The releases complete a fix for a vulnerability in CGI-based setups (CVE-2012-2311). PHP 5.4.3 fixes a buffer overflow vulnerability in the apache_request_headers() (CVE-2012-2329). Update the affected maniadrive and / or php packages
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
Fedora | [SECURITY] Fedora 17 Update: php-5.4.3-1.fc17 | 26 May 201207:21 | – | fedora |
Fedora | [SECURITY] Fedora 17 Update: maniadrive-1.2-40.fc17 | 26 May 201207:21 | – | fedora |
Fedora | [SECURITY] Fedora 16 Update: maniadrive-1.2-32.fc16.5 | 27 May 201201:52 | – | fedora |
Fedora | [SECURITY] Fedora 15 Update: php-5.3.13-1.fc15 | 27 May 201207:21 | – | fedora |
Fedora | [SECURITY] Fedora 15 Update: maniadrive-1.2-32.fc15.5 | 27 May 201207:21 | – | fedora |
Fedora | [SECURITY] Fedora 15 Update: php-eaccelerator-0.9.6.1-9.fc15.5 | 27 May 201207:21 | – | fedora |
Fedora | [SECURITY] Fedora 16 Update: php-eaccelerator-0.9.6.1-9.fc16.5 | 27 May 201201:52 | – | fedora |
Fedora | [SECURITY] Fedora 16 Update: php-5.3.13-1.fc16 | 27 May 201201:52 | – | fedora |
Fedora | [SECURITY] Fedora 17 Update: php-5.4.4-1.fc17 | 30 Jun 201222:07 | – | fedora |
Fedora | [SECURITY] Fedora 17 Update: php-5.4.5-1.fc17 | 5 Aug 201221:27 | – | fedora |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2012-7628.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(59268);
script_version("1.19");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/03/28");
script_cve_id("CVE-2012-1823", "CVE-2012-2311");
script_xref(name:"FEDORA", value:"2012-7628");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/04/15");
script_name(english:"Fedora 17 : maniadrive-1.2-40.fc17 / php-5.4.3-1.fc17 (2012-7628)");
script_set_attribute(attribute:"synopsis", value:
"The remote Fedora host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The releases complete a fix for a vulnerability in CGI-based setups
(CVE-2012-2311). PHP 5.4.3 fixes a buffer overflow vulnerability in
the apache_request_headers() (CVE-2012-2329).
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=818607");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=818907");
# https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080952.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d1eea669");
# https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080953.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4a831d09");
script_set_attribute(attribute:"solution", value:
"Update the affected maniadrive and / or php packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'PHP CGI Argument Injection');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:"CANVAS");
script_set_attribute(attribute:"patch_publication_date", value:"2012/05/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/05/29");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:maniadrive");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:php");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:17");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Fedora Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^17([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 17.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC17", reference:"maniadrive-1.2-40.fc17")) flag++;
if (rpm_check(release:"FC17", reference:"php-5.4.3-1.fc17")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "maniadrive / php");
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo