:\"php4-dbase~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-devel\", rpm:\"php4-devel~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-domxml\", rpm:\"php4-domxml~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-exif\", rpm:\"php4-exif~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-fastcgi\", rpm:\"php4-fastcgi~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-filepro\", rpm:\"php4-filepro~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-ftp\", rpm:\"php4-ftp~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-gd\", rpm:\"php4-gd~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-gettext\", rpm:\"php4-gettext~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-gmp\", rpm:\"php4-gmp~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-iconv\", rpm:\"php4-iconv~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-imap\", rpm:\"php4-imap~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-ldap\", rpm:\"php4-ldap~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mbstring\", rpm:\"php4-mbstring~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mcal\", rpm:\"php4-mcal~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mcrypt\", rpm:\"php4-mcrypt~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mhash\", rpm:\"php4-mhash~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mime_magic\", rpm:\"php4-mime_magic~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mysql\", rpm:\"php4-mysql~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-pear\", rpm:\"php4-pear~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-pgsql\", rpm:\"php4-pgsql~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-qtdom\", rpm:\"php4-qtdom~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-readline\", rpm:\"php4-readline~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-recode\", rpm:\"php4-recode~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-servlet\", rpm:\"php4-servlet~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-session\", rpm:\"php4-session~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-shmop\", rpm:\"php4-shmop~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-snmp\", rpm:\"php4-snmp~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-sockets\", rpm:\"php4-sockets~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-swf\", rpm:\"php4-swf~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-sysvsem\", rpm:\"php4-sysvsem~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-sysvshm\", rpm:\"php4-sysvshm~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-unixODBC\", rpm:\"php4-unixODBC~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-wddx\", rpm:\"php4-wddx~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-xslt\", rpm:\"php4-xslt~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-yp\", rpm:\"php4-yp~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-zlib\", rpm:\"php4-zlib~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php4\", rpm:\"apache-mod_php4~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php4\", rpm:\"apache2-mod_php4~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_php4\", rpm:\"mod_php4~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_php4-apache2\", rpm:\"mod_php4-apache2~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_php4-servlet\", rpm:\"mod_php4-servlet~4.3.4~43.85\", rls:\"NLPOS9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"OES\")\n{\n\n if ((res = isrpmvuln(pkg:\"mod_php4-core\", rpm:\"mod_php4-core~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4\", rpm:\"php4~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-bcmath\", rpm:\"php4-bcmath~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-bz2\", rpm:\"php4-bz2~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-calendar\", rpm:\"php4-calendar~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-ctype\", rpm:\"php4-ctype~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-curl\", rpm:\"php4-curl~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-dba\", rpm:\"php4-dba~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-dbase\", rpm:\"php4-dbase~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-devel\", rpm:\"php4-devel~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-domxml\", rpm:\"php4-domxml~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-exif\", rpm:\"php4-exif~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-fastcgi\", rpm:\"php4-fastcgi~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-filepro\", rpm:\"php4-filepro~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-ftp\", rpm:\"php4-ftp~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-gd\", rpm:\"php4-gd~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-gettext\", rpm:\"php4-gettext~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-gmp\", rpm:\"php4-gmp~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-iconv\", rpm:\"php4-iconv~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-imap\", rpm:\"php4-imap~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-ldap\", rpm:\"php4-ldap~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mbstring\", rpm:\"php4-mbstring~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mcal\", rpm:\"php4-mcal~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mcrypt\", rpm:\"php4-mcrypt~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mhash\", rpm:\"php4-mhash~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mime_magic\", rpm:\"php4-mime_magic~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mysql\", rpm:\"php4-mysql~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-pear\", rpm:\"php4-pear~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-pgsql\", rpm:\"php4-pgsql~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-qtdom\", rpm:\"php4-qtdom~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-readline\", rpm:\"php4-readline~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-recode\", rpm:\"php4-recode~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-servlet\", rpm:\"php4-servlet~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-session\", rpm:\"php4-session~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-shmop\", rpm:\"php4-shmop~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-snmp\", rpm:\"php4-snmp~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-sockets\", rpm:\"php4-sockets~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-swf\", rpm:\"php4-swf~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-sysvsem\", rpm:\"php4-sysvsem~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-sysvshm\", rpm:\"php4-sysvshm~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-unixODBC\", rpm:\"php4-unixODBC~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-wddx\", rpm:\"php4-wddx~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-xslt\", rpm:\"php4-xslt~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-yp\", rpm:\"php4-yp~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-zlib\", rpm:\"php4-zlib~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php4\", rpm:\"apache-mod_php4~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php4\", rpm:\"apache2-mod_php4~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_php4\", rpm:\"mod_php4~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_php4-apache2\", rpm:\"mod_php4-apache2~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_php4-servlet\", rpm:\"mod_php4-servlet~4.3.4~43.85\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLES9\")\n{\n\n if ((res = isrpmvuln(pkg:\"mod_php4-core\", rpm:\"mod_php4-core~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4\", rpm:\"php4~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-bcmath\", rpm:\"php4-bcmath~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-bz2\", rpm:\"php4-bz2~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-calendar\", rpm:\"php4-calendar~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-ctype\", rpm:\"php4-ctype~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-curl\", rpm:\"php4-curl~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-dba\", rpm:\"php4-dba~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-dbase\", rpm:\"php4-dbase~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-devel\", rpm:\"php4-devel~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-domxml\", rpm:\"php4-domxml~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-exif\", rpm:\"php4-exif~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-fastcgi\", rpm:\"php4-fastcgi~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-filepro\", rpm:\"php4-filepro~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-ftp\", rpm:\"php4-ftp~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-gd\", rpm:\"php4-gd~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-gettext\", rpm:\"php4-gettext~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-gmp\", rpm:\"php4-gmp~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-iconv\", rpm:\"php4-iconv~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-imap\", rpm:\"php4-imap~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-ldap\", rpm:\"php4-ldap~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mbstring\", rpm:\"php4-mbstring~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mcal\", rpm:\"php4-mcal~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mcrypt\", rpm:\"php4-mcrypt~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mhash\", rpm:\"php4-mhash~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mime_magic\", rpm:\"php4-mime_magic~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mysql\", rpm:\"php4-mysql~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-pear\", rpm:\"php4-pear~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-pgsql\", rpm:\"php4-pgsql~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-qtdom\", rpm:\"php4-qtdom~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-readline\", rpm:\"php4-readline~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-recode\", rpm:\"php4-recode~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-servlet\", rpm:\"php4-servlet~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-session\", rpm:\"php4-session~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-shmop\", rpm:\"php4-shmop~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-snmp\", rpm:\"php4-snmp~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-sockets\", rpm:\"php4-sockets~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-swf\", rpm:\"php4-swf~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-sysvsem\", rpm:\"php4-sysvsem~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-sysvshm\", rpm:\"php4-sysvshm~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-unixODBC\", rpm:\"php4-unixODBC~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-wddx\", rpm:\"php4-wddx~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-xslt\", rpm:\"php4-xslt~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-yp\", rpm:\"php4-yp~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-zlib\", rpm:\"php4-zlib~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php4\", rpm:\"apache-mod_php4~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php4\", rpm:\"apache2-mod_php4~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_php4\", rpm:\"mod_php4~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_php4-apache2\", rpm:\"mod_php4-apache2~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_php4-servlet\", rpm:\"mod_php4-servlet~4.3.4~43.85\", rls:\"SLES9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLDk9SDK\")\n{\n\n if ((res = isrpmvuln(pkg:\"mod_php4-core\", rpm:\"mod_php4-core~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4\", rpm:\"php4~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-bcmath\", rpm:\"php4-bcmath~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-bz2\", rpm:\"php4-bz2~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-calendar\", rpm:\"php4-calendar~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-ctype\", rpm:\"php4-ctype~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-curl\", rpm:\"php4-curl~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-dba\", rpm:\"php4-dba~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-dbase\", rpm:\"php4-dbase~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-devel\", rpm:\"php4-devel~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-domxml\", rpm:\"php4-domxml~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-exif\", rpm:\"php4-exif~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-fastcgi\", rpm:\"php4-fastcgi~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-filepro\", rpm:\"php4-filepro~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-ftp\", rpm:\"php4-ftp~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-gd\", rpm:\"php4-gd~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-gettext\", rpm:\"php4-gettext~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-gmp\", rpm:\"php4-gmp~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-iconv\", rpm:\"php4-iconv~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-imap\", rpm:\"php4-imap~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-ldap\", rpm:\"php4-ldap~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mbstring\", rpm:\"php4-mbstring~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mcal\", rpm:\"php4-mcal~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mcrypt\", rpm:\"php4-mcrypt~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mhash\", rpm:\"php4-mhash~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mime_magic\", rpm:\"php4-mime_magic~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-mysql\", rpm:\"php4-mysql~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-pear\", rpm:\"php4-pear~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-pgsql\", rpm:\"php4-pgsql~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-qtdom\", rpm:\"php4-qtdom~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-readline\", rpm:\"php4-readline~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-recode\", rpm:\"php4-recode~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-servlet\", rpm:\"php4-servlet~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-session\", rpm:\"php4-session~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-shmop\", rpm:\"php4-shmop~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-snmp\", rpm:\"php4-snmp~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-sockets\", rpm:\"php4-sockets~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-swf\", rpm:\"php4-swf~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-sysvsem\", rpm:\"php4-sysvsem~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-sysvshm\", rpm:\"php4-sysvshm~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-unixODBC\", rpm:\"php4-unixODBC~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-wddx\", rpm:\"php4-wddx~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-xslt\", rpm:\"php4-xslt~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-yp\", rpm:\"php4-yp~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php4-zlib\", rpm:\"php4-zlib~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache-mod_php4\", rpm:\"apache-mod_php4~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php4\", rpm:\"apache2-mod_php4~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_php4\", rpm:\"mod_php4~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_php4-apache2\", rpm:\"mod_php4-apache2~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_php4-servlet\", rpm:\"mod_php4-servlet~4.3.4~43.85\", rls:\"NLDk9SDK\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"LES10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-filepro\", rpm:\"php5-filepro~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mhash\", rpm:\"php5-mhash~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysqli\", rpm:\"php5-mysqli~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.1.2~29.50\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESDK10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-filepro\", rpm:\"php5-filepro~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mhash\", rpm:\"php5-mhash~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysqli\", rpm:\"php5-mysqli~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-suhosin\", rpm:\"php5-suhosin~5.1.2~29.50\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SL10.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache2-mod_php5\", rpm:\"apache2-mod_php5~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5\", rpm:\"php5~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bcmath\", rpm:\"php5-bcmath~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-bz2\", rpm:\"php5-bz2~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-calendar\", rpm:\"php5-calendar~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ctype\", rpm:\"php5-ctype~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-curl\", rpm:\"php5-curl~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dba\", rpm:\"php5-dba~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dbase\", rpm:\"php5-dbase~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-devel\", rpm:\"php5-devel~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-dom\", rpm:\"php5-dom~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-exif\", rpm:\"php5-exif~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-fastcgi\", rpm:\"php5-fastcgi~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-filepro\", rpm:\"php5-filepro~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ftp\", rpm:\"php5-ftp~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gd\", rpm:\"php5-gd~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gettext\", rpm:\"php5-gettext~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-gmp\", rpm:\"php5-gmp~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-iconv\", rpm:\"php5-iconv~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-imap\", rpm:\"php5-imap~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ldap\", rpm:\"php5-ldap~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mbstring\", rpm:\"php5-mbstring~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mcrypt\", rpm:\"php5-mcrypt~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mhash\", rpm:\"php5-mhash~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysql\", rpm:\"php5-mysql~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-mysqli\", rpm:\"php5-mysqli~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-ncurses\", rpm:\"php5-ncurses~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-odbc\", rpm:\"php5-odbc~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-openssl\", rpm:\"php5-openssl~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pcntl\", rpm:\"php5-pcntl~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo\", rpm:\"php5-pdo~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo_mysql\", rpm:\"php5-pdo_mysql~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo_pgsql\", rpm:\"php5-pdo_pgsql~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pdo_sqlite\", rpm:\"php5-pdo_sqlite~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pear\", rpm:\"php5-pear~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pgsql\", rpm:\"php5-pgsql~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-posix\", rpm:\"php5-posix~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-pspell\", rpm:\"php5-pspell~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-shmop\", rpm:\"php5-shmop~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-snmp\", rpm:\"php5-snmp~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-soap\", rpm:\"php5-soap~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sockets\", rpm:\"php5-sockets~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sqlite\", rpm:\"php5-sqlite~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvmsg\", rpm:\"php5-sysvmsg~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvsem\", rpm:\"php5-sysvsem~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-sysvshm\", rpm:\"php5-sysvshm~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tidy\", rpm:\"php5-tidy~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-tokenizer\", rpm:\"php5-tokenizer~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-wddx\", rpm:\"php5-wddx~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlreader\", rpm:\"php5-xmlreader~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlrpc\", rpm:\"php5-xmlrpc~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xmlwriter\", rpm:\"php5-xmlwriter~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-xsl\", rpm:\"php5-xsl~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php5-zlib\", rpm:\"php5-zlib~5.1.2~29.50\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:19", "description": "The remote host is missing updates announced in\nadvisory GLSA 200710-02.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200710-02 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4660", "CVE-2007-4840", "CVE-2007-4782", "CVE-2007-4727", "CVE-2007-2872", "CVE-2007-4670", "CVE-2007-4784", "CVE-2007-4659", "CVE-2007-4887", "CVE-2007-4661", "CVE-2007-3806", "CVE-2007-2756", "CVE-2007-4658", "CVE-2007-4657", "CVE-2007-4652", "CVE-2007-3007", "CVE-2007-3998", "CVE-2007-4783", "CVE-2007-4662", "CVE-2007-1883", "CVE-2007-4663", "CVE-2007-4825", "CVE-2007-1887", "CVE-2007-3996", "CVE-2007-3378", "CVE-2007-1900", "CVE-2007-3997"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:58650", "href": "http://plugins.openvas.org/nasl.php?oid=58650", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PHP contains several vulnerabilities including buffer and integer overflows\nwhich could lead to the remote execution of arbitrary code.\";\ntag_solution = \"All PHP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.2.4_p20070914-r2'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200710-02\nhttp://bugs.gentoo.org/show_bug.cgi?id=179158\nhttp://bugs.gentoo.org/show_bug.cgi?id=180556\nhttp://bugs.gentoo.org/show_bug.cgi?id=191034\nhttp://www.gentoo.org/security/en/glsa/glsa-200705-19.xml\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200710-02.\";\n\n \n\nif(description)\n{\n script_id(58650);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-1883\", \"CVE-2007-1887\", \"CVE-2007-1900\", \"CVE-2007-2756\", \"CVE-2007-2872\", \"CVE-2007-3007\", \"CVE-2007-3378\", \"CVE-2007-3806\", \"CVE-2007-3996\", \"CVE-2007-3997\", \"CVE-2007-3998\", \"CVE-2007-4652\", \"CVE-2007-4657\", \"CVE-2007-4658\", \"CVE-2007-4659\", \"CVE-2007-4660\", \"CVE-2007-4661\", \"CVE-2007-4662\", \"CVE-2007-4663\", \"CVE-2007-4670\", \"CVE-2007-4727\", \"CVE-2007-4782\", \"CVE-2007-4783\", \"CVE-2007-4784\", \"CVE-2007-4825\", \"CVE-2007-4840\", \"CVE-2007-4887\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_name(\"Gentoo Security Advisory GLSA 200710-02 (php)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.2.4_p20070914-r2\"), vulnerable: make_list(\"lt 5.2.4_p20070914-r2\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:00", "description": "The remote host is missing updates announced in\nadvisory GLSA 201110-06.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201110-06 (php)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0421", "CVE-2011-0752", "CVE-2011-1467", "CVE-2011-1153", "CVE-2011-1471", "CVE-2010-1129", "CVE-2010-2225", "CVE-2010-1868", "CVE-2011-1148", "CVE-2010-2484", "CVE-2010-2097", "CVE-2011-1466", "CVE-2010-2531", "CVE-2011-3189", "CVE-2010-3065", "CVE-2010-2191", "CVE-2011-1938", "CVE-2010-4697", "CVE-2010-1866", "CVE-2010-1915", "CVE-2011-1092", "CVE-2010-4698", "CVE-2011-2483", "CVE-2006-7243", "CVE-2011-0753", "CVE-2010-4645", "CVE-2010-3436", "CVE-2010-2093", "CVE-2011-1657", "CVE-2011-0708", "CVE-2010-3870", "CVE-2011-3268", "CVE-2010-1861", "CVE-2010-2190", "CVE-2010-3063", "CVE-2011-3182", "CVE-2010-2101", "CVE-2011-1468", "CVE-2011-0420", "CVE-2010-3062", "CVE-2010-1914", "CVE-2011-1470", "CVE-2010-1860", "CVE-2010-2094", "CVE-2010-3709", "CVE-2010-3064", "CVE-2011-1469", "CVE-2009-5016", "CVE-2011-3267", "CVE-2010-3710", "CVE-2010-4150", "CVE-2011-1464", "CVE-2011-0755", "CVE-2010-4699", "CVE-2010-1130", "CVE-2010-2100", "CVE-2011-2202", "CVE-2010-2950", "CVE-2010-4700", "CVE-2010-1917", "CVE-2010-1128", "CVE-2010-1864", "CVE-2010-4409", "CVE-2010-1862"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231070769", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070769", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201110_06.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70769\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2006-7243\", \"CVE-2009-5016\", \"CVE-2010-1128\", \"CVE-2010-1129\", \"CVE-2010-1130\", \"CVE-2010-1860\", \"CVE-2010-1861\", \"CVE-2010-1862\", \"CVE-2010-1864\", \"CVE-2010-1866\", \"CVE-2010-1868\", \"CVE-2010-1914\", \"CVE-2010-1915\", \"CVE-2010-1917\", \"CVE-2010-2093\", \"CVE-2010-2094\", \"CVE-2010-2097\", \"CVE-2010-2100\", \"CVE-2010-2101\", \"CVE-2010-2190\", \"CVE-2010-2191\", \"CVE-2010-2225\", \"CVE-2010-2484\", \"CVE-2010-2531\", \"CVE-2010-2950\", \"CVE-2010-3062\", \"CVE-2010-3063\", \"CVE-2010-3064\", \"CVE-2010-3065\", \"CVE-2010-3436\", \"CVE-2010-3709\", \"CVE-2010-3710\", \"CVE-2010-3870\", \"CVE-2010-4150\", \"CVE-2010-4409\", \"CVE-2010-4645\", \"CVE-2010-4697\", \"CVE-2010-4698\", \"CVE-2010-4699\", \"CVE-2010-4700\", \"CVE-2011-0420\", \"CVE-2011-0421\", \"CVE-2011-0708\", \"CVE-2011-0752\", \"CVE-2011-0753\", \"CVE-2011-0755\", \"CVE-2011-1092\", \"CVE-2011-1148\", \"CVE-2011-1153\", \"CVE-2011-1464\", \"CVE-2011-1466\", \"CVE-2011-1467\", \"CVE-2011-1468\", \"CVE-2011-1469\", \"CVE-2011-1470\", \"CVE-2011-1471\", \"CVE-2011-1657\", \"CVE-2011-1938\", \"CVE-2011-2202\", \"CVE-2011-2483\", \"CVE-2011-3182\", \"CVE-2011-3189\", \"CVE-2011-3267\", \"CVE-2011-3268\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:39 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201110-06 (php)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities were found in PHP, the worst of which\n leading to remote execution of arbitrary code.\");\n script_tag(name:\"solution\", value:\"All PHP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/php-5.3.8'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201110-06\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=306939\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=332039\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=340807\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=350908\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=355399\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=358791\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=358975\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=369071\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=372745\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=373965\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=380261\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201110-06.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"dev-lang/php\", unaffected: make_list(\"ge 5.3.8\"), vulnerable: make_list(\"lt 5.3.8\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-11T14:22:29", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2011-0012.3.", "cvss3": {}, "published": "2012-03-16T00:00:00", "type": "openvas", "title": "VMware ESXi/ESX updates to third party libraries and ESX Service Console (VMSA-2011-0012.3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-2942", "CVE-2011-0521", "CVE-2010-3904", "CVE-2010-3078", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4346", "CVE-2011-1658", "CVE-2010-2492", "CVE-2010-4083", "CVE-2010-2943", "CVE-2011-1494", "CVE-2010-0296", "CVE-2011-1478", "CVE-2010-3859", "CVE-2010-3477", "CVE-2010-3086", "CVE-2010-4251", "CVE-2010-4080", "CVE-2010-4343", "CVE-2010-3877", "CVE-2010-4158", "CVE-2010-3876", "CVE-2011-1659", "CVE-2010-3296", "CVE-2010-4526", "CVE-2010-3015", "CVE-2011-0710", "CVE-2011-0281", "CVE-2010-2938", "CVE-2010-4247", "CVE-2010-4263", "CVE-2010-3442", "CVE-2010-4248", "CVE-2011-1495", "CVE-2010-4243", "CVE-2010-3066", "CVE-2011-1071", "CVE-2010-3880", "CVE-2010-1083", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4161", "CVE-2011-1010", "CVE-2010-3858", "CVE-2010-3067", "CVE-2010-3699", "CVE-2010-4238", "CVE-2011-0282", "CVE-2011-1095", "CVE-2010-4255", "CVE-2010-2798", "CVE-2010-3432", "CVE-2011-1090", "CVE-2011-0536", "CVE-2010-1323", "CVE-2010-4075", "CVE-2010-4655"], "modified": "2019-12-18T00:00:00", "id": "OPENVAS:1361412562310103455", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103455", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX Service Console\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103455\");\n script_cve_id(\"CVE-2010-1083\", \"CVE-2010-2492\", \"CVE-2010-2798\", \"CVE-2010-2938\", \"CVE-2010-2942\",\n \"CVE-2010-2943\", \"CVE-2010-3015\", \"CVE-2010-3066\", \"CVE-2010-3067\", \"CVE-2010-3078\",\n \"CVE-2010-3086\", \"CVE-2010-3296\", \"CVE-2010-3432\", \"CVE-2010-3442\", \"CVE-2010-3477\",\n \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3876\",\n \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-3904\", \"CVE-2010-4072\", \"CVE-2010-4073\",\n \"CVE-2010-4075\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4157\",\n \"CVE-2010-4158\", \"CVE-2010-4161\", \"CVE-2010-4238\", \"CVE-2010-4242\", \"CVE-2010-4243\",\n \"CVE-2010-4247\", \"CVE-2010-4248\", \"CVE-2010-4249\", \"CVE-2010-4251\", \"CVE-2010-4255\",\n \"CVE-2010-4263\", \"CVE-2010-4343\", \"CVE-2010-4346\", \"CVE-2010-4526\", \"CVE-2010-4655\",\n \"CVE-2011-0521\", \"CVE-2011-0710\", \"CVE-2011-1010\", \"CVE-2011-1090\", \"CVE-2011-1478\",\n \"CVE-2010-1323\", \"CVE-2011-0281\", \"CVE-2011-0282\", \"CVE-2010-0296\", \"CVE-2011-0536\",\n \"CVE-2011-1071\", \"CVE-2011-1095\", \"CVE-2011-1658\", \"CVE-2011-1659\", \"CVE-2011-1494\",\n \"CVE-2011-1495\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:C/I:C/A:N\");\n script_version(\"2019-12-18T11:13:08+0000\");\n script_name(\"VMware ESXi/ESX updates to third party libraries and ESX Service Console (VMSA-2011-0012.3)\");\n script_tag(name:\"last_modification\", value:\"2019-12-18 11:13:08 +0000 (Wed, 18 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-03-16 12:42:13 +0100 (Fri, 16 Mar 2012)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\", \"VMware/ESX/version\");\n\n script_xref(name:\"URL\", value:\"http://www.vmware.com/security/advisories/VMSA-2011-0012.html\");\n\n script_tag(name:\"summary\", value:\"The remote ESXi is missing one or more security related Updates from VMSA-2011-0012.3.\");\n\n script_tag(name:\"affected\", value:\"ESXi 5.0 without patch ESXi500-201112401-SG\n\n ESXi 4.1 without patch ESXi410-201110201-SG\n\n ESX 4.1 without patches ESX410-201110201-SG and ESX410-201110224-SG\n\n ESXi 4.0 without patch ESXi400-201110401-SG\n\n ESX 4.0 without patches ESX400-201110401-SG, ESX400-201110403-SG and ESX400-201110409-SG\n\n ESXi 3.5 without patch ESXe350-201203401-I-SG\n\n ESX 3.5 without patch ESX350-201203403-SG\");\n\n script_tag(name:\"insight\", value:\"VMware ESXi and ESX updates to third party libraries and ESX Service Console address several security issues.\n\n a. ESX third party update for Service Console kernel\n\n This update takes the console OS kernel package to kernel-2.6.18-238.9.1 which resolves multiple security issues.\n\n b. ESX third party update for Service Console krb5 RPMs\n\n This patch updates the krb5-libs and krb5-workstation RPMs of the console OS to version 1.6.1-55.el5_6.1, which resolves multiple security issues.\n\n c. ESXi and ESX update to third party component glibc\n\n The glibc third-party library is updated to resolve multiple security issues.\n\n d. ESX update to third party drivers mptsas, mpt2sas, and mptspi\n\n The mptsas, mpt2sas, and mptspi drivers are updated which addresses multiple security issues in the mpt2sas driver.\");\n\n script_tag(name:\"solution\", value:\"Apply the missing patch(es).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if the target host is missing one or more patch(es).\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"vmware_esx.inc\");\ninclude(\"version_func.inc\");\n\nif(!get_kb_item(\"VMware/ESXi/LSC\"))\n exit(0);\n\nif(!esxVersion = get_kb_item(\"VMware/ESX/version\"))\n exit(0);\n\npatches = make_array(\"4.1.0\", \"ESXi410-201110201-SG\",\n \"4.0.0\", \"ESXi400-201110401-SG\",\n \"5.0.0\", \"VIB:esx-base:5.0.0-0.3.515841\");\n\nif(!patches[esxVersion])\n exit(99);\n\nif(report = esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:10:46", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2011-0012.3.\n\nSummary\n\nVMware ESXi and ESX updates to third party libraries and ESX Service Console address several security issues.\n\nRelevant releases\n\nESXi 5.0 without patch ESXi500-201112401-SG.\nESXi 4.1 without patch ESXi410-201110201-SG.\nESX 4.1 without patches ESX410-201110201-SG and ESX410-201110224-SG.\nESXi 4.0 without patch ESXi400-201110401-SG.\nESX 4.0 without patches ESX400-201110401-SG, ESX400-201110403-SG and ESX400-201110409-SG.\nESXi 3.5 without patch ESXe350-201203401-I-SG.\nESX 3.5 without patch ESX350-201203403-SG.\n\nProblem Description\n\na. ESX third party update for Service Console kernel\n\n This update takes the console OS kernel package to kernel-2.6.18-238.9.1 which resolves multiple security\n issues.\n\nb. ESX third party update for Service Console krb5 RPMs\n\n This patch updates the krb5-libs and krb5-workstation RPMs of the console OS to version 1.6.1-55.el5_6.1,\n which resolves multiple security issues.\n\nc. ESXi and ESX update to third party component glibc\n\n The glibc third-party library is updated to resolve multiple security issues.\n\nd. ESX update to third party drivers mptsas, mpt2sas, and mptspi\n\n The mptsas, mpt2sas, and mptspi drivers are updated which addresses multiple security issues in the mpt2sas\n driver.", "cvss3": {}, "published": "2012-03-16T00:00:00", "type": "openvas", "title": "VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX Service Console", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-2942", "CVE-2011-0521", "CVE-2010-3904", "CVE-2010-3078", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4346", "CVE-2011-1658", "CVE-2010-2492", "CVE-2010-4083", "CVE-2010-2943", "CVE-2011-1494", "CVE-2010-0296", "CVE-2011-1478", "CVE-2010-3859", "CVE-2010-3477", "CVE-2010-3086", "CVE-2010-4251", "CVE-2010-4080", "CVE-2010-4343", "CVE-2010-3877", "CVE-2010-4158", "CVE-2010-3876", "CVE-2011-1659", "CVE-2010-3296", "CVE-2010-4526", "CVE-2010-3015", "CVE-2011-0710", "CVE-2011-0281", "CVE-2010-2938", "CVE-2010-4247", "CVE-2010-4263", "CVE-2010-3442", "CVE-2010-4248", "CVE-2011-1495", "CVE-2010-4243", "CVE-2010-3066", "CVE-2011-1071", "CVE-2010-3880", "CVE-2010-1083", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4161", "CVE-2011-1010", "CVE-2010-3858", "CVE-2010-3067", "CVE-2010-3699", "CVE-2010-4238", "CVE-2011-0282", "CVE-2011-1095", "CVE-2010-4255", "CVE-2010-2798", "CVE-2010-3432", "CVE-2011-1090", "CVE-2011-0536", "CVE-2010-1323", "CVE-2010-4075", "CVE-2010-4655"], "modified": "2017-04-17T00:00:00", "id": "OPENVAS:103455", "href": "http://plugins.openvas.org/nasl.php?oid=103455", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_VMSA-2011-0012.nasl 5958 2017-04-17 09:02:19Z teissa $\n#\n# VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX Service Console\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_solution = \"Apply the missing patch(es).\n\nSee Also:\nhttp://www.vmware.com/security/advisories/VMSA-2011-0012.html\";\n\ntag_summary = \"The remote ESXi is missing one or more security related Updates from VMSA-2011-0012.3.\n\nSummary\n\nVMware ESXi and ESX updates to third party libraries and ESX Service Console address several security issues.\n\nRelevant releases\n\nESXi 5.0 without patch ESXi500-201112401-SG.\nESXi 4.1 without patch ESXi410-201110201-SG.\nESX 4.1 without patches ESX410-201110201-SG and ESX410-201110224-SG.\nESXi 4.0 without patch ESXi400-201110401-SG.\nESX 4.0 without patches ESX400-201110401-SG, ESX400-201110403-SG and ESX400-201110409-SG.\nESXi 3.5 without patch ESXe350-201203401-I-SG.\nESX 3.5 without patch ESX350-201203403-SG.\n\nProblem Description\n\na. ESX third party update for Service Console kernel\n\n This update takes the console OS kernel package to kernel-2.6.18-238.9.1 which resolves multiple security\n issues.\n\nb. ESX third party update for Service Console krb5 RPMs\n\n This patch updates the krb5-libs and krb5-workstation RPMs of the console OS to version 1.6.1-55.el5_6.1,\n which resolves multiple security issues.\n\nc. ESXi and ESX update to third party component glibc\n\n The glibc third-party library is updated to resolve multiple security issues.\n\nd. ESX update to third party drivers mptsas, mpt2sas, and mptspi\n\n The mptsas, mpt2sas, and mptspi drivers are updated which addresses multiple security issues in the mpt2sas\n driver.\";\n\n\nif (description)\n{\n script_id(103455);\n script_cve_id(\"CVE-2010-1083\",\"CVE-2010-2492\",\"CVE-2010-2798\",\"CVE-2010-2938\",\"CVE-2010-2942\",\"CVE-2010-2943\",\"CVE-2010-3015\",\"CVE-2010-3066\",\"CVE-2010-3067\",\"CVE-2010-3078\",\"CVE-2010-3086\",\"CVE-2010-3296\",\"CVE-2010-3432\",\"CVE-2010-3442\",\"CVE-2010-3477\",\"CVE-2010-3699\",\"CVE-2010-3858\",\"CVE-2010-3859\",\"CVE-2010-3865\",\"CVE-2010-3876\",\"CVE-2010-3877\",\"CVE-2010-3880\",\"CVE-2010-3904\",\"CVE-2010-4072\",\"CVE-2010-4073\",\"CVE-2010-4075\",\"CVE-2010-4080\",\"CVE-2010-4081\",\"CVE-2010-4083\",\"CVE-2010-4157\",\"CVE-2010-4158\",\"CVE-2010-4161\",\"CVE-2010-4238\",\"CVE-2010-4242\",\"CVE-2010-4243\",\"CVE-2010-4247\",\"CVE-2010-4248\",\"CVE-2010-4249\",\"CVE-2010-4251\",\"CVE-2010-4255\",\"CVE-2010-4263\",\"CVE-2010-4343\",\"CVE-2010-4346\",\"CVE-2010-4526\",\"CVE-2010-4655\",\"CVE-2011-0521\",\"CVE-2011-0710\",\"CVE-2011-1010\",\"CVE-2011-1090\",\"CVE-2011-1478\",\"CVE-2010-1323\",\"CVE-2011-0281\",\"CVE-2011-0282 CVE-2010-0296\",\"CVE-2011-0536\",\"CVE-2011-1071\",\"CVE-2011-1095\",\"CVE-2011-1658\",\"CVE-2011-1659 CVE-2011-1494\",\"CVE-2011-1495\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:C/I:C/A:N\");\n script_version (\"$Revision: 5958 $\");\n script_name(\"VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX Service Console\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-17 11:02:19 +0200 (Mon, 17 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-16 12:42:13 +0100 (Fri, 16 Mar 2012)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\",\"VMware/ESX/version\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"vmware_esx.inc\");\ninclude(\"version_func.inc\");\n\nif(!get_kb_item('VMware/ESXi/LSC'))exit(0);\nif(! esxVersion = get_kb_item(\"VMware/ESX/version\"))exit(0);\n\npatches = make_array(\"4.1.0\",\"ESXi410-201110201-SG\",\n \"4.0.0\",\"ESXi400-201110401-SG\",\n \"5.0.0\",\"VIB:esx-base:5.0.0-0.3.515841\");\n\nif(!patches[esxVersion])exit(0);\n\nif(_esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n\n security_message(port:0);\n exit(0);\n\n}\n\nexit(99);\n", "cvss": {"score": 7.9, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:NONE/"}}], "slackware": [{"lastseen": "2023-12-02T15:37:59", "description": "New php packages are available for Slackware 11.0 (extra), 12.0, 12.1, 12.2,\n13.0, 13.1, and -current to fix security issues.\n\n\nHere are the details from the Slackware 13.1 ChangeLog:\n\npatches/packages/php-5.2.14-i486-1_slack13.1.txz: Upgraded.\n Fixed several security issues.\n For more information, see:\n https://vulners.com/cve/CVE-2010-1917\n https://vulners.com/cve/CVE-2010-2225\n http://www.php-security.org/2010/05/31/mops-2010-060-php-session-serializer-session-data-injection-vulnerability/index.html\n http://www.php-security.org/2010/06/25/mops-2010-061-php-splobjectstorage-deserialization-use-after-free-vulnerability/index.html\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 11.0 (extra package):\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/extra/php5/php-5.2.14-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/php-5.2.14-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/php-5.2.14-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/php-5.2.14-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/php-5.2.14-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/php-5.2.14-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/php-5.2.14-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/php-5.2.14-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.2.14-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.2.14-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 11.0 package:\n2486886930228a69dcf24855fa191a33 php-5.2.14-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\n39939678a81c6540346084d5636dbeb5 php-5.2.14-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\ndcba3ce28a66dd850d1505e64b93892e php-5.2.14-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\n47c960d87d203f36821b93a315dcfc11 php-5.2.14-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\nf77e140103994b23a674145e3165dba3 php-5.2.14-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n180ce96682a29c7886e879f4f44039f5 php-5.2.14-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n45db44e597510b60a9317a5b42dfe858 php-5.2.14-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\na0518cf82dda7aaa683f175803039d40 php-5.2.14-x86_64-1_slack13.1.txz\n\nSlackware -current package:\n71f3b18bc9def838ac70923e9802c5cd n/php-5.2.14-i486-1.txz\n\nSlackware x86_64 -current package:\ned7e1aae19b996734865738857a1d24a n/php-5.2.14-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg php-5.2.14-i486-1_slack13.1.txz\n\nThen, restart Apache httpd:\n > /etc/rc.d/rc.httpd stop\n > /etc/rc.d/rc.httpd start", "cvss3": {}, "published": "2010-08-28T16:53:00", "type": "slackware", "title": "[slackware-security] php", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1917", "CVE-2010-2225"], "modified": "2010-08-28T16:53:00", "id": "SSA-2010-240-04", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.507793", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-12-02T15:30:22", "description": "New php packages are available for Slackware 11.0 (extra), 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues.", "cvss3": {}, "published": "2010-08-29T00:00:00", "type": "nessus", "title": "Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / current : php (SSA:2010-240-04)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1917", "CVE-2010-2225"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:php", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.1", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:13.1"], "id": "SLACKWARE_SSA_2010-240-04.NASL", "href": "https://www.tenable.com/plugins/nessus/48921", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2010-240-04. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48921);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1917\", \"CVE-2010-2225\");\n script_bugtraq_id(40948, 41991);\n script_xref(name:\"SSA\", value:\"2010-240-04\");\n\n script_name(english:\"Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / current : php (SSA:2010-240-04)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New php packages are available for Slackware 11.0 (extra), 12.0,\n12.1, 12.2, 13.0, 13.1, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.507793\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?73b099e9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected php package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:php\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"11.0\", pkgname:\"php\", pkgver:\"5.2.14\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"php\", pkgver:\"5.2.14\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"php\", pkgver:\"5.2.14\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"php\", pkgver:\"5.2.14\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"php\", pkgver:\"5.2.14\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.2.14\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"13.1\", pkgname:\"php\", pkgver:\"5.2.14\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.2.14\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"php\", pkgver:\"5.2.14\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"php\", pkgver:\"5.2.14\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-01T14:54:52", "description": "Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.", "cvss3": {}, "published": "2016-08-19T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : glibc vulnerability (SOL09408132)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1071", "CVE-2011-1659"], "modified": "2021-03-10T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL09408132.NASL", "href": "https://www.tenable.com/plugins/nessus/93030", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL09408132.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93030);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/10\");\n\n script_cve_id(\"CVE-2011-1071\", \"CVE-2011-1659\");\n script_bugtraq_id(46563, 64464);\n\n script_name(english:\"F5 Networks BIG-IP : glibc vulnerability (SOL09408132)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or\nlibc6) 2.13 and earlier allows context-dependent attackers to cause a\ndenial of service (application crash) via a long UTF8 string that is\nused in an fnmatch call with a crafted pattern argument, a different\nvulnerability than CVE-2011-1071.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K09408132\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL09408132.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/04/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL09408132\";\nvmatrix = make_array();\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"10.2.1-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"12.0.0-12.1.0\",\"11.4.0-11.6.1\",\"11.2.1\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"10.2.1-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"12.0.0-12.1.0\",\"11.4.0-11.6.1\",\"11.2.1\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"10.2.1-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.4.0-11.6.1\",\"11.2.1\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"10.2.1-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"12.0.0-12.1.0\",\"11.4.0-11.6.1\",\"11.2.1\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"10.2.1-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"12.0.0-12.1.0\",\"11.4.0-11.6.1\",\"11.2.1\");\n\n# PSM\nvmatrix[\"PSM\"] = make_array();\nvmatrix[\"PSM\"][\"affected\" ] = make_list(\"10.2.1-10.2.4\");\nvmatrix[\"PSM\"][\"unaffected\"] = make_list(\"11.4.0-11.4.1\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"10.2.1-10.2.4\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"11.2.1\");\n\n# WOM\nvmatrix[\"WOM\"] = make_array();\nvmatrix[\"WOM\"][\"affected\" ] = make_list(\"10.2.1-10.2.4\");\nvmatrix[\"WOM\"][\"unaffected\"] = make_list(\"11.2.1\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:46:55", "description": "Multiple vulnerabilities was discovered and fixed in glibc :\n\nMultiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has in (a) RPATH or (b) RUNPATH. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847 (CVE-2011-0536).\n\nThe GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a stack extension attack, a related issue to CVE-2010-2898, as originally reported for use of this library by Google Chrome (CVE-2011-1071).\n\nThe addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296 (CVE-2011-1089).\n\nlocale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function (CVE-2011-1095).\n\nInteger overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071 (CVE-2011-1659).\n\ncrypt_blowfish before 1.1, as used in glibc on certain platforms, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash (CVE-2011-2483).\n\nThe updated packages have been patched to correct these issues.", "cvss3": {}, "published": "2011-11-28T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : glibc (MDVSA-2011:178)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0296", "CVE-2010-2898", "CVE-2010-3847", "CVE-2011-0536", "CVE-2011-1071", "CVE-2011-1089", "CVE-2011-1095", "CVE-2011-1659", "CVE-2011-2483"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:glibc", "p-cpe:/a:mandriva:linux:glibc-devel", "p-cpe:/a:mandriva:linux:glibc-doc", "p-cpe:/a:mandriva:linux:glibc-doc-pdf", "p-cpe:/a:mandriva:linux:glibc-i18ndata", "p-cpe:/a:mandriva:linux:glibc-profile", "p-cpe:/a:mandriva:linux:glibc-static-devel", "p-cpe:/a:mandriva:linux:glibc-utils", "p-cpe:/a:mandriva:linux:nscd", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2011-178.NASL", "href": "https://www.tenable.com/plugins/nessus/56953", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:178. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56953);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2011-0536\",\n \"CVE-2011-1071\",\n \"CVE-2011-1089\",\n \"CVE-2011-1095\",\n \"CVE-2011-1659\",\n \"CVE-2011-2483\"\n );\n script_bugtraq_id(\n 46563,\n 46740,\n 47370,\n 49241\n );\n script_xref(name:\"MDVSA\", value:\"2011:178\");\n\n script_name(english:\"Mandriva Linux Security Advisory : glibc (MDVSA-2011:178)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities was discovered and fixed in glibc :\n\nMultiple untrusted search path vulnerabilities in elf/dl-object.c in\ncertain modified versions of the GNU C Library (aka glibc or libc6),\nincluding glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat\nEnterprise Linux, allow local users to gain privileges via a crafted\ndynamic shared object (DSO) in a subdirectory of the current working\ndirectory during execution of a (1) setuid or (2) setgid program that\nhas in (a) RPATH or (b) RUNPATH. NOTE: this issue exists because of an\nincorrect fix for CVE-2010-3847 (CVE-2011-0536).\n\nThe GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded\nGLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary\ncode or cause a denial of service (memory consumption) via a long UTF8\nstring that is used in an fnmatch call, aka a stack extension attack,\na related issue to CVE-2010-2898, as originally reported for use of\nthis library by Google Chrome (CVE-2011-1071).\n\nThe addmntent function in the GNU C Library (aka glibc or libc6) 2.13\nand earlier does not report an error status for failed attempts to\nwrite to the /etc/mtab file, which makes it easier for local users to\ntrigger corruption of this file, as demonstrated by writes from a\nprocess with a small RLIMIT_FSIZE value, a different vulnerability\nthan CVE-2010-0296 (CVE-2011-1089).\n\nlocale/programs/locale.c in locale in the GNU C Library (aka glibc or\nlibc6) before 2.13 does not quote its output, which might allow local\nusers to gain privileges via a crafted localization environment\nvariable, in conjunction with a program that executes a script that\nuses the eval function (CVE-2011-1095).\n\nInteger overflow in posix/fnmatch.c in the GNU C Library (aka glibc or\nlibc6) 2.13 and earlier allows context-dependent attackers to cause a\ndenial of service (application crash) via a long UTF8 string that is\nused in an fnmatch call with a crafted pattern argument, a different\nvulnerability than CVE-2011-1071 (CVE-2011-1659).\n\ncrypt_blowfish before 1.1, as used in glibc on certain platforms, does\nnot properly handle 8-bit characters, which makes it easier for\ncontext-dependent attackers to determine a cleartext password by\nleveraging knowledge of a password hash (CVE-2011-2483).\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:glibc-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:glibc-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:glibc-i18ndata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:glibc-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:glibc-static-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/11/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", reference:\"glibc-2.11.1-8.3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"glibc-devel-2.11.1-8.3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"glibc-doc-2.11.1-8.3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"glibc-doc-pdf-2.11.1-8.3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"glibc-i18ndata-2.11.1-8.3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"glibc-profile-2.11.1-8.3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"glibc-static-devel-2.11.1-8.3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"glibc-utils-2.11.1-8.3mnb2\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"nscd-2.11.1-8.3mnb2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:42:30", "description": "The following bugs have been fixed :\n\n - Specially crafted input to the fnmatch function could cause an integer overflow. (CVE-2011-1071)\n\n - The output of the 'locale' command was not properly quoted. (CVE-2011-1095)\n\n - Don't search the current directory if $ORIGIN is in RPATH of libraries called by setuid binaries.\n (CVE-2011-0536)\n\n - The update also includes fixes for non-security bugs.\n Please refer to the package changelog for details.", "cvss3": {}, "published": "2011-06-28T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : glibc (ZYPP Patch Number 7575)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0536", "CVE-2011-1071", "CVE-2011-1095"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_GLIBC-7575.NASL", "href": "https://www.tenable.com/plugins/nessus/55442", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55442);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-0536\", \"CVE-2011-1071\", \"CVE-2011-1095\");\n\n script_name(english:\"SuSE 10 Security Update : glibc (ZYPP Patch Number 7575)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following bugs have been fixed :\n\n - Specially crafted input to the fnmatch function could\n cause an integer overflow. (CVE-2011-1071)\n\n - The output of the 'locale' command was not properly\n quoted. (CVE-2011-1095)\n\n - Don't search the current directory if $ORIGIN is in\n RPATH of libraries called by setuid binaries.\n (CVE-2011-0536)\n\n - The update also includes fixes for non-security bugs.\n Please refer to the package changelog for details.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0536.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1071.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1095.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7575.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"glibc-2.4-31.77.84.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"glibc-devel-2.4-31.77.84.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"glibc-html-2.4-31.77.84.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"glibc-i18ndata-2.4-31.77.84.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"glibc-info-2.4-31.77.84.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"glibc-locale-2.4-31.77.84.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"glibc-profile-2.4-31.77.84.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"nscd-2.4-31.77.84.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"glibc-32bit-2.4-31.77.84.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.4-31.77.84.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.4-31.77.84.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"glibc-profile-32bit-2.4-31.77.84.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:42:16", "description": "This update contains the following fixes :\n\n - Specially crafted input to the fnmatch function could cause an integer overflow. (CVE-2011-1071)\n\n - The output of the 'locale' command was not properly quoted. (CVE-2011-1095)\n\n - Don't search the current directory if $ORIGIN is in RPATH of libraries called by setuid binaries.\n (CVE-2011-0536)", "cvss3": {}, "published": "2011-06-28T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : glibc (YOU Patch Number 12775)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0536", "CVE-2011-1071", "CVE-2011-1095"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12775.NASL", "href": "https://www.tenable.com/plugins/nessus/55440", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55440);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-0536\", \"CVE-2011-1071\", \"CVE-2011-1095\");\n\n script_name(english:\"SuSE9 Security Update : glibc (YOU Patch Number 12775)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update contains the following fixes :\n\n - Specially crafted input to the fnmatch function could\n cause an integer overflow. (CVE-2011-1071)\n\n - The output of the 'locale' command was not properly\n quoted. (CVE-2011-1095)\n\n - Don't search the current directory if $ORIGIN is in\n RPATH of libraries called by setuid binaries.\n (CVE-2011-0536)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0536.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1071.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1095.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12775.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"glibc-2.3.3-98.121\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"glibc-devel-2.3.3-98.121\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"glibc-html-2.3.3-98.121\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"glibc-i18ndata-2.3.3-98.121\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"glibc-info-2.3.3-98.121\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"glibc-locale-2.3.3-98.121\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"glibc-profile-2.3.3-98.121\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"nscd-2.3.3-98.121\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"timezone-2.3.3-98.121\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"glibc-32bit-9-201106161950\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"glibc-devel-32bit-9-201106161606\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"glibc-locale-32bit-9-201106161606\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:48:26", "description": "This update contains the following fixes :\n\n - Specially crafted input to the fnmatch function could cause an integer overflow. (CVE-2011-1071)\n\n - The output of the 'locale' command was not properly quoted. (CVE-2011-1095)\n\n - Don't search the current directory if $ORIGIN is in RPATH of libraries called by setuid binaries.\n (CVE-2011-0536)\n\n - The update also includes fixes for non-security bugs.\n Please refer to the package changelog for details.", "cvss3": {}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : glibc (ZYPP Patch Number 7574)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0536", "CVE-2011-1071", "CVE-2011-1095"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_GLIBC-7574.NASL", "href": "https://www.tenable.com/plugins/nessus/57201", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57201);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-0536\", \"CVE-2011-1071\", \"CVE-2011-1095\");\n\n script_name(english:\"SuSE 10 Security Update : glibc (ZYPP Patch Number 7574)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update contains the following fixes :\n\n - Specially crafted input to the fnmatch function could\n cause an integer overflow. (CVE-2011-1071)\n\n - The output of the 'locale' command was not properly\n quoted. (CVE-2011-1095)\n\n - Don't search the current directory if $ORIGIN is in\n RPATH of libraries called by setuid binaries.\n (CVE-2011-0536)\n\n - The update also includes fixes for non-security bugs.\n Please refer to the package changelog for details.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0536.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1071.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1095.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7574.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"glibc-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"glibc-devel-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"glibc-html-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"glibc-i18ndata-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"glibc-info-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"glibc-locale-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"nscd-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"glibc-32bit-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"glibc-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"glibc-devel-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"glibc-html-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"glibc-i18ndata-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"glibc-info-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"glibc-locale-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"glibc-profile-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"nscd-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"glibc-32bit-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.4-31.91.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"glibc-profile-32bit-2.4-31.91.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:30:32", "description": "Several remote vulnerabilities have been discovered in PHP 5, an hypertext preprocessor. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2010-1917 The fnmatch function can be abused to conduct denial of service attacks (by crashing the interpreter) by the means of a stack overflow.\n\n - CVE-2010-2225 The SplObjectStorage unserializer allows attackers to execute arbitrary code via serialized data by the means of a use-after-free vulnerability.\n\n - CVE-2010-3065 The default sessions serializer does not correctly handle a special marker, which allows an attacker to inject arbitrary variables into the session and possibly exploit vulnerabilities in the unserializer.\n\n - CVE-2010-1128 For this vulnerability (predictable entropy for the Linear Congruential Generator used to generate session ids) we do not consider upstream's solution to be sufficient. It is recommended to uncomment the'session.entropy_file' and 'session.entropy_length' settings in the php.ini files. Further improvements can be achieved by setting'session.hash_function' to 1 (one) and incrementing the value of'session.entropy_length'.", "cvss3": {}, "published": "2010-08-23T00:00:00", "type": "nessus", "title": "Debian DSA-2089-1 : php5 - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1128", "CVE-2010-1917", "CVE-2010-2225", "CVE-2010-3065"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:php5", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2089.NASL", "href": "https://www.tenable.com/plugins/nessus/48384", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2089. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48384);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-1917\", \"CVE-2010-2225\", \"CVE-2010-3065\");\n script_bugtraq_id(40948, 41991);\n script_xref(name:\"DSA\", value:\"2089\");\n\n script_name(english:\"Debian DSA-2089-1 : php5 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in PHP 5, an\nhypertext preprocessor. The Common Vulnerabilities and Exposures\nproject identifies the following problems :\n\n - CVE-2010-1917\n The fnmatch function can be abused to conduct denial of\n service attacks (by crashing the interpreter) by the\n means of a stack overflow.\n\n - CVE-2010-2225\n The SplObjectStorage unserializer allows attackers to\n execute arbitrary code via serialized data by the means\n of a use-after-free vulnerability.\n\n - CVE-2010-3065\n The default sessions serializer does not correctly\n handle a special marker, which allows an attacker to\n inject arbitrary variables into the session and possibly\n exploit vulnerabilities in the unserializer.\n\n - CVE-2010-1128\n For this vulnerability (predictable entropy for the\n Linear Congruential Generator used to generate session\n ids) we do not consider upstream's solution to be\n sufficient. It is recommended to uncomment\n the'session.entropy_file' and 'session.entropy_length'\n settings in the php.ini files. Further improvements can\n be achieved by setting'session.hash_function' to 1 (one)\n and incrementing the value of'session.entropy_length'.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-1917\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-2225\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-3065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-1128\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2089\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the php5 packages.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 5.2.6.dfsg.1-1+lenny9.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"libapache2-mod-php5\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libapache2-mod-php5filter\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php-pear\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-cgi\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-cli\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-common\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-curl\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-dbg\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-dev\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-gd\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-gmp\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-imap\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-interbase\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-ldap\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-mcrypt\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-mhash\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-mysql\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-odbc\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-pgsql\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-pspell\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-recode\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-snmp\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-sqlite\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-sybase\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-tidy\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-xmlrpc\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"php5-xsl\", reference:\"5.2.6.dfsg.1-1+lenny9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:42:29", "description": "This update fixes the following security issues found in glibc :\n\n - Specially crafted input to the fnmatch function could cause an integer overflow. (CVE-2011-1071)\n\n - The output of the 'locale' command was not properly quoted. (CVE-2011-1095)\n\n - Unprivileged users could read the NIS shadow database.\n (CVE-2010-0015)\n\n - Don't search the current directory if $ORIGIN is in RPATH of libraries called by setuid binaries.\n (CVE-2011-0536) The update also includes fixes for non-security bugs. Please refer to the package changelog for details.", "cvss3": {}, "published": "2011-06-28T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : glibc (SAT Patch Number 4572)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0015", "CVE-2011-0536", "CVE-2011-1071", "CVE-2011-1095"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:glibc", "p-cpe:/a:novell:suse_linux:11:glibc-32bit", "p-cpe:/a:novell:suse_linux:11:glibc-devel", "p-cpe:/a:novell:suse_linux:11:glibc-devel-32bit", "p-cpe:/a:novell:suse_linux:11:glibc-html", "p-cpe:/a:novell:suse_linux:11:glibc-i18ndata", "p-cpe:/a:novell:suse_linux:11:glibc-info", "p-cpe:/a:novell:suse_linux:11:glibc-locale", "p-cpe:/a:novell:suse_linux:11:glibc-locale-32bit", "p-cpe:/a:novell:suse_linux:11:glibc-profile", "p-cpe:/a:novell:suse_linux:11:glibc-profile-32bit", "p-cpe:/a:novell:suse_linux:11:nscd", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_GLIBC-110516.NASL", "href": "https://www.tenable.com/plugins/nessus/55441", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55441);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2010-0015\", \"CVE-2011-0536\", \"CVE-2011-1071\", \"CVE-2011-1095\");\n\n script_name(english:\"SuSE 11.1 Security Update : glibc (SAT Patch Number 4572)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues found in glibc :\n\n - Specially crafted input to the fnmatch function could\n cause an integer overflow. (CVE-2011-1071)\n\n - The output of the 'locale' command was not properly\n quoted. (CVE-2011-1095)\n\n - Unprivileged users could read the NIS shadow database.\n (CVE-2010-0015)\n\n - Don't search the current directory if $ORIGIN is in\n RPATH of libraries called by setuid binaries.\n (CVE-2011-0536) The update also includes fixes for\n non-security bugs. Please refer to the package changelog\n for details.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=569091\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=585879\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=625591\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=625835\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=645303\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=647965\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=649634\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=659090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=664541\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=666179\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=673111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=677787\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=678031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=685405\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=687510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0015.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0536.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1071.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1095.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4572.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(255);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-i18ndata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-locale\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-locale-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-profile-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"glibc-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"glibc-devel-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"glibc-i18ndata-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"glibc-locale-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"nscd-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i686\", reference:\"glibc-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i686\", reference:\"glibc-devel-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"glibc-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"glibc-32bit-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"glibc-devel-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"glibc-i18ndata-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"glibc-locale-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"nscd-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"glibc-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"glibc-devel-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"glibc-html-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"glibc-i18ndata-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"glibc-info-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"glibc-locale-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"glibc-profile-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"nscd-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i686\", reference:\"glibc-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i686\", reference:\"glibc-devel-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"glibc-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"glibc-32bit-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"glibc-devel-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"glibc-html-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"glibc-i18ndata-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"glibc-info-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"glibc-locale-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"glibc-profile-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"glibc-profile-32bit-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"nscd-2.11.1-0.30.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T14:46:32", "description": "The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly.\n\nThe fix for CVE-2010-3847 introduced a regression in the way the dynamic loader expanded the $ORIGIN dynamic string token specified in the RPATH and RUNPATH entries in the ELF library header. A local attacker could use this flaw to escalate their privileges via a setuid or setgid program using such a library. (CVE-2011-0536)\n\nIt was discovered that the glibc fnmatch() function did not properly restrict the use of alloca(). If the function was called on sufficiently large inputs, it could cause an application using fnmatch() to crash or, possibly, execute arbitrary code with the privileges of the application. (CVE-2011-1071)\n\nIt was discovered that the locale command did not produce properly escaped output as required by the POSIX specification. If an attacker were able to set the locale environment variables in the environment of a script that performed shell evaluation on the output of the locale command, and that script were run with different privileges than the attacker's, it could execute arbitrary code with the privileges of the script. (CVE-2011-1095)\n\nAll users should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : glibc on SL5.x,SL6.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3847", "CVE-2011-0536", "CVE-2011-1071", "CVE-2011-1095"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110404_GLIBC_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61008", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61008);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3847\", \"CVE-2011-0536\", \"CVE-2011-1071\", \"CVE-2011-1095\");\n\n script_name(english:\"Scientific Linux Security Update : glibc on SL5.x,SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The glibc packages contain the standard C libraries used by multiple\nprograms on the system. These packages contain the standard C and the\nstandard math libraries. Without these two libraries, a Linux system\ncannot function properly.\n\nThe fix for CVE-2010-3847 introduced a regression in the way the\ndynamic loader expanded the $ORIGIN dynamic string token specified in\nthe RPATH and RUNPATH entries in the ELF library header. A local\nattacker could use this flaw to escalate their privileges via a setuid\nor setgid program using such a library. (CVE-2011-0536)\n\nIt was discovered that the glibc fnmatch() function did not properly\nrestrict the use of alloca(). If the function was called on\nsufficiently large inputs, it could cause an application using\nfnmatch() to crash or, possibly, execute arbitrary code with the\nprivileges of the application. (CVE-2011-1071)\n\nIt was discovered that the locale command did not produce properly\nescaped output as required by the POSIX specification. If an attacker\nwere able to set the locale environment variables in the environment\nof a script that performed shell evaluation on the output of the\nlocale command, and that script were run with different privileges\nthan the attacker's, it could execute arbitrary code with the\nprivileges of the script. (CVE-2011-1095)\n\nAll users should upgrade to these updated packages, which contain\nbackported patches to correct these issues.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1104&L=scientific-linux-errata&T=0&P=583\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?500923b0\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'glibc \"$ORIGIN\" Expansion Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"glibc-2.5-58.el5_6.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"glibc-common-2.5-58.el5_6.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"glibc-devel-2.5-58.el5_6.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"glibc-headers-2.5-58.el5_6.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"glibc-utils-2.5-58.el5_6.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"nscd-2.5-58.el5_6.2\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"glibc-2.12-1.7.el6_0.5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-common-2.12-1.7.el6_0.5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-devel-2.12-1.7.el6_0.5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-headers-2.12-1.7.el6_0.5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-static-2.12-1.7.el6_0.5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"glibc-utils-2.12-1.7.el6_0.5\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"nscd-2.12-1.7.el6_0.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:48:39", "description": "This update fixes the following security issues found in glibc :\n\n - Specially crafted input to the fnmatch function could cause an integer overflow. (CVE-2011-1071)\n\n - The output of the 'locale' command was not properly quoted. (CVE-2011-1095)\n\n - Unprivileged users could read the NIS shadow database.\n (CVE-2010-0015)\n\n - Don't search the current directory if $ORIGIN is in RPATH of libraries called by setuid binaries.\n (CVE-2011-0536) The update also includes fixes for non-security bugs. Please refer to the package changelog for details.", "cvss3": {}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : glibc (SAT Patch Number 4572)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0015", "CVE-2011-0536", "CVE-2011-1071", "CVE-2011-1095"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:glibc", "p-cpe:/a:novell:suse_linux:11:glibc-32bit", "p-cpe:/a:novell:suse_linux:11:glibc-devel", "p-cpe:/a:novell:suse_linux:11:glibc-devel-32bit", "p-cpe:/a:novell:suse_linux:11:glibc-html", "p-cpe:/a:novell:suse_linux:11:glibc-i18ndata", "p-cpe:/a:novell:suse_linux:11:glibc-info", "p-cpe:/a:novell:suse_linux:11:glibc-locale", "p-cpe:/a:novell:suse_linux:11:glibc-locale-32bit", "p-cpe:/a:novell:suse_linux:11:glibc-profile", "p-cpe:/a:novell:suse_linux:11:glibc-profile-32bit", "p-cpe:/a:novell:suse_linux:11:nscd", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_GLIBC-110517.NASL", "href": "https://www.tenable.com/plugins/nessus/57106", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57106);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2010-0015\", \"CVE-2011-0536\", \"CVE-2011-1071\", \"CVE-2011-1095\");\n\n script_name(english:\"SuSE 11.1 Security Update : glibc (SAT Patch Number 4572)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues found in glibc :\n\n - Specially crafted input to the fnmatch function could\n cause an integer overflow. (CVE-2011-1071)\n\n - The output of the 'locale' command was not properly\n quoted. (CVE-2011-1095)\n\n - Unprivileged users could read the NIS shadow database.\n (CVE-2010-0015)\n\n - Don't search the current directory if $ORIGIN is in\n RPATH of libraries called by setuid binaries.\n (CVE-2011-0536) The update also includes fixes for\n non-security bugs. Please refer to the package changelog\n for details.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=569091\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=585879\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=625591\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=625835\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=645303\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=647965\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=649634\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=659090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=664541\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=666179\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=673111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=677787\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=678031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=685405\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=687510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0015.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0536.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1071.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1095.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4572.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(255);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-i18ndata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-locale\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-locale-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-profile-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"glibc-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"glibc-32bit-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"glibc-devel-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"glibc-devel-32bit-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"glibc-html-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"glibc-i18ndata-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"glibc-info-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"glibc-locale-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"glibc-locale-32bit-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"glibc-profile-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"glibc-profile-32bit-2.11.1-0.30.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"nscd-2.11.1-0.30.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T14:50:01", "description": "Multiple vulnerabilities was discovered and fixed in glibc :\n\nThe addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296 (CVE-2011-1089).\n\nInteger overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071 (CVE-2011-1659).\n\ncrypt_blowfish before 1.1, as used in glibc on certain platforms, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash (CVE-2011-2483).\n\nThe updated packages have been patched to correct these issues.", "cvss3": {}, "published": "2012-09-06T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : glibc (MDVSA-2011:179)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0296", "CVE-2011-1071", "CVE-2011-1089", "CVE-2011-1659", "CVE-2011-2483"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:glibc", "p-cpe:/a:mandriva:linux:glibc-devel"