ID FEDORA_2015-4669.NASL Type nessus Reporter Tenable Modified 2015-10-19T00:00:00
Description
Security fix for CVE-2015-2331.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2015-4669.
#
include("compat.inc");
if (description)
{
script_id(82607);
script_version("$Revision: 1.8 $");
script_cvs_date("$Date: 2015/10/19 23:06:18 $");
script_cve_id("CVE-2015-2331");
script_xref(name:"FEDORA", value:"2015-4669");
script_name(english:"Fedora 20 : mingw-libzip-0.11.2-3.fc20 (2015-4669)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Security fix for CVE-2015-2331.
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1204676"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2015-April/154276.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?9236b7a4"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected mingw-libzip package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mingw-libzip");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:20");
script_set_attribute(attribute:"patch_publication_date", value:"2015/03/26");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/04/07");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015 Tenable Network Security, Inc.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^20([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 20.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC20", reference:"mingw-libzip-0.11.2-3.fc20")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mingw-libzip");
}
{"hash": "1cbfcbbd6f29cb9c1b7b7744354bdafe792cfcbe519674cf9791e416ab6734c7", "naslFamily": "Fedora Local Security Checks", "id": "FEDORA_2015-4669.NASL", "lastseen": "2017-10-29T13:42:49", "viewCount": 1, "hashmap": [{"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "7bc857f88b800bff24378d5ec42dc74d", "key": "cpe"}, {"hash": "3c7882a2e97e65763ecb130c704b5dca", "key": "cvelist"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "915da72cdfd5749a04cc5d3194461a21", "key": "description"}, {"hash": "3ab83d2addfe3a4814f0ebc812cbf39a", "key": "href"}, {"hash": "9a00910eeedb8c835c4637a953896665", "key": "modified"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "ec81948532ea8be7088ba17caaa244f4", "key": "pluginID"}, {"hash": "556c83bba2298f056418c3f9ce9da80e", "key": "published"}, {"hash": "b245ff88c1ef673ebca53941fb4901a6", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "201ecc025cebebcf8e88982a74a055cf", "key": "sourceData"}, {"hash": "a879231a1cee5222a36abcf443d392ce", "key": "title"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}], "bulletinFamily": "scanner", "cpe": ["p-cpe:/a:fedoraproject:fedora:mingw-libzip", "cpe:/o:fedoraproject:fedora:20"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "edition": 2, "enchantments": {"vulnersScore": 2.1}, "type": "nessus", "description": "Security fix for CVE-2015-2331.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "title": "Fedora 20 : mingw-libzip-0.11.2-3.fc20 (2015-4669)", "history": [{"bulletin": {"hash": "3ff5c5c60eaa73b4732d8672263be493964b7431c46199cae6f73cf1c8423feb", "naslFamily": "Fedora Local Security Checks", "edition": 1, "lastseen": "2016-09-26T17:25:54", "enchantments": {}, "hashmap": [{"hash": "a879231a1cee5222a36abcf443d392ce", "key": "title"}, {"hash": "556c83bba2298f056418c3f9ce9da80e", "key": "published"}, {"hash": "3ab83d2addfe3a4814f0ebc812cbf39a", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "b245ff88c1ef673ebca53941fb4901a6", "key": "references"}, {"hash": "9a00910eeedb8c835c4637a953896665", "key": "modified"}, {"hash": "ec81948532ea8be7088ba17caaa244f4", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "915da72cdfd5749a04cc5d3194461a21", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "201ecc025cebebcf8e88982a74a055cf", "key": "sourceData"}, {"hash": "3c7882a2e97e65763ecb130c704b5dca", "key": "cvelist"}], "bulletinFamily": "scanner", "cpe": [], "history": [], "id": "FEDORA_2015-4669.NASL", "type": "nessus", "description": "Security fix for CVE-2015-2331.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "viewCount": 1, "title": "Fedora 20 : mingw-libzip-0.11.2-3.fc20 (2015-4669)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "objectVersion": "1.2", "cvelist": ["CVE-2015-2331"], "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-4669.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82607);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2015/10/19 23:06:18 $\");\n\n script_cve_id(\"CVE-2015-2331\");\n script_xref(name:\"FEDORA\", value:\"2015-4669\");\n\n script_name(english:\"Fedora 20 : mingw-libzip-0.11.2-3.fc20 (2015-4669)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2015-2331.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1204676\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-April/154276.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9236b7a4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw-libzip package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-libzip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"mingw-libzip-0.11.2-3.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-libzip\");\n}\n", "published": "2015-04-07T00:00:00", "pluginID": "82607", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1204676", "http://www.nessus.org/u?9236b7a4"], "reporter": "Tenable", "modified": "2015-10-19T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=82607"}, "lastseen": "2016-09-26T17:25:54", "edition": 1, "differentElements": ["cpe"]}], "objectVersion": "1.3", "cvelist": ["CVE-2015-2331"], "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-4669.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82607);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2015/10/19 23:06:18 $\");\n\n script_cve_id(\"CVE-2015-2331\");\n script_xref(name:\"FEDORA\", value:\"2015-4669\");\n\n script_name(english:\"Fedora 20 : mingw-libzip-0.11.2-3.fc20 (2015-4669)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2015-2331.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1204676\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-April/154276.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9236b7a4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw-libzip package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-libzip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/04/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"mingw-libzip-0.11.2-3.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-libzip\");\n}\n", "published": "2015-04-07T00:00:00", "pluginID": "82607", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1204676", "http://www.nessus.org/u?9236b7a4"], "reporter": "Tenable", "modified": "2015-10-19T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=82607"}
{"result": {"cve": [{"id": "CVE-2015-2331", "type": "cve", "title": "CVE-2015-2331", "description": "Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow.", "published": "2015-03-30T06:59:12", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2331", "cvelist": ["CVE-2015-2331"], "lastseen": "2017-04-18T15:56:24"}], "f5": [{"id": "SOL16714", "type": "f5", "title": "SOL16714 - PHP vulnerabilities CVE-2015-2301 and CVE-2015-2331", "description": "Recommended Action\n\nNone \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "published": "2015-06-08T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://support.f5.com/kb/en-us/solutions/public/16000/700/sol16714.html", "cvelist": ["CVE-2015-2301", "CVE-2015-2331"], "lastseen": "2016-09-26T17:23:03"}], "nessus": [{"id": "FEDORA_2015-4559.NASL", "type": "nessus", "title": "Fedora 22 : mingw-libzip-0.11.2-3.fc22 (2015-4559)", "description": "Security fix for CVE-2015-2331.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-04-03T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82550", "cvelist": ["CVE-2015-2331"], "lastseen": "2017-10-29T13:35:33"}, {"id": "FEDORA_2015-4565.NASL", "type": "nessus", "title": "Fedora 21 : mingw-libzip-0.11.2-3.fc21 (2015-4565)", "description": "Security fix for CVE-2015-2331.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-04-07T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82604", "cvelist": ["CVE-2015-2331"], "lastseen": "2017-10-29T13:40:41"}, {"id": "FEDORA_2015-4556.NASL", "type": "nessus", "title": "Fedora 20 : libzip-0.11.2-5.fc20 (2015-4556)", "description": "CVE-2015-2331: integer overflow when processing ZIP archives (#1204676,#1204677)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-04-22T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82937", "cvelist": ["CVE-2015-2331"], "lastseen": "2017-10-29T13:39:14"}, {"id": "OPENSUSE-2015-265.NASL", "type": "nessus", "title": "openSUSE Security Update : libzip (openSUSE-2015-265)", "description": "Libzip was updated to fix one security issue.\n\nA zip file with an unusually large number of entries could have caused an integer overflow leading to a write past the heap boundary, crashing the application. (CVE-2015-2331 bnc#923240)", "published": "2015-03-30T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82423", "cvelist": ["CVE-2015-2331"], "lastseen": "2017-10-29T13:45:08"}, {"id": "FEDORA_2015-4699.NASL", "type": "nessus", "title": "Fedora 21 : libzip-0.11.2-5.fc21 (2015-4699)", "description": "CVE-2015-2331: integer overflow when processing ZIP archives (#1204676,#1204677)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-04-22T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82942", "cvelist": ["CVE-2015-2331"], "lastseen": "2017-10-29T13:45:16"}, {"id": "SUSE_SU-2015-0668-1.NASL", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : libzip (SUSE-SU-2015:0668-1)", "description": "Libzip was updated to fix one security issue.\n\nA zip file with an unusually large number of entries could have caused an integer overflow leading to a write past the heap boundary, crashing the application. (CVE-2015-2331 bnc#923240)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-05-20T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=83711", "cvelist": ["CVE-2015-2331"], "lastseen": "2017-10-29T13:37:29"}, {"id": "FREEBSD_PKG_264749AED56511E4B54500269EE29E57.NASL", "type": "nessus", "title": "FreeBSD : libzip -- integer overflow (264749ae-d565-11e4-b545-00269ee29e57)", "description": "libzip developers report :\n\nAvoid integer overflow. Fixed similarly to patch used in PHP copy of libzip.", "published": "2015-03-30T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82313", "cvelist": ["CVE-2015-2331"], "lastseen": "2017-10-29T13:38:44"}, {"id": "FEDORA_2015-4553.NASL", "type": "nessus", "title": "Fedora 22 : libzip-0.11.2-5.fc22 (2015-4553)", "description": "CVE-2015-2331: integer overflow when processing ZIP archives (#1204676,#1204677)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-04-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82840", "cvelist": ["CVE-2015-2331"], "lastseen": "2017-10-29T13:40:41"}, {"id": "ALA_ALAS-2015-507.NASL", "type": "nessus", "title": "Amazon Linux AMI : php55 (ALAS-2015-507)", "description": "A use-after-free flaw was found in the way PHP's unserialize() function processed data. If a remote attacker was able to pass crafted input to PHP's unserialize() function, they could cause the PHP interpreter to crash or, possibly, execute arbitrary code.\n(CVE-2015-0231)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libzip, which is also embedded in PHP, processed certain ZIP archives. If an attacker were able to supply a specially crafted ZIP archive to an application using libzip, it could cause the application to crash or, possibly, execute arbitrary code.\n(CVE-2015-2331)\n\nInteger overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.\n(CVE-2015-2305)", "published": "2015-04-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82835", "cvelist": ["CVE-2015-2305", "CVE-2015-2331", "CVE-2015-0231"], "lastseen": "2018-04-19T07:55:51"}, {"id": "ALA_ALAS-2015-506.NASL", "type": "nessus", "title": "Amazon Linux AMI : php54 (ALAS-2015-506)", "description": "A use-after-free flaw was found in the way PHP's unserialize() function processed data. If a remote attacker was able to pass crafted input to PHP's unserialize() function, they could cause the PHP interpreter to crash or, possibly, execute arbitrary code.\n(CVE-2015-0231)\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libzip, which is also embedded in PHP, processed certain ZIP archives. If an attacker were able to supply a specially crafted ZIP archive to an application using libzip, it could cause the application to crash or, possibly, execute arbitrary code.\n(CVE-2015-2331)\n\nInteger overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.\n(CVE-2015-2305)", "published": "2015-04-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82834", "cvelist": ["CVE-2015-2305", "CVE-2015-2331", "CVE-2015-0231"], "lastseen": "2018-04-19T08:02:21"}], "openvas": [{"id": "OPENVAS:1361412562310869184", "type": "openvas", "title": "Fedora Update for mingw-libzip FEDORA-2015-4565", "description": "Check the version of mingw-libzip", "published": "2015-04-06T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869184", "cvelist": ["CVE-2015-2331"], "lastseen": "2017-07-25T10:53:23"}, {"id": "OPENVAS:1361412562310869272", "type": "openvas", "title": "Fedora Update for libzip FEDORA-2015-4699", "description": "Check the version of libzip", "published": "2015-04-22T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869272", "cvelist": ["CVE-2015-2331"], "lastseen": "2017-07-25T10:52:35"}, {"id": "OPENVAS:1361412562310869274", "type": "openvas", "title": "Fedora Update for libzip FEDORA-2015-4556", "description": "Check the version of libzip", "published": "2015-04-22T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869274", "cvelist": ["CVE-2015-2331"], "lastseen": "2017-07-25T10:52:42"}, {"id": "OPENVAS:1361412562310869509", "type": "openvas", "title": "Fedora Update for mingw-libzip FEDORA-2015-4559", "description": "Check the version of mingw-libzip", "published": "2015-07-07T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869509", "cvelist": ["CVE-2015-2331"], "lastseen": "2017-07-25T10:52:51"}, {"id": "OPENVAS:1361412562310869549", "type": "openvas", "title": "Fedora Update for libzip FEDORA-2015-4553", "description": "Check the version of libzip", "published": "2015-07-07T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869549", "cvelist": ["CVE-2015-2331"], "lastseen": "2017-07-25T10:52:28"}, {"id": "OPENVAS:1361412562310869180", "type": "openvas", "title": "Fedora Update for mingw-libzip FEDORA-2015-4669", "description": "Check the version of mingw-libzip", "published": "2015-04-06T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869180", "cvelist": ["CVE-2015-2331"], "lastseen": "2017-07-25T10:53:45"}, {"id": "OPENVAS:703198", "type": "openvas", "title": "Debian Security Advisory DSA 3198-1 (php5 - security update)", "description": "Multiple vulnerabilities have been discovered in the PHP language:\n\nCVE-2015-2301 \nUse-after-free in the phar extension.\n\nCVE-2015-2331 \nEmmanuel Law discovered an integer overflow in the processing\nof ZIP archives, resulting in denial of service or potentially\nthe execution of arbitrary code.", "published": "2015-03-20T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=703198", "cvelist": ["CVE-2015-2301", "CVE-2015-2331"], "lastseen": "2017-07-24T12:53:00"}, {"id": "OPENVAS:1361412562310703198", "type": "openvas", "title": "Debian Security Advisory DSA 3198-1 (php5 - security update)", "description": "Multiple vulnerabilities have been discovered in the PHP language:\n\nCVE-2015-2301 \nUse-after-free in the phar extension.\n\nCVE-2015-2331 \nEmmanuel Law discovered an integer overflow in the processing\nof ZIP archives, resulting in denial of service or potentially\nthe execution of arbitrary code.", "published": "2015-03-20T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703198", "cvelist": ["CVE-2015-2301", "CVE-2015-2331"], "lastseen": "2018-04-06T11:26:30"}, {"id": "OPENVAS:1361412562310869145", "type": "openvas", "title": "Fedora Update for php FEDORA-2015-4236", "description": "Check the version of php", "published": "2015-03-31T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869145", "cvelist": ["CVE-2015-2305", "CVE-2015-2331", "CVE-2015-0231"], "lastseen": "2017-07-25T10:53:34"}, {"id": "OPENVAS:1361412562310869544", "type": "openvas", "title": "Fedora Update for php FEDORA-2015-4255", "description": "Check the version of php", "published": "2015-07-07T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869544", "cvelist": ["CVE-2015-2305", "CVE-2015-2331", "CVE-2015-0231"], "lastseen": "2017-07-25T10:53:39"}], "archlinux": [{"id": "ASA-201503-25", "type": "archlinux", "title": "php: integer overflow", "description": "An integer overflow flaw, leading to a heap-based buffer overflow, was found in\nthe way libzip, which is embedded in PHP, processed certain ZIP archives. If an\nattacker were able to supply a specially crafted ZIP archive to an application\nusing libzip, it could cause the application to crash or, possibly, execute\narbitrary code.", "published": "2015-03-28T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html", "cvelist": ["CVE-2015-2331"], "lastseen": "2016-09-02T18:44:36"}], "freebsd": [{"id": "264749AE-D565-11E4-B545-00269EE29E57", "type": "freebsd", "title": "libzip -- integer overflow", "description": "\nlibzip developers report:\n\nAvoid integer overflow. Fixed similarly to patch used in PHP copy of libzip.\n\n", "published": "2015-03-18T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/264749ae-d565-11e4-b545-00269ee29e57.html", "cvelist": ["CVE-2015-2331"], "lastseen": "2016-09-26T17:24:20"}], "hackerone": [{"id": "H1:73239", "type": "hackerone", "title": "PHP (IBB): ZIP Integer Overflow leads to writing past heap boundary", "description": "https://bugs.php.net/bug.php?id=69253\n\nInteger overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow.", "published": "2015-03-18T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://hackerone.com/reports/73239", "cvelist": ["CVE-2015-2331"], "lastseen": "2018-04-19T17:34:09"}], "amazon": [{"id": "ALAS-2015-508", "type": "amazon", "title": "Important: php56", "description": "**Issue Overview:**\n\nA use-after-free flaw was found in the way PHP's unserialize() function processed data. If a remote attacker was able to pass crafted input to PHP's unserialize() function, they could cause the PHP interpreter to crash or, possibly, execute arbitrary code. ([CVE-2015-0231 __](<https://access.redhat.com/security/cve/CVE-2015-0231>))\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libzip, which is also embedded in PHP, processed certain ZIP archives. If an attacker were able to supply a specially crafted ZIP archive to an application using libzip, it could cause the application to crash or, possibly, execute arbitrary code. ([CVE-2015-2331 __](<https://access.redhat.com/security/cve/CVE-2015-2331>))\n\nInteger overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow. ([CVE-2015-2305 __](<https://access.redhat.com/security/cve/CVE-2015-2305>))\n\n \n**Affected Packages:** \n\n\nphp56\n\n \n**Issue Correction:** \nRun _yum update php56_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n php56-gd-5.6.7-1.110.amzn1.i686 \n php56-bcmath-5.6.7-1.110.amzn1.i686 \n php56-mysqlnd-5.6.7-1.110.amzn1.i686 \n php56-gmp-5.6.7-1.110.amzn1.i686 \n php56-imap-5.6.7-1.110.amzn1.i686 \n php56-devel-5.6.7-1.110.amzn1.i686 \n php56-soap-5.6.7-1.110.amzn1.i686 \n php56-ldap-5.6.7-1.110.amzn1.i686 \n php56-dbg-5.6.7-1.110.amzn1.i686 \n php56-pdo-5.6.7-1.110.amzn1.i686 \n php56-common-5.6.7-1.110.amzn1.i686 \n php56-embedded-5.6.7-1.110.amzn1.i686 \n php56-enchant-5.6.7-1.110.amzn1.i686 \n php56-xmlrpc-5.6.7-1.110.amzn1.i686 \n php56-5.6.7-1.110.amzn1.i686 \n php56-mssql-5.6.7-1.110.amzn1.i686 \n php56-odbc-5.6.7-1.110.amzn1.i686 \n php56-xml-5.6.7-1.110.amzn1.i686 \n php56-fpm-5.6.7-1.110.amzn1.i686 \n php56-intl-5.6.7-1.110.amzn1.i686 \n php56-mcrypt-5.6.7-1.110.amzn1.i686 \n php56-pspell-5.6.7-1.110.amzn1.i686 \n php56-snmp-5.6.7-1.110.amzn1.i686 \n php56-dba-5.6.7-1.110.amzn1.i686 \n php56-pgsql-5.6.7-1.110.amzn1.i686 \n php56-opcache-5.6.7-1.110.amzn1.i686 \n php56-recode-5.6.7-1.110.amzn1.i686 \n php56-process-5.6.7-1.110.amzn1.i686 \n php56-debuginfo-5.6.7-1.110.amzn1.i686 \n php56-cli-5.6.7-1.110.amzn1.i686 \n php56-tidy-5.6.7-1.110.amzn1.i686 \n php56-mbstring-5.6.7-1.110.amzn1.i686 \n \n src: \n php56-5.6.7-1.110.amzn1.src \n \n x86_64: \n php56-pgsql-5.6.7-1.110.amzn1.x86_64 \n php56-fpm-5.6.7-1.110.amzn1.x86_64 \n php56-common-5.6.7-1.110.amzn1.x86_64 \n php56-mbstring-5.6.7-1.110.amzn1.x86_64 \n php56-cli-5.6.7-1.110.amzn1.x86_64 \n php56-bcmath-5.6.7-1.110.amzn1.x86_64 \n php56-recode-5.6.7-1.110.amzn1.x86_64 \n php56-process-5.6.7-1.110.amzn1.x86_64 \n php56-ldap-5.6.7-1.110.amzn1.x86_64 \n php56-snmp-5.6.7-1.110.amzn1.x86_64 \n php56-xmlrpc-5.6.7-1.110.amzn1.x86_64 \n php56-mcrypt-5.6.7-1.110.amzn1.x86_64 \n php56-intl-5.6.7-1.110.amzn1.x86_64 \n php56-pdo-5.6.7-1.110.amzn1.x86_64 \n php56-5.6.7-1.110.amzn1.x86_64 \n php56-mssql-5.6.7-1.110.amzn1.x86_64 \n php56-imap-5.6.7-1.110.amzn1.x86_64 \n php56-devel-5.6.7-1.110.amzn1.x86_64 \n php56-soap-5.6.7-1.110.amzn1.x86_64 \n php56-mysqlnd-5.6.7-1.110.amzn1.x86_64 \n php56-enchant-5.6.7-1.110.amzn1.x86_64 \n php56-pspell-5.6.7-1.110.amzn1.x86_64 \n php56-tidy-5.6.7-1.110.amzn1.x86_64 \n php56-embedded-5.6.7-1.110.amzn1.x86_64 \n php56-dbg-5.6.7-1.110.amzn1.x86_64 \n php56-dba-5.6.7-1.110.amzn1.x86_64 \n php56-gd-5.6.7-1.110.amzn1.x86_64 \n php56-gmp-5.6.7-1.110.amzn1.x86_64 \n php56-opcache-5.6.7-1.110.amzn1.x86_64 \n php56-debuginfo-5.6.7-1.110.amzn1.x86_64 \n php56-odbc-5.6.7-1.110.amzn1.x86_64 \n php56-xml-5.6.7-1.110.amzn1.x86_64 \n \n \n", "published": "2015-04-15T21:50:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://alas.aws.amazon.com/ALAS-2015-508.html", "cvelist": ["CVE-2015-2305", "CVE-2015-2331", "CVE-2015-0231"], "lastseen": "2016-09-28T21:04:05"}, {"id": "ALAS-2015-506", "type": "amazon", "title": "Important: php54", "description": "**Issue Overview:**\n\nA use-after-free flaw was found in the way PHP's unserialize() function processed data. If a remote attacker was able to pass crafted input to PHP's unserialize() function, they could cause the PHP interpreter to crash or, possibly, execute arbitrary code. ([CVE-2015-0231 __](<https://access.redhat.com/security/cve/CVE-2015-0231>))\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libzip, which is also embedded in PHP, processed certain ZIP archives. If an attacker were able to supply a specially crafted ZIP archive to an application using libzip, it could cause the application to crash or, possibly, execute arbitrary code. ([CVE-2015-2331 __](<https://access.redhat.com/security/cve/CVE-2015-2331>))\n\nInteger overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow. ([CVE-2015-2305 __](<https://access.redhat.com/security/cve/CVE-2015-2305>))\n\n \n**Affected Packages:** \n\n\nphp54\n\n \n**Issue Correction:** \nRun _yum update php54_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n php54-xmlrpc-5.4.39-1.67.amzn1.i686 \n php54-devel-5.4.39-1.67.amzn1.i686 \n php54-pdo-5.4.39-1.67.amzn1.i686 \n php54-5.4.39-1.67.amzn1.i686 \n php54-mcrypt-5.4.39-1.67.amzn1.i686 \n php54-fpm-5.4.39-1.67.amzn1.i686 \n php54-pgsql-5.4.39-1.67.amzn1.i686 \n php54-odbc-5.4.39-1.67.amzn1.i686 \n php54-ldap-5.4.39-1.67.amzn1.i686 \n php54-cli-5.4.39-1.67.amzn1.i686 \n php54-mssql-5.4.39-1.67.amzn1.i686 \n php54-debuginfo-5.4.39-1.67.amzn1.i686 \n php54-process-5.4.39-1.67.amzn1.i686 \n php54-intl-5.4.39-1.67.amzn1.i686 \n php54-snmp-5.4.39-1.67.amzn1.i686 \n php54-dba-5.4.39-1.67.amzn1.i686 \n php54-mysqlnd-5.4.39-1.67.amzn1.i686 \n php54-tidy-5.4.39-1.67.amzn1.i686 \n php54-gd-5.4.39-1.67.amzn1.i686 \n php54-embedded-5.4.39-1.67.amzn1.i686 \n php54-pspell-5.4.39-1.67.amzn1.i686 \n php54-recode-5.4.39-1.67.amzn1.i686 \n php54-xml-5.4.39-1.67.amzn1.i686 \n php54-mysql-5.4.39-1.67.amzn1.i686 \n php54-imap-5.4.39-1.67.amzn1.i686 \n php54-bcmath-5.4.39-1.67.amzn1.i686 \n php54-common-5.4.39-1.67.amzn1.i686 \n php54-mbstring-5.4.39-1.67.amzn1.i686 \n php54-soap-5.4.39-1.67.amzn1.i686 \n php54-enchant-5.4.39-1.67.amzn1.i686 \n \n src: \n php54-5.4.39-1.67.amzn1.src \n \n x86_64: \n php54-mssql-5.4.39-1.67.amzn1.x86_64 \n php54-mysqlnd-5.4.39-1.67.amzn1.x86_64 \n php54-dba-5.4.39-1.67.amzn1.x86_64 \n php54-odbc-5.4.39-1.67.amzn1.x86_64 \n php54-imap-5.4.39-1.67.amzn1.x86_64 \n php54-pspell-5.4.39-1.67.amzn1.x86_64 \n php54-embedded-5.4.39-1.67.amzn1.x86_64 \n php54-xmlrpc-5.4.39-1.67.amzn1.x86_64 \n php54-debuginfo-5.4.39-1.67.amzn1.x86_64 \n php54-fpm-5.4.39-1.67.amzn1.x86_64 \n php54-tidy-5.4.39-1.67.amzn1.x86_64 \n php54-recode-5.4.39-1.67.amzn1.x86_64 \n php54-cli-5.4.39-1.67.amzn1.x86_64 \n php54-5.4.39-1.67.amzn1.x86_64 \n php54-ldap-5.4.39-1.67.amzn1.x86_64 \n php54-xml-5.4.39-1.67.amzn1.x86_64 \n php54-process-5.4.39-1.67.amzn1.x86_64 \n php54-common-5.4.39-1.67.amzn1.x86_64 \n php54-bcmath-5.4.39-1.67.amzn1.x86_64 \n php54-snmp-5.4.39-1.67.amzn1.x86_64 \n php54-gd-5.4.39-1.67.amzn1.x86_64 \n php54-devel-5.4.39-1.67.amzn1.x86_64 \n php54-mysql-5.4.39-1.67.amzn1.x86_64 \n php54-mcrypt-5.4.39-1.67.amzn1.x86_64 \n php54-pdo-5.4.39-1.67.amzn1.x86_64 \n php54-enchant-5.4.39-1.67.amzn1.x86_64 \n php54-soap-5.4.39-1.67.amzn1.x86_64 \n php54-pgsql-5.4.39-1.67.amzn1.x86_64 \n php54-intl-5.4.39-1.67.amzn1.x86_64 \n php54-mbstring-5.4.39-1.67.amzn1.x86_64 \n \n \n", "published": "2015-04-15T21:49:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://alas.aws.amazon.com/ALAS-2015-506.html", "cvelist": ["CVE-2015-2305", "CVE-2015-2331", "CVE-2015-0231"], "lastseen": "2016-09-28T21:04:09"}, {"id": "ALAS-2015-507", "type": "amazon", "title": "Important: php55", "description": "**Issue Overview:**\n\nA use-after-free flaw was found in the way PHP's unserialize() function processed data. If a remote attacker was able to pass crafted input to PHP's unserialize() function, they could cause the PHP interpreter to crash or, possibly, execute arbitrary code. ([CVE-2015-0231 __](<https://access.redhat.com/security/cve/CVE-2015-0231>))\n\nAn integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libzip, which is also embedded in PHP, processed certain ZIP archives. If an attacker were able to supply a specially crafted ZIP archive to an application using libzip, it could cause the application to crash or, possibly, execute arbitrary code. ([CVE-2015-2331 __](<https://access.redhat.com/security/cve/CVE-2015-2331>))\n\nInteger overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow. ([CVE-2015-2305 __](<https://access.redhat.com/security/cve/CVE-2015-2305>))\n\n \n**Affected Packages:** \n\n\nphp55\n\n \n**Issue Correction:** \nRun _yum update php55_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n php55-embedded-5.5.23-1.99.amzn1.i686 \n php55-mysqlnd-5.5.23-1.99.amzn1.i686 \n php55-common-5.5.23-1.99.amzn1.i686 \n php55-devel-5.5.23-1.99.amzn1.i686 \n php55-pgsql-5.5.23-1.99.amzn1.i686 \n php55-recode-5.5.23-1.99.amzn1.i686 \n php55-intl-5.5.23-1.99.amzn1.i686 \n php55-cli-5.5.23-1.99.amzn1.i686 \n php55-gd-5.5.23-1.99.amzn1.i686 \n php55-bcmath-5.5.23-1.99.amzn1.i686 \n php55-ldap-5.5.23-1.99.amzn1.i686 \n php55-mcrypt-5.5.23-1.99.amzn1.i686 \n php55-xmlrpc-5.5.23-1.99.amzn1.i686 \n php55-process-5.5.23-1.99.amzn1.i686 \n php55-gmp-5.5.23-1.99.amzn1.i686 \n php55-snmp-5.5.23-1.99.amzn1.i686 \n php55-mssql-5.5.23-1.99.amzn1.i686 \n php55-tidy-5.5.23-1.99.amzn1.i686 \n php55-imap-5.5.23-1.99.amzn1.i686 \n php55-5.5.23-1.99.amzn1.i686 \n php55-opcache-5.5.23-1.99.amzn1.i686 \n php55-pspell-5.5.23-1.99.amzn1.i686 \n php55-xml-5.5.23-1.99.amzn1.i686 \n php55-debuginfo-5.5.23-1.99.amzn1.i686 \n php55-fpm-5.5.23-1.99.amzn1.i686 \n php55-pdo-5.5.23-1.99.amzn1.i686 \n php55-soap-5.5.23-1.99.amzn1.i686 \n php55-odbc-5.5.23-1.99.amzn1.i686 \n php55-mbstring-5.5.23-1.99.amzn1.i686 \n php55-enchant-5.5.23-1.99.amzn1.i686 \n php55-dba-5.5.23-1.99.amzn1.i686 \n \n src: \n php55-5.5.23-1.99.amzn1.src \n \n x86_64: \n php55-gd-5.5.23-1.99.amzn1.x86_64 \n php55-cli-5.5.23-1.99.amzn1.x86_64 \n php55-mssql-5.5.23-1.99.amzn1.x86_64 \n php55-common-5.5.23-1.99.amzn1.x86_64 \n php55-gmp-5.5.23-1.99.amzn1.x86_64 \n php55-process-5.5.23-1.99.amzn1.x86_64 \n php55-ldap-5.5.23-1.99.amzn1.x86_64 \n php55-pdo-5.5.23-1.99.amzn1.x86_64 \n php55-mcrypt-5.5.23-1.99.amzn1.x86_64 \n php55-embedded-5.5.23-1.99.amzn1.x86_64 \n php55-enchant-5.5.23-1.99.amzn1.x86_64 \n php55-mbstring-5.5.23-1.99.amzn1.x86_64 \n php55-soap-5.5.23-1.99.amzn1.x86_64 \n php55-pspell-5.5.23-1.99.amzn1.x86_64 \n php55-recode-5.5.23-1.99.amzn1.x86_64 \n php55-mysqlnd-5.5.23-1.99.amzn1.x86_64 \n php55-imap-5.5.23-1.99.amzn1.x86_64 \n php55-opcache-5.5.23-1.99.amzn1.x86_64 \n php55-xml-5.5.23-1.99.amzn1.x86_64 \n php55-intl-5.5.23-1.99.amzn1.x86_64 \n php55-snmp-5.5.23-1.99.amzn1.x86_64 \n php55-devel-5.5.23-1.99.amzn1.x86_64 \n php55-pgsql-5.5.23-1.99.amzn1.x86_64 \n php55-fpm-5.5.23-1.99.amzn1.x86_64 \n php55-tidy-5.5.23-1.99.amzn1.x86_64 \n php55-dba-5.5.23-1.99.amzn1.x86_64 \n php55-debuginfo-5.5.23-1.99.amzn1.x86_64 \n php55-5.5.23-1.99.amzn1.x86_64 \n php55-xmlrpc-5.5.23-1.99.amzn1.x86_64 \n php55-bcmath-5.5.23-1.99.amzn1.x86_64 \n php55-odbc-5.5.23-1.99.amzn1.x86_64 \n \n \n", "published": "2015-04-15T21:49:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://alas.aws.amazon.com/ALAS-2015-507.html", "cvelist": ["CVE-2015-2305", "CVE-2015-2331", "CVE-2015-0231"], "lastseen": "2016-09-28T21:04:02"}], "kaspersky": [{"id": "KLA10515", "type": "kaspersky", "title": "\r KLA10515Multiple vulnerabilities in PHP and extensions\t\t\t ", "description": "### *CVSS*:\n7.5\n\n### *Detect date*:\n03/30/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in PHP and extensions. Malicious users can exploit these vulnerabilities to cause denial of service or inject code.\n\n### *Affected products*:\nPHP versions 5.6.7 and possibly earlier \nPHP extensions calendar and pgsql\n\n### *Solution*:\nThese vulnerabilities aren\u2019t mitigated by vendor. You can protect yourself with disabling some functionality.\n\n### *Impacts*:\nCI \n\n### *Related products*:\n[PHP](<https://threats.kaspersky.com/en/product/PHP/>)\n\n### *CVE-IDS*:\n[CVE-2015-2305](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2305>) \n[CVE-2015-2331](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2331>) \n[CVE-2015-0231](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231>)", "published": "2015-03-30T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA10515", "cvelist": ["CVE-2015-2305", "CVE-2015-2331", "CVE-2015-0231"], "lastseen": "2018-03-30T14:11:06"}, {"id": "KLA10514", "type": "kaspersky", "title": "\r KLA10514Multiple vulnerabilities in PHP and plugins\t\t\t ", "description": "### *CVSS*:\n7.5\n\n### *Detect date*:\n03/30/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in PHP. Malicious users can exploit these vulnerabilities to inject or execute arbitrary code, bypass security restrictions or cause denial of service.\n\n### *Affected products*:\nPHP versions earlier than 5.4.39 \nPHP 5.5 versions earlier than 5.5.23 \nPHP 5.6 versions earlier than 5.6.7\n\n### *Solution*:\nUpdate to the latest version \n[Get PHP](<http://php.net/downloads.php>)\n\n### *Original advisories*:\n[PHP changelog](<http://php.net/ChangeLog-5.php>) \n\n\n### *Impacts*:\nCI \n\n### *Related products*:\n[PHP](<https://threats.kaspersky.com/en/product/PHP/>)\n\n### *CVE-IDS*:\n[CVE-2014-9652](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652>) \n[CVE-2014-9653](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9653>) \n[CVE-2014-9705](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9705>) \n[CVE-2014-9709](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709>) \n[CVE-2015-0273](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0273>) \n[CVE-2015-1351](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1351>) \n[CVE-2015-2301](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2301>) \n[CVE-2015-2331](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2331>) \n[CVE-2015-2348](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2348>) \n[CVE-2015-2787](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2787>)", "published": "2015-03-30T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA10514", "cvelist": ["CVE-2015-2348", "CVE-2014-9705", "CVE-2015-2787", "CVE-2015-2301", "CVE-2014-9709", "CVE-2015-0273", "CVE-2015-2331", "CVE-2014-9653", "CVE-2014-9652", "CVE-2015-1351"], "lastseen": "2018-03-30T14:10:52"}], "debian": [{"id": "DSA-3198", "type": "debian", "title": "php5 -- security update", "description": "Multiple vulnerabilities have been discovered in the PHP language:\n\n * [CVE-2015-2301](<https://security-tracker.debian.org/tracker/CVE-2015-2301>)\n\nUse-after-free in the phar extension.\n\n * [CVE-2015-2331](<https://security-tracker.debian.org/tracker/CVE-2015-2331>)\n\nEmmanuel Law discovered an integer overflow in the processing of ZIP archives, resulting in denial of service or potentially the execution of arbitrary code.\n\nFor the stable distribution (wheezy), these problems have been fixed in version 5.4.39-0+deb7u1. This update also fixes a regression in the curl support introduced in DSA 3195.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your php5 packages.", "published": "2015-03-20T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-3198", "cvelist": ["CVE-2015-2348", "CVE-2015-2787", "CVE-2015-2301", "CVE-2015-2331"], "lastseen": "2016-09-02T18:32:21"}, {"id": "DLA-212", "type": "debian", "title": "php5 -- LTS security update", "description": "* [CVE-2014-9705](<https://security-tracker.debian.org/tracker/CVE-2014-9705>)\n\nHeap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries.\n\n * [CVE-2015-0232](<https://security-tracker.debian.org/tracker/CVE-2015-0232>)\n\nThe exif_process_unicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free and application crash) via crafted EXIF data in a JPEG image.\n\n * [CVE-2015-2301](<https://security-tracker.debian.org/tracker/CVE-2015-2301>)\n\nUse-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file.\n\n * [CVE-2015-2331](<https://security-tracker.debian.org/tracker/CVE-2015-2331>)\n\nInteger overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow.\n\n * [CVE-2015-2783](<https://security-tracker.debian.org/tracker/CVE-2015-2783>)\n\nBuffer Over-read in unserialize when parsing Phar\n\n * [CVE-2015-2787](<https://security-tracker.debian.org/tracker/CVE-2015-2787>)\n\nUse-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to [CVE-2015-0231](<https://security-tracker.debian.org/tracker/CVE-2015-0231>).\n\n * [CVE-2015-3329](<https://security-tracker.debian.org/tracker/CVE-2015-3329>)\n\nBuffer Overflow when parsing tar/zip/phar in phar_set_inode\n\n * [CVE-2015-3330](<https://security-tracker.debian.org/tracker/CVE-2015-3330>)\n\nPHP potential remote code execution with apache 2.4 apache2handler\n\n * CVE-2015-temp-68819 \n\nDenial of service when processing a crafted file with Fileinfo", "published": "2015-04-29T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.debian.org/security/2015/dla-212", "cvelist": ["CVE-2014-9705", "CVE-2015-2787", "CVE-2015-0232", "CVE-2015-2783", "CVE-2015-3329", "CVE-2015-3330", "CVE-2015-2301", "CVE-2015-2331"], "lastseen": "2016-09-02T12:56:46"}], "slackware": [{"id": "SSA-2015-111-10", "type": "slackware", "title": "php", "description": "New php packages are available for Slackware 14.0, 14.1, and -current to\nfix security issues.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/php-5.4.40-i486-1_slack14.1.txz: Upgraded.\n This update fixes some security issues.\n Please note that this package build also moves the configuration files\n from /etc/httpd to /etc, /etc/php.d, and /etc/php-fpm.d.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1351\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1352\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2301\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2305\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2331\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2783\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3330\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.4.40-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.4.40-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.4.40-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.4.40-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.6.8-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.6.8-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\n2666059d6540b1b4385d25dfc5ebbe99 php-5.4.40-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nc146f500912ba9c7e5d652e5e3643c04 php-5.4.40-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n9efc8a96f9a3f3261e5f640292b1b781 php-5.4.40-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n2c95e077f314f1cfa3ee83b9aba90b91 php-5.4.40-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n30d14f237c71fada0d594c2360a58016 n/php-5.6.8-i486-1.txz\n\nSlackware x86_64 -current package:\n1a0fcc590aa4dff5de5f08293936d0d9 n/php-5.6.8-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg php-5.4.40-i486-1_slack14.1.txz\n\nThen, restart Apache httpd:\n > /etc/rc.d/rc.httpd stop\n > /etc/rc.d/rc.httpd start", "published": "2015-04-21T18:22:40", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.429606", "cvelist": ["CVE-2015-2783", "CVE-2015-3330", "CVE-2015-1352", "CVE-2015-2301", "CVE-2014-9709", "CVE-2015-2305", "CVE-2015-2331", "CVE-2015-1351", "CVE-2015-0231"], "lastseen": "2018-02-02T18:11:34"}]}}
