CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
97.8%
04 Jul 2013, PHP 5.4.17
Core :
Fixed bug #64988 (Class loading order affects E_STRICT warning). (Laruence)
Fixed bug #64966 (segfault in zend_do_fcall_common_helper_SPEC). (Laruence)
Fixed bug #64960 (Segfault in gc_zval_possible_root).
(Laruence)
Fixed bug #64936 (doc comments picked up from previous scanner run). (Stas, Jonathan Oddy)
Fixed bug #64934 (Apache2 TS crash with get_browser()). (Anatol)
Fixed bug #64166 (quoted-printable-encode stream filter incorrectly discarding whitespace). (Michael M Slusarz)
DateTime :
FPM :
Fixed Bug #64915 (error_log ignored when daemonize=0).
(Remi)
PDO :
PDO_DBlib :
Fixed bug #63638 (Cannot connect to SQL Server 2008 with PDO dblib). (Stanley Sufficool)
Fixed bug #64338 (pdo_dblib can’t connect to Azure SQL). (Stanley Sufficool)
Fixed bug #64808 (FreeTDS PDO getColumnMeta on a prepared but not executed statement crashes). (Stanley Sufficool)
PDO_firebird :
Fixed bug #64037 (Firebird return wrong value for numeric field). (Matheus Degiovani, Matteo)
PDO_mysql :
PDO_pgsql :
pgsql :
Readline :
SPL :
Backported from 5.4.18
CGI :
Phar :
XML :
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2013-12354.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(69001);
script_version("1.14");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2013-4113");
script_bugtraq_id(61128);
script_xref(name:"FEDORA", value:"2013-12354");
script_name(english:"Fedora 17 : php-5.4.17-2.fc17 (2013-12354)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"04 Jul 2013, PHP 5.4.17
Core :
- Fixed bug #64988 (Class loading order affects E_STRICT
warning). (Laruence)
- Fixed bug #64966 (segfault in
zend_do_fcall_common_helper_SPEC). (Laruence)
- Fixed bug #64960 (Segfault in gc_zval_possible_root).
(Laruence)
- Fixed bug #64936 (doc comments picked up from previous
scanner run). (Stas, Jonathan Oddy)
- Fixed bug #64934 (Apache2 TS crash with
get_browser()). (Anatol)
- Fixed bug #64166 (quoted-printable-encode stream
filter incorrectly discarding whitespace). (Michael M
Slusarz)
DateTime :
- Fixed bug #53437 (Crash when using unserialized
DatePeriod instance). (Gustavo, Derick, Anatol)
FPM :
- Fixed Bug #64915 (error_log ignored when daemonize=0).
(Remi)
- Implemented FR #64764 (add support for FPM init.d
script). (Lior Kaplan)
PDO :
- Fixed bug #63176 (Segmentation fault when instantiate 2
persistent PDO to the same db server). (Laruence)
PDO_DBlib :
- Fixed bug #63638 (Cannot connect to SQL Server 2008 with
PDO dblib). (Stanley Sufficool)
- Fixed bug #64338 (pdo_dblib can't connect to Azure
SQL). (Stanley Sufficool)
- Fixed bug #64808 (FreeTDS PDO getColumnMeta on a
prepared but not executed statement crashes). (Stanley
Sufficool)
PDO_firebird :
- Fixed bug #64037 (Firebird return wrong value for
numeric field). (Matheus Degiovani, Matteo)
- Fixed bug #62024 (Cannot insert second row with null
using parametrized query). (patch by james at
kenjim.com, Matheus Degiovani, Matteo)
PDO_mysql :
- Fixed bug #48724 (getColumnMeta() doesn't return
native_type for BIT, TINYINT and YEAR). (Antony, Daniel
Beardsley)
PDO_pgsql :
- Fixed Bug #64949 (Buffer overflow in _pdo_pgsql_error).
(Remi)
pgsql :
- Fixed bug #64609 (pg_convert enum type support).
(Matteo)
Readline :
- Implement FR #55694 (Expose additional readline variable
to prevent default filename completion). (Hartmel)
SPL :
- Fixed bug #64997 (Segfault while using
RecursiveIteratorIterator on 64-bits systems).
(Laruence)
Backported from 5.4.18
CGI :
- Fixed Bug #65143 (Missing php-cgi man page). (Remi)
Phar :
- Fixed Bug #65142 (Missing phar man page). (Remi)
XML :
- Fixed bug #65236 (heap corruption in xml parser).
CVE-2013-4113
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=983689"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2013-July/112246.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?f5b3ccb2"
);
script_set_attribute(attribute:"solution", value:"Update the affected php package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:php");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:17");
script_set_attribute(attribute:"patch_publication_date", value:"2013/07/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/23");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^17([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 17.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC17", reference:"php-5.4.17-2.fc17")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php");
}